$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/4138E0AD4646D8B5B19164813105E2EC7C5AC4A5.cer File: 4138E0AD4646D8B5B19164813105E2EC7C5AC4A5.cer (raw, json) Hash identifier: e9okU2CUriIlWRKUK2zHWwasHi08ALSchAdWoqrzkTE= Subject key identifier: 41:38:E0:AD:46:46:D8:B5:B1:91:64:81:31:05:E2:EC:7C:5A:C4:A5 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2A75852293C8B7B228A65705E2604EBF543E187B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/cde71437-85fc-47af-9687-903bafb2c161/0/4138E0AD4646D8B5B19164813105E2EC7C5AC4A5.mft caRepository: rsync://rpki-rsync.idnic.net/repo/cde71437-85fc-47af-9687-903bafb2c161/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:55:26 +0000 Certificate not after: Sun 02 May 2027 02:00:26 +0000 Subordinate resources: IP: 103.214.236.0/22 IP: 2404:cd80::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:75:85:22:93:c8:b7:b2:28:a6:57:05:e2:60:4e:bf:54:3e:18:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:55:26 2026 GMT Not After : May 2 02:00:26 2027 GMT Subject: CN=4138E0AD4646D8B5B19164813105E2EC7C5AC4A5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:18:c2:74:b3:d4:41:a3:d4:b3:a6:c7:8b:9d: 5c:5c:71:2e:4b:4a:3f:d0:8f:60:61:66:ab:0f:c3: c6:e7:f4:f3:e8:ae:48:67:06:5f:0c:25:a5:1f:1c: 02:91:05:d0:cf:ca:05:ed:09:e3:77:a3:0b:73:3d: 40:fe:4b:5d:63:c7:10:e1:e0:69:4f:94:5c:09:26: 4d:e3:41:34:58:0a:d1:4a:70:ee:24:e6:fd:d8:03: 72:37:db:42:f1:09:ec:1b:7f:37:66:ad:b2:95:0f: c6:f3:71:f5:e4:b8:71:2c:a4:9a:16:8c:4f:ce:81: 43:a2:01:67:4b:77:61:56:79:1e:f4:9e:12:7a:0e: 0c:1d:e0:d5:ca:de:9d:a7:c7:b9:4a:6e:a1:06:aa: 69:c6:78:b1:dc:ad:9f:f4:74:59:3b:d0:26:25:22: 03:e6:cf:7d:3f:0e:31:14:13:59:39:d7:86:fd:f0: 99:ff:6d:23:3f:b0:5b:75:b9:3d:df:da:e8:c5:a9: 3f:1e:1d:5e:65:d5:23:02:49:4c:be:81:35:8d:a0: 52:e1:98:ee:8a:79:9c:f2:bc:05:a4:88:fe:3e:0d: 47:31:ce:6e:2c:c5:46:92:1d:e2:b9:47:bc:00:9f: 3b:88:d0:d4:65:44:0e:95:d6:cd:45:f4:e5:a9:0d: 69:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 41:38:E0:AD:46:46:D8:B5:B1:91:64:81:31:05:E2:EC:7C:5A:C4:A5 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/cde71437-85fc-47af-9687-903bafb2c161/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/cde71437-85fc-47af-9687-903bafb2c161/0/4138E0AD4646D8B5B19164813105E2EC7C5AC4A5.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.214.236.0/22 IPv6: 2404:cd80::/32 Signature Algorithm: sha256WithRSAEncryption a2:cd:c2:3d:c3:ed:c4:45:e6:7b:c9:94:45:91:73:0c:9c:64: dd:09:2d:10:bf:6e:8f:6d:84:5a:f1:cd:98:bc:19:7b:b1:57: 7c:d8:cb:27:e9:63:5e:80:e7:b2:21:3a:8e:82:a0:63:a5:63: 7f:35:50:db:63:03:5d:e3:5f:00:63:9b:70:52:f9:11:6f:de: e6:06:ba:74:22:56:1b:80:fb:c1:36:7f:4c:ff:7e:b8:18:35: 23:5d:94:d4:4a:bb:d6:37:0a:a3:82:5b:54:42:cc:1f:87:62: 0a:5f:ec:b7:79:fa:f0:b6:d6:94:43:3d:5e:39:9a:47:e4:57: d2:9f:91:80:ce:88:9a:fa:ed:c8:b3:28:6d:aa:ca:76:eb:71: 41:13:5a:0b:1d:9a:38:04:4e:d8:26:d9:4e:5e:fd:93:ad:cc: 97:ac:4b:29:77:da:32:28:89:e1:44:1f:90:37:24:f9:5c:f3: d5:6d:d7:b6:0e:4b:15:f2:80:4f:62:c8:fb:2b:4d:fc:3a:71: fc:5e:74:54:24:48:bd:28:73:9b:59:19:b6:3b:65:15:2b:84: eb:3c:ae:f2:11:fc:43:67:b0:2d:a9:e0:f4:81:29:fd:ec:ea: 5d:b7:3f:01:f3:af:d7:e9:98:3d:cc:ef:c3:5c:88:d8:8c:c9: a1:69:a1:bd -----BEGIN CERTIFICATE----- MIIF1TCCBL2gAwIBAgIUKnWFIpPIt7IoplcF4mBOv1Q+GHswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxNTUyNloX DTI3MDUwMjAyMDAyNlowMzExMC8GA1UEAxMoNDEzOEUwQUQ0NjQ2RDhCNUIxOTE2 NDgxMzEwNUUyRUM3QzVBQzRBNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJAYwnSz1EGj1LOmx4udXFxxLktKP9CPYGFmqw/Dxuf08+iuSGcGXwwlpR8c ApEF0M/KBe0J43ejC3M9QP5LXWPHEOHgaU+UXAkmTeNBNFgK0Upw7iTm/dgDcjfb QvEJ7Bt/N2atspUPxvNx9eS4cSykmhaMT86BQ6IBZ0t3YVZ5HvSeEnoODB3g1cre nafHuUpuoQaqacZ4sdytn/R0WTvQJiUiA+bPfT8OMRQTWTnXhv3wmf9tIz+wW3W5 Pd/a6MWpPx4dXmXVIwJJTL6BNY2gUuGY7op5nPK8BaSI/j4NRzHObizFRpId4rlH vACfO4jQ1GVEDpXWzUX05akNaRsCAwEAAaOCAsgwggLEMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEE44K1GRti1sZFkgTEF4ux8WsSlMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2NkZTcxNDM3LTg1ZmMtNDdhZi05Njg3LTkwM2JhZmIyYzE2MS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9jZGU3MTQz Ny04NWZjLTQ3YWYtOTY4Ny05MDNiYWZiMmMxNjEvMC80MTM4RTBBRDQ2NDZEOEI1 QjE5MTY0ODEzMTA1RTJFQzdDNUFDNEE1Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAG AwQCZ9bsMA0EAgACMAcDBQAkBM2AMA0GCSqGSIb3DQEBCwUAA4IBAQCizcI9w+3E ReZ7yZRFkXMMnGTdCS0Qv26PbYRa8c2YvBl7sVd82Msn6WNegOeyITqOgqBjpWN/ NVDbYwNd418AY5twUvkRb97mBrp0IlYbgPvBNn9M/364GDUjXZTUSrvWNwqjgltU Qswfh2IKX+y3efrwttaUQz1eOZpH5FfSn5GAzoia+u3Isyhtqsp263FBE1oLHZo4 BE7YJtlOXv2TrcyXrEspd9oyKInhRB+QNyT5XPPVbde2DksV8oBPYsj7K038OnH8 XnRUJEi9KHObWRm2O2UVK4TrPK7yEfxDZ7AtqeD0gSn97Opdtz8B86/X6Zg9zO/D XIjYjMmhaaG9 -----END CERTIFICATE-----Generated at Tue May 12 22:02:49 2026 by rpki-client