$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/3FCCB124CE6330827269179656BC9A7F04BCACF3.cer File: 3FCCB124CE6330827269179656BC9A7F04BCACF3.cer (raw, json) Hash identifier: UBglm8XWKfpn0Q3P3YoOI+AdgnfJ4i011AqFcLYD2w4= Subject key identifier: 3F:CC:B1:24:CE:63:30:82:72:69:17:96:56:BC:9A:7F:04:BC:AC:F3 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5E194B6E25A774AF831B95BF4F0623BA611C7623 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/533f60e6-afdd-4e10-83b4-e8cbd641c52f/0/3FCCB124CE6330827269179656BC9A7F04BCACF3.mft caRepository: rsync://rpki-rsync.idnic.net/repo/533f60e6-afdd-4e10-83b4-e8cbd641c52f/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:34:55 +0000 Certificate not after: Sun 02 May 2027 00:39:55 +0000 Subordinate resources: IP: 103.158.154.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:19:4b:6e:25:a7:74:af:83:1b:95:bf:4f:06:23:ba:61:1c:76:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:34:55 2026 GMT Not After : May 2 00:39:55 2027 GMT Subject: CN=3FCCB124CE6330827269179656BC9A7F04BCACF3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:50:0c:f6:db:19:56:2c:0a:86:4f:32:b4:24: ba:8b:94:fe:cb:13:cf:67:05:bb:14:d0:eb:ce:6d: 07:99:9d:2a:ea:2a:53:06:a6:34:4b:64:8d:1c:9d: b0:cf:d1:bc:c1:b3:92:29:9f:64:fc:20:aa:ed:4b: 65:8d:ac:0b:cd:69:30:04:ab:06:a6:98:60:7d:85: 11:a9:c0:b0:99:c3:a0:12:93:38:2f:28:1e:07:8a: 42:1c:c2:26:6c:b4:df:54:0e:54:f8:51:41:e0:db: 79:b2:c3:2f:b8:1c:3f:0f:61:85:4d:cc:40:19:b6: 63:9d:13:e8:78:72:37:a4:5a:5b:ea:a9:7c:f6:cf: 4c:93:1c:27:7f:1d:9d:bc:3f:88:e1:fe:5d:a9:e0: 44:31:58:ec:46:a5:e0:0b:48:f6:24:65:80:9b:7b: ad:7e:6b:26:e2:43:ac:f1:31:fa:18:3a:22:ca:ec: 34:69:5d:67:0d:9f:37:cb:12:35:7b:76:4e:81:a9: 11:be:92:e6:4c:43:ab:c9:04:cf:0e:20:45:c1:33: d3:90:26:ac:28:03:99:0d:72:fa:4c:99:f5:e1:e9: 5b:64:fd:fc:a3:0c:ea:8a:ef:3c:df:9c:6f:6b:2b: 56:67:1d:55:7d:25:45:12:be:d3:fe:1b:e8:44:95: ba:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3F:CC:B1:24:CE:63:30:82:72:69:17:96:56:BC:9A:7F:04:BC:AC:F3 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/533f60e6-afdd-4e10-83b4-e8cbd641c52f/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/533f60e6-afdd-4e10-83b4-e8cbd641c52f/0/3FCCB124CE6330827269179656BC9A7F04BCACF3.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.158.154.0/23 Signature Algorithm: sha256WithRSAEncryption 6f:65:69:fc:63:36:a7:56:ce:25:2b:e2:ae:59:e9:0a:3a:cc: 18:50:8e:22:6e:18:26:bc:36:7f:d9:d0:0a:f9:1f:ae:82:26: ff:f2:0b:a5:8e:77:6c:96:1f:80:5e:d2:7e:31:16:22:06:55: 38:30:22:f9:c1:7e:df:bf:65:a2:91:9b:4f:0a:5f:ff:5d:b9: 32:93:1a:75:90:b7:ad:6f:0c:69:8c:2e:a0:cf:27:e6:1a:c6: 3f:e4:86:cc:46:ce:3f:9c:e5:c8:79:8e:36:77:f8:d7:32:69: 1c:6c:b1:9b:1d:08:d3:1d:00:b0:0d:ad:03:86:68:df:cc:6a: 91:6b:3f:09:ee:2b:bf:64:65:8c:75:ef:ff:b5:a7:20:be:86: a6:f6:68:df:a4:89:33:77:ac:1c:25:27:8b:b2:73:67:ee:e0: 09:ba:bb:69:c5:05:f7:da:d4:a4:81:86:5b:8f:3b:17:ef:e9: cb:b7:d3:62:ca:69:58:57:fc:fd:a6:f4:05:02:5f:6a:a4:ba: 35:1b:ca:6d:ab:8f:a1:38:39:da:36:c2:87:fd:36:a0:f5:ff: 0f:e1:03:6c:49:ac:59:9a:2b:47:07:9d:bf:88:86:37:b3:47: 4d:c4:be:59:87:f8:62:6a:aa:50:13:5d:e5:d2:58:19:95:ca: ea:e9:b1:9f -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUXhlLbiWndK+DG5W/TwYjumEcdiMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMzQ1NVoX DTI3MDUwMjAwMzk1NVowMzExMC8GA1UEAxMoM0ZDQ0IxMjRDRTYzMzA4MjcyNjkx Nzk2NTZCQzlBN0YwNEJDQUNGMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALVQDPbbGVYsCoZPMrQkuouU/ssTz2cFuxTQ685tB5mdKuoqUwamNEtkjRyd sM/RvMGzkimfZPwgqu1LZY2sC81pMASrBqaYYH2FEanAsJnDoBKTOC8oHgeKQhzC Jmy031QOVPhRQeDbebLDL7gcPw9hhU3MQBm2Y50T6HhyN6RaW+qpfPbPTJMcJ38d nbw/iOH+XangRDFY7Eal4AtI9iRlgJt7rX5rJuJDrPEx+hg6IsrsNGldZw2fN8sS NXt2ToGpEb6S5kxDq8kEzw4gRcEz05AmrCgDmQ1y+kyZ9eHpW2T9/KMM6orvPN+c b2srVmcdVX0lRRK+0/4b6ESVuiMCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFD/MsSTOYzCCcmkXlla8mn8EvKzzMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzUzM2Y2MGU2LWFmZGQtNGUxMC04M2I0LWU4Y2JkNjQxYzUyZi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby81MzNmNjBl Ni1hZmRkLTRlMTAtODNiNC1lOGNiZDY0MWM1MmYvMC8zRkNDQjEyNENFNjMzMDgy NzI2OTE3OTY1NkJDOUE3RjA0QkNBQ0YzLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ56aMA0GCSqGSIb3DQEBCwUAA4IBAQBvZWn8YzanVs4lK+KuWekKOswYUI4i bhgmvDZ/2dAK+R+ugib/8guljndslh+AXtJ+MRYiBlU4MCL5wX7fv2WikZtPCl// Xbkykxp1kLetbwxpjC6gzyfmGsY/5IbMRs4/nOXIeY42d/jXMmkcbLGbHQjTHQCw Da0DhmjfzGqRaz8J7iu/ZGWMde//tacgvoam9mjfpIkzd6wcJSeLsnNn7uAJurtp xQX32tSkgYZbjzsX7+nLt9NiymlYV/z9pvQFAl9qpLo1G8ptq4+hODnaNsKH/Tag 9f8P4QNsSaxZmitHB52/iIY3s0dNxL5Zh/hiaqpQE13l0lgZlcrq6bGf -----END CERTIFICATE-----Generated at Tue May 12 22:10:09 2026 by rpki-client