$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/5BB12C31D36E55CFD6AF944CA4E767E0B9DB9BF1.cer File: 5BB12C31D36E55CFD6AF944CA4E767E0B9DB9BF1.cer (raw, json) Hash identifier: WCfwbutPX3zoQg7ETfp+hJ9IesTSaxrcAJ+10bqP2Bs= Subject key identifier: 5B:B1:2C:31:D3:6E:55:CF:D6:AF:94:4C:A4:E7:67:E0:B9:DB:9B:F1 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 23F5D9FE7887470FD6AB780051821791CBFC5A7A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/19b93e1c-5f2a-43a9-99f1-fdd0402f946e/0/5BB12C31D36E55CFD6AF944CA4E767E0B9DB9BF1.mft caRepository: rsync://rpki-rsync.idnic.net/repo/19b93e1c-5f2a-43a9-99f1-fdd0402f946e/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:56:34 +0000 Certificate not after: Sun 02 May 2027 00:01:34 +0000 Subordinate resources: IP: 103.171.22.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:f5:d9:fe:78:87:47:0f:d6:ab:78:00:51:82:17:91:cb:fc:5a:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:56:34 2026 GMT Not After : May 2 00:01:34 2027 GMT Subject: CN=5BB12C31D36E55CFD6AF944CA4E767E0B9DB9BF1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:e3:52:5b:35:d9:e0:c9:23:45:fd:5f:ec:6a: ca:1b:e2:48:bd:34:c1:0a:a5:9f:fc:f7:84:82:6d: 4a:cb:17:10:d9:57:33:5d:33:cb:18:19:2d:24:97: 44:be:d4:3a:c1:07:95:9e:51:af:99:e7:9d:72:6a: 3d:ec:5a:e3:2f:a1:e7:1e:63:fd:ee:ad:bf:cb:90: 89:1d:69:a0:69:1e:3a:0d:a3:f5:b2:61:dd:f9:96: ef:7e:59:e1:29:59:82:68:14:fd:ef:f6:d5:17:5f: 20:08:b0:cf:82:6d:1b:e9:3b:97:42:a8:4b:72:9b: 26:e7:f8:51:6b:25:e2:4d:69:f6:f3:39:bd:75:a9: 91:11:b4:13:89:87:14:22:31:43:9e:ef:7c:a0:b9: d3:b8:f5:7a:36:ac:0e:81:8a:0d:e4:06:66:b2:1a: 03:d4:1a:9c:8e:5f:5f:9c:6b:c7:37:18:88:4b:ed: b2:21:62:ed:48:2c:68:28:e1:da:2d:8d:61:64:3f: 26:46:7c:9a:ab:de:b1:27:26:b8:8c:2a:41:f2:92: 1e:1f:c8:a6:1c:cc:cc:b5:34:63:68:af:d0:0d:1a: 46:8f:23:2e:e8:a5:1d:fc:b2:e7:c7:5a:14:0d:74: fe:95:91:21:4f:95:14:22:43:1a:60:ab:5d:05:db: 01:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 5B:B1:2C:31:D3:6E:55:CF:D6:AF:94:4C:A4:E7:67:E0:B9:DB:9B:F1 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/19b93e1c-5f2a-43a9-99f1-fdd0402f946e/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/19b93e1c-5f2a-43a9-99f1-fdd0402f946e/0/5BB12C31D36E55CFD6AF944CA4E767E0B9DB9BF1.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.171.22.0/23 Signature Algorithm: sha256WithRSAEncryption 22:09:4d:ba:29:f8:f7:80:2d:df:1b:c1:09:92:af:31:03:08: d3:a4:c3:13:66:eb:30:b5:da:5f:2c:2b:23:24:21:89:4d:b7: f2:b5:21:4f:b1:1d:c0:f3:35:bc:c8:fe:f2:83:6e:4e:72:c4: 07:52:60:f4:c6:31:be:ba:fd:ab:f5:d2:50:b6:69:28:0e:e6: 51:ef:70:b9:74:fe:a9:6e:8e:56:9d:54:58:b9:78:1f:06:5b: 8f:d9:c1:d2:71:72:25:d9:2a:ec:2f:eb:4b:9a:b9:fa:63:6b: 8a:7e:9a:96:67:31:54:d6:b1:03:93:78:ad:e1:0b:5c:d0:22: 74:5f:7f:c2:9d:06:1d:43:e2:49:21:c7:46:95:e1:a3:82:fb: ff:85:82:3b:65:30:1c:a8:f6:11:cc:3a:88:d9:9d:c4:a8:e6: 76:b2:f7:db:91:0f:9c:cf:8f:be:67:b0:8a:e1:2c:fa:cf:2a: 9b:99:7b:fa:60:b9:93:cd:c9:8e:31:ce:02:1d:ff:1b:4b:35: c3:d2:87:a2:b0:36:d3:4d:88:3f:df:bf:dd:1e:cc:13:b9:0c: cf:26:86:1d:f0:b8:8a:fe:99:09:d4:1b:05:5f:9b:38:db:8b: e5:9a:db:f4:ff:d9:d6:e8:5c:e0:02:a5:c0:24:88:dd:6e:c7: d5:c2:0e:e3 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUI/XZ/niHRw/Wq3gAUYIXkcv8WnowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNTYzNFoX DTI3MDUwMjAwMDEzNFowMzExMC8GA1UEAxMoNUJCMTJDMzFEMzZFNTVDRkQ2QUY5 NDRDQTRFNzY3RTBCOURCOUJGMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMzjUls12eDJI0X9X+xqyhviSL00wQqln/z3hIJtSssXENlXM10zyxgZLSSX RL7UOsEHlZ5Rr5nnnXJqPexa4y+h5x5j/e6tv8uQiR1poGkeOg2j9bJh3fmW735Z 4SlZgmgU/e/21RdfIAiwz4JtG+k7l0KoS3KbJuf4UWsl4k1p9vM5vXWpkRG0E4mH FCIxQ57vfKC507j1ejasDoGKDeQGZrIaA9QanI5fX5xrxzcYiEvtsiFi7UgsaCjh 2i2NYWQ/JkZ8mqvesScmuIwqQfKSHh/IphzMzLU0Y2iv0A0aRo8jLuilHfyy58da FA10/pWRIU+VFCJDGmCrXQXbAYsCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFuxLDHTblXP1q+UTKTnZ+C525vxMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzE5YjkzZTFjLTVmMmEtNDNhOS05OWYxLWZkZDA0MDJmOTQ2ZS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8xOWI5M2Ux Yy01ZjJhLTQzYTktOTlmMS1mZGQwNDAyZjk0NmUvMC81QkIxMkMzMUQzNkU1NUNG RDZBRjk0NENBNEU3NjdFMEI5REI5QkYxLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6sWMA0GCSqGSIb3DQEBCwUAA4IBAQAiCU26Kfj3gC3fG8EJkq8xAwjTpMMT ZuswtdpfLCsjJCGJTbfytSFPsR3A8zW8yP7yg25OcsQHUmD0xjG+uv2r9dJQtmko DuZR73C5dP6pbo5WnVRYuXgfBluP2cHScXIl2SrsL+tLmrn6Y2uKfpqWZzFU1rED k3it4Qtc0CJ0X3/CnQYdQ+JJIcdGleGjgvv/hYI7ZTAcqPYRzDqI2Z3EqOZ2svfb kQ+cz4++Z7CK4Sz6zyqbmXv6YLmTzcmOMc4CHf8bSzXD0oeisDbTTYg/37/dHswT uQzPJoYd8LiK/pkJ1BsFX5s424vlmtv0/9nW6FzgAqXAJIjdbsfVwg7j -----END CERTIFICATE-----Generated at Wed May 13 00:27:44 2026 by rpki-client