$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/5843958BB240779320D7F0C2B674ACF5EF6122BC.cer File: 5843958BB240779320D7F0C2B674ACF5EF6122BC.cer (raw, json) Hash identifier: tZIw4cO6QPcMKnynG7Oj1LBO/k/hAMbTBEcdkLCbts8= Subject key identifier: 58:43:95:8B:B2:40:77:93:20:D7:F0:C2:B6:74:AC:F5:EF:61:22:BC Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 21CD20EB1C0B1FB8A16E86FEB24722161D031548 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/2d95c19c-3262-48c7-af02-37a835d0a779/0/5843958BB240779320D7F0C2B674ACF5EF6122BC.mft caRepository: rsync://rpki-rsync.idnic.net/repo/2d95c19c-3262-48c7-af02-37a835d0a779/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:09:57 +0000 Certificate not after: Sun 02 May 2027 00:14:57 +0000 Subordinate resources: IP: 43.252.104.0/22 IP: 103.11.186.0/23 IP: 103.28.112.0/22 IP: 124.40.248.0/21 IP: 202.56.164.0/22 IP: 203.217.132.0/23 IP: 2001:df0:a3::/48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:cd:20:eb:1c:0b:1f:b8:a1:6e:86:fe:b2:47:22:16:1d:03:15:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:09:57 2026 GMT Not After : May 2 00:14:57 2027 GMT Subject: CN=5843958BB240779320D7F0C2B674ACF5EF6122BC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:b3:37:4a:d9:6d:c6:56:b7:39:7d:0f:6b:05: 12:09:38:cd:0f:4b:66:a4:c5:85:5b:2f:be:83:fe: de:a9:0d:10:0b:a2:da:c1:b2:0e:26:25:87:c0:84: e9:f7:00:fb:25:47:65:40:ef:8d:c1:c1:6b:d7:32: 2c:d0:70:d3:a9:e0:ce:19:c2:e1:22:34:6f:ca:d4: 20:d3:e7:d9:09:0a:38:fd:2c:d6:da:b6:83:12:7d: d3:44:f6:2b:0d:10:bb:5f:d5:ba:3a:21:4f:a2:6e: ee:0f:10:47:a2:ee:8c:c5:da:50:1d:fb:8a:d2:5f: 1e:da:31:44:6f:c4:45:ff:97:0e:3d:e2:84:4d:a1: 09:76:d3:19:6e:1d:e0:35:0e:04:62:52:1e:5f:cc: d2:59:6e:86:c9:91:4b:ec:c7:ca:3b:8c:53:cf:f8: fb:52:03:45:df:26:40:7b:fc:25:a6:18:87:34:cc: 8b:29:e2:53:25:80:25:b7:f6:85:af:4a:db:f3:f0: d8:43:81:35:83:3b:dd:95:fb:18:f7:ce:e6:43:d4: 5e:57:b2:1a:2c:9a:48:cf:a1:54:28:f6:70:52:72: 48:ec:e3:57:4d:50:b2:7f:dd:2b:8e:85:e9:f9:2e: 42:a5:59:81:9e:b2:65:88:f0:d8:54:7d:26:70:dc: 3a:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 58:43:95:8B:B2:40:77:93:20:D7:F0:C2:B6:74:AC:F5:EF:61:22:BC X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/2d95c19c-3262-48c7-af02-37a835d0a779/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/2d95c19c-3262-48c7-af02-37a835d0a779/0/5843958BB240779320D7F0C2B674ACF5EF6122BC.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.252.104.0/22 103.11.186.0/23 103.28.112.0/22 124.40.248.0/21 202.56.164.0/22 203.217.132.0/23 IPv6: 2001:df0:a3::/48 Signature Algorithm: sha256WithRSAEncryption 0e:dc:7e:dc:82:fa:2e:8a:4b:81:35:47:8b:ab:fe:89:c2:20: 79:2a:5c:a5:f9:00:25:97:28:7f:10:12:d4:c1:ca:83:6d:3b: d1:f8:88:8f:cc:34:12:ee:ab:29:27:fb:c4:9a:ab:9b:12:4e: 9a:d1:83:5e:61:84:44:24:74:fd:69:4d:35:17:e9:cb:6c:49: 7b:50:6a:cd:13:0b:83:1e:1c:e6:14:c3:aa:64:fd:f2:d9:71: 90:ab:14:2b:c8:a1:77:e7:b9:59:20:85:b4:8b:ba:43:31:b5: a1:bd:e7:68:71:70:31:2c:46:56:be:a4:c1:a7:ce:17:0c:c5: 0a:47:21:7c:a9:51:df:4f:08:20:4b:91:ef:a6:ef:21:72:de: 14:4b:9a:02:9a:4a:8c:07:16:c6:3f:7b:9c:70:f7:25:aa:cf: 38:53:ba:2f:78:b6:3c:8c:60:1d:f7:fb:b6:35:d4:65:4e:27: b3:2a:34:b1:bd:31:53:cf:3c:ca:33:94:58:f3:c3:94:5f:62: 03:a6:c3:15:c6:45:ce:e9:a2:30:44:eb:06:4d:14:dc:db:4b: 47:62:e5:67:df:f6:43:81:80:cc:9b:9b:0c:9d:fd:e9:f1:2b: 8d:2a:42:86:fa:23:71:62:ba:fa:3b:0b:bf:a7:f7:83:32:39: de:f0:ac:21 -----BEGIN CERTIFICATE----- MIIF9TCCBN2gAwIBAgIUIc0g6xwLH7ihbob+skciFh0DFUgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMDk1N1oX DTI3MDUwMjAwMTQ1N1owMzExMC8GA1UEAxMoNTg0Mzk1OEJCMjQwNzc5MzIwRDdG MEMyQjY3NEFDRjVFRjYxMjJCQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK+zN0rZbcZWtzl9D2sFEgk4zQ9LZqTFhVsvvoP+3qkNEAui2sGyDiYlh8CE 6fcA+yVHZUDvjcHBa9cyLNBw06ngzhnC4SI0b8rUINPn2QkKOP0s1tq2gxJ900T2 Kw0Qu1/VujohT6Ju7g8QR6LujMXaUB37itJfHtoxRG/ERf+XDj3ihE2hCXbTGW4d 4DUOBGJSHl/M0lluhsmRS+zHyjuMU8/4+1IDRd8mQHv8JaYYhzTMiyniUyWAJbf2 ha9K2/Pw2EOBNYM73ZX7GPfO5kPUXleyGiyaSM+hVCj2cFJySOzjV01Qsn/dK46F 6fkuQqVZgZ6yZYjw2FR9JnDcOisCAwEAAaOCAugwggLkMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFhDlYuyQHeTINfwwrZ0rPXvYSK8MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzJkOTVjMTljLTMyNjItNDhjNy1hZjAyLTM3YTgzNWQwYTc3OS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8yZDk1YzE5 Yy0zMjYyLTQ4YzctYWYwMi0zN2E4MzVkMGE3NzkvMC81ODQzOTU4QkIyNDA3Nzkz MjBEN0YwQzJCNjc0QUNGNUVGNjEyMkJDLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAk AwQCK/xoAwQBZwu6AwQCZxxwAwQDfCj4AwQCyjikAwQBy9mEMA8EAgACMAkDBwAg AQ3wAKMwDQYJKoZIhvcNAQELBQADggEBAA7cftyC+i6KS4E1R4ur/onCIHkqXKX5 ACWXKH8QEtTByoNtO9H4iI/MNBLuqykn+8Saq5sSTprRg15hhEQkdP1pTTUX6cts SXtQas0TC4MeHOYUw6pk/fLZcZCrFCvIoXfnuVkghbSLukMxtaG952hxcDEsRla+ pMGnzhcMxQpHIXypUd9PCCBLke+m7yFy3hRLmgKaSowHFsY/e5xw9yWqzzhTui94 tjyMYB33+7Y11GVOJ7MqNLG9MVPPPMozlFjzw5RfYgOmwxXGRc7pojBE6wZNFNzb S0di5Wff9kOBgMybmwyd/enxK40qQob6I3Fiuvo7C7+n94MyOd7wrCE= -----END CERTIFICATE-----Generated at Tue May 12 22:15:51 2026 by rpki-client