$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/41D7B39458C9984F5AC12CC82AF91244F8E3CAC1.cer File: 41D7B39458C9984F5AC12CC82AF91244F8E3CAC1.cer (raw, json) Hash identifier: fUCWRyjrUYeTZUFeQNoFasmPGLPVVLzifYkRgH8XxLQ= Subject key identifier: 41:D7:B3:94:58:C9:98:4F:5A:C1:2C:C8:2A:F9:12:44:F8:E3:CA:C1 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 097597670E260967D817F6A17CE38168EF9FB801 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/0de2d090-4766-475c-9cef-7beb585cf241/1/41D7B39458C9984F5AC12CC82AF91244F8E3CAC1.mft caRepository: rsync://rpki-rsync.idnic.net/repo/0de2d090-4766-475c-9cef-7beb585cf241/1/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:47:52 +0000 Certificate not after: Sat 01 May 2027 23:52:52 +0000 Subordinate resources: IP: 2001:df3:da40::/48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:75:97:67:0e:26:09:67:d8:17:f6:a1:7c:e3:81:68:ef:9f:b8:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:47:52 2026 GMT Not After : May 1 23:52:52 2027 GMT Subject: CN=41D7B39458C9984F5AC12CC82AF91244F8E3CAC1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:e7:00:ce:ab:fa:4f:32:7c:d4:ec:48:cf:a3: bb:2e:26:4e:6e:5a:3c:fe:cb:b8:2e:03:85:1e:46: 4c:86:e7:4c:e7:73:0c:d9:ca:35:34:39:71:1d:d2: fd:53:c7:62:ad:94:9d:be:31:ab:ac:f0:81:a9:83: 28:44:ca:7d:d8:30:11:09:66:2e:3c:81:97:df:a9: 32:e3:e6:f6:e3:b5:4c:94:04:4f:78:9b:7e:04:73: 31:00:50:ac:7c:2e:bd:15:15:ee:a1:05:84:01:fe: df:10:dc:ff:3e:51:cc:e0:54:d0:23:2a:6b:a9:cd: 34:99:1f:37:59:f7:67:12:08:29:ef:1b:ae:95:5f: c5:81:fa:95:e6:76:c5:5e:6d:95:a4:46:4a:19:5e: 4d:19:4c:74:15:85:2c:18:1a:0d:56:2b:d1:04:2d: 5b:10:be:37:81:87:bb:48:fd:e4:ca:c4:03:2b:fe: 7b:c5:a4:b2:1b:48:7d:0a:b7:96:2f:54:34:cf:30: e5:1e:b0:a3:2c:c4:d9:f7:7f:e7:48:14:93:50:19: 83:97:8e:ce:a7:f3:e2:f2:83:a9:48:c7:0d:16:71: 56:9b:35:be:82:ed:25:28:46:a4:e0:66:83:a3:2e: 05:2c:ca:c8:22:39:15:0b:b7:a1:c1:96:b7:1e:ad: ad:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 41:D7:B3:94:58:C9:98:4F:5A:C1:2C:C8:2A:F9:12:44:F8:E3:CA:C1 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/0de2d090-4766-475c-9cef-7beb585cf241/1/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/0de2d090-4766-475c-9cef-7beb585cf241/1/41D7B39458C9984F5AC12CC82AF91244F8E3CAC1.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:da40::/48 Signature Algorithm: sha256WithRSAEncryption 7e:1c:86:68:90:eb:bf:f5:95:e4:99:cc:58:a3:fa:6b:7a:f8: 60:26:f2:3f:19:18:ac:23:7b:3d:12:88:74:f5:eb:94:a6:5c: 03:a8:05:8b:d5:11:00:6e:fd:1a:f9:9c:e7:1d:fb:8e:b9:af: 06:9d:ee:bb:d4:17:9e:60:c6:34:31:7a:e8:01:0e:92:2b:47: 4b:c0:0f:2d:27:ab:b3:1b:49:3f:c9:57:ee:43:0f:4d:5e:87: 23:f0:82:27:37:94:c3:5a:30:c8:d2:15:87:f9:5f:70:6d:b5: b7:ed:52:96:76:c6:75:5c:ca:dd:86:c6:a0:a3:79:42:da:ac: a6:67:15:db:dc:da:af:62:cb:e3:f4:59:d8:94:38:f3:61:e4: ae:d8:49:57:f5:0e:bc:86:1b:f6:fd:c2:22:5b:43:0a:8c:46: fe:dc:f2:63:07:a9:f5:18:ce:25:f1:02:47:c9:33:d0:43:bb: 55:37:92:27:c8:3c:31:f3:8a:6d:c8:40:58:56:f0:1e:75:24: ff:ab:e3:75:1e:4b:6d:2a:5d:8d:0d:f5:7f:b7:ce:96:57:81: 10:a7:57:59:9b:d8:98:1b:e1:70:67:ed:81:84:91:ed:b2:a1: ee:76:e7:47:5e:0d:67:37:b8:b4:29:42:7d:54:85:bb:2a:6d: ba:e4:90:6f -----BEGIN CERTIFICATE----- MIIFyTCCBLGgAwIBAgIUCXWXZw4mCWfYF/ahfOOBaO+fuAEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNDc1MloX DTI3MDUwMTIzNTI1MlowMzExMC8GA1UEAxMoNDFEN0IzOTQ1OEM5OTg0RjVBQzEy Q0M4MkFGOTEyNDRGOEUzQ0FDMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL/nAM6r+k8yfNTsSM+juy4mTm5aPP7LuC4DhR5GTIbnTOdzDNnKNTQ5cR3S /VPHYq2Unb4xq6zwgamDKETKfdgwEQlmLjyBl9+pMuPm9uO1TJQET3ibfgRzMQBQ rHwuvRUV7qEFhAH+3xDc/z5RzOBU0CMqa6nNNJkfN1n3ZxIIKe8brpVfxYH6leZ2 xV5tlaRGShleTRlMdBWFLBgaDVYr0QQtWxC+N4GHu0j95MrEAyv+e8WkshtIfQq3 li9UNM8w5R6woyzE2fd/50gUk1AZg5eOzqfz4vKDqUjHDRZxVps1voLtJShGpOBm g6MuBSzKyCI5FQu3ocGWtx6trWsCAwEAAaOCArwwggK4MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEHXs5RYyZhPWsEsyCr5EkT448rBMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzBkZTJkMDkwLTQ3NjYtNDc1Yy05Y2VmLTdiZWI1ODVjZjI0MS8xLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8wZGUyZDA5 MC00NzY2LTQ3NWMtOWNlZi03YmViNTg1Y2YyNDEvMS80MUQ3QjM5NDU4Qzk5ODRG NUFDMTJDQzgyQUY5MTI0NEY4RTNDQUMxLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAIAEN89pAMA0GCSqGSIb3DQEBCwUAA4IBAQB+HIZokOu/9ZXkmcxYo/prevhg JvI/GRisI3s9Eoh09euUplwDqAWL1REAbv0a+ZznHfuOua8Gne671BeeYMY0MXro AQ6SK0dLwA8tJ6uzG0k/yVfuQw9NXocj8IInN5TDWjDI0hWH+V9wbbW37VKWdsZ1 XMrdhsago3lC2qymZxXb3NqvYsvj9FnYlDjzYeSu2ElX9Q68hhv2/cIiW0MKjEb+ 3PJjB6n1GM4l8QJHyTPQQ7tVN5InyDwx84ptyEBYVvAedST/q+N1HkttKl2NDfV/ t86WV4EQp1dZm9iYG+FwZ+2BhJHtsqHududHXg1nN7i0KUJ9VIW7Km265JBv -----END CERTIFICATE-----Generated at Tue May 12 22:45:31 2026 by rpki-client