$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/41C0A6F73734FFB0C7D997701A62B4DFA1BAB43A.cer File: 41C0A6F73734FFB0C7D997701A62B4DFA1BAB43A.cer (raw, json) Hash identifier: aE/3roBu5YySOV+lJnRtB5RMpqAcvboHmoVAxY5zKyw= Subject key identifier: 41:C0:A6:F7:37:34:FF:B0:C7:D9:97:70:1A:62:B4:DF:A1:BA:B4:3A Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: BA74CAC1093D9EA136480112EAE40445874DB3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/775277e8-7d0f-4184-9c28-a6635efef29c/0/41C0A6F73734FFB0C7D997701A62B4DFA1BAB43A.mft caRepository: rsync://rpki-rsync.idnic.net/repo/775277e8-7d0f-4184-9c28-a6635efef29c/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:59:26 +0000 Certificate not after: Sun 02 May 2027 01:04:26 +0000 Subordinate resources: IP: 103.41.248.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: ba:74:ca:c1:09:3d:9e:a1:36:48:01:12:ea:e4:04:45:87:4d:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:59:26 2026 GMT Not After : May 2 01:04:26 2027 GMT Subject: CN=41C0A6F73734FFB0C7D997701A62B4DFA1BAB43A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:6e:77:77:65:bb:7a:e0:56:18:e7:64:e5:97: 99:d1:1d:95:d5:3c:09:27:60:df:8a:bf:fd:f1:e5: ba:99:64:df:46:c8:2c:cb:78:b7:fb:46:c7:09:e8: 16:3f:b5:7d:7b:89:17:a7:db:fe:34:f8:20:24:b1: 0e:e9:e2:6b:9a:4f:81:2f:af:60:55:61:66:c3:a1: d7:81:06:e7:c7:23:10:80:66:39:cf:8f:15:31:84: d2:02:bf:c8:2c:d7:fa:95:19:18:b2:dc:d0:45:10: 01:34:9f:66:ac:6a:5b:ba:e3:0d:92:f6:da:23:e5: 99:6d:d8:44:e4:23:1f:0b:c8:4f:2d:f4:7b:7d:59: 0a:82:0d:c3:51:35:72:8e:93:dc:7d:c7:51:d8:9d: 8d:c1:db:79:3e:e0:6d:1c:99:79:e0:5e:15:12:cb: 6a:22:71:9d:9d:d1:b6:2f:e2:35:87:33:71:44:78: 73:23:4e:bb:b4:6e:3f:6f:7e:f1:9a:21:3a:29:46: bb:94:fd:d8:da:12:2b:d0:98:9c:86:8c:71:55:d8: f8:0b:a5:83:dd:ca:ba:1f:be:e9:bc:a3:b4:95:78: 0b:ce:fa:60:14:87:d0:e6:78:23:61:89:1a:5f:15: 85:8c:12:8e:ae:22:10:49:95:38:84:08:7e:0f:2d: 82:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 41:C0:A6:F7:37:34:FF:B0:C7:D9:97:70:1A:62:B4:DF:A1:BA:B4:3A X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/775277e8-7d0f-4184-9c28-a6635efef29c/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/775277e8-7d0f-4184-9c28-a6635efef29c/0/41C0A6F73734FFB0C7D997701A62B4DFA1BAB43A.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.41.248.0/23 Signature Algorithm: sha256WithRSAEncryption 40:1d:79:4e:dc:1c:21:b8:98:9b:7d:c0:12:29:a8:0e:72:e2: f2:74:ca:8c:0d:f3:21:07:58:1b:ec:ab:33:de:49:82:66:e5: ae:64:51:05:15:d0:e1:f3:e3:0b:68:2e:b2:da:2f:fb:00:5d: c6:82:71:4f:48:41:43:b4:e1:38:62:2a:c1:8c:5b:e8:df:88: d2:ab:eb:f7:03:cd:c0:10:96:5a:73:54:3a:7c:12:0e:88:f7: 03:6a:0d:22:a8:75:9e:ca:4e:01:05:89:a6:49:2f:ee:2d:e2: 26:67:b9:cd:c7:e2:d8:7b:ff:52:62:e8:b5:90:0c:04:fb:4c: 97:a9:14:29:66:49:bf:96:da:0a:49:46:80:93:f9:04:56:39: 71:dd:af:b8:ac:c0:bb:e1:17:40:9d:2b:19:da:20:2a:a6:f5: 04:28:9e:2e:3b:a3:50:eb:a1:b1:a0:bf:53:e2:3c:b0:61:64: f1:68:7b:0d:c2:d9:18:1f:4f:25:1c:ca:73:ad:ba:78:db:d3: 8c:b0:0a:5d:d4:dc:02:b0:bf:00:8c:82:e5:ae:8f:f5:6f:80: b7:70:d7:81:ef:66:cf:06:f0:ea:4f:ea:3f:01:c3:9f:22:d3: 48:32:31:61:7b:22:48:26:51:05:fc:20:dc:f9:bf:32:ea:9b: ef:dc:82:0b -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUALp0ysEJPZ6hNkgBEurkBEWHTbMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwNTkyNloX DTI3MDUwMjAxMDQyNlowMzExMC8GA1UEAxMoNDFDMEE2RjczNzM0RkZCMEM3RDk5 NzcwMUE2MkI0REZBMUJBQjQzQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL5ud3dlu3rgVhjnZOWXmdEdldU8CSdg34q//fHluplk30bILMt4t/tGxwno Fj+1fXuJF6fb/jT4ICSxDunia5pPgS+vYFVhZsOh14EG58cjEIBmOc+PFTGE0gK/ yCzX+pUZGLLc0EUQATSfZqxqW7rjDZL22iPlmW3YROQjHwvITy30e31ZCoINw1E1 co6T3H3HUdidjcHbeT7gbRyZeeBeFRLLaiJxnZ3Rti/iNYczcUR4cyNOu7RuP29+ 8ZohOilGu5T92NoSK9CYnIaMcVXY+Aulg93Kuh++6byjtJV4C876YBSH0OZ4I2GJ Gl8VhYwSjq4iEEmVOIQIfg8tgjECAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEHApvc3NP+wx9mXcBpitN+hurQ6MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv Lzc3NTI3N2U4LTdkMGYtNDE4NC05YzI4LWE2NjM1ZWZlZjI5Yy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby83NzUyNzdl OC03ZDBmLTQxODQtOWMyOC1hNjYzNWVmZWYyOWMvMC80MUMwQTZGNzM3MzRGRkIw QzdEOTk3NzAxQTYyQjRERkExQkFCNDNBLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZyn4MA0GCSqGSIb3DQEBCwUAA4IBAQBAHXlO3BwhuJibfcASKagOcuLydMqM DfMhB1gb7Ksz3kmCZuWuZFEFFdDh8+MLaC6y2i/7AF3GgnFPSEFDtOE4YirBjFvo 34jSq+v3A83AEJZac1Q6fBIOiPcDag0iqHWeyk4BBYmmSS/uLeImZ7nNx+LYe/9S Yui1kAwE+0yXqRQpZkm/ltoKSUaAk/kEVjlx3a+4rMC74RdAnSsZ2iAqpvUEKJ4u O6NQ66GxoL9T4jywYWTxaHsNwtkYH08lHMpzrbp429OMsApd1NwCsL8AjILlro/1 b4C3cNeB72bPBvDqT+o/AcOfItNIMjFheyJIJlEF/CDc+b8y6pvv3IIL -----END CERTIFICATE-----Generated at Tue May 12 22:04:10 2026 by rpki-client