$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/7678F0FD2458E3AA0E5D099E28C0594A8D8552D2.cer File: 7678F0FD2458E3AA0E5D099E28C0594A8D8552D2.cer (raw, json) Hash identifier: iJQWnxxjMu0sGCfvFFbTASuNnfXU1XaGzeT56GWa+Fc= Subject key identifier: 76:78:F0:FD:24:58:E3:AA:0E:5D:09:9E:28:C0:59:4A:8D:85:52:D2 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 3874615F8A24177D20AE6DA788724ABAE25AEE21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/b28626e0-29fe-4e86-84d6-68478c5cd9ed/0/7678F0FD2458E3AA0E5D099E28C0594A8D8552D2.mft caRepository: rsync://rpki-rsync.idnic.net/repo/b28626e0-29fe-4e86-84d6-68478c5cd9ed/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:39:28 +0000 Certificate not after: Sun 02 May 2027 01:44:28 +0000 Subordinate resources: IP: 103.42.242.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:74:61:5f:8a:24:17:7d:20:ae:6d:a7:88:72:4a:ba:e2:5a:ee:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:39:28 2026 GMT Not After : May 2 01:44:28 2027 GMT Subject: CN=7678F0FD2458E3AA0E5D099E28C0594A8D8552D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:a7:7b:ea:1f:7e:a1:76:70:69:b1:4b:ae:58: 73:db:f2:7b:8a:9b:08:eb:18:25:37:f9:e6:ab:50: 99:d3:ce:a5:3f:e7:5e:32:40:75:69:b2:23:4c:8c: b0:77:3a:b0:fd:49:c2:85:09:fc:c3:e8:21:e4:b7: 85:f1:21:5f:2f:c1:2a:0f:47:dc:c1:25:6b:fe:f0: 58:45:45:21:0e:ab:bf:f3:00:c5:f2:6b:5d:00:fd: db:27:29:73:08:69:87:ad:7c:bd:ce:7a:77:5b:8f: 02:21:f1:c6:25:27:ac:b8:47:18:18:1a:bf:58:20: bb:98:58:08:97:7d:a6:f2:91:9e:04:59:b7:2d:11: 46:30:2c:f2:9c:34:d1:da:ba:33:c7:72:da:25:b5: 1b:84:dd:3b:83:29:74:1c:53:6a:e1:05:2d:f8:61: b1:28:54:d4:b2:45:56:43:ee:5c:45:e9:fc:55:cf: 2c:c0:8b:d9:fc:8b:c7:b4:42:0b:76:db:3d:30:57: 0f:a8:fb:de:a4:bf:4f:94:29:e0:81:8b:da:93:df: dc:f4:b7:68:a8:1b:54:15:6b:93:53:a5:0c:e0:ca: 07:53:c9:1b:a7:1d:b7:1a:a7:27:4d:79:ed:98:47: 63:66:da:97:d7:bd:83:a0:88:a5:c3:cb:b0:64:12: b0:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 76:78:F0:FD:24:58:E3:AA:0E:5D:09:9E:28:C0:59:4A:8D:85:52:D2 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/b28626e0-29fe-4e86-84d6-68478c5cd9ed/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/b28626e0-29fe-4e86-84d6-68478c5cd9ed/0/7678F0FD2458E3AA0E5D099E28C0594A8D8552D2.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.42.242.0/24 Signature Algorithm: sha256WithRSAEncryption 00:ab:65:24:21:42:e9:a4:5f:07:13:eb:e3:bf:94:7f:7d:4a: de:6b:ce:0e:33:8a:63:e4:fe:87:da:b3:6f:1b:5c:f1:98:1b: 38:1f:65:78:1d:43:4f:11:51:d5:0a:51:69:dd:4c:a0:47:28: f5:1e:6f:69:52:31:72:5f:98:ff:a2:65:c7:d7:57:39:59:ed: 58:b6:f8:02:2d:a1:e4:2a:9f:3e:e8:6a:39:16:40:54:a4:6c: c0:60:e1:39:56:1e:fb:a9:66:7a:f7:ca:bd:43:7c:70:7f:6d: ca:91:0d:c3:43:2a:ed:0e:7f:02:91:b7:2e:b5:bb:ed:46:a7: 0c:a9:60:a6:71:c6:6e:d5:2d:b5:23:50:ee:0b:69:23:5b:81: 7e:bc:7b:17:2c:ec:4b:9b:1c:18:2e:01:46:e2:4d:68:2c:ba: 91:a6:9b:80:32:ba:1f:0d:ad:79:eb:0e:8a:62:1a:9a:a3:7d: 07:6d:5e:aa:6d:53:8d:f1:54:c2:b1:a1:8c:ac:f1:9e:b3:0b: 38:71:d8:59:20:13:4a:6a:25:21:e7:be:70:00:3a:17:ee:24: f2:3f:2b:15:89:69:9c:44:c1:bd:4f:22:66:68:1a:91:0c:27: 3c:6d:54:80:27:30:cc:b8:75:32:b0:6d:d5:37:d6:43:2c:4e: 61:97:58:db -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUOHRhX4okF30grm2niHJKuuJa7iEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMzkyOFoX DTI3MDUwMjAxNDQyOFowMzExMC8GA1UEAxMoNzY3OEYwRkQyNDU4RTNBQTBFNUQw OTlFMjhDMDU5NEE4RDg1NTJEMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK6ne+offqF2cGmxS65Yc9vye4qbCOsYJTf55qtQmdPOpT/nXjJAdWmyI0yM sHc6sP1JwoUJ/MPoIeS3hfEhXy/BKg9H3MEla/7wWEVFIQ6rv/MAxfJrXQD92ycp cwhph618vc56d1uPAiHxxiUnrLhHGBgav1ggu5hYCJd9pvKRngRZty0RRjAs8pw0 0dq6M8dy2iW1G4TdO4MpdBxTauEFLfhhsShU1LJFVkPuXEXp/FXPLMCL2fyLx7RC C3bbPTBXD6j73qS/T5Qp4IGL2pPf3PS3aKgbVBVrk1OlDODKB1PJG6cdtxqnJ015 7ZhHY2bal9e9g6CIpcPLsGQSsB8CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFHZ48P0kWOOqDl0JnijAWUqNhVLSMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2IyODYyNmUwLTI5ZmUtNGU4Ni04NGQ2LTY4NDc4YzVjZDllZC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9iMjg2MjZl MC0yOWZlLTRlODYtODRkNi02ODQ3OGM1Y2Q5ZWQvMC83Njc4RjBGRDI0NThFM0FB MEU1RDA5OUUyOEMwNTk0QThEODU1MkQyLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZyryMA0GCSqGSIb3DQEBCwUAA4IBAQAAq2UkIULppF8HE+vjv5R/fUrea84O M4pj5P6H2rNvG1zxmBs4H2V4HUNPEVHVClFp3UygRyj1Hm9pUjFyX5j/omXH11c5 We1YtvgCLaHkKp8+6Go5FkBUpGzAYOE5Vh77qWZ698q9Q3xwf23KkQ3DQyrtDn8C kbcutbvtRqcMqWCmccZu1S21I1DuC2kjW4F+vHsXLOxLmxwYLgFG4k1oLLqRppuA MrofDa156w6KYhqao30HbV6qbVON8VTCsaGMrPGesws4cdhZIBNKaiUh575wADoX 7iTyPysViWmcRMG9TyJmaBqRDCc8bVSAJzDMuHUysG3VN9ZDLE5hl1jb -----END CERTIFICATE-----Generated at Tue May 12 22:03:58 2026 by rpki-client