$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/52D9A1099AA71A2F408409BE12B3031B5511AE20.cer File: 52D9A1099AA71A2F408409BE12B3031B5511AE20.cer (raw, json) Hash identifier: /fMCNeOfzP0ji/ztNtElHLNbCCY5gzziQOMeJo54kkc= Subject key identifier: 52:D9:A1:09:9A:A7:1A:2F:40:84:09:BE:12:B3:03:1B:55:11:AE:20 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5173E27389BABE9C5D8E5CC12D52C2DCD3977429 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/57f6e57b-4c26-442b-8afc-0329eedafb72/0/52D9A1099AA71A2F408409BE12B3031B5511AE20.mft caRepository: rsync://rpki-rsync.idnic.net/repo/57f6e57b-4c26-442b-8afc-0329eedafb72/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:38:09 +0000 Certificate not after: Sun 02 May 2027 00:43:09 +0000 Subordinate resources: IP: 103.129.68.0/22 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:73:e2:73:89:ba:be:9c:5d:8e:5c:c1:2d:52:c2:dc:d3:97:74:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:38:09 2026 GMT Not After : May 2 00:43:09 2027 GMT Subject: CN=52D9A1099AA71A2F408409BE12B3031B5511AE20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:08:65:b7:b4:ff:c2:cd:dd:8b:83:b8:da:7c: e8:20:87:be:05:dd:d3:0b:d9:4f:df:2a:30:8c:bc: f2:b1:4f:04:00:b4:9c:8c:cf:d1:98:7b:fc:87:07: 24:73:5a:22:15:d6:73:0b:26:96:5f:9a:ff:63:86: ac:9f:49:23:4f:3a:37:e3:8e:13:45:20:2d:1f:3a: 18:ce:d7:63:ec:fb:cf:bf:02:e1:06:0f:4f:c2:d7: 87:a1:b6:de:44:a2:e2:88:63:55:91:30:d1:cf:af: 56:1b:f1:9e:aa:c3:eb:c8:1c:60:f6:c8:95:b4:9a: 2c:9f:41:73:e2:65:3a:1f:c3:97:73:89:37:3f:c8: ab:22:a9:32:89:a5:1b:21:6b:d0:16:a5:67:1c:b6: 8c:ce:60:7c:49:81:98:0b:43:dd:2e:93:89:0d:ea: 99:d3:13:bb:12:79:a0:2e:fc:74:f1:52:46:8b:07: 7a:9a:d1:06:a8:9e:42:89:f0:77:c9:ea:f9:9e:a8: 28:87:21:95:44:04:60:bc:e8:48:aa:f3:cf:d4:44: d0:d1:61:a0:94:64:d9:95:f0:91:86:78:23:65:d8: ff:3d:3f:3f:ce:e7:37:5c:5a:d7:50:6b:b9:66:78: eb:ae:8c:99:34:cf:83:17:e8:b0:d9:cc:d2:32:de: 4c:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 52:D9:A1:09:9A:A7:1A:2F:40:84:09:BE:12:B3:03:1B:55:11:AE:20 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/57f6e57b-4c26-442b-8afc-0329eedafb72/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/57f6e57b-4c26-442b-8afc-0329eedafb72/0/52D9A1099AA71A2F408409BE12B3031B5511AE20.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.129.68.0/22 Signature Algorithm: sha256WithRSAEncryption 4a:37:aa:cc:4a:06:be:74:4a:be:e9:6a:5d:f5:83:80:aa:49: cc:69:c5:05:d0:9f:30:f8:6f:00:86:3b:a7:a8:2f:48:00:f8: 9d:22:d9:9d:4e:68:09:b5:e6:54:61:90:e9:8f:77:ad:8f:6d: c9:23:a8:9c:37:9b:19:69:51:02:71:a4:26:1d:29:6f:4b:6f: f0:8e:9a:bb:f3:a7:f9:58:b9:ff:ef:40:54:09:f0:13:bc:d0: 77:90:c0:ca:86:10:af:56:09:91:00:f5:a1:1b:7f:36:c7:e2: c6:7f:a4:cc:9e:f2:f0:d8:47:75:13:46:c3:bf:46:d4:fb:c5: 03:de:1f:de:e9:55:11:2c:ac:88:df:7b:04:10:24:9f:11:f2: 75:c4:96:be:a1:0f:13:47:52:33:05:06:fe:bd:4a:59:d3:13: b2:b2:c7:8c:dc:71:71:b2:cd:d4:ae:7e:68:50:9a:7e:c1:4a: 27:61:90:9e:60:be:da:72:cd:4f:b5:08:ec:70:d2:80:45:b1: 88:5c:f1:dc:72:da:14:b4:59:dd:84:d7:d2:cf:22:43:b9:aa: e1:cf:86:fd:1e:bb:b8:e8:de:f2:cf:9f:3a:8d:38:b7:c6:fc: 3a:30:0d:05:76:c6:b3:c3:49:7d:6e:6f:29:56:69:c4:94:51: a0:ca:cc:42 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUUXPic4m6vpxdjlzBLVLC3NOXdCkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMzgwOVoX DTI3MDUwMjAwNDMwOVowMzExMC8GA1UEAxMoNTJEOUExMDk5QUE3MUEyRjQwODQw OUJFMTJCMzAzMUI1NTExQUUyMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMgIZbe0/8LN3YuDuNp86CCHvgXd0wvZT98qMIy88rFPBAC0nIzP0Zh7/IcH JHNaIhXWcwsmll+a/2OGrJ9JI086N+OOE0UgLR86GM7XY+z7z78C4QYPT8LXh6G2 3kSi4ohjVZEw0c+vVhvxnqrD68gcYPbIlbSaLJ9Bc+JlOh/Dl3OJNz/IqyKpMoml GyFr0BalZxy2jM5gfEmBmAtD3S6TiQ3qmdMTuxJ5oC78dPFSRosHeprRBqieQonw d8nq+Z6oKIchlUQEYLzoSKrzz9RE0NFhoJRk2ZXwkYZ4I2XY/z0/P87nN1xa11Br uWZ4666MmTTPgxfosNnM0jLeTIUCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFLZoQmapxovQIQJvhKzAxtVEa4gMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzU3ZjZlNTdiLTRjMjYtNDQyYi04YWZjLTAzMjllZWRhZmI3Mi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby81N2Y2ZTU3 Yi00YzI2LTQ0MmItOGFmYy0wMzI5ZWVkYWZiNzIvMC81MkQ5QTEwOTlBQTcxQTJG NDA4NDA5QkUxMkIzMDMxQjU1MTFBRTIwLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ4FEMA0GCSqGSIb3DQEBCwUAA4IBAQBKN6rMSga+dEq+6Wpd9YOAqknMacUF 0J8w+G8AhjunqC9IAPidItmdTmgJteZUYZDpj3etj23JI6icN5sZaVECcaQmHSlv S2/wjpq786f5WLn/70BUCfATvNB3kMDKhhCvVgmRAPWhG382x+LGf6TMnvLw2Ed1 E0bDv0bU+8UD3h/e6VURLKyI33sEECSfEfJ1xJa+oQ8TR1IzBQb+vUpZ0xOysseM 3HFxss3Urn5oUJp+wUonYZCeYL7acs1PtQjscNKARbGIXPHcctoUtFndhNfSzyJD uarhz4b9Hru46N7yz586jTi3xvw6MA0Fdsazw0l9bm8pVmnElFGgysxC -----END CERTIFICATE-----Generated at Tue May 12 22:16:15 2026 by rpki-client