$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/43B5BF293BDB4062E9E17D8A7FF9D7ADAA4C5739.cer File: 43B5BF293BDB4062E9E17D8A7FF9D7ADAA4C5739.cer (raw, json) Hash identifier: s/BjKZWAa+fDkNKyVL3ehJiEUm94XfWH9EFOLsGVYT0= Subject key identifier: 43:B5:BF:29:3B:DB:40:62:E9:E1:7D:8A:7F:F9:D7:AD:AA:4C:57:39 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 363F7C10752D889DA94930923161C5682E25A1B7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/09a88897-c387-4735-acd8-1d1c53cde264/0/43B5BF293BDB4062E9E17D8A7FF9D7ADAA4C5739.mft caRepository: rsync://rpki-rsync.idnic.net/repo/09a88897-c387-4735-acd8-1d1c53cde264/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:46:10 +0000 Certificate not after: Sat 01 May 2027 23:51:10 +0000 Subordinate resources: IP: 103.179.86.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:3f:7c:10:75:2d:88:9d:a9:49:30:92:31:61:c5:68:2e:25:a1:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:46:10 2026 GMT Not After : May 1 23:51:10 2027 GMT Subject: CN=43B5BF293BDB4062E9E17D8A7FF9D7ADAA4C5739 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:5e:5b:f6:8f:01:ea:55:32:9c:9e:28:28:2c: 68:0d:13:30:90:f8:64:79:fb:c2:d3:58:3f:1e:71: ae:0f:97:73:5f:83:84:38:5b:62:d4:47:36:7a:ad: e6:ef:cb:cd:73:10:a1:b5:88:d0:ac:38:ba:37:0a: d1:95:fc:1b:50:93:03:d0:b6:e3:09:9d:44:82:6d: 86:86:59:0d:ff:c5:95:cd:ed:45:35:4c:a0:77:c8: 00:64:b4:f0:31:6e:ea:52:e0:df:d3:4d:10:4d:a4: ee:2b:76:f4:5a:f6:95:53:9b:9f:6d:f0:ce:5b:a1: 4e:86:bd:ad:a9:81:db:37:0e:88:44:f0:88:52:d1: 41:0f:0f:5d:48:22:8f:56:18:85:19:2e:7c:d7:31: fa:44:19:83:18:9b:97:df:1b:71:5f:f6:ff:e4:6d: 06:5f:14:5f:2b:de:cb:a5:08:59:10:02:54:00:1b: 2b:54:24:d4:23:ed:c9:86:e2:ac:bf:11:75:c6:95: 06:f6:a6:fc:f2:12:1e:68:c0:48:21:75:f4:00:41: 75:b7:90:1f:55:85:e0:5d:0b:5c:d3:30:56:0b:97: c7:35:a4:92:d9:21:dd:8d:4d:ff:cb:f8:b6:8c:d3: d7:88:16:12:bb:22:a0:74:63:45:2a:58:15:8f:f0: d0:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 43:B5:BF:29:3B:DB:40:62:E9:E1:7D:8A:7F:F9:D7:AD:AA:4C:57:39 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/09a88897-c387-4735-acd8-1d1c53cde264/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/09a88897-c387-4735-acd8-1d1c53cde264/0/43B5BF293BDB4062E9E17D8A7FF9D7ADAA4C5739.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.179.86.0/23 Signature Algorithm: sha256WithRSAEncryption 6f:d9:9f:f0:29:da:18:59:09:dc:cd:74:cb:c7:df:96:f5:0b: 69:d4:18:fa:f5:da:c4:5a:60:b4:86:ba:9f:16:6f:29:39:84: c0:a1:a5:a8:44:45:1d:ff:67:68:b6:dc:33:18:88:ea:37:a5: 3c:a6:c6:55:cd:87:b8:a0:18:c9:95:80:f7:44:77:ed:04:c9: 7e:26:c2:bf:3a:8f:08:7e:62:a0:a9:e2:9a:3e:bd:00:8d:60: 80:5b:55:ce:09:13:d5:df:5a:9e:f8:c6:ef:5e:c3:0b:85:05: 20:58:12:e6:9c:43:65:bd:e6:66:43:ec:d7:cb:7d:cf:bc:1a: 4e:30:18:8f:4b:52:4f:0c:d9:d8:7e:ee:a8:e6:2b:38:45:e0: 01:a9:20:44:09:0e:d7:79:28:99:3c:d9:44:5c:12:4a:8b:ac: b5:ca:49:ea:59:10:55:63:65:10:08:73:4e:5e:9f:3f:5d:e7: 36:06:f7:a1:a0:9a:b4:33:bb:4a:d4:62:85:82:f3:c6:3d:da: ce:3d:71:d1:ec:ad:db:c0:31:11:21:cf:0b:18:4a:bf:3b:80: ce:8a:d0:47:9b:e7:71:44:f3:c9:2b:0a:c6:96:b3:e5:20:2b: b8:96:d3:76:fa:96:aa:d9:e8:ec:09:b7:60:06:71:2e:e7:3a: ed:a7:80:8e -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUNj98EHUtiJ2pSTCSMWHFaC4lobcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNDYxMFoX DTI3MDUwMTIzNTExMFowMzExMC8GA1UEAxMoNDNCNUJGMjkzQkRCNDA2MkU5RTE3 RDhBN0ZGOUQ3QURBQTRDNTczOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL9eW/aPAepVMpyeKCgsaA0TMJD4ZHn7wtNYPx5xrg+Xc1+DhDhbYtRHNnqt 5u/LzXMQobWI0Kw4ujcK0ZX8G1CTA9C24wmdRIJthoZZDf/Flc3tRTVMoHfIAGS0 8DFu6lLg39NNEE2k7it29Fr2lVObn23wzluhToa9ramB2zcOiETwiFLRQQ8PXUgi j1YYhRkufNcx+kQZgxibl98bcV/2/+RtBl8UXyvey6UIWRACVAAbK1Qk1CPtyYbi rL8RdcaVBvam/PISHmjASCF19ABBdbeQH1WF4F0LXNMwVguXxzWkktkh3Y1N/8v4 tozT14gWErsioHRjRSpYFY/w0JsCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEO1vyk720Bi6eF9in/5162qTFc5MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzA5YTg4ODk3LWMzODctNDczNS1hY2Q4LTFkMWM1M2NkZTI2NC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8wOWE4ODg5 Ny1jMzg3LTQ3MzUtYWNkOC0xZDFjNTNjZGUyNjQvMC80M0I1QkYyOTNCREI0MDYy RTlFMTdEOEE3RkY5RDdBREFBNEM1NzM5Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ7NWMA0GCSqGSIb3DQEBCwUAA4IBAQBv2Z/wKdoYWQnczXTLx9+W9Qtp1Bj6 9drEWmC0hrqfFm8pOYTAoaWoREUd/2dottwzGIjqN6U8psZVzYe4oBjJlYD3RHft BMl+JsK/Oo8IfmKgqeKaPr0AjWCAW1XOCRPV31qe+MbvXsMLhQUgWBLmnENlveZm Q+zXy33PvBpOMBiPS1JPDNnYfu6o5is4ReABqSBECQ7XeSiZPNlEXBJKi6y1yknq WRBVY2UQCHNOXp8/Xec2BvehoJq0M7tK1GKFgvPGPdrOPXHR7K3bwDERIc8LGEq/ O4DOitBHm+dxRPPJKwrGlrPlICu4ltN2+paq2ejsCbdgBnEu5zrtp4CO -----END CERTIFICATE-----Generated at Wed May 13 00:21:14 2026 by rpki-client