$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/3A720CDD09E2F97A912B9B7DF2C33529461EB9B5.cer File: 3A720CDD09E2F97A912B9B7DF2C33529461EB9B5.cer (raw, json) Hash identifier: yFJwdc/EJyFNpbbRE6UBFKb76GK+ttFMkSVkzDLbycg= Subject key identifier: 3A:72:0C:DD:09:E2:F9:7A:91:2B:9B:7D:F2:C3:35:29:46:1E:B9:B5 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 259C9DEAE7EA6786B70EADD2BCD0F62F40D25DA1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/6bac619b-21e6-41d6-8e94-5804538c543e/0/3A720CDD09E2F97A912B9B7DF2C33529461EB9B5.mft caRepository: rsync://rpki-rsync.idnic.net/repo/6bac619b-21e6-41d6-8e94-5804538c543e/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:50:55 +0000 Certificate not after: Sun 02 May 2027 00:55:55 +0000 Subordinate resources: IP: 103.191.128.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:9c:9d:ea:e7:ea:67:86:b7:0e:ad:d2:bc:d0:f6:2f:40:d2:5d:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:50:55 2026 GMT Not After : May 2 00:55:55 2027 GMT Subject: CN=3A720CDD09E2F97A912B9B7DF2C33529461EB9B5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:bf:f5:23:c9:52:84:09:70:40:27:35:81:54: 70:25:ee:30:63:eb:33:d8:77:8b:3d:43:78:f0:d0: b0:ef:cd:62:e2:db:97:50:ff:b0:49:03:a5:97:37: 9c:ae:ca:f4:d9:ca:9d:5f:da:80:1b:5c:66:5e:f1: 3d:ac:5f:76:c9:50:20:aa:31:06:46:ee:cb:1e:be: 66:24:ec:0c:06:7f:80:83:7f:86:d7:7c:46:04:df: 89:7a:a8:9c:38:c4:e8:fd:be:ca:aa:31:b0:26:68: d0:3d:37:1e:2d:dc:f3:0e:24:ef:16:3b:63:2c:ce: 01:d4:31:e4:bf:bf:e2:d6:cd:f2:91:eb:bf:47:f3: 88:3d:f0:f6:06:04:43:c7:9a:ec:41:04:fc:a8:79: d3:f9:de:89:18:6c:0e:08:f5:fb:f8:cc:c5:e5:f8: 11:99:0d:28:12:20:73:91:d7:24:92:8e:aa:8d:83: 34:a8:2c:da:7f:4d:a9:c6:b1:15:97:ab:ab:c8:0d: 4c:86:d0:99:f0:dc:ce:4c:ae:00:a8:f3:5e:d3:61: 44:fc:0d:39:12:30:a4:46:2a:bc:51:0d:1f:c9:92: 1c:62:2b:c5:e4:d9:8e:fa:a8:aa:7a:43:7a:e0:c9: 1b:1d:4e:dd:d7:97:bf:ef:e0:bb:31:be:60:71:e9: 13:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3A:72:0C:DD:09:E2:F9:7A:91:2B:9B:7D:F2:C3:35:29:46:1E:B9:B5 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/6bac619b-21e6-41d6-8e94-5804538c543e/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/6bac619b-21e6-41d6-8e94-5804538c543e/0/3A720CDD09E2F97A912B9B7DF2C33529461EB9B5.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.191.128.0/24 Signature Algorithm: sha256WithRSAEncryption 77:e7:d7:d2:8e:b0:04:ea:d3:31:0f:b7:a7:22:a4:96:a7:43: 11:90:a9:7b:8a:fc:2d:9e:a0:1a:f1:cb:19:2b:8f:c5:81:32: 25:e2:35:82:e8:96:2e:3b:c0:16:d4:75:b8:51:7a:09:a4:b1: a0:ae:05:60:5f:7b:bf:12:b8:ab:f6:7d:a5:28:c1:d2:b9:67: 62:db:58:5c:78:9a:db:b6:d1:d2:ba:5c:d8:24:de:22:d6:c7: 9d:4d:29:a6:ca:1a:17:e5:0d:f2:11:63:b7:2f:a7:dd:b5:27: 21:ed:64:ae:75:c7:52:f0:75:13:ac:81:cf:1f:a1:58:d0:9c: f7:48:8d:99:3a:18:2d:0b:1f:94:c9:ea:f9:c7:5d:62:c1:f4: 94:89:f4:80:ee:47:7e:d4:6c:69:3d:c6:3f:56:de:f8:5f:3a: 0c:48:fb:45:2c:77:5b:d0:b7:f2:66:cc:32:6d:fb:d6:22:d8: f9:f1:1d:b0:12:22:cf:6e:20:a1:7d:64:e7:89:4c:b2:14:5b: 0b:43:77:c7:99:4b:46:a3:0c:4f:a9:52:06:80:d2:41:13:47: 8b:8f:4c:82:c4:23:bc:49:d6:36:38:c0:ca:0b:df:89:6c:97: 06:0a:7a:0c:76:d2:89:1c:e6:56:11:7c:9e:e5:42:62:5d:c9: 1e:05:21:b9 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUJZyd6ufqZ4a3Dq3SvND2L0DSXaEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwNTA1NVoX DTI3MDUwMjAwNTU1NVowMzExMC8GA1UEAxMoM0E3MjBDREQwOUUyRjk3QTkxMkI5 QjdERjJDMzM1Mjk0NjFFQjlCNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANi/9SPJUoQJcEAnNYFUcCXuMGPrM9h3iz1DePDQsO/NYuLbl1D/sEkDpZc3 nK7K9NnKnV/agBtcZl7xPaxfdslQIKoxBkbuyx6+ZiTsDAZ/gIN/htd8RgTfiXqo nDjE6P2+yqoxsCZo0D03Hi3c8w4k7xY7YyzOAdQx5L+/4tbN8pHrv0fziD3w9gYE Q8ea7EEE/Kh50/neiRhsDgj1+/jMxeX4EZkNKBIgc5HXJJKOqo2DNKgs2n9Nqcax FZerq8gNTIbQmfDczkyuAKjzXtNhRPwNORIwpEYqvFENH8mSHGIrxeTZjvqoqnpD euDJGx1O3deXv+/guzG+YHHpEw0CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDpyDN0J4vl6kSubffLDNSlGHrm1MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzZiYWM2MTliLTIxZTYtNDFkNi04ZTk0LTU4MDQ1MzhjNTQzZS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby82YmFjNjE5 Yi0yMWU2LTQxZDYtOGU5NC01ODA0NTM4YzU0M2UvMC8zQTcyMENERDA5RTJGOTdB OTEyQjlCN0RGMkMzMzUyOTQ2MUVCOUI1Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ7+AMA0GCSqGSIb3DQEBCwUAA4IBAQB359fSjrAE6tMxD7enIqSWp0MRkKl7 ivwtnqAa8csZK4/FgTIl4jWC6JYuO8AW1HW4UXoJpLGgrgVgX3u/Erir9n2lKMHS uWdi21hceJrbttHSulzYJN4i1sedTSmmyhoX5Q3yEWO3L6fdtSch7WSudcdS8HUT rIHPH6FY0Jz3SI2ZOhgtCx+Uyer5x11iwfSUifSA7kd+1GxpPcY/Vt74XzoMSPtF LHdb0LfyZswybfvWItj58R2wEiLPbiChfWTniUyyFFsLQ3fHmUtGowxPqVIGgNJB E0eLj0yCxCO8SdY2OMDKC9+JbJcGCnoMdtKJHOZWEXye5UJiXckeBSG5 -----END CERTIFICATE-----Generated at Tue May 12 22:10:46 2026 by rpki-client