$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/3BD4349E7B550BCE0E7C957E03D62D60B7D285F8.cer File: 3BD4349E7B550BCE0E7C957E03D62D60B7D285F8.cer (raw, json) Hash identifier: viV+jD74jQ/GaGvbxqJ/7KNW7IBQSJFgCt1I/FXSHgo= Subject key identifier: 3B:D4:34:9E:7B:55:0B:CE:0E:7C:95:7E:03:D6:2D:60:B7:D2:85:F8 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 05A306E02404678F34D661FA4C926368B1F09557 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/3a1f6299-b155-4212-b5e1-9f5703cd0989/0/3BD4349E7B550BCE0E7C957E03D62D60B7D285F8.mft caRepository: rsync://rpki-rsync.idnic.net/repo/3a1f6299-b155-4212-b5e1-9f5703cd0989/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:18:14 +0000 Certificate not after: Sun 02 May 2027 00:23:14 +0000 Subordinate resources: IP: 103.168.148.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 04:31:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:a3:06:e0:24:04:67:8f:34:d6:61:fa:4c:92:63:68:b1:f0:95:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:18:14 2026 GMT Not After : May 2 00:23:14 2027 GMT Subject: CN=3BD4349E7B550BCE0E7C957E03D62D60B7D285F8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:e0:c3:56:c4:27:61:c7:d2:80:42:ee:ff:6d: 5e:8a:ee:3d:32:11:78:df:68:5d:18:3a:89:01:88: 87:95:c7:df:fb:9d:f6:b6:58:37:76:6e:ca:c2:3c: 1f:aa:df:44:e1:66:c5:5d:3f:d5:89:1a:fc:23:16: a0:6b:f1:da:1b:96:b9:4d:d0:15:0e:5d:68:05:56: c2:64:63:f8:a4:ab:0b:09:ed:ea:6d:6a:f9:0c:f0: ad:4e:94:ea:6b:f3:9d:04:0d:ff:e9:25:09:ac:f2: d4:78:3b:e4:8e:e8:86:fb:aa:e5:70:93:6f:a0:53: 7d:94:ad:5f:20:6a:8d:90:70:bc:42:36:e7:dc:d5: 7d:ca:c8:b1:ed:8c:ff:b9:58:dc:8f:a6:e0:e2:7d: 9e:50:70:f3:c4:95:ca:09:ab:75:b7:aa:ea:49:7f: b2:78:d1:8f:04:64:bc:de:78:19:01:b2:49:3a:64: 72:ea:7c:6e:a1:6f:a3:74:4d:42:04:cf:d6:54:da: cf:87:71:43:0d:1b:0a:fb:1d:f8:cf:7b:1e:ca:fb: 93:27:b4:18:16:30:4c:6a:17:25:ff:41:9d:95:01: 1a:32:92:d5:23:91:18:5f:ba:75:d0:88:53:22:94: 88:5c:0e:9b:69:89:5e:88:15:f3:bb:7f:ab:63:14: 0a:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3B:D4:34:9E:7B:55:0B:CE:0E:7C:95:7E:03:D6:2D:60:B7:D2:85:F8 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/3a1f6299-b155-4212-b5e1-9f5703cd0989/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/3a1f6299-b155-4212-b5e1-9f5703cd0989/0/3BD4349E7B550BCE0E7C957E03D62D60B7D285F8.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.168.148.0/24 Signature Algorithm: sha256WithRSAEncryption 4f:84:d7:18:67:bf:a4:c5:40:06:06:58:6b:5f:d0:55:19:5c: 5d:9d:b4:57:6a:08:7d:93:e7:90:65:83:4b:fe:a8:25:eb:45: b6:7d:8b:bc:d4:3e:57:61:97:21:79:c6:6d:54:17:44:6a:d2: 46:a8:d1:cf:67:af:21:73:4a:40:22:23:9a:14:07:c3:ef:c4: 54:b6:58:a1:c3:21:89:a9:bf:2a:c1:ed:e7:be:96:3b:48:08: 79:84:ff:aa:9f:76:00:db:ab:56:8f:4f:71:59:70:cc:1b:a4: cd:64:07:45:dc:2c:ac:50:07:c1:b9:f3:68:f7:18:3d:9c:31: f4:91:9f:a8:9f:3c:04:78:43:f3:9b:c4:5c:f4:dc:96:22:04: 82:da:5f:6b:2c:79:db:bf:14:21:f5:96:0b:bb:58:9e:f2:a5: d3:67:1f:30:90:3d:34:ab:27:b3:f8:6d:0b:a9:2d:af:ca:c6: fc:f8:eb:5e:02:b2:4f:fa:9b:31:23:29:1a:03:d1:d3:51:a6: 9c:e0:54:02:68:cc:85:53:11:17:07:5b:d6:57:e9:c5:4a:3f: e5:d6:ca:49:ee:3a:fc:2c:c6:c7:9e:fe:27:75:a9:d7:e6:bc: 45:5c:c9:b8:8d:00:d8:c0:34:20:bc:31:9e:01:6b:d1:12:3e: 52:e3:bc:1e -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUBaMG4CQEZ4801mH6TJJjaLHwlVcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMTgxNFoX DTI3MDUwMjAwMjMxNFowMzExMC8GA1UEAxMoM0JENDM0OUU3QjU1MEJDRTBFN0M5 NTdFMDNENjJENjBCN0QyODVGODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALjgw1bEJ2HH0oBC7v9tXoruPTIReN9oXRg6iQGIh5XH3/ud9rZYN3ZuysI8 H6rfROFmxV0/1Yka/CMWoGvx2huWuU3QFQ5daAVWwmRj+KSrCwnt6m1q+QzwrU6U 6mvznQQN/+klCazy1Hg75I7ohvuq5XCTb6BTfZStXyBqjZBwvEI259zVfcrIse2M /7lY3I+m4OJ9nlBw88SVygmrdbeq6kl/snjRjwRkvN54GQGySTpkcup8bqFvo3RN QgTP1lTaz4dxQw0bCvsd+M97Hsr7kye0GBYwTGoXJf9BnZUBGjKS1SORGF+6ddCI UyKUiFwOm2mJXogV87t/q2MUCr8CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDvUNJ57VQvODnyVfgPWLWC30oX4MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzNhMWY2Mjk5LWIxNTUtNDIxMi1iNWUxLTlmNTcwM2NkMDk4OS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8zYTFmNjI5 OS1iMTU1LTQyMTItYjVlMS05ZjU3MDNjZDA5ODkvMC8zQkQ0MzQ5RTdCNTUwQkNF MEU3Qzk1N0UwM0Q2MkQ2MEI3RDI4NUY4Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ6iUMA0GCSqGSIb3DQEBCwUAA4IBAQBPhNcYZ7+kxUAGBlhrX9BVGVxdnbRX agh9k+eQZYNL/qgl60W2fYu81D5XYZchecZtVBdEatJGqNHPZ68hc0pAIiOaFAfD 78RUtlihwyGJqb8qwe3nvpY7SAh5hP+qn3YA26tWj09xWXDMG6TNZAdF3CysUAfB ufNo9xg9nDH0kZ+onzwEeEPzm8Rc9NyWIgSC2l9rLHnbvxQh9ZYLu1ie8qXTZx8w kD00qyez+G0LqS2vysb8+OteArJP+psxIykaA9HTUaac4FQCaMyFUxEXB1vWV+nF Sj/l1spJ7jr8LMbHnv4ndanX5rxFXMm4jQDYwDQgvDGeAWvREj5S47we -----END CERTIFICATE-----Generated at Wed May 13 05:38:05 2026 by rpki-client