$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/40E44AC44B4C3A31BF6ADD6A43ED44FEE05E63CD.cer File: 40E44AC44B4C3A31BF6ADD6A43ED44FEE05E63CD.cer (raw, json) Hash identifier: xQ/ZMpLXJ6blY20TpktwdaunHZoiVP6iygBwZIKNKr4= Subject key identifier: 40:E4:4A:C4:4B:4C:3A:31:BF:6A:DD:6A:43:ED:44:FE:E0:5E:63:CD Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 54BEAD5CE62E923B2A099BCE34767A8CAF74D63F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/98c4ba12-63bb-4550-ac0f-53f08c463511/0/40E44AC44B4C3A31BF6ADD6A43ED44FEE05E63CD.mft caRepository: rsync://rpki-rsync.idnic.net/repo/98c4ba12-63bb-4550-ac0f-53f08c463511/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:21:31 +0000 Certificate not after: Sun 02 May 2027 01:26:31 +0000 Subordinate resources: IP: 103.173.133.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:be:ad:5c:e6:2e:92:3b:2a:09:9b:ce:34:76:7a:8c:af:74:d6:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:21:31 2026 GMT Not After : May 2 01:26:31 2027 GMT Subject: CN=40E44AC44B4C3A31BF6ADD6A43ED44FEE05E63CD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:6f:6a:36:18:4a:3a:09:d0:7d:db:78:4d:61: 46:6d:5d:ad:96:10:cc:0e:ae:2d:68:3d:c0:36:78: c1:30:9f:65:57:d1:48:6e:c8:08:00:32:03:50:3d: 24:05:63:45:b3:0b:fa:0c:c0:01:93:53:9a:ae:17: 7b:10:6f:a6:f2:e5:87:f6:ed:9f:13:b5:52:42:d6: 9b:e6:9d:a4:85:28:c1:65:12:a4:60:4f:08:1b:6a: 8e:2a:7b:ef:70:f8:c5:43:96:65:71:a6:a2:60:20: 5d:68:28:ba:9b:c6:83:22:a2:09:ea:02:42:de:47: cd:2e:5c:99:9e:bf:df:16:9e:d1:cd:22:af:01:ea: fe:3c:f9:41:13:09:f4:a1:25:f6:7d:bf:8e:2e:9e: f8:be:2a:29:09:80:7d:2d:93:4f:67:c1:36:17:47: 9b:02:f1:b6:06:13:5c:62:0f:8c:4d:79:a9:2e:f4: 79:85:17:ff:79:72:e2:60:cf:79:a2:a1:97:29:42: 9a:9b:82:05:68:75:fc:19:73:db:7c:ae:ef:a6:d5: 38:f5:bb:5c:24:70:f4:6e:62:83:f5:e2:21:87:99: 5c:04:c2:0f:77:0a:7d:6f:38:a3:09:25:13:d5:b7: 83:f7:15:2c:b9:01:c0:0f:0f:20:81:3a:8b:54:9c: 88:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 40:E4:4A:C4:4B:4C:3A:31:BF:6A:DD:6A:43:ED:44:FE:E0:5E:63:CD X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/98c4ba12-63bb-4550-ac0f-53f08c463511/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/98c4ba12-63bb-4550-ac0f-53f08c463511/0/40E44AC44B4C3A31BF6ADD6A43ED44FEE05E63CD.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.173.133.0/24 Signature Algorithm: sha256WithRSAEncryption 7a:12:34:11:10:06:d2:81:a9:e3:7a:3b:2c:49:f5:7e:e5:c6: c2:c6:47:ba:d2:dc:c2:23:0b:93:d9:16:ce:7a:b0:b6:b4:c6: 8c:07:35:51:c2:36:24:bd:c1:2c:eb:33:0d:56:5c:ab:1c:47: 5a:03:5f:cd:87:4a:90:09:84:0d:dc:cc:10:68:7b:e2:76:27: 75:1c:cd:83:3f:d2:82:bd:83:9a:33:52:f5:ba:1e:e6:17:39: b8:55:8e:57:40:87:22:df:09:6b:84:e5:b2:d7:e0:bf:ee:f3: f8:a2:d7:0d:47:cb:cc:16:24:57:43:c8:e0:1f:ee:77:50:89: 75:07:58:41:e6:04:5d:e8:c0:0c:52:6b:83:f8:62:6b:d4:f3: 18:aa:0d:e6:1d:00:e2:6e:e0:67:d6:7c:87:87:ae:de:f1:19: e0:81:47:0a:0d:c2:3b:6e:25:6b:6d:af:38:da:f5:07:59:d6: 22:68:6d:e3:dd:fc:c1:0a:ba:b8:b5:1c:0b:7c:da:0e:ef:15: 7d:3c:7e:55:9d:79:8e:aa:33:cf:1f:cd:fb:59:5a:02:33:5c: 07:54:3c:1d:9b:31:ee:f8:f5:82:68:9d:bc:92:40:97:53:ab: e6:de:9c:68:2c:1e:7d:b8:cf:c4:e2:15:70:d7:cf:1f:cd:fa: 8d:e3:ce:83 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUVL6tXOYukjsqCZvONHZ6jK901j8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMjEzMVoX DTI3MDUwMjAxMjYzMVowMzExMC8GA1UEAxMoNDBFNDRBQzQ0QjRDM0EzMUJGNkFE RDZBNDNFRDQ0RkVFMDVFNjNDRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKdvajYYSjoJ0H3beE1hRm1drZYQzA6uLWg9wDZ4wTCfZVfRSG7ICAAyA1A9 JAVjRbML+gzAAZNTmq4XexBvpvLlh/btnxO1UkLWm+adpIUowWUSpGBPCBtqjip7 73D4xUOWZXGmomAgXWgoupvGgyKiCeoCQt5HzS5cmZ6/3xae0c0irwHq/jz5QRMJ 9KEl9n2/ji6e+L4qKQmAfS2TT2fBNhdHmwLxtgYTXGIPjE15qS70eYUX/3ly4mDP eaKhlylCmpuCBWh1/Blz23yu76bVOPW7XCRw9G5ig/XiIYeZXATCD3cKfW84owkl E9W3g/cVLLkBwA8PIIE6i1SciH0CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEDkSsRLTDoxv2rdakPtRP7gXmPNMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv Lzk4YzRiYTEyLTYzYmItNDU1MC1hYzBmLTUzZjA4YzQ2MzUxMS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby85OGM0YmEx Mi02M2JiLTQ1NTAtYWMwZi01M2YwOGM0NjM1MTEvMC80MEU0NEFDNDRCNEMzQTMx QkY2QURENkE0M0VENDRGRUUwNUU2M0NELm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ62FMA0GCSqGSIb3DQEBCwUAA4IBAQB6EjQREAbSganjejssSfV+5cbCxke6 0tzCIwuT2RbOerC2tMaMBzVRwjYkvcEs6zMNVlyrHEdaA1/Nh0qQCYQN3MwQaHvi did1HM2DP9KCvYOaM1L1uh7mFzm4VY5XQIci3wlrhOWy1+C/7vP4otcNR8vMFiRX Q8jgH+53UIl1B1hB5gRd6MAMUmuD+GJr1PMYqg3mHQDibuBn1nyHh67e8RnggUcK DcI7biVrba842vUHWdYiaG3j3fzBCrq4tRwLfNoO7xV9PH5VnXmOqjPPH837WVoC M1wHVDwdmzHu+PWCaJ28kkCXU6vm3pxoLB59uM/E4hVw188fzfqN486D -----END CERTIFICATE-----Generated at Tue May 12 22:47:33 2026 by rpki-client