$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/5AA94F7420AA226329E69AE8CD2EC0CE60D8776A.cer File: 5AA94F7420AA226329E69AE8CD2EC0CE60D8776A.cer (raw, json) Hash identifier: Cl0D/ERbaANkxfMbB5cvxSeRRkIIBHGGx8FfREO7aBk= Subject key identifier: 5A:A9:4F:74:20:AA:22:63:29:E6:9A:E8:CD:2E:C0:CE:60:D8:77:6A Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 22DA123D130FAF644ABEFC711DFF15B901A44F9D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/dd5008a0-0ac3-498e-8cbf-f3112b91bdf4/0/5AA94F7420AA226329E69AE8CD2EC0CE60D8776A.mft caRepository: rsync://rpki-rsync.idnic.net/repo/dd5008a0-0ac3-498e-8cbf-f3112b91bdf4/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:04:31 +0000 Certificate not after: Sun 02 May 2027 02:09:31 +0000 Subordinate resources: IP: 103.20.50.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:da:12:3d:13:0f:af:64:4a:be:fc:71:1d:ff:15:b9:01:a4:4f:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 02:04:31 2026 GMT Not After : May 2 02:09:31 2027 GMT Subject: CN=5AA94F7420AA226329E69AE8CD2EC0CE60D8776A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:07:f1:f6:15:e4:a1:4e:76:a7:07:af:bb:27: 5e:92:7d:62:56:26:9a:de:81:1e:72:ca:c3:36:aa: 6b:85:40:00:72:2d:59:56:1c:13:a2:f8:ee:4a:a2: f7:50:9b:de:e6:ed:83:ba:2f:8c:9e:87:29:1d:46: 75:db:26:0e:a3:ca:3b:f7:84:76:d9:92:cb:69:09: b0:6a:1d:d6:21:53:43:0c:35:32:2d:89:06:72:cf: bb:90:81:b8:6a:1e:f5:ef:df:20:7d:b8:a6:42:b9: 5e:c1:1f:a2:ac:b0:7f:09:db:70:84:c5:cd:ab:51: bf:ad:f0:bd:43:2d:34:a5:3d:78:45:ab:17:19:95: 70:24:5f:74:00:11:e8:40:d4:06:b3:11:4f:72:3b: 15:39:5e:9d:ba:82:56:28:31:50:1a:18:30:2a:51: 28:e6:26:b9:3a:7a:c9:97:c5:2a:c8:ec:2d:d2:a5: c9:0e:08:89:d9:94:fd:d0:a1:61:38:c3:f2:60:0e: 9e:06:ef:68:aa:f9:21:a7:91:6f:75:6e:45:8f:42: 0c:3e:05:b2:10:4e:57:07:1a:9b:1c:23:61:c0:c6: 96:b8:08:bb:87:fa:f1:1c:72:38:bd:3a:41:08:fe: 0c:9d:8a:8d:29:39:47:84:13:80:eb:c8:21:b4:a3: 36:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 5A:A9:4F:74:20:AA:22:63:29:E6:9A:E8:CD:2E:C0:CE:60:D8:77:6A X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/dd5008a0-0ac3-498e-8cbf-f3112b91bdf4/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/dd5008a0-0ac3-498e-8cbf-f3112b91bdf4/0/5AA94F7420AA226329E69AE8CD2EC0CE60D8776A.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.20.50.0/24 Signature Algorithm: sha256WithRSAEncryption 7b:ad:3a:20:67:d2:53:51:79:1d:e8:94:46:23:41:67:e2:93: d5:09:67:38:3c:04:96:43:0c:36:13:ff:e6:be:78:3b:95:74: 8b:48:06:5c:76:e3:aa:db:b7:2b:e3:c5:ac:0a:c1:67:a0:1c: c7:a0:26:a2:92:43:2f:6d:ba:cd:0d:30:00:4f:35:9e:90:69: 41:b8:ec:97:19:31:95:b8:99:fb:9f:8d:77:63:2c:7c:2c:cd: 89:1f:6c:82:fa:6a:1b:4e:19:cd:63:ac:5e:d2:2e:2a:2c:c7: d6:90:95:40:aa:1e:c8:83:c0:1b:78:42:1d:1c:15:bb:65:dd: 31:5a:14:36:44:3c:72:33:27:6b:99:ff:56:6d:f7:34:f2:a2: a8:b6:94:76:27:d6:71:32:4d:f4:d3:9b:cf:b7:91:57:67:31: f8:6a:4e:c5:c2:f1:f2:bf:72:ef:f8:0b:17:08:ec:35:a0:8a: d0:a0:40:68:0c:75:0f:4a:8e:52:fc:b1:59:39:05:fa:e1:40: 0b:04:eb:fd:81:c1:33:50:e5:65:35:9d:10:29:1b:70:93:41: fe:9b:2b:cc:75:69:3f:cf:aa:4e:55:89:65:c4:5a:f2:82:b0: 0a:71:5b:9e:5c:57:ae:00:2b:0e:e9:5c:a7:04:f0:77:f6:81: 60:99:97:03 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUItoSPRMPr2RKvvxxHf8VuQGkT50wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAyMDQzMVoX DTI3MDUwMjAyMDkzMVowMzExMC8GA1UEAxMoNUFBOTRGNzQyMEFBMjI2MzI5RTY5 QUU4Q0QyRUMwQ0U2MEQ4Nzc2QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALYH8fYV5KFOdqcHr7snXpJ9YlYmmt6BHnLKwzaqa4VAAHItWVYcE6L47kqi 91Cb3ubtg7ovjJ6HKR1GddsmDqPKO/eEdtmSy2kJsGod1iFTQww1Mi2JBnLPu5CB uGoe9e/fIH24pkK5XsEfoqywfwnbcITFzatRv63wvUMtNKU9eEWrFxmVcCRfdAAR 6EDUBrMRT3I7FTlenbqCVigxUBoYMCpRKOYmuTp6yZfFKsjsLdKlyQ4IidmU/dCh YTjD8mAOngbvaKr5IaeRb3VuRY9CDD4FshBOVwcamxwjYcDGlrgIu4f68RxyOL06 QQj+DJ2KjSk5R4QTgOvIIbSjNiECAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFqpT3QgqiJjKeaa6M0uwM5g2HdqMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2RkNTAwOGEwLTBhYzMtNDk4ZS04Y2JmLWYzMTEyYjkxYmRmNC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9kZDUwMDhh MC0wYWMzLTQ5OGUtOGNiZi1mMzExMmI5MWJkZjQvMC81QUE5NEY3NDIwQUEyMjYz MjlFNjlBRThDRDJFQzBDRTYwRDg3NzZBLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZxQyMA0GCSqGSIb3DQEBCwUAA4IBAQB7rTogZ9JTUXkd6JRGI0Fn4pPVCWc4 PASWQww2E//mvng7lXSLSAZcduOq27cr48WsCsFnoBzHoCaikkMvbbrNDTAATzWe kGlBuOyXGTGVuJn7n413Yyx8LM2JH2yC+mobThnNY6xe0i4qLMfWkJVAqh7Ig8Ab eEIdHBW7Zd0xWhQ2RDxyMydrmf9Wbfc08qKotpR2J9ZxMk3005vPt5FXZzH4ak7F wvHyv3Lv+AsXCOw1oIrQoEBoDHUPSo5S/LFZOQX64UALBOv9gcEzUOVlNZ0QKRtw k0H+myvMdWk/z6pOVYllxFrygrAKcVueXFeuACsO6VynBPB39oFgmZcD -----END CERTIFICATE-----Generated at Tue May 12 22:47:33 2026 by rpki-client