$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/509D7A005D22B25F29771D4736A9F3273A87402B.cer File: 509D7A005D22B25F29771D4736A9F3273A87402B.cer (raw, json) Hash identifier: KJRi38aFgEWbmwhEYAsPaeGEBDYyiVYk1Eq+36XirE4= Subject key identifier: 50:9D:7A:00:5D:22:B2:5F:29:77:1D:47:36:A9:F3:27:3A:87:40:2B Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 73FB875C255CF5ED78F4797CFCE5BB0EA703B067 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/44b27303-9e3d-4d42-af25-6a0f11808f27/0/509D7A005D22B25F29771D4736A9F3273A87402B.mft caRepository: rsync://rpki-rsync.idnic.net/repo/44b27303-9e3d-4d42-af25-6a0f11808f27/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:25:29 +0000 Certificate not after: Sun 02 May 2027 00:30:29 +0000 Subordinate resources: IP: 103.97.4.0/22 IP: 2401:8040::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:fb:87:5c:25:5c:f5:ed:78:f4:79:7c:fc:e5:bb:0e:a7:03:b0:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:25:29 2026 GMT Not After : May 2 00:30:29 2027 GMT Subject: CN=509D7A005D22B25F29771D4736A9F3273A87402B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:0c:c0:4c:5a:67:c7:46:ee:15:f7:e6:90:9c: 7c:55:c0:2e:b0:8d:07:1d:64:0b:3c:e1:91:99:6b: 08:17:32:92:f7:01:e7:da:e3:4f:d6:9e:97:4a:0f: b7:c4:c3:90:39:fa:8e:bf:48:14:3b:4b:5d:67:ea: 9e:b5:dc:91:f3:60:83:02:a8:e4:cd:c7:ba:c1:48: 59:f5:46:7e:16:bb:20:b5:5c:f5:66:0a:1d:56:47: bb:41:9a:8f:9c:03:5b:9d:12:11:b0:5d:be:8f:37: 84:bb:ed:b3:31:04:65:8a:dd:39:fc:f1:b2:6f:25: ad:06:51:62:14:4b:49:8b:8a:9e:01:8e:ac:16:8b: d4:10:56:05:85:c0:81:f4:5e:c7:72:19:34:2a:d6: f1:70:f3:44:99:54:70:2d:44:f0:60:0f:89:48:7f: 17:92:62:24:ef:68:f4:6c:9d:85:0f:60:a9:91:f6: f7:d0:be:b3:f6:d0:8e:aa:06:ee:69:21:70:d8:10: 7d:69:de:ae:46:a0:cc:f5:49:62:86:c9:7d:83:5e: 03:de:1b:66:e9:af:c9:50:3a:4c:1f:84:c3:e5:b6: 2a:53:d2:f2:2f:ac:ca:1c:1f:fa:21:8b:ba:9f:3f: 99:61:5f:cd:e7:03:a9:37:70:64:da:87:53:f2:a4: 5a:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 50:9D:7A:00:5D:22:B2:5F:29:77:1D:47:36:A9:F3:27:3A:87:40:2B X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/44b27303-9e3d-4d42-af25-6a0f11808f27/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/44b27303-9e3d-4d42-af25-6a0f11808f27/0/509D7A005D22B25F29771D4736A9F3273A87402B.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.97.4.0/22 IPv6: 2401:8040::/32 Signature Algorithm: sha256WithRSAEncryption 3a:47:86:b3:4b:f7:62:05:85:65:a6:67:6d:c9:fc:d0:81:28: af:9f:ce:e0:43:f5:ca:19:91:e7:c4:b1:23:93:aa:01:fa:6b: 12:b6:4b:0d:14:43:d8:98:20:26:89:20:d3:42:0d:db:20:0b: cd:73:48:32:17:df:b4:01:0b:c6:40:90:b9:8a:68:72:75:15: 95:22:de:c7:57:cd:a9:e5:7b:c4:3f:a7:c1:8d:97:4b:ff:57: 82:4d:4c:2b:09:33:c9:5a:73:1c:12:77:79:db:95:08:6c:97: 9d:d8:da:f4:56:de:c6:45:b1:8d:c2:c5:ac:56:bf:96:79:72: 11:23:8c:a1:f0:9b:09:3d:79:fd:79:18:ad:ee:20:81:3e:0c: ee:a6:a3:b5:c0:47:88:e5:21:cd:a1:22:82:66:e4:e7:40:04: 9c:ee:30:4c:a9:37:80:38:17:12:c1:00:d4:50:bd:ee:e6:7e: ec:44:2d:a9:5a:88:f6:c3:00:47:a3:65:bc:ec:a7:d8:c7:13: 4d:92:2d:09:55:ed:f5:fb:f9:2a:63:48:02:ed:42:43:18:7a: 11:22:ea:e5:ec:60:9a:e5:1f:ed:d0:d3:cc:02:c3:95:62:0d: 0d:1b:a7:54:4c:8a:d3:14:9f:ad:30:cf:49:08:e4:87:5a:a8: 28:88:54:59 -----BEGIN CERTIFICATE----- MIIF1TCCBL2gAwIBAgIUc/uHXCVc9e149Hl8/OW7DqcDsGcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMjUyOVoX DTI3MDUwMjAwMzAyOVowMzExMC8GA1UEAxMoNTA5RDdBMDA1RDIyQjI1RjI5Nzcx RDQ3MzZBOUYzMjczQTg3NDAyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK8MwExaZ8dG7hX35pCcfFXALrCNBx1kCzzhkZlrCBcykvcB59rjT9ael0oP t8TDkDn6jr9IFDtLXWfqnrXckfNggwKo5M3HusFIWfVGfha7ILVc9WYKHVZHu0Ga j5wDW50SEbBdvo83hLvtszEEZYrdOfzxsm8lrQZRYhRLSYuKngGOrBaL1BBWBYXA gfRex3IZNCrW8XDzRJlUcC1E8GAPiUh/F5JiJO9o9GydhQ9gqZH299C+s/bQjqoG 7mkhcNgQfWnerkagzPVJYobJfYNeA94bZumvyVA6TB+Ew+W2KlPS8i+syhwf+iGL up8/mWFfzecDqTdwZNqHU/KkWq0CAwEAAaOCAsgwggLEMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFCdegBdIrJfKXcdRzap8yc6h0ArMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzQ0YjI3MzAzLTllM2QtNGQ0Mi1hZjI1LTZhMGYxMTgwOGYyNy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby80NGIyNzMw My05ZTNkLTRkNDItYWYyNS02YTBmMTE4MDhmMjcvMC81MDlEN0EwMDVEMjJCMjVG Mjk3NzFENDczNkE5RjMyNzNBODc0MDJCLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAG AwQCZ2EEMA0EAgACMAcDBQAkAYBAMA0GCSqGSIb3DQEBCwUAA4IBAQA6R4azS/di BYVlpmdtyfzQgSivn87gQ/XKGZHnxLEjk6oB+msStksNFEPYmCAmiSDTQg3bIAvN c0gyF9+0AQvGQJC5imhydRWVIt7HV82p5XvEP6fBjZdL/1eCTUwrCTPJWnMcEnd5 25UIbJed2Nr0Vt7GRbGNwsWsVr+WeXIRI4yh8JsJPXn9eRit7iCBPgzupqO1wEeI 5SHNoSKCZuTnQASc7jBMqTeAOBcSwQDUUL3u5n7sRC2pWoj2wwBHo2W87KfYxxNN ki0JVe31+/kqY0gC7UJDGHoRIurl7GCa5R/t0NPMAsOVYg0NG6dUTIrTFJ+tMM9J COSHWqgoiFRZ -----END CERTIFICATE-----Generated at Tue May 12 22:16:40 2026 by rpki-client