$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/408DEB7465856EE053B64340FA814B862FA5ED30.cer File: 408DEB7465856EE053B64340FA814B862FA5ED30.cer (raw, json) Hash identifier: fIde25wuMhnCbiawOzTTWyNnWQ0hoK+auwqrf6/l5PI= Subject key identifier: 40:8D:EB:74:65:85:6E:E0:53:B6:43:40:FA:81:4B:86:2F:A5:ED:30 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 28F5C188C048617C8D73BF6A026E7F37E934C590 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.mft caRepository: rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:09:35 +0000 Certificate not after: Sun 02 May 2027 01:14:35 +0000 Subordinate resources: IP: 103.20.188.0/22 IP: 119.18.152.0/21 IP: 124.158.176.0/20 IP: 150.107.140.0/22 IP: 202.145.8.0/21 IP: 203.161.16.0/21 IP: 2404:e100::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:f5:c1:88:c0:48:61:7c:8d:73:bf:6a:02:6e:7f:37:e9:34:c5:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:09:35 2026 GMT Not After : May 2 01:14:35 2027 GMT Subject: CN=408DEB7465856EE053B64340FA814B862FA5ED30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:40:44:46:5c:be:44:d4:02:15:9f:33:ea:91: 46:1a:60:50:22:3b:43:71:92:74:ee:dd:f5:8e:22: 22:d3:25:84:ce:ac:c6:e2:4d:50:80:51:86:c6:bf: 91:d2:5b:c7:55:8c:45:d4:cb:03:7f:6e:af:f0:c5: 6c:62:2a:e5:82:74:58:d8:83:fb:d0:3f:72:67:ea: e9:92:19:3f:7a:4b:21:6c:b4:b0:1f:11:87:f2:da: a8:6e:f8:f2:f5:05:f5:cf:08:8b:b8:12:f3:f7:74: 7c:2b:06:35:7a:af:a1:9d:bf:ad:10:79:60:72:f7: 5e:b0:1b:43:45:50:b3:9e:a0:89:b5:20:f3:79:4b: 65:4c:97:df:1e:d2:82:2e:98:21:f9:2c:5b:72:61: 0d:9b:ff:55:ea:23:8f:4a:d1:01:b0:46:75:05:f4: d2:17:19:2a:3f:ed:bc:78:f6:b0:a6:41:f7:b3:12: 80:ad:35:db:3a:83:bc:c8:5c:71:86:61:73:a7:2e: 6a:46:7a:84:51:e6:3e:60:af:af:9b:c4:ac:4d:a6: 1f:0b:e3:fc:69:53:d0:8d:f7:86:46:93:85:45:5e: 93:3c:d5:e8:e9:9f:70:3f:d6:70:f2:b5:85:a5:30: bf:06:fe:51:17:59:84:9e:d4:5b:4f:71:5b:43:51: 80:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 40:8D:EB:74:65:85:6E:E0:53:B6:43:40:FA:81:4B:86:2F:A5:ED:30 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/408DEB7465856EE053B64340FA814B862FA5ED30.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.20.188.0/22 119.18.152.0/21 124.158.176.0/20 150.107.140.0/22 202.145.8.0/21 203.161.16.0/21 IPv6: 2404:e100::/32 Signature Algorithm: sha256WithRSAEncryption 1b:2a:04:b6:83:dc:f5:84:85:87:5b:75:e9:84:cf:26:52:2c: 5f:b9:4d:0e:f7:c0:42:06:f4:c5:ab:53:5e:fa:c6:f0:28:65: f7:5c:cf:bf:91:7d:dc:a2:73:05:db:f8:54:5a:c8:ec:4c:23: 7b:33:e5:5a:36:08:0e:35:cc:36:e7:35:0d:8c:ad:a7:2d:e0: fb:2a:fe:31:7c:50:4a:69:69:38:43:d6:f7:32:9c:39:7a:fa: c1:d2:ab:bd:ff:1d:c4:3a:3c:7b:80:8e:19:26:b8:64:30:f9: 9a:b7:c3:68:55:6d:73:02:9f:94:97:7c:b9:34:16:e3:d1:6f: 80:72:3d:4d:73:18:33:32:4b:3c:97:97:db:a2:23:67:ab:be: 01:22:04:36:4d:aa:0c:05:75:31:0a:b6:42:80:a1:2a:15:51: 20:e1:4e:09:fe:89:d3:0b:b8:82:ef:74:62:5c:09:da:e4:12: ed:7f:0d:87:15:27:6a:81:f0:9b:26:47:75:45:bf:6d:39:12: 62:3d:2e:1d:c3:c4:6e:87:2e:46:7d:b8:98:ee:14:9f:a4:2f: 12:2c:e8:20:92:dc:fa:49:89:43:70:c5:a4:16:a0:e7:bb:6a: b3:6e:4f:ee:0d:ae:54:7a:fa:14:d3:6b:f7:19:75:fb:8d:e3: 4a:18:a0:48 -----BEGIN CERTIFICATE----- MIIF8zCCBNugAwIBAgIUKPXBiMBIYXyNc79qAm5/N+k0xZAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMDkzNVoX DTI3MDUwMjAxMTQzNVowMzExMC8GA1UEAxMoNDA4REVCNzQ2NTg1NkVFMDUzQjY0 MzQwRkE4MTRCODYyRkE1RUQzMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANZAREZcvkTUAhWfM+qRRhpgUCI7Q3GSdO7d9Y4iItMlhM6sxuJNUIBRhsa/ kdJbx1WMRdTLA39ur/DFbGIq5YJ0WNiD+9A/cmfq6ZIZP3pLIWy0sB8Rh/LaqG74 8vUF9c8Ii7gS8/d0fCsGNXqvoZ2/rRB5YHL3XrAbQ0VQs56gibUg83lLZUyX3x7S gi6YIfksW3JhDZv/Veojj0rRAbBGdQX00hcZKj/tvHj2sKZB97MSgK012zqDvMhc cYZhc6cuakZ6hFHmPmCvr5vErE2mHwvj/GlT0I33hkaThUVekzzV6OmfcD/WcPK1 haUwvwb+URdZhJ7UW09xW0NRgCUCAwEAAaOCAuYwggLiMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFECN63RlhW7gU7ZDQPqBS4Yvpe0wMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv Lzg1ZDhkYWI0LThiYjYtNGVkMC04ZGFiLTVhNDA2MTY3Yjk5ZC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby84NWQ4ZGFi NC04YmI2LTRlZDAtOGRhYi01YTQwNjE2N2I5OWQvMC80MDhERUI3NDY1ODU2RUUw NTNCNjQzNDBGQTgxNEI4NjJGQTVFRDMwLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAk AwQCZxS8AwQDdxKYAwQEfJ6wAwQClmuMAwQDypEIAwQDy6EQMA0EAgACMAcDBQAk BOEAMA0GCSqGSIb3DQEBCwUAA4IBAQAbKgS2g9z1hIWHW3XphM8mUixfuU0O98BC BvTFq1Ne+sbwKGX3XM+/kX3conMF2/hUWsjsTCN7M+VaNggONcw25zUNjK2nLeD7 Kv4xfFBKaWk4Q9b3Mpw5evrB0qu9/x3EOjx7gI4ZJrhkMPmat8NoVW1zAp+Ul3y5 NBbj0W+Acj1NcxgzMks8l5fboiNnq74BIgQ2TaoMBXUxCrZCgKEqFVEg4U4J/onT C7iC73RiXAna5BLtfw2HFSdqgfCbJkd1Rb9tORJiPS4dw8Ruhy5GfbiY7hSfpC8S LOggktz6SYlDcMWkFqDnu2qzbk/uDa5UevoU02v3GXX7jeNKGKBI -----END CERTIFICATE-----Generated at Wed May 13 01:07:08 2026 by rpki-client