$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/5338904940BF82A8EFF37162A1BAE6B91FCB673C.cer File: 5338904940BF82A8EFF37162A1BAE6B91FCB673C.cer (raw, json) Hash identifier: qMv8x7e62K+E2E7uPPCDNdHE3l03wzfiFY/92OF+MFM= Subject key identifier: 53:38:90:49:40:BF:82:A8:EF:F3:71:62:A1:BA:E6:B9:1F:CB:67:3C Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 27DBC5AE0943359277EFD351F101C8A62A1A532E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/14ed8d6c-f0fa-47cc-aeaa-b4e3ee116882/1/5338904940BF82A8EFF37162A1BAE6B91FCB673C.mft caRepository: rsync://rpki-rsync.idnic.net/repo/14ed8d6c-f0fa-47cc-aeaa-b4e3ee116882/1/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:52:51 +0000 Certificate not after: Sat 01 May 2027 23:57:51 +0000 Subordinate resources: IP: 2001:df3:d240::/48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:db:c5:ae:09:43:35:92:77:ef:d3:51:f1:01:c8:a6:2a:1a:53:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:52:51 2026 GMT Not After : May 1 23:57:51 2027 GMT Subject: CN=5338904940BF82A8EFF37162A1BAE6B91FCB673C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:73:7c:8c:ee:82:a9:11:68:a4:ee:36:0a:71: db:26:61:be:b5:4d:ca:ac:24:21:7d:29:15:14:f8: 89:25:f9:d0:bb:25:79:fb:58:9c:71:59:61:1b:55: cc:20:1f:00:d6:f2:9d:4f:09:a5:64:90:7e:d0:03: 86:e0:35:9c:4a:3d:42:e3:99:ae:c3:8d:8a:e4:ab: 49:33:ce:dc:a4:e4:cc:7d:84:06:07:a9:85:32:31: 09:ee:53:03:ed:52:21:81:6a:3d:a2:ba:7c:41:28: 4c:34:6d:69:ee:57:b5:ff:8e:11:ca:8e:91:21:99: ec:aa:49:63:45:2f:0b:3f:3f:c7:0f:fe:ae:5a:1c: 71:0a:05:68:08:e1:6b:4e:5c:40:05:ba:0d:6a:49: 3a:83:2f:d5:23:2b:59:b4:e9:a9:ee:f1:09:d5:24: e1:8f:60:6f:86:e8:87:dd:8d:a0:ed:34:11:86:fc: f4:cc:14:f4:e3:91:9a:21:68:82:f5:32:8f:0b:31: e4:f2:94:34:fe:ec:24:6d:f1:b1:bd:5f:a8:0f:f2: f5:d9:9e:8a:d9:0c:4e:08:32:90:c7:e5:1b:69:83: b6:1e:11:a6:ef:67:3f:cc:10:6f:b7:e4:7e:34:dc: ef:74:96:38:b0:10:c6:2c:c5:40:05:b3:91:2c:d1: a6:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 53:38:90:49:40:BF:82:A8:EF:F3:71:62:A1:BA:E6:B9:1F:CB:67:3C X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/14ed8d6c-f0fa-47cc-aeaa-b4e3ee116882/1/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/14ed8d6c-f0fa-47cc-aeaa-b4e3ee116882/1/5338904940BF82A8EFF37162A1BAE6B91FCB673C.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:d240::/48 Signature Algorithm: sha256WithRSAEncryption 69:1a:26:bd:cf:9a:fa:e6:e6:c7:82:d5:d4:1c:38:6a:1d:4f: 37:e4:5b:89:89:1e:00:a8:69:c5:fb:ec:6d:ce:ea:07:df:f0: f1:bd:96:fe:ee:69:28:57:5c:7c:48:13:78:fc:8c:bd:cf:0b: 75:a2:24:a8:31:99:68:76:ab:4d:d6:a3:8c:b4:3a:91:ce:56: 90:c8:4d:b4:99:e3:0d:06:92:4a:95:86:20:36:f4:b5:1c:19: 18:87:28:8f:2e:c3:75:cf:d2:83:aa:98:59:38:1e:d4:5d:4c: 31:0c:fd:4e:22:83:dd:17:f5:7e:09:40:35:11:b5:76:6f:75: b5:e3:09:61:67:9f:f0:d5:64:4b:2b:01:d3:a9:aa:28:3d:f2: 72:76:9b:cd:92:14:fa:40:e4:8c:e6:57:0d:94:33:c6:a7:5d: 8f:88:32:2f:d0:cc:06:5e:cd:81:52:7d:ae:6d:e6:5f:5d:be: ae:ae:bb:da:28:3b:28:60:85:8e:6d:02:42:e3:cd:24:04:0e: 0b:10:bd:c0:2f:06:a9:39:54:cb:2e:20:87:f1:a1:e0:b4:08: f9:c5:0d:71:6d:f4:5c:a3:81:0e:12:4c:4a:19:d7:66:19:0a: 36:21:bd:bb:5c:90:2a:45:da:46:7b:56:a8:da:99:de:5a:6b: 01:06:bd:65 -----BEGIN CERTIFICATE----- MIIFyTCCBLGgAwIBAgIUJ9vFrglDNZJ379NR8QHIpioaUy4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNTI1MVoX DTI3MDUwMTIzNTc1MVowMzExMC8GA1UEAxMoNTMzODkwNDk0MEJGODJBOEVGRjM3 MTYyQTFCQUU2QjkxRkNCNjczQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKBzfIzugqkRaKTuNgpx2yZhvrVNyqwkIX0pFRT4iSX50LsleftYnHFZYRtV zCAfANbynU8JpWSQftADhuA1nEo9QuOZrsONiuSrSTPO3KTkzH2EBgephTIxCe5T A+1SIYFqPaK6fEEoTDRtae5Xtf+OEcqOkSGZ7KpJY0UvCz8/xw/+rloccQoFaAjh a05cQAW6DWpJOoMv1SMrWbTpqe7xCdUk4Y9gb4boh92NoO00EYb89MwU9OORmiFo gvUyjwsx5PKUNP7sJG3xsb1fqA/y9dmeitkMTggykMflG2mDth4Rpu9nP8wQb7fk fjTc73SWOLAQxizFQAWzkSzRpnsCAwEAAaOCArwwggK4MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFM4kElAv4Ko7/NxYqG65rkfy2c8MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzE0ZWQ4ZDZjLWYwZmEtNDdjYy1hZWFhLWI0ZTNlZTExNjg4Mi8xLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8xNGVkOGQ2 Yy1mMGZhLTQ3Y2MtYWVhYS1iNGUzZWUxMTY4ODIvMS81MzM4OTA0OTQwQkY4MkE4 RUZGMzcxNjJBMUJBRTZCOTFGQ0I2NzNDLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAIAEN89JAMA0GCSqGSIb3DQEBCwUAA4IBAQBpGia9z5r65ubHgtXUHDhqHU83 5FuJiR4AqGnF++xtzuoH3/DxvZb+7mkoV1x8SBN4/Iy9zwt1oiSoMZlodqtN1qOM tDqRzlaQyE20meMNBpJKlYYgNvS1HBkYhyiPLsN1z9KDqphZOB7UXUwxDP1OIoPd F/V+CUA1EbV2b3W14wlhZ5/w1WRLKwHTqaooPfJydpvNkhT6QOSM5lcNlDPGp12P iDIv0MwGXs2BUn2ubeZfXb6urrvaKDsoYIWObQJC480kBA4LEL3ALwapOVTLLiCH 8aHgtAj5xQ1xbfRco4EOEkxKGddmGQo2Ib27XJAqRdpGe1ao2pneWmsBBr1l -----END CERTIFICATE-----Generated at Tue May 12 22:02:45 2026 by rpki-client