$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/42955E8C3DC21355BF059E242A225C672E72495D.cer File: 42955E8C3DC21355BF059E242A225C672E72495D.cer (raw, json) Hash identifier: nXgR/AdZp4z9BER+GTCpmgFxLSyVsRZlm/g3dOtNC/M= Subject key identifier: 42:95:5E:8C:3D:C2:13:55:BF:05:9E:24:2A:22:5C:67:2E:72:49:5D Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 6E008E67B0B6E93716C99FA1ED0ED3C823FA05EC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/1127eafd-a674-4437-abf1-e550dec137fa/0/42955E8C3DC21355BF059E242A225C672E72495D.mft caRepository: rsync://rpki-rsync.idnic.net/repo/1127eafd-a674-4437-abf1-e550dec137fa/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:50:24 +0000 Certificate not after: Sat 01 May 2027 23:55:24 +0000 Subordinate resources: IP: 103.111.140.0/22 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:00:8e:67:b0:b6:e9:37:16:c9:9f:a1:ed:0e:d3:c8:23:fa:05:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:50:24 2026 GMT Not After : May 1 23:55:24 2027 GMT Subject: CN=42955E8C3DC21355BF059E242A225C672E72495D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:58:4a:49:2e:98:d7:2a:73:c0:b0:0f:cb:ae: 81:c9:54:2a:a3:a2:28:b2:0b:b5:b6:80:83:c4:08: b8:d9:97:bf:f4:88:56:d2:b0:60:d7:d3:99:20:7d: c8:2a:25:d9:9d:12:85:bd:ad:92:12:c7:dd:91:9c: 93:b0:9f:ae:35:76:49:16:b4:cd:1b:50:f9:ff:3a: 53:4b:fb:2c:13:81:31:85:ee:a9:7d:af:c3:9d:d7: ee:9d:67:69:c3:9a:f4:51:15:d7:54:52:e8:a6:03: e3:3e:a5:d5:d7:43:ff:bc:21:5c:74:da:44:a9:8d: 3a:b3:99:ed:ad:60:8b:a8:1f:04:7a:de:a2:70:eb: f2:40:bd:0e:db:e4:86:92:83:f3:73:8e:54:54:b7: 25:a7:2b:e7:10:12:75:12:14:21:05:67:e9:8f:73: c6:bc:74:15:dc:8d:73:f0:ac:a3:06:82:9a:1d:86: 0e:7d:45:e9:9e:f3:e3:45:c9:8a:2d:b0:f1:45:a5: cf:cd:55:6d:ad:21:ba:af:93:cc:1e:7f:57:be:cf: d5:5b:86:83:e5:da:85:da:c1:de:62:15:4f:69:e2: 4d:b7:dc:34:a3:18:6a:54:69:cd:3f:bc:21:d8:4a: 09:e7:d8:b7:e8:2f:db:d7:06:4c:c8:2d:40:97:67: c3:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 42:95:5E:8C:3D:C2:13:55:BF:05:9E:24:2A:22:5C:67:2E:72:49:5D X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/1127eafd-a674-4437-abf1-e550dec137fa/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/1127eafd-a674-4437-abf1-e550dec137fa/0/42955E8C3DC21355BF059E242A225C672E72495D.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.111.140.0/22 Signature Algorithm: sha256WithRSAEncryption 2b:dc:7e:83:93:f2:e3:5e:11:ec:eb:be:a7:b4:56:d2:3a:b3: cd:12:ab:55:66:5d:26:0d:18:e0:d5:33:fe:f1:e5:92:25:48: 31:c6:d4:89:07:4a:9c:6c:92:1d:f4:13:67:d9:b6:25:1d:0d: f4:cd:db:6b:fd:dc:25:0d:11:fe:05:74:e2:6a:30:5d:8f:a4: 46:d3:4a:d6:2a:7d:3d:6e:51:a1:07:ec:c8:e0:13:02:5b:cc: b6:29:81:33:5c:13:a0:39:18:05:0b:70:3d:ae:12:a4:9e:4a: eb:10:46:4f:7a:b5:01:bb:ff:0c:0d:16:f5:0e:43:69:80:23: ce:0b:08:fe:bb:51:57:e6:df:f4:92:c2:f1:71:5b:e0:34:08: a2:cd:bd:c1:9d:87:ff:65:f6:76:bf:c1:a5:b7:2c:ed:56:fa: 69:52:1e:b3:6c:20:7f:9b:ff:66:45:0b:e8:ab:40:06:9d:c9: 9a:b0:56:c3:5a:72:3b:77:48:5a:72:0b:c8:4d:2f:84:4c:fd: 81:28:b2:31:d3:0a:01:03:5a:ab:15:6f:de:dd:39:aa:39:7c: 68:8c:c1:f5:21:1d:4e:3e:bd:06:15:71:a9:19:7c:bc:ad:5d: a7:ad:9d:26:6d:58:74:1e:d5:c2:ff:4d:57:cd:ab:71:92:66: 70:33:de:c9 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUbgCOZ7C26TcWyZ+h7Q7TyCP6BewwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNTAyNFoX DTI3MDUwMTIzNTUyNFowMzExMC8GA1UEAxMoNDI5NTVFOEMzREMyMTM1NUJGMDU5 RTI0MkEyMjVDNjcyRTcyNDk1RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALxYSkkumNcqc8CwD8uugclUKqOiKLILtbaAg8QIuNmXv/SIVtKwYNfTmSB9 yCol2Z0Shb2tkhLH3ZGck7CfrjV2SRa0zRtQ+f86U0v7LBOBMYXuqX2vw53X7p1n acOa9FEV11RS6KYD4z6l1ddD/7whXHTaRKmNOrOZ7a1gi6gfBHreonDr8kC9Dtvk hpKD83OOVFS3Jacr5xASdRIUIQVn6Y9zxrx0FdyNc/CsowaCmh2GDn1F6Z7z40XJ ii2w8UWlz81Vba0huq+TzB5/V77P1VuGg+XahdrB3mIVT2niTbfcNKMYalRpzT+8 IdhKCefYt+gv29cGTMgtQJdnw/kCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEKVXow9whNVvwWeJCoiXGcuckldMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzExMjdlYWZkLWE2NzQtNDQzNy1hYmYxLWU1NTBkZWMxMzdmYS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8xMTI3ZWFm ZC1hNjc0LTQ0MzctYWJmMS1lNTUwZGVjMTM3ZmEvMC80Mjk1NUU4QzNEQzIxMzU1 QkYwNTlFMjQyQTIyNUM2NzJFNzI0OTVELm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ2+MMA0GCSqGSIb3DQEBCwUAA4IBAQAr3H6Dk/LjXhHs676ntFbSOrPNEqtV Zl0mDRjg1TP+8eWSJUgxxtSJB0qcbJId9BNn2bYlHQ30zdtr/dwlDRH+BXTiajBd j6RG00rWKn09blGhB+zI4BMCW8y2KYEzXBOgORgFC3A9rhKknkrrEEZPerUBu/8M DRb1DkNpgCPOCwj+u1FX5t/0ksLxcVvgNAiizb3BnYf/ZfZ2v8GltyztVvppUh6z bCB/m/9mRQvoq0AGncmasFbDWnI7d0hacgvITS+ETP2BKLIx0woBA1qrFW/e3Tmq OXxojMH1IR1OPr0GFXGpGXy8rV2nrZ0mbVh0HtXC/01XzatxkmZwM97J -----END CERTIFICATE-----Generated at Tue May 12 22:15:47 2026 by rpki-client