$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/32D75AF46021AAD8756D609A1E8C8B4EC0A891C0.cer File: 32D75AF46021AAD8756D609A1E8C8B4EC0A891C0.cer (raw, json) Hash identifier: ZEKqfsfR6goIIIegufefqjdLQw76DnAPWh7Vxsah6S8= Subject key identifier: 32:D7:5A:F4:60:21:AA:D8:75:6D:60:9A:1E:8C:8B:4E:C0:A8:91:C0 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 3C9F179736969EA24FEEE4E987A992808C9CDB4C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/f2e05fcf-5f2a-4d5e-a3f2-d84032f0c8f7/0/32D75AF46021AAD8756D609A1E8C8B4EC0A891C0.mft caRepository: rsync://rpki-rsync.idnic.net/repo/f2e05fcf-5f2a-4d5e-a3f2-d84032f0c8f7/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:33:04 +0000 Certificate not after: Sun 02 May 2027 02:38:04 +0000 Subordinate resources: IP: 103.54.225.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:9f:17:97:36:96:9e:a2:4f:ee:e4:e9:87:a9:92:80:8c:9c:db:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 02:33:04 2026 GMT Not After : May 2 02:38:04 2027 GMT Subject: CN=32D75AF46021AAD8756D609A1E8C8B4EC0A891C0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:d7:0e:68:36:82:ba:ce:b5:c7:c1:e3:ea:ad: 14:4b:cb:26:74:0c:16:e4:6a:cb:6b:b9:92:99:78: 4c:c5:43:fb:6e:d6:d8:14:2e:be:7e:a5:9b:79:0d: a7:13:a4:dc:14:b0:6d:24:32:48:89:1b:f6:56:de: cf:37:9b:50:bf:c0:d6:89:f2:ab:fb:cb:55:9a:9e: d8:03:f0:d8:99:46:80:a5:12:0e:f8:bd:64:67:35: c0:f1:f3:47:bc:68:bc:55:53:9b:87:1b:bd:2d:ac: 6a:9c:08:54:da:ea:f9:be:e2:e5:dd:ae:2c:83:46: 98:b5:7f:3f:70:22:61:31:0e:e1:b6:4e:a1:9b:6b: fb:5c:88:a0:29:b2:e3:d4:0c:65:d7:86:cb:bf:db: d0:e8:86:6f:bb:43:d6:e0:f2:41:88:1c:35:b4:0a: 09:5c:91:19:63:de:87:26:9e:76:35:42:73:2d:4b: 40:10:f6:b0:20:24:fb:c2:3c:97:80:a5:3a:34:75: b4:89:ac:54:22:3d:81:de:de:61:41:4e:8e:97:95: 70:b0:c8:a4:19:57:65:d9:9d:91:17:8e:ef:98:79: 78:fd:71:cd:78:fb:69:4b:5c:df:5e:06:94:9a:41: 6d:74:cc:ee:a1:95:41:30:a1:75:c1:ad:02:92:39: 44:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 32:D7:5A:F4:60:21:AA:D8:75:6D:60:9A:1E:8C:8B:4E:C0:A8:91:C0 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/f2e05fcf-5f2a-4d5e-a3f2-d84032f0c8f7/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/f2e05fcf-5f2a-4d5e-a3f2-d84032f0c8f7/0/32D75AF46021AAD8756D609A1E8C8B4EC0A891C0.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.54.225.0/24 Signature Algorithm: sha256WithRSAEncryption 59:0e:ca:fe:64:f4:7e:39:47:cf:c9:1a:2e:ef:58:d1:ed:ee: 78:3b:47:e1:48:e2:83:03:ea:3f:70:22:04:e2:16:91:4e:53: 76:8f:38:78:e5:bf:81:5e:ef:f5:81:d6:eb:d2:64:cb:08:43: 78:21:99:f9:c6:40:27:f2:4e:3a:64:4e:22:ea:47:3a:53:d2: 57:6f:31:bd:08:b9:42:3a:cb:40:85:1b:41:2e:05:77:89:2f: 7a:f1:16:ad:1d:e5:95:83:19:8f:89:40:9a:47:82:f7:7c:ba: 05:9b:ce:ea:ef:1f:ee:27:c6:ca:eb:6f:a7:1d:ea:e5:a7:be: 30:86:3b:a3:1f:53:45:84:c3:71:5b:3d:62:9e:c0:13:b1:10: 4c:3d:94:81:c6:03:a7:fb:18:5e:2b:cb:2d:4c:f5:10:83:70: 98:92:1f:3e:2e:01:cc:1f:6f:15:bd:d4:ce:43:0a:44:99:da: 40:7c:bf:bd:4f:78:0b:fb:41:1d:0c:8a:3d:8d:64:13:28:42: 78:2a:d9:c2:00:93:de:e7:29:3a:90:36:98:ef:94:dc:f6:33: 20:36:87:eb:8c:3e:aa:c9:86:33:55:bb:25:57:8c:22:9b:c6: 0b:8f:52:69:f7:f0:dd:58:eb:e3:b0:0c:16:fc:e9:4b:2d:56: 6a:32:cd:12 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUPJ8XlzaWnqJP7uTph6mSgIyc20wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAyMzMwNFoX DTI3MDUwMjAyMzgwNFowMzExMC8GA1UEAxMoMzJENzVBRjQ2MDIxQUFEODc1NkQ2 MDlBMUU4QzhCNEVDMEE4OTFDMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALzXDmg2grrOtcfB4+qtFEvLJnQMFuRqy2u5kpl4TMVD+27W2BQuvn6lm3kN pxOk3BSwbSQySIkb9lbezzebUL/A1onyq/vLVZqe2APw2JlGgKUSDvi9ZGc1wPHz R7xovFVTm4cbvS2sapwIVNrq+b7i5d2uLINGmLV/P3AiYTEO4bZOoZtr+1yIoCmy 49QMZdeGy7/b0OiGb7tD1uDyQYgcNbQKCVyRGWPehyaedjVCcy1LQBD2sCAk+8I8 l4ClOjR1tImsVCI9gd7eYUFOjpeVcLDIpBlXZdmdkReO75h5eP1xzXj7aUtc314G lJpBbXTM7qGVQTChdcGtApI5RIUCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDLXWvRgIarYdW1gmh6Mi07AqJHAMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2YyZTA1ZmNmLTVmMmEtNGQ1ZS1hM2YyLWQ4NDAzMmYwYzhmNy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9mMmUwNWZj Zi01ZjJhLTRkNWUtYTNmMi1kODQwMzJmMGM4ZjcvMC8zMkQ3NUFGNDYwMjFBQUQ4 NzU2RDYwOUExRThDOEI0RUMwQTg5MUMwLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZzbhMA0GCSqGSIb3DQEBCwUAA4IBAQBZDsr+ZPR+OUfPyRou71jR7e54O0fh SOKDA+o/cCIE4haRTlN2jzh45b+BXu/1gdbr0mTLCEN4IZn5xkAn8k46ZE4i6kc6 U9JXbzG9CLlCOstAhRtBLgV3iS968RatHeWVgxmPiUCaR4L3fLoFm87q7x/uJ8bK 62+nHerlp74whjujH1NFhMNxWz1insATsRBMPZSBxgOn+xheK8stTPUQg3CYkh8+ LgHMH28VvdTOQwpEmdpAfL+9T3gL+0EdDIo9jWQTKEJ4KtnCAJPe5yk6kDaY75Tc 9jMgNofrjD6qyYYzVbslV4wim8YLj1Jp9/DdWOvjsAwW/OlLLVZqMs0S -----END CERTIFICATE-----Generated at Tue May 12 22:03:19 2026 by rpki-client