$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/340A9D577B868F9D853E54BF9FEA79E66E32C49F.cer File: 340A9D577B868F9D853E54BF9FEA79E66E32C49F.cer (raw, json) Hash identifier: 2pMohyEGvgO5TtBylrXv3eFFYaBZxVdpO4NQDXUaGkk= Subject key identifier: 34:0A:9D:57:7B:86:8F:9D:85:3E:54:BF:9F:EA:79:E6:6E:32:C4:9F Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 6E6A1E7C26F1C889E0A2B679F1030179A648DCF5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/1/340A9D577B868F9D853E54BF9FEA79E66E32C49F.mft caRepository: rsync://rpki-rsync.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/1/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:09:12 +0000 Certificate not after: Sun 02 May 2027 01:14:12 +0000 Subordinate resources: IP: 103.172.172.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:6a:1e:7c:26:f1:c8:89:e0:a2:b6:79:f1:03:01:79:a6:48:dc:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:09:12 2026 GMT Not After : May 2 01:14:12 2027 GMT Subject: CN=340A9D577B868F9D853E54BF9FEA79E66E32C49F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:ab:33:17:79:7a:e4:e9:49:2d:cf:ec:0e:79: aa:ae:d9:3f:7a:f5:0a:2d:65:16:74:99:91:2a:03: 48:36:7e:f2:f7:fa:9d:4d:23:d6:4d:f2:6a:46:51: bf:a7:78:01:5c:80:60:eb:f4:4b:80:09:ff:9e:01: 43:e3:38:66:f9:5a:08:3d:1b:94:eb:3e:d7:53:45: 75:2b:be:92:48:20:77:5e:c4:33:0f:a2:1d:4f:3a: a4:99:4a:f8:b6:1d:8c:84:60:5f:00:53:b5:7e:97: 94:1c:c1:c8:98:15:4e:99:1b:df:90:4a:63:7c:98: a7:86:f6:be:be:4e:98:39:31:e2:d9:ca:80:1e:e4: c7:c8:2d:3c:c9:ba:a1:fc:73:79:25:ff:a5:c6:6f: 4f:c1:4d:52:3b:d6:9e:81:1d:ea:dd:b5:f3:28:f9: d8:e7:98:71:20:a9:0b:f5:73:9c:c6:10:0f:e9:31: c4:36:5e:e5:37:a5:56:58:9b:cd:46:56:70:c8:2d: 48:94:5f:32:2b:d0:3d:03:77:4c:35:dc:db:cf:23: 11:92:88:a9:be:b9:34:33:01:51:8d:34:1f:b0:06: f6:44:8d:6f:98:b5:2c:49:bf:d9:64:42:70:e9:8f: 47:f2:47:93:46:de:77:7d:0b:c3:11:cd:0a:94:23: 91:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 34:0A:9D:57:7B:86:8F:9D:85:3E:54:BF:9F:EA:79:E6:6E:32:C4:9F X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/1/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/1/340A9D577B868F9D853E54BF9FEA79E66E32C49F.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.172.172.0/24 Signature Algorithm: sha256WithRSAEncryption 83:8f:7c:f6:1e:ac:d8:e7:74:aa:b1:8f:41:95:f6:e7:d4:ab: 8e:18:54:62:b3:e2:2f:77:0b:d3:31:b5:1a:66:14:ed:64:4e: 39:cc:51:c7:5c:27:a5:7b:a6:18:9b:03:c4:9f:e5:0b:55:0e: d5:72:80:a2:50:bd:f6:ea:b2:67:75:f2:f7:3a:2d:57:07:86: a4:ac:2c:8d:f4:90:c7:25:64:0c:87:eb:45:4b:d9:39:9d:6f: 13:66:48:33:a3:54:e9:1e:69:b5:c5:eb:c4:f8:34:e7:4b:0c: d0:a6:72:d9:90:0d:a0:23:29:cd:90:ac:4f:f0:33:20:dc:88: f9:5a:70:64:89:0e:2b:f3:74:52:f8:f4:f3:99:fb:48:e2:69: 7f:0e:bd:20:0f:93:5e:89:b2:93:ee:fa:32:26:30:29:1a:d3: 93:6a:69:27:7f:31:6a:05:0f:98:79:87:d9:c5:7d:55:db:d4: 1a:77:bc:75:96:c9:9f:bd:91:75:96:6c:66:51:48:5c:fd:f0: 01:f4:af:3e:b4:ce:ba:5e:97:7f:5c:61:39:4f:66:a6:3d:eb: 8b:ef:5d:b8:a2:54:77:ff:70:1d:7e:5b:48:32:fe:37:74:c7: 1b:cb:ba:73:fb:a3:cf:20:6d:9d:0f:04:a9:bb:b1:78:b6:33: ce:ae:c2:d7 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUbmoefCbxyIngorZ58QMBeaZI3PUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMDkxMloX DTI3MDUwMjAxMTQxMlowMzExMC8GA1UEAxMoMzQwQTlENTc3Qjg2OEY5RDg1M0U1 NEJGOUZFQTc5RTY2RTMyQzQ5RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKurMxd5euTpSS3P7A55qq7ZP3r1Ci1lFnSZkSoDSDZ+8vf6nU0j1k3yakZR v6d4AVyAYOv0S4AJ/54BQ+M4ZvlaCD0blOs+11NFdSu+kkggd17EMw+iHU86pJlK +LYdjIRgXwBTtX6XlBzByJgVTpkb35BKY3yYp4b2vr5OmDkx4tnKgB7kx8gtPMm6 ofxzeSX/pcZvT8FNUjvWnoEd6t218yj52OeYcSCpC/VznMYQD+kxxDZe5TelVlib zUZWcMgtSJRfMivQPQN3TDXc288jEZKIqb65NDMBUY00H7AG9kSNb5i1LEm/2WRC cOmPR/JHk0bed30LwxHNCpQjkeUCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDQKnVd7ho+dhT5Uv5/qeeZuMsSfMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv Lzg0ZGE0MTViLTVmMTctNDYwMi05YmQ5LWZkODRhYzJjYWU4Ni8xLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby84NGRhNDE1 Yi01ZjE3LTQ2MDItOWJkOS1mZDg0YWMyY2FlODYvMS8zNDBBOUQ1NzdCODY4RjlE ODUzRTU0QkY5RkVBNzlFNjZFMzJDNDlGLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ6ysMA0GCSqGSIb3DQEBCwUAA4IBAQCDj3z2HqzY53SqsY9Blfbn1KuOGFRi s+IvdwvTMbUaZhTtZE45zFHHXCele6YYmwPEn+ULVQ7VcoCiUL326rJndfL3Oi1X B4akrCyN9JDHJWQMh+tFS9k5nW8TZkgzo1TpHmm1xevE+DTnSwzQpnLZkA2gIynN kKxP8DMg3Ij5WnBkiQ4r83RS+PTzmftI4ml/Dr0gD5NeibKT7voyJjApGtOTamkn fzFqBQ+YeYfZxX1V29Qad7x1lsmfvZF1lmxmUUhc/fAB9K8+tM66Xpd/XGE5T2am PeuL7124olR3/3AdfltIMv43dMcby7pz+6PPIG2dDwSpu7F4tjPOrsLX -----END CERTIFICATE-----Generated at Tue May 12 22:49:46 2026 by rpki-client