$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/8863D43C2CD36E9DE28C7E55F1891CC25C4F2985.cer File: 8863D43C2CD36E9DE28C7E55F1891CC25C4F2985.cer (raw, json) Hash identifier: zZw+eFl6Z1sUVzGDxJtEwYJJIvl6nroOvw1xZZUWigk= Subject key identifier: 88:63:D4:3C:2C:D3:6E:9D:E2:8C:7E:55:F1:89:1C:C2:5C:4F:29:85 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 4B9A7DD729D3407359B220D4FDCC36EA36220711 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/1ee94014-87fa-4bc2-b1c6-7fd2a89476f3/0/8863D43C2CD36E9DE28C7E55F1891CC25C4F2985.mft caRepository: rsync://rpki-rsync.idnic.net/repo/1ee94014-87fa-4bc2-b1c6-7fd2a89476f3/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:59:57 +0000 Certificate not after: Sun 02 May 2027 00:04:57 +0000 Subordinate resources: IP: 202.47.188.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:9a:7d:d7:29:d3:40:73:59:b2:20:d4:fd:cc:36:ea:36:22:07:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:59:57 2026 GMT Not After : May 2 00:04:57 2027 GMT Subject: CN=8863D43C2CD36E9DE28C7E55F1891CC25C4F2985 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:08:49:58:16:0e:18:c0:e2:37:07:00:d9:26: f6:0e:d8:8d:4a:58:88:29:75:c4:1f:39:7c:17:b7: 85:bb:a6:fe:f6:f5:53:94:d0:cc:ba:15:fc:25:bf: 85:5c:42:8d:a2:f9:8a:ce:ef:b7:b9:27:3a:b5:7e: d5:e3:1d:3f:da:7b:e8:d1:d4:f9:62:2a:60:d7:60: ce:cf:69:a3:64:ff:f4:8f:51:5a:25:41:84:e0:77: 3e:97:12:f7:bd:a1:42:f3:6e:e9:c8:25:88:38:66: 2a:6f:38:2e:40:2a:7a:94:fd:d5:de:8c:82:60:e8: e6:0c:26:b9:2c:34:82:54:40:36:95:01:cd:c8:95: 23:23:dc:3e:e3:b1:b0:d6:81:71:bd:1a:87:9c:e3: 41:c0:00:58:75:80:ea:b0:7b:6a:cd:ca:f1:d8:80: b7:d3:ce:2b:cb:5f:30:b6:1e:b7:e5:1f:d6:1d:e9: f5:68:2a:1b:21:28:cb:a8:85:c7:f2:f7:cd:3b:0c: d0:9a:34:77:ef:67:90:d5:75:84:03:a1:05:30:f4: 41:97:9e:e1:04:f6:90:86:c8:45:cb:df:21:b9:da: 10:1d:2b:3e:a1:dd:79:8c:d7:75:e6:77:ac:bf:1a: 86:e4:cd:6f:ac:9b:92:3b:d6:90:5b:cd:75:85:f1: 21:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 88:63:D4:3C:2C:D3:6E:9D:E2:8C:7E:55:F1:89:1C:C2:5C:4F:29:85 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/1ee94014-87fa-4bc2-b1c6-7fd2a89476f3/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/1ee94014-87fa-4bc2-b1c6-7fd2a89476f3/0/8863D43C2CD36E9DE28C7E55F1891CC25C4F2985.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.47.188.0/23 Signature Algorithm: sha256WithRSAEncryption 4a:88:10:1b:20:0c:42:87:69:b1:fb:b4:a6:dd:7a:ad:e9:6a: 46:ce:4d:c7:89:9a:69:f2:41:ca:53:09:fe:04:44:5b:0d:41: c4:50:28:0b:70:de:8b:80:22:37:ee:97:9d:46:27:8a:9c:b3: 0d:8f:21:db:f4:1f:87:66:6e:d5:2b:6b:c4:73:85:f2:84:72: ce:19:c3:9a:6e:ce:6a:bb:6b:3f:50:34:24:5f:63:fb:92:1f: 14:39:c6:3f:35:a5:c3:63:26:c1:3d:d6:6d:ec:70:77:bb:46: 82:a7:32:fd:ad:94:23:1f:df:7c:3a:2f:0e:3f:c1:6f:ef:95: 85:fc:20:1f:63:9c:cf:61:15:54:44:cf:a3:cd:73:73:92:1d: 8a:73:b5:5e:ab:1c:f8:ee:d7:5b:b0:c3:fd:12:cd:46:ba:d5: 44:c6:37:a5:f9:bc:48:b4:5b:8a:54:ec:b2:59:89:9b:23:bf: ee:d7:14:0b:a9:23:6c:d1:7e:15:cd:33:8e:cc:8b:53:dc:86: 60:84:69:d6:92:ab:db:b7:76:af:26:1e:01:1b:30:75:4b:e4: a2:93:7b:c5:3f:37:25:9d:ec:8d:ff:5c:1c:27:7c:a7:1a:3c: a2:95:c9:e9:b4:73:b9:33:28:04:f9:da:89:1d:3f:52:40:a2: 33:b0:c9:25 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUS5p91ynTQHNZsiDU/cw26jYiBxEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNTk1N1oX DTI3MDUwMjAwMDQ1N1owMzExMC8GA1UEAxMoODg2M0Q0M0MyQ0QzNkU5REUyOEM3 RTU1RjE4OTFDQzI1QzRGMjk4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ0ISVgWDhjA4jcHANkm9g7YjUpYiCl1xB85fBe3hbum/vb1U5TQzLoV/CW/ hVxCjaL5is7vt7knOrV+1eMdP9p76NHU+WIqYNdgzs9po2T/9I9RWiVBhOB3PpcS 972hQvNu6cgliDhmKm84LkAqepT91d6MgmDo5gwmuSw0glRANpUBzciVIyPcPuOx sNaBcb0ah5zjQcAAWHWA6rB7as3K8diAt9POK8tfMLYet+Uf1h3p9WgqGyEoy6iF x/L3zTsM0Jo0d+9nkNV1hAOhBTD0QZee4QT2kIbIRcvfIbnaEB0rPqHdeYzXdeZ3 rL8ahuTNb6ybkjvWkFvNdYXxITMCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFIhj1Dws026d4ox+VfGJHMJcTymFMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzFlZTk0MDE0LTg3ZmEtNGJjMi1iMWM2LTdmZDJhODk0NzZmMy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8xZWU5NDAx NC04N2ZhLTRiYzItYjFjNi03ZmQyYTg5NDc2ZjMvMC84ODYzRDQzQzJDRDM2RTlE RTI4QzdFNTVGMTg5MUNDMjVDNEYyOTg1Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQByi+8MA0GCSqGSIb3DQEBCwUAA4IBAQBKiBAbIAxCh2mx+7Sm3Xqt6WpGzk3H iZpp8kHKUwn+BERbDUHEUCgLcN6LgCI37pedRieKnLMNjyHb9B+HZm7VK2vEc4Xy hHLOGcOabs5qu2s/UDQkX2P7kh8UOcY/NaXDYybBPdZt7HB3u0aCpzL9rZQjH998 Oi8OP8Fv75WF/CAfY5zPYRVURM+jzXNzkh2Kc7Veqxz47tdbsMP9Es1GutVExjel +bxItFuKVOyyWYmbI7/u1xQLqSNs0X4VzTOOzItT3IZghGnWkqvbt3avJh4BGzB1 S+Sik3vFPzclneyN/1wcJ3ynGjyilcnptHO5MygE+dqJHT9SQKIzsMkl -----END CERTIFICATE-----Generated at Tue May 12 22:47:21 2026 by rpki-client