$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/85D73D804E8B428E434B4D2A773BA02F5C60F5C3.cer File: 85D73D804E8B428E434B4D2A773BA02F5C60F5C3.cer (raw, json) Hash identifier: RjvSi83I+g8rC/oZDc2tGIh3iClVtEOYRk843+zdP1s= Subject key identifier: 85:D7:3D:80:4E:8B:42:8E:43:4B:4D:2A:77:3B:A0:2F:5C:60:F5:C3 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 17C1188AB452C9E7E9D577FA46CE7C563F282A06 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/0e96ed89-2a16-4151-bf83-59dce561460c/0/85D73D804E8B428E434B4D2A773BA02F5C60F5C3.mft caRepository: rsync://rpki-rsync.idnic.net/repo/0e96ed89-2a16-4151-bf83-59dce561460c/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:48:37 +0000 Certificate not after: Sat 01 May 2027 23:53:37 +0000 Subordinate resources: IP: 103.132.52.0/22 IP: 2404:3040::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:c1:18:8a:b4:52:c9:e7:e9:d5:77:fa:46:ce:7c:56:3f:28:2a:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:48:37 2026 GMT Not After : May 1 23:53:37 2027 GMT Subject: CN=85D73D804E8B428E434B4D2A773BA02F5C60F5C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:c3:4c:31:a1:f9:61:d6:dd:5a:a7:75:c4:5f: cd:a0:93:af:e8:d3:fd:e7:c4:aa:cd:4e:a9:ef:08: 2c:95:c1:f4:45:95:62:c0:f4:e9:a6:66:cb:fc:68: 2b:c8:64:c4:01:f5:05:6a:aa:2f:65:26:74:dc:b1: e0:cd:6e:dd:89:d2:4d:17:1b:5f:44:e4:41:ee:d7: 2b:fe:23:e7:df:47:12:be:22:bb:08:40:65:95:e4: 37:c1:ea:ec:b2:60:08:df:28:25:81:be:42:84:c1: 42:64:aa:60:2f:03:a1:5d:85:65:8a:97:4b:98:bc: 1b:0b:5e:42:c0:d1:a7:39:25:e3:c6:a5:e6:cc:6d: c9:c0:55:d7:e8:17:41:af:d8:cd:77:ae:a7:ba:f1: b8:81:74:c4:4d:dc:a4:30:00:a5:06:1e:41:bb:6b: 89:f7:71:38:0f:d5:aa:d9:35:f5:12:1d:0d:2f:94: 74:27:c3:70:ef:df:d2:e4:a3:f2:3b:c2:5a:80:05: 03:8b:e6:6c:83:69:7e:38:77:2c:b2:85:ae:3e:c2: 4d:d7:0f:1c:38:ed:e4:10:4b:16:57:25:f2:75:f4: 8a:c5:93:09:a3:c0:22:75:5b:38:87:74:d0:40:6a: be:78:f6:6b:95:c5:c6:73:40:3b:78:d3:5d:95:61: bd:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 85:D7:3D:80:4E:8B:42:8E:43:4B:4D:2A:77:3B:A0:2F:5C:60:F5:C3 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/0e96ed89-2a16-4151-bf83-59dce561460c/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/0e96ed89-2a16-4151-bf83-59dce561460c/0/85D73D804E8B428E434B4D2A773BA02F5C60F5C3.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.132.52.0/22 IPv6: 2404:3040::/32 Signature Algorithm: sha256WithRSAEncryption 72:f0:bf:f5:04:9a:84:68:75:b5:67:fe:34:2e:ac:77:63:bb: ec:cb:f5:b1:14:7e:e0:4c:8b:78:40:f7:76:f9:7b:e1:ff:58: f8:fd:08:a4:ea:f8:37:2c:1b:25:a0:87:10:38:79:9a:b4:47: e8:bc:46:87:b8:32:41:42:64:f9:4d:7d:59:83:17:be:6e:4c: cc:17:7a:88:73:e3:eb:3c:39:46:f4:fe:61:d1:ea:ec:68:39: cb:37:3f:e1:82:80:34:86:d1:98:05:2c:39:ff:39:5d:10:0d: 1b:0f:ca:e9:b9:54:d0:54:fc:48:08:da:ae:5c:91:60:ca:75: a5:bc:b5:94:ec:6b:93:5e:7f:16:00:98:a2:a8:a6:42:b1:41: 6e:ce:6c:7a:9c:26:6d:84:0a:9a:a7:0b:e5:be:a9:a7:b5:01: 32:60:ef:0d:c3:6e:7b:57:20:8a:06:c6:00:d8:be:ae:f0:d1: 53:af:6d:af:6f:cb:e5:ba:d3:9f:24:24:37:b6:6d:b5:fc:ea: ee:14:99:6c:80:eb:0c:67:43:19:91:c1:86:dd:68:1c:08:47: e7:c9:fe:06:03:17:93:f5:30:6d:99:97:eb:12:26:a4:32:d1: f0:92:04:be:dc:43:88:da:e4:61:8a:79:ef:26:3f:88:4e:4d: 31:27:fe:cf -----BEGIN CERTIFICATE----- MIIF1TCCBL2gAwIBAgIUF8EYirRSyefp1Xf6Rs58Vj8oKgYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNDgzN1oX DTI3MDUwMTIzNTMzN1owMzExMC8GA1UEAxMoODVENzNEODA0RThCNDI4RTQzNEI0 RDJBNzczQkEwMkY1QzYwRjVDMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOzDTDGh+WHW3VqndcRfzaCTr+jT/efEqs1Oqe8ILJXB9EWVYsD06aZmy/xo K8hkxAH1BWqqL2UmdNyx4M1u3YnSTRcbX0TkQe7XK/4j599HEr4iuwhAZZXkN8Hq 7LJgCN8oJYG+QoTBQmSqYC8DoV2FZYqXS5i8GwteQsDRpzkl48al5sxtycBV1+gX Qa/YzXeup7rxuIF0xE3cpDAApQYeQbtrifdxOA/Vqtk19RIdDS+UdCfDcO/f0uSj 8jvCWoAFA4vmbINpfjh3LLKFrj7CTdcPHDjt5BBLFlcl8nX0isWTCaPAInVbOId0 0EBqvnj2a5XFxnNAO3jTXZVhvX0CAwEAAaOCAsgwggLEMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFIXXPYBOi0KOQ0tNKnc7oC9cYPXDMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzBlOTZlZDg5LTJhMTYtNDE1MS1iZjgzLTU5ZGNlNTYxNDYwYy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8wZTk2ZWQ4 OS0yYTE2LTQxNTEtYmY4My01OWRjZTU2MTQ2MGMvMC84NUQ3M0Q4MDRFOEI0MjhF NDM0QjREMkE3NzNCQTAyRjVDNjBGNUMzLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAG AwQCZ4Q0MA0EAgACMAcDBQAkBDBAMA0GCSqGSIb3DQEBCwUAA4IBAQBy8L/1BJqE aHW1Z/40Lqx3Y7vsy/WxFH7gTIt4QPd2+Xvh/1j4/Qik6vg3LBsloIcQOHmatEfo vEaHuDJBQmT5TX1Zgxe+bkzMF3qIc+PrPDlG9P5h0ersaDnLNz/hgoA0htGYBSw5 /zldEA0bD8rpuVTQVPxICNquXJFgynWlvLWU7GuTXn8WAJiiqKZCsUFuzmx6nCZt hAqapwvlvqmntQEyYO8Nw257VyCKBsYA2L6u8NFTr22vb8vlutOfJCQ3tm21/Oru FJlsgOsMZ0MZkcGG3WgcCEfnyf4GAxeT9TBtmZfrEiakMtHwkgS+3EOI2uRhinnv Jj+ITk0xJ/7P -----END CERTIFICATE-----Generated at Tue May 12 22:47:42 2026 by rpki-client