$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/4BEF373BC53710D136B40D9F928C485C94C670AC.cer File: 4BEF373BC53710D136B40D9F928C485C94C670AC.cer (raw, json) Hash identifier: ghbo5//zg2t1bD4GNsyATqIwuWsj6pwUByuTKzaR97w= Subject key identifier: 4B:EF:37:3B:C5:37:10:D1:36:B4:0D:9F:92:8C:48:5C:94:C6:70:AC Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 429E09E5078B5E0C218DBC6DB15E2E578E3B5F14 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/03ade9c0-cde1-47f0-9cd2-4a57bdde14e8/0/4BEF373BC53710D136B40D9F928C485C94C670AC.mft caRepository: rsync://rpki-rsync.idnic.net/repo/03ade9c0-cde1-47f0-9cd2-4a57bdde14e8/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:42:09 +0000 Certificate not after: Sat 01 May 2027 23:47:09 +0000 Subordinate resources: IP: 103.188.168.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:9e:09:e5:07:8b:5e:0c:21:8d:bc:6d:b1:5e:2e:57:8e:3b:5f:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:42:09 2026 GMT Not After : May 1 23:47:09 2027 GMT Subject: CN=4BEF373BC53710D136B40D9F928C485C94C670AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:b4:d2:ab:c7:1f:ed:ea:83:a2:b8:48:1b:81: 99:79:ad:80:91:79:1d:ba:54:2b:26:39:72:5b:0b: 4a:99:49:24:e7:54:59:23:f5:02:81:58:27:f2:dd: 1e:d6:eb:bb:2f:1a:11:b7:c2:e5:6c:6f:60:b1:2c: 30:98:58:4c:f9:56:8b:a2:74:f8:a6:3f:9e:a3:06: 26:b4:f8:ec:8e:26:04:eb:92:56:87:88:20:99:33: d3:95:cb:02:d8:3f:73:64:2a:92:90:a8:66:9b:34: 6e:41:48:83:f2:05:7a:30:4e:4a:79:3c:3d:f3:5b: 75:b8:10:22:e8:2c:64:6d:5b:3d:18:32:33:34:ae: 88:c1:ff:6a:1e:ff:76:f1:24:9b:c5:fd:73:bd:5b: 76:c3:a0:34:69:63:df:98:ae:36:84:b7:85:33:63: d7:3e:26:b0:7e:a7:89:8e:3c:58:9b:68:75:f1:22: 7c:57:7e:ae:b9:55:c1:a6:fa:84:aa:d9:c0:f0:38: 4b:0a:e2:93:50:b9:a5:68:7f:57:e9:e2:85:c2:6d: 20:d3:b8:c3:89:07:b3:c9:40:ac:36:4c:09:56:e2: d2:1e:c2:31:80:4b:71:93:95:01:c0:34:12:b1:c8: f0:44:d8:d9:68:34:b9:29:85:d8:78:81:9c:74:bd: bf:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 4B:EF:37:3B:C5:37:10:D1:36:B4:0D:9F:92:8C:48:5C:94:C6:70:AC X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/03ade9c0-cde1-47f0-9cd2-4a57bdde14e8/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/03ade9c0-cde1-47f0-9cd2-4a57bdde14e8/0/4BEF373BC53710D136B40D9F928C485C94C670AC.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.188.168.0/23 Signature Algorithm: sha256WithRSAEncryption 95:2f:ce:b7:a5:b0:8b:9c:09:c6:ac:5c:17:89:9e:95:e2:76: 02:4a:0e:8f:5e:f2:78:86:0d:b8:0d:86:87:81:2b:3c:18:7c: 64:75:8b:63:62:03:50:df:03:5f:46:2c:b3:c1:55:a5:51:ac: bf:14:82:87:cc:30:cd:fe:12:51:54:f4:b6:b4:4d:01:f7:be: bb:fa:4e:67:8d:1b:96:46:9e:8b:d8:89:11:d4:10:80:d8:ba: 2e:c8:c5:79:93:bc:3c:39:65:e4:9c:ac:54:88:03:42:16:0c: 7b:fb:09:fe:44:ba:ff:ce:cf:7f:e8:64:d9:69:b0:26:f4:99: 50:16:00:17:47:b1:55:55:16:29:be:3b:8a:5c:13:68:a2:82: 68:20:02:db:f0:4a:60:cb:4e:4c:e0:fc:e8:63:28:bd:21:be: e9:c3:ce:88:6a:93:7e:ee:f8:ac:14:5d:1d:f6:85:69:53:cc: 6e:92:7c:e2:30:ba:f2:b0:37:6c:dc:03:e8:7c:6c:ec:77:09: 57:ba:72:e1:74:5c:a4:3f:9e:c0:f8:a5:c4:50:85:c5:dc:06: cd:0a:88:d4:35:fe:84:20:0c:66:4f:e5:bb:da:f2:01:6f:88: bd:c5:3d:4e:64:c1:e2:50:8a:65:d4:12:96:47:fd:33:db:56: eb:aa:5e:20 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUQp4J5QeLXgwhjbxtsV4uV447XxQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNDIwOVoX DTI3MDUwMTIzNDcwOVowMzExMC8GA1UEAxMoNEJFRjM3M0JDNTM3MTBEMTM2QjQw RDlGOTI4QzQ4NUM5NEM2NzBBQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKK00qvHH+3qg6K4SBuBmXmtgJF5HbpUKyY5clsLSplJJOdUWSP1AoFYJ/Ld Htbruy8aEbfC5WxvYLEsMJhYTPlWi6J0+KY/nqMGJrT47I4mBOuSVoeIIJkz05XL Atg/c2QqkpCoZps0bkFIg/IFejBOSnk8PfNbdbgQIugsZG1bPRgyMzSuiMH/ah7/ dvEkm8X9c71bdsOgNGlj35iuNoS3hTNj1z4msH6niY48WJtodfEifFd+rrlVwab6 hKrZwPA4Swrik1C5pWh/V+nihcJtINO4w4kHs8lArDZMCVbi0h7CMYBLcZOVAcA0 ErHI8ETY2Wg0uSmF2HiBnHS9v+8CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEvvNzvFNxDRNrQNn5KMSFyUxnCsMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzAzYWRlOWMwLWNkZTEtNDdmMC05Y2QyLTRhNTdiZGRlMTRlOC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8wM2FkZTlj MC1jZGUxLTQ3ZjAtOWNkMi00YTU3YmRkZTE0ZTgvMC80QkVGMzczQkM1MzcxMEQx MzZCNDBEOUY5MjhDNDg1Qzk0QzY3MEFDLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ7yoMA0GCSqGSIb3DQEBCwUAA4IBAQCVL863pbCLnAnGrFwXiZ6V4nYCSg6P XvJ4hg24DYaHgSs8GHxkdYtjYgNQ3wNfRiyzwVWlUay/FIKHzDDN/hJRVPS2tE0B 9767+k5njRuWRp6L2IkR1BCA2LouyMV5k7w8OWXknKxUiANCFgx7+wn+RLr/zs9/ 6GTZabAm9JlQFgAXR7FVVRYpvjuKXBNoooJoIALb8Epgy05M4PzoYyi9Ib7pw86I apN+7visFF0d9oVpU8xuknziMLrysDds3APofGzsdwlXunLhdFykP57A+KXEUIXF 3AbNCojUNf6EIAxmT+W72vIBb4i9xT1OZMHiUIpl1BKWR/0z21brql4g -----END CERTIFICATE-----Generated at Tue May 12 22:03:08 2026 by rpki-client