$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/41FE67823F5358EF3D5F9B4F04FBCBA9560D38ED.cer File: 41FE67823F5358EF3D5F9B4F04FBCBA9560D38ED.cer (raw, json) Hash identifier: Mc4OyDRqOzrKx/T1dTkS1+YrD+w3cQOY4UfSgU0Yr3M= Subject key identifier: 41:FE:67:82:3F:53:58:EF:3D:5F:9B:4F:04:FB:CB:A9:56:0D:38:ED Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 6A6F76C48A2C4E1600CB8FB8CEEDB3011D30D270 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/d3ec2cb6-35ad-4101-982e-2e34d566efda/0/41FE67823F5358EF3D5F9B4F04FBCBA9560D38ED.mft caRepository: rsync://rpki-rsync.idnic.net/repo/d3ec2cb6-35ad-4101-982e-2e34d566efda/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:58:52 +0000 Certificate not after: Sun 02 May 2027 02:03:52 +0000 Subordinate resources: IP: 103.172.194.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:6f:76:c4:8a:2c:4e:16:00:cb:8f:b8:ce:ed:b3:01:1d:30:d2:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:58:52 2026 GMT Not After : May 2 02:03:52 2027 GMT Subject: CN=41FE67823F5358EF3D5F9B4F04FBCBA9560D38ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:b6:d1:f4:55:fa:66:6d:d9:e0:ec:2d:94:c6: 52:d0:5b:75:bc:84:9f:35:f3:fb:d6:4e:5a:e2:3e: 3f:56:8c:f2:f8:cc:29:e2:5b:e3:b5:a0:4a:fe:4f: 47:3a:ba:8f:58:a6:26:f2:82:96:1d:0c:51:1b:0b: 34:25:31:30:d4:31:8f:06:9f:00:48:ff:d2:b0:dd: b4:3c:fd:bd:4a:fe:c6:bc:5b:ab:dd:22:5d:21:a1: f5:e9:0d:55:3d:09:a4:a6:ab:c3:59:6f:8a:ad:7d: a6:30:ef:87:e3:4b:21:90:e5:96:00:e6:cf:cf:bd: 66:bc:43:5e:82:56:c1:0f:59:76:fb:cf:76:bc:7b: 4c:50:8e:8a:83:b3:76:1d:63:7e:34:78:3a:3f:24: e9:34:1c:96:32:02:63:97:cc:35:33:42:9c:24:2a: 84:b4:b7:39:83:dd:47:5f:87:7e:50:72:d5:91:92: 80:d2:b9:1e:65:d7:41:2f:b3:5c:79:72:6a:a0:f9: c0:1e:3a:f1:55:f1:bf:b6:ae:8c:12:af:a4:c6:da: 0a:57:33:d3:4c:a4:d0:df:4b:3f:92:eb:d4:8d:e7: 8b:9d:e1:66:9a:bb:52:be:0d:8a:95:69:33:e7:74: c4:1a:bf:97:bf:66:71:1e:94:b8:c6:94:41:78:f2: 1d:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 41:FE:67:82:3F:53:58:EF:3D:5F:9B:4F:04:FB:CB:A9:56:0D:38:ED X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/d3ec2cb6-35ad-4101-982e-2e34d566efda/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/d3ec2cb6-35ad-4101-982e-2e34d566efda/0/41FE67823F5358EF3D5F9B4F04FBCBA9560D38ED.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.172.194.0/23 Signature Algorithm: sha256WithRSAEncryption 71:5d:7c:f3:20:8a:98:d1:69:6c:85:fa:76:c3:2f:de:73:37: 02:cf:cf:39:3d:71:2e:82:08:a6:a4:22:3e:76:7b:81:64:21: 52:40:2b:c1:09:4a:45:d6:63:75:10:b2:91:9b:a7:a1:99:3b: 8a:48:ad:ff:87:da:76:d1:50:de:a3:42:5e:07:53:9e:ca:cb: d0:11:f0:ac:f4:64:c8:97:56:b4:24:ae:61:6a:a5:48:78:21: 9f:15:ff:2e:08:a9:da:40:c9:0d:30:b3:ed:3b:b4:e7:ab:73: c7:f6:1f:d4:95:42:68:cc:06:94:09:bb:5d:7f:8a:70:67:55: 61:c8:4b:c5:59:4d:ee:d0:43:b8:c9:fd:e8:2a:e3:ed:98:20: 2a:1a:fa:1a:66:18:fc:a5:e8:22:53:91:09:81:3f:8b:67:06: 0e:4f:49:c8:4f:b3:2f:65:1d:69:51:f2:6d:01:74:58:eb:ce: db:57:11:11:63:24:d9:f8:0d:18:b7:75:d0:06:ad:b3:26:0a: 22:1f:42:60:07:d2:7d:9e:fd:d5:89:1c:ad:92:dd:40:67:c1: f1:9b:c9:b1:b9:1b:08:29:c4:d0:0a:b0:53:1d:ac:d0:a8:68: 56:27:f0:27:a2:00:cb:3d:37:51:37:70:d2:0b:94:07:7a:32: 88:69:86:95 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUam92xIosThYAy4+4zu2zAR0w0nAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxNTg1MloX DTI3MDUwMjAyMDM1MlowMzExMC8GA1UEAxMoNDFGRTY3ODIzRjUzNThFRjNENUY5 QjRGMDRGQkNCQTk1NjBEMzhFRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANm20fRV+mZt2eDsLZTGUtBbdbyEnzXz+9ZOWuI+P1aM8vjMKeJb47WgSv5P Rzq6j1imJvKClh0MURsLNCUxMNQxjwafAEj/0rDdtDz9vUr+xrxbq90iXSGh9ekN VT0JpKarw1lviq19pjDvh+NLIZDllgDmz8+9ZrxDXoJWwQ9ZdvvPdrx7TFCOioOz dh1jfjR4Oj8k6TQcljICY5fMNTNCnCQqhLS3OYPdR1+HflBy1ZGSgNK5HmXXQS+z XHlyaqD5wB468VXxv7aujBKvpMbaClcz00yk0N9LP5Lr1I3ni53hZpq7Ur4NipVp M+d0xBq/l79mcR6UuMaUQXjyHeMCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEH+Z4I/U1jvPV+bTwT7y6lWDTjtMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2QzZWMyY2I2LTM1YWQtNDEwMS05ODJlLTJlMzRkNTY2ZWZkYS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9kM2VjMmNi Ni0zNWFkLTQxMDEtOTgyZS0yZTM0ZDU2NmVmZGEvMC80MUZFNjc4MjNGNTM1OEVG M0Q1RjlCNEYwNEZCQ0JBOTU2MEQzOEVELm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6zCMA0GCSqGSIb3DQEBCwUAA4IBAQBxXXzzIIqY0Wlshfp2wy/eczcCz885 PXEuggimpCI+dnuBZCFSQCvBCUpF1mN1ELKRm6ehmTuKSK3/h9p20VDeo0JeB1Oe ysvQEfCs9GTIl1a0JK5haqVIeCGfFf8uCKnaQMkNMLPtO7Tnq3PH9h/UlUJozAaU Cbtdf4pwZ1VhyEvFWU3u0EO4yf3oKuPtmCAqGvoaZhj8pegiU5EJgT+LZwYOT0nI T7MvZR1pUfJtAXRY687bVxERYyTZ+A0Yt3XQBq2zJgoiH0JgB9J9nv3ViRytkt1A Z8Hxm8mxuRsIKcTQCrBTHazQqGhWJ/AnogDLPTdRN3DSC5QHejKIaYaV -----END CERTIFICATE-----Generated at Tue May 12 22:46:09 2026 by rpki-client