$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/43D0943D0AD49FD34D79A7F436D9F7AF552F6702.cer File: 43D0943D0AD49FD34D79A7F436D9F7AF552F6702.cer (raw, json) Hash identifier: kRb14b5eK5HSW8yF6MuHtK92s8ecPWtJWDStbdEyx78= Subject key identifier: 43:D0:94:3D:0A:D4:9F:D3:4D:79:A7:F4:36:D9:F7:AF:55:2F:67:02 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 4DF71B30BC49395AED117AC476A6DAF48BB89252 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/b73507f3-f8c0-410b-b19e-57e48bf32305/0/43D0943D0AD49FD34D79A7F436D9F7AF552F6702.mft caRepository: rsync://rpki-rsync.idnic.net/repo/b73507f3-f8c0-410b-b19e-57e48bf32305/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:42:27 +0000 Certificate not after: Sun 02 May 2027 01:47:27 +0000 Subordinate resources: IP: 103.161.116.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:f7:1b:30:bc:49:39:5a:ed:11:7a:c4:76:a6:da:f4:8b:b8:92:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:42:27 2026 GMT Not After : May 2 01:47:27 2027 GMT Subject: CN=43D0943D0AD49FD34D79A7F436D9F7AF552F6702 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:59:e0:dc:6b:51:21:94:c8:46:17:b1:53:b0: b0:ea:5c:3f:57:92:ba:ce:9d:8a:58:e2:8a:d8:45: d2:7c:f4:5c:60:fd:5a:3f:37:d4:54:ec:88:e6:ef: 0b:31:c9:de:13:fe:70:c6:64:de:a5:79:fc:81:4c: de:54:f7:67:48:c4:4b:67:55:aa:2c:a2:fc:ce:fc: 61:e6:c0:48:bc:2d:2c:70:35:64:8f:e5:4c:45:7a: 5a:0a:81:04:6b:dd:f3:8d:cc:3f:ef:2b:3a:d7:01: 45:6a:a6:5f:ab:73:96:18:ce:88:77:62:9b:6a:61: 5d:73:a9:49:49:11:98:2b:e4:05:a7:43:83:87:86: 19:20:57:12:68:0e:ee:9d:44:77:a2:50:d8:45:23: c3:56:e6:4e:1f:34:c5:af:35:fb:4c:cd:65:f5:74: 1e:17:6d:f7:9b:cb:0a:7c:fd:e1:b6:1b:e3:73:9a: 3e:2f:0b:01:cd:26:82:7c:12:71:50:70:b4:59:6e: d1:cb:33:48:45:a8:5f:6d:a1:c1:c7:b4:49:05:2a: 15:f1:50:35:81:40:cf:db:49:92:8a:ca:77:a7:90: 94:d4:49:ab:59:c1:52:c2:16:cd:3a:b1:0a:1c:ff: 95:31:a5:9d:2c:c3:66:41:3f:ac:98:30:9a:e9:1b: b9:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 43:D0:94:3D:0A:D4:9F:D3:4D:79:A7:F4:36:D9:F7:AF:55:2F:67:02 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/b73507f3-f8c0-410b-b19e-57e48bf32305/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/b73507f3-f8c0-410b-b19e-57e48bf32305/0/43D0943D0AD49FD34D79A7F436D9F7AF552F6702.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.161.116.0/23 Signature Algorithm: sha256WithRSAEncryption 76:22:76:14:db:15:f7:c5:3b:c4:30:37:b0:59:2f:f4:34:ce: 17:9e:7a:5f:a0:ab:05:f1:ca:f0:8b:09:7f:44:24:fa:01:4c: 06:9c:4b:4c:bb:48:97:f0:b7:0d:6a:95:0e:ec:fb:fc:1b:42: dc:fe:38:50:62:a0:58:fe:fc:8e:68:1d:a8:21:89:ad:e4:23: ed:2a:c5:0e:61:68:99:b8:e8:13:cd:84:f9:c4:08:30:69:d9: ee:f6:db:43:49:2d:52:77:e9:6f:9c:a2:25:60:7d:1b:77:27: 29:07:e1:43:fc:37:eb:c0:06:2d:2b:6d:bd:4c:ed:df:ca:91: e7:32:2b:a1:5e:71:df:7c:9d:f3:89:0f:85:fb:31:8d:ac:fb: ad:f9:8c:96:85:ad:c7:6a:65:38:bd:ca:27:af:a2:f9:f5:7d: 0f:31:1c:2f:c2:39:c9:3b:b5:30:7f:8c:09:ae:8f:c2:1c:85: 67:18:58:74:4c:d4:f5:37:98:37:2d:d6:cb:ee:80:7c:34:eb: 45:4e:f2:90:c2:6b:e5:b4:87:37:f0:97:3a:c7:f7:33:0a:51: 30:87:96:4e:c1:be:d4:d3:8d:89:c9:a7:ff:1f:d8:96:3e:5f: f6:3c:c3:0c:4a:f6:94:7a:cd:6a:46:67:b5:b7:18:f8:84:6a: e1:2c:05:13 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUTfcbMLxJOVrtEXrEdqba9Iu4klIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxNDIyN1oX DTI3MDUwMjAxNDcyN1owMzExMC8GA1UEAxMoNDNEMDk0M0QwQUQ0OUZEMzRENzlB N0Y0MzZEOUY3QUY1NTJGNjcwMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKlZ4NxrUSGUyEYXsVOwsOpcP1eSus6diljiithF0nz0XGD9Wj831FTsiObv CzHJ3hP+cMZk3qV5/IFM3lT3Z0jES2dVqiyi/M78YebASLwtLHA1ZI/lTEV6WgqB BGvd843MP+8rOtcBRWqmX6tzlhjOiHdim2phXXOpSUkRmCvkBadDg4eGGSBXEmgO 7p1Ed6JQ2EUjw1bmTh80xa81+0zNZfV0Hhdt95vLCnz94bYb43OaPi8LAc0mgnwS cVBwtFlu0cszSEWoX22hwce0SQUqFfFQNYFAz9tJkorKd6eQlNRJq1nBUsIWzTqx Chz/lTGlnSzDZkE/rJgwmukbubkCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEPQlD0K1J/TTXmn9DbZ969VL2cCMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2I3MzUwN2YzLWY4YzAtNDEwYi1iMTllLTU3ZTQ4YmYzMjMwNS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9iNzM1MDdm My1mOGMwLTQxMGItYjE5ZS01N2U0OGJmMzIzMDUvMC80M0QwOTQzRDBBRDQ5RkQz NEQ3OUE3RjQzNkQ5RjdBRjU1MkY2NzAyLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6F0MA0GCSqGSIb3DQEBCwUAA4IBAQB2InYU2xX3xTvEMDewWS/0NM4Xnnpf oKsF8crwiwl/RCT6AUwGnEtMu0iX8LcNapUO7Pv8G0Lc/jhQYqBY/vyOaB2oIYmt 5CPtKsUOYWiZuOgTzYT5xAgwadnu9ttDSS1Sd+lvnKIlYH0bdycpB+FD/DfrwAYt K229TO3fypHnMiuhXnHffJ3ziQ+F+zGNrPut+YyWha3HamU4vconr6L59X0PMRwv wjnJO7Uwf4wJro/CHIVnGFh0TNT1N5g3LdbL7oB8NOtFTvKQwmvltIc38Jc6x/cz ClEwh5ZOwb7U042Jyaf/H9iWPl/2PMMMSvaUes1qRme1txj4hGrhLAUT -----END CERTIFICATE-----Generated at Tue May 12 22:10:37 2026 by rpki-client