$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/85638E4C723F993851F22E4C79D5E467D64EF6E5.cer File: 85638E4C723F993851F22E4C79D5E467D64EF6E5.cer (raw, json) Hash identifier: +b98b4/J/wS+LMZz+vkbIvRK+j0qH1DHzoUM0gWI/Hw= Subject key identifier: 85:63:8E:4C:72:3F:99:38:51:F2:2E:4C:79:D5:E4:67:D6:4E:F6:E5 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 066C3AB9C3F0AE7490ADE04C6D02010D94E47DB0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/04e377b9-5889-4cb3-a4c9-08712b4f66fc/0/85638E4C723F993851F22E4C79D5E467D64EF6E5.mft caRepository: rsync://rpki-rsync.idnic.net/repo/04e377b9-5889-4cb3-a4c9-08712b4f66fc/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:43:12 +0000 Certificate not after: Sat 01 May 2027 23:48:12 +0000 Subordinate resources: IP: 203.111.254.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:6c:3a:b9:c3:f0:ae:74:90:ad:e0:4c:6d:02:01:0d:94:e4:7d:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:43:12 2026 GMT Not After : May 1 23:48:12 2027 GMT Subject: CN=85638E4C723F993851F22E4C79D5E467D64EF6E5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:af:28:4f:c2:99:e8:4b:86:38:25:7e:fa:06: 1f:ef:19:c3:5b:c1:c0:89:e8:b7:0d:93:12:05:ea: 57:0f:20:f9:4e:01:09:ec:ba:b9:30:0e:e4:53:58: c6:51:c9:ee:99:d3:d9:f3:12:db:aa:06:9c:44:44: 81:d2:f9:e9:10:8e:98:6d:a0:23:85:41:17:fc:b1: 1c:e7:db:6e:a5:f3:1f:58:f1:76:65:4c:6e:b2:07: 6a:a0:77:a8:c2:e4:95:f6:a9:a7:f2:26:c1:46:43: 72:be:10:02:15:d6:01:36:10:82:b7:68:0c:1b:5f: 6b:8c:f3:b5:d7:13:43:34:f0:05:25:69:dc:e7:91: 0a:46:15:b2:a9:27:c2:40:1a:25:12:f6:f5:17:d9: ab:cf:ce:37:20:47:45:48:1b:35:4d:ce:47:36:0c: 1e:d7:44:1f:f2:4c:91:b3:af:03:d7:13:dc:28:7f: f9:45:92:d4:7c:c6:35:7b:05:96:e1:15:e3:d4:2c: f3:fb:2e:8c:53:c9:c2:94:56:ba:18:03:42:70:11: 93:5d:8c:09:ec:fe:8a:2f:a8:30:5b:f6:75:06:ba: d8:5b:90:2b:da:4c:6e:03:ef:22:f3:32:63:79:2e: cb:6e:a3:38:3e:6b:d9:f7:76:d7:4d:f9:0e:da:0a: 0e:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 85:63:8E:4C:72:3F:99:38:51:F2:2E:4C:79:D5:E4:67:D6:4E:F6:E5 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/04e377b9-5889-4cb3-a4c9-08712b4f66fc/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/04e377b9-5889-4cb3-a4c9-08712b4f66fc/0/85638E4C723F993851F22E4C79D5E467D64EF6E5.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.111.254.0/23 Signature Algorithm: sha256WithRSAEncryption 6d:a7:43:6c:d1:11:1f:85:29:4a:a4:4a:07:94:a8:fc:49:d0: 96:e1:1e:85:31:86:41:7b:34:62:65:85:34:93:92:d9:76:07: 03:19:4c:b5:c4:5c:99:cd:33:aa:4f:c7:c5:22:43:39:c3:ba: d6:a3:37:4d:62:af:fc:29:7a:62:e7:41:b9:86:f6:76:35:89: 71:14:c6:ce:49:a9:73:e3:98:25:45:fa:0d:9c:5a:de:8a:be: 4a:8f:fb:ff:6a:a3:c8:7a:b2:74:d0:2c:3e:d9:63:bb:2c:e9: 81:b1:79:7f:fd:5c:1d:ba:85:52:85:ee:b6:d1:37:83:90:29: ac:e0:c9:52:13:4d:b4:73:8c:68:1e:50:cc:27:30:27:46:9a: ac:37:d2:43:77:79:50:c1:91:ac:9b:ff:e9:df:02:9e:61:98: f1:d8:87:d5:e6:a3:b2:7d:3c:c7:06:21:2e:f6:ad:1c:59:25: ce:18:5e:1a:1d:e0:31:b8:e3:46:7d:ef:0e:c7:43:29:e5:b6: 0b:0f:bc:ad:bc:f0:99:4d:17:8b:30:62:36:e0:29:51:e2:fd: 4d:87:27:24:05:05:1c:fe:cf:6a:ff:ef:02:91:fe:ba:7c:92: f5:a3:c9:b6:07:b1:41:e3:af:c1:ec:21:8c:06:4b:03:e0:59: 9c:d9:47:49 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUBmw6ucPwrnSQreBMbQIBDZTkfbAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNDMxMloX DTI3MDUwMTIzNDgxMlowMzExMC8GA1UEAxMoODU2MzhFNEM3MjNGOTkzODUxRjIy RTRDNzlENUU0NjdENjRFRjZFNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJuvKE/CmehLhjglfvoGH+8Zw1vBwInotw2TEgXqVw8g+U4BCey6uTAO5FNY xlHJ7pnT2fMS26oGnEREgdL56RCOmG2gI4VBF/yxHOfbbqXzH1jxdmVMbrIHaqB3 qMLklfapp/ImwUZDcr4QAhXWATYQgrdoDBtfa4zztdcTQzTwBSVp3OeRCkYVsqkn wkAaJRL29RfZq8/ONyBHRUgbNU3ORzYMHtdEH/JMkbOvA9cT3Ch/+UWS1HzGNXsF luEV49Qs8/sujFPJwpRWuhgDQnARk12MCez+ii+oMFv2dQa62FuQK9pMbgPvIvMy Y3kuy26jOD5r2fd21035DtoKDqkCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFIVjjkxyP5k4UfIuTHnV5GfWTvblMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzA0ZTM3N2I5LTU4ODktNGNiMy1hNGM5LTA4NzEyYjRmNjZmYy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8wNGUzNzdi OS01ODg5LTRjYjMtYTRjOS0wODcxMmI0ZjY2ZmMvMC84NTYzOEU0QzcyM0Y5OTM4 NTFGMjJFNEM3OUQ1RTQ2N0Q2NEVGNkU1Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBy2/+MA0GCSqGSIb3DQEBCwUAA4IBAQBtp0Ns0REfhSlKpEoHlKj8SdCW4R6F MYZBezRiZYU0k5LZdgcDGUy1xFyZzTOqT8fFIkM5w7rWozdNYq/8KXpi50G5hvZ2 NYlxFMbOSalz45glRfoNnFreir5Kj/v/aqPIerJ00Cw+2WO7LOmBsXl//VwduoVS he620TeDkCms4MlSE020c4xoHlDMJzAnRpqsN9JDd3lQwZGsm//p3wKeYZjx2IfV 5qOyfTzHBiEu9q0cWSXOGF4aHeAxuONGfe8Ox0Mp5bYLD7ytvPCZTReLMGI24ClR 4v1NhyckBQUc/s9q/+8Ckf66fJL1o8m2B7FB46/B7CGMBksD4Fmc2UdJ -----END CERTIFICATE-----Generated at Tue May 12 22:29:01 2026 by rpki-client