$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/40CAF98483C41DA7BDC759A128942EA7634B575E.cer File: 40CAF98483C41DA7BDC759A128942EA7634B575E.cer (raw, json) Hash identifier: KwVAkgvivzT4pntS0Wna6flbcNuEdvCg1sFPL+Vsfck= Subject key identifier: 40:CA:F9:84:83:C4:1D:A7:BD:C7:59:A1:28:94:2E:A7:63:4B:57:5E Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 36CC71D4315080F87030155B3C93949D7DFFA240 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/d05e5a30-0802-4c5c-947e-98ef285f4f6b/0/40CAF98483C41DA7BDC759A128942EA7634B575E.mft caRepository: rsync://rpki-rsync.idnic.net/repo/d05e5a30-0802-4c5c-947e-98ef285f4f6b/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:56:50 +0000 Certificate not after: Sun 02 May 2027 02:01:50 +0000 Subordinate resources: IP: 103.189.110.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:cc:71:d4:31:50:80:f8:70:30:15:5b:3c:93:94:9d:7d:ff:a2:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:56:50 2026 GMT Not After : May 2 02:01:50 2027 GMT Subject: CN=40CAF98483C41DA7BDC759A128942EA7634B575E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:00:21:58:38:57:2d:0e:66:9c:f8:9a:3b:13: 61:68:36:e4:01:4e:fb:6b:24:9e:b6:3f:e1:8e:0b: 96:85:85:8c:9a:38:c4:cf:02:9d:d7:ac:a3:5b:e4: c4:43:30:4b:4e:8c:f6:f0:ef:f8:a2:ea:38:54:2d: 4c:94:94:6c:56:03:fb:df:bc:f6:13:58:b9:00:b9: dc:d3:27:15:78:3b:1c:55:e1:bb:00:ae:a7:9a:b1: 46:50:7c:79:36:0d:cd:2c:fd:5e:80:ff:f8:b0:a6: ee:bc:5b:8e:b3:7d:66:c3:31:aa:d3:16:79:c9:cb: 69:70:09:76:0e:36:7b:6e:18:08:78:71:e9:96:82: a7:36:9a:17:61:f5:a7:0b:91:fc:82:d5:56:a2:12: 3b:e0:4c:b5:7a:f7:aa:3f:30:81:2c:73:9b:d9:10: ec:c3:3d:da:1c:66:78:7c:ef:34:b2:11:f9:ee:c7: 9d:26:a2:84:d2:bf:d9:bb:b6:2d:be:d7:94:06:3f: 04:e3:5c:4a:77:99:10:07:60:13:5d:d2:5d:7d:e9: e9:db:05:59:98:cd:46:67:cd:c6:c8:ea:16:b0:92: b3:a5:07:df:8d:25:da:89:fb:b0:18:2a:36:6a:83: 64:8b:9a:00:ca:9d:fb:91:7e:2c:84:84:49:ec:54: 80:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 40:CA:F9:84:83:C4:1D:A7:BD:C7:59:A1:28:94:2E:A7:63:4B:57:5E X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/d05e5a30-0802-4c5c-947e-98ef285f4f6b/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/d05e5a30-0802-4c5c-947e-98ef285f4f6b/0/40CAF98483C41DA7BDC759A128942EA7634B575E.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.189.110.0/23 Signature Algorithm: sha256WithRSAEncryption 3c:66:fd:87:1d:2c:ef:39:15:22:2a:5a:c7:35:4d:fc:c1:00: 0e:2c:0d:a4:f5:6f:8b:80:96:f4:7c:8c:4e:02:be:9f:6f:1a: 9b:a6:8c:70:9a:9f:f2:5e:5e:a0:c8:94:f8:79:d6:b8:f5:c1: 30:80:11:ec:64:79:93:80:b7:ee:26:01:1d:fd:47:3c:b8:8c: ab:ae:04:56:34:f3:02:af:5a:c6:5f:ba:f2:58:b0:73:7a:f4: d4:b7:2b:df:7d:21:0a:07:b6:ed:f1:87:ee:48:5f:f5:73:53: 24:c6:d7:53:a0:1f:15:55:e3:99:2a:b7:05:8b:93:c4:2d:4e: 01:44:3a:3f:57:59:ef:f7:4c:8e:0c:74:a9:25:3b:f5:58:aa: e4:26:e0:6f:47:e9:2c:22:d5:b4:56:ef:49:1b:05:77:9a:c1: 54:a0:6e:33:be:8a:cf:5f:b9:81:1f:5c:6a:14:cc:2f:06:45: d0:13:d7:0d:74:b6:c8:65:a3:15:40:36:ac:5f:a9:56:45:6f: cd:bd:80:73:d8:80:34:be:20:21:12:71:0e:1d:82:39:af:16: 2b:65:d2:ba:2a:dc:23:c5:0e:cd:e4:35:4b:f8:ef:c4:ea:9a: b0:ff:68:64:4b:89:a8:86:9d:79:11:94:9b:8b:b5:ef:fe:d7: a9:d7:51:0b -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUNsxx1DFQgPhwMBVbPJOUnX3/okAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxNTY1MFoX DTI3MDUwMjAyMDE1MFowMzExMC8GA1UEAxMoNDBDQUY5ODQ4M0M0MURBN0JEQzc1 OUExMjg5NDJFQTc2MzRCNTc1RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJgAIVg4Vy0OZpz4mjsTYWg25AFO+2sknrY/4Y4LloWFjJo4xM8Cndeso1vk xEMwS06M9vDv+KLqOFQtTJSUbFYD+9+89hNYuQC53NMnFXg7HFXhuwCup5qxRlB8 eTYNzSz9XoD/+LCm7rxbjrN9ZsMxqtMWecnLaXAJdg42e24YCHhx6ZaCpzaaF2H1 pwuR/ILVVqISO+BMtXr3qj8wgSxzm9kQ7MM92hxmeHzvNLIR+e7HnSaihNK/2bu2 Lb7XlAY/BONcSneZEAdgE13SXX3p6dsFWZjNRmfNxsjqFrCSs6UH340l2on7sBgq NmqDZIuaAMqd+5F+LISESexUgIUCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEDK+YSDxB2nvcdZoSiULqdjS1deMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2QwNWU1YTMwLTA4MDItNGM1Yy05NDdlLTk4ZWYyODVmNGY2Yi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9kMDVlNWEz MC0wODAyLTRjNWMtOTQ3ZS05OGVmMjg1ZjRmNmIvMC80MENBRjk4NDgzQzQxREE3 QkRDNzU5QTEyODk0MkVBNzYzNEI1NzVFLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ71uMA0GCSqGSIb3DQEBCwUAA4IBAQA8Zv2HHSzvORUiKlrHNU38wQAOLA2k 9W+LgJb0fIxOAr6fbxqbpoxwmp/yXl6gyJT4eda49cEwgBHsZHmTgLfuJgEd/Uc8 uIyrrgRWNPMCr1rGX7ryWLBzevTUtyvffSEKB7bt8YfuSF/1c1MkxtdToB8VVeOZ KrcFi5PELU4BRDo/V1nv90yODHSpJTv1WKrkJuBvR+ksItW0Vu9JGwV3msFUoG4z vorPX7mBH1xqFMwvBkXQE9cNdLbIZaMVQDasX6lWRW/NvYBz2IA0viAhEnEOHYI5 rxYrZdK6KtwjxQ7N5DVL+O/E6pqw/2hkS4mohp15EZSbi7Xv/tep11EL -----END CERTIFICATE-----Generated at Tue May 12 22:16:40 2026 by rpki-client