$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/522AE23CF8EDB130CB8CF5BDBB1A413C88A07FB1.cer File: 522AE23CF8EDB130CB8CF5BDBB1A413C88A07FB1.cer (raw, json) Hash identifier: IB+0+r1WcBTdIhrEG23+mto76A7JZI5hBXuQiPUspzs= Subject key identifier: 52:2A:E2:3C:F8:ED:B1:30:CB:8C:F5:BD:BB:1A:41:3C:88:A0:7F:B1 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2D81966AB0D3600C96E8427011DD8BB3EC6EC3BA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/435bc130-964a-47b8-922b-83069de67a7c/0/522AE23CF8EDB130CB8CF5BDBB1A413C88A07FB1.mft caRepository: rsync://rpki-rsync.idnic.net/repo/435bc130-964a-47b8-922b-83069de67a7c/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:24:24 +0000 Certificate not after: Sun 02 May 2027 00:29:24 +0000 Subordinate resources: IP: 103.155.224.0/23 IP: 2001:df4:da80::/48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:81:96:6a:b0:d3:60:0c:96:e8:42:70:11:dd:8b:b3:ec:6e:c3:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:24:24 2026 GMT Not After : May 2 00:29:24 2027 GMT Subject: CN=522AE23CF8EDB130CB8CF5BDBB1A413C88A07FB1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:d7:dd:f9:05:c3:f2:64:83:4e:73:d5:df:28: 74:4b:31:87:55:8e:39:50:84:10:39:78:14:42:cd: 6c:39:4f:4b:6a:6f:f1:7f:8e:93:cd:76:15:8d:1a: c5:43:dd:92:f2:57:0e:32:a7:51:82:3a:f7:ed:11: 95:02:ce:c4:a8:25:7e:25:4d:e4:d5:9b:9f:90:a0: ae:79:be:3a:80:f2:8b:1c:c6:63:b9:30:94:17:9b: a9:ea:50:a5:36:cd:c6:57:4d:75:97:1e:e9:4a:f3: c6:d0:e2:74:ee:57:16:dd:9d:32:ed:11:8a:4d:93: bd:d7:c7:27:f8:32:60:a4:fc:f8:d7:6a:ce:7e:e5: 7c:27:48:78:ef:14:7f:4d:8c:ce:4a:a8:c2:ef:f2: c4:90:83:95:e0:11:58:b6:85:38:2b:d9:e6:22:22: 10:06:fb:29:00:05:4e:96:56:bf:61:81:d0:76:50: 5c:2a:cf:f1:77:32:c5:21:9e:b7:2d:98:9b:7d:fb: 06:58:c4:59:23:66:df:57:53:c9:20:89:d3:ef:30: 2b:cd:87:26:4f:2c:16:e0:51:c4:74:6b:73:56:91: 2d:9a:d6:e5:ed:7c:4c:7f:5d:45:98:f7:83:54:58: 09:18:c5:9a:5d:69:22:4f:89:3e:45:bc:f0:b8:9b: d7:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 52:2A:E2:3C:F8:ED:B1:30:CB:8C:F5:BD:BB:1A:41:3C:88:A0:7F:B1 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/435bc130-964a-47b8-922b-83069de67a7c/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/435bc130-964a-47b8-922b-83069de67a7c/0/522AE23CF8EDB130CB8CF5BDBB1A413C88A07FB1.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.155.224.0/23 IPv6: 2001:df4:da80::/48 Signature Algorithm: sha256WithRSAEncryption 98:7d:c7:0b:cc:eb:ab:a2:04:94:69:30:92:87:01:e8:2f:cd: a9:ef:ae:df:ee:b8:35:b1:33:7b:5c:99:9c:d2:f2:fa:5a:6e: 95:31:5c:f7:9a:4e:ca:9b:cc:b7:f1:34:71:22:36:c3:bf:d3: 0b:93:ea:08:a6:4f:93:d7:29:13:01:d2:9d:f0:93:06:72:f0: 03:99:b9:12:67:a9:05:cb:82:65:5a:35:c2:08:a9:61:44:50: 31:ac:38:60:dd:2a:ec:10:55:bb:89:a4:21:7d:41:9f:99:0f: 97:23:1c:fc:4a:c2:fa:2f:ee:75:5d:8c:c8:2c:ea:af:8a:bb: aa:4e:2f:ca:b1:47:24:3a:c3:05:69:cd:b1:d4:b0:41:77:ac: 0d:4f:75:4e:c7:81:59:b1:a7:d5:04:11:61:a3:20:80:5d:c9: 61:48:99:e3:b3:3a:c1:42:dd:7b:3f:0d:55:6c:c7:f2:bc:b7: 31:bf:f7:9f:18:7f:19:96:ca:77:ae:b1:3c:e4:bf:07:85:72: 54:dd:53:1e:50:96:2a:26:54:98:55:49:0f:c2:ee:56:44:bf: 84:c8:93:ba:dc:64:34:28:cf:a2:f5:76:02:48:46:9f:db:73: e5:97:1f:19:05:47:8b:4e:4f:7b:d3:16:9f:ca:2d:be:9e:fb: af:47:b1:33 -----BEGIN CERTIFICATE----- MIIF1zCCBL+gAwIBAgIULYGWarDTYAyW6EJwEd2Ls+xuw7owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMjQyNFoX DTI3MDUwMjAwMjkyNFowMzExMC8GA1UEAxMoNTIyQUUyM0NGOEVEQjEzMENCOENG NUJEQkIxQTQxM0M4OEEwN0ZCMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAI/X3fkFw/Jkg05z1d8odEsxh1WOOVCEEDl4FELNbDlPS2pv8X+Ok812FY0a xUPdkvJXDjKnUYI69+0RlQLOxKglfiVN5NWbn5Cgrnm+OoDyixzGY7kwlBebqepQ pTbNxldNdZce6UrzxtDidO5XFt2dMu0Rik2TvdfHJ/gyYKT8+Ndqzn7lfCdIeO8U f02Mzkqowu/yxJCDleARWLaFOCvZ5iIiEAb7KQAFTpZWv2GB0HZQXCrP8XcyxSGe ty2Ym337BljEWSNm31dTySCJ0+8wK82HJk8sFuBRxHRrc1aRLZrW5e18TH9dRZj3 g1RYCRjFml1pIk+JPkW88Lib12kCAwEAAaOCAsowggLGMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFIq4jz47bEwy4z1vbsaQTyIoH+xMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzQzNWJjMTMwLTk2NGEtNDdiOC05MjJiLTgzMDY5ZGU2N2E3Yy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby80MzViYzEz MC05NjRhLTQ3YjgtOTIyYi04MzA2OWRlNjdhN2MvMC81MjJBRTIzQ0Y4RURCMTMw Q0I4Q0Y1QkRCQjFBNDEzQzg4QTA3RkIxLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAG AwQBZ5vgMA8EAgACMAkDBwAgAQ302oAwDQYJKoZIhvcNAQELBQADggEBAJh9xwvM 66uiBJRpMJKHAegvzanvrt/uuDWxM3tcmZzS8vpabpUxXPeaTsqbzLfxNHEiNsO/ 0wuT6gimT5PXKRMB0p3wkwZy8AOZuRJnqQXLgmVaNcIIqWFEUDGsOGDdKuwQVbuJ pCF9QZ+ZD5cjHPxKwvov7nVdjMgs6q+Ku6pOL8qxRyQ6wwVpzbHUsEF3rA1PdU7H gVmxp9UEEWGjIIBdyWFImeOzOsFC3Xs/DVVsx/K8tzG/958YfxmWyneusTzkvweF clTdUx5QliomVJhVSQ/C7lZEv4TIk7rcZDQoz6L1dgJIRp/bc+WXHxkFR4tOT3vT Fp/KLb6e+69HsTM= -----END CERTIFICATE-----Generated at Tue May 12 22:39:23 2026 by rpki-client