$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/8AA52DB5DB71F638E941254A6B0CE68361DB78A6.cer File: 8AA52DB5DB71F638E941254A6B0CE68361DB78A6.cer (raw, json) Hash identifier: 7ta1/GRIZ5NdwC7ZCzyCrRSr0WCdu19mXUsGUwZho5w= Subject key identifier: 8A:A5:2D:B5:DB:71:F6:38:E9:41:25:4A:6B:0C:E6:83:61:DB:78:A6 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 02BCF92B93286A036C960891CD560A20D7AA68D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/fe1cbd79-8f26-4b0e-8b3b-ab9e9938fcae/0/8AA52DB5DB71F638E941254A6B0CE68361DB78A6.mft caRepository: rsync://rpki-rsync.idnic.net/repo/fe1cbd79-8f26-4b0e-8b3b-ab9e9938fcae/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:47:46 +0000 Certificate not after: Sun 02 May 2027 02:52:46 +0000 Subordinate resources: IP: 103.181.76.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:bc:f9:2b:93:28:6a:03:6c:96:08:91:cd:56:0a:20:d7:aa:68:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 02:47:46 2026 GMT Not After : May 2 02:52:46 2027 GMT Subject: CN=8AA52DB5DB71F638E941254A6B0CE68361DB78A6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:85:7e:ec:4c:fa:06:fb:57:97:b0:aa:76:43: 16:70:05:a1:b1:73:24:e7:95:50:0a:17:76:96:f5: fc:b3:25:55:d0:ba:97:c3:b9:e3:98:76:57:c6:e9: 81:7b:87:47:37:8a:e4:be:80:15:3e:45:18:15:a4: 9b:c1:f5:00:1a:ad:ec:78:a1:d0:39:87:7f:07:e2: 25:74:34:70:de:d4:58:86:d2:69:20:1e:3a:3a:99: 19:79:d5:f8:50:05:c4:0c:70:c0:10:2e:cf:63:ca: 80:79:0c:d7:01:4e:ec:3d:a1:9b:4f:cb:30:69:45: 7a:12:19:3b:ee:0a:5f:2e:2d:f1:69:19:23:90:e9: 01:0e:13:5e:cb:d2:c2:b9:42:f2:40:9f:cf:db:42: b8:c8:fd:f4:dd:76:10:54:99:34:03:47:09:d0:fa: bf:b8:80:bf:cd:5b:fb:6d:f5:3d:ef:90:b3:6b:82: 8e:e5:ec:3c:37:e3:b0:ec:1d:54:bf:10:38:69:c5: 87:ab:d8:9c:da:92:da:7f:41:8c:94:15:33:42:01: f5:f1:27:40:f1:d5:25:0f:20:fe:58:40:ba:8a:92: d9:86:e1:a6:7c:22:39:d9:f9:4f:23:cd:90:d4:6f: bd:82:5e:48:54:92:af:cc:c1:e4:7a:d2:a1:b5:19: de:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 8A:A5:2D:B5:DB:71:F6:38:E9:41:25:4A:6B:0C:E6:83:61:DB:78:A6 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/fe1cbd79-8f26-4b0e-8b3b-ab9e9938fcae/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/fe1cbd79-8f26-4b0e-8b3b-ab9e9938fcae/0/8AA52DB5DB71F638E941254A6B0CE68361DB78A6.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.181.76.0/24 Signature Algorithm: sha256WithRSAEncryption 70:c4:28:32:e0:72:6e:2b:21:89:cf:12:c0:a1:71:86:88:7c: 70:c8:ac:82:54:2a:e3:5a:17:9e:0b:c4:75:ac:06:93:f7:bf: 1e:0b:65:fc:61:f0:d3:b0:4a:cb:ac:f7:4b:5f:b7:29:e2:06: 26:25:c1:9c:c7:12:38:49:ae:c4:a2:b7:f0:a4:c4:b5:b6:e0: 04:6f:ae:fe:94:c2:da:88:d8:49:13:1f:01:49:ce:70:37:11: 17:9e:f1:22:03:d4:38:ef:74:1f:f6:ac:de:e8:79:24:39:47: 07:e5:dd:e9:67:bd:cc:cf:e5:8c:1b:a9:5c:55:da:ae:78:6c: 37:f6:74:3e:10:f9:f6:dd:fe:5c:36:fa:1c:78:0f:53:5f:d3: 70:c3:fa:e7:03:f1:17:da:25:cf:e8:19:c4:58:0c:94:10:b3: 7a:46:37:9a:54:d9:e8:1e:4f:1d:ed:82:17:08:ed:00:58:30: e9:f9:13:1b:98:df:3e:e9:05:78:54:0b:07:8d:54:ac:4d:28: 67:fd:87:3e:46:b0:0f:90:b5:69:e9:8c:15:5c:36:e6:8b:ef: 6c:78:a1:dc:15:cc:97:20:e8:38:f8:1a:42:91:6d:eb:9e:b1: 45:ce:4f:f5:55:b2:34:81:5f:9e:02:e6:6d:56:99:df:58:81: 74:52:df:22 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUArz5K5MoagNslgiRzVYKINeqaNIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAyNDc0NloX DTI3MDUwMjAyNTI0NlowMzExMC8GA1UEAxMoOEFBNTJEQjVEQjcxRjYzOEU5NDEy NTRBNkIwQ0U2ODM2MURCNzhBNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALiFfuxM+gb7V5ewqnZDFnAFobFzJOeVUAoXdpb1/LMlVdC6l8O545h2V8bp gXuHRzeK5L6AFT5FGBWkm8H1ABqt7Hih0DmHfwfiJXQ0cN7UWIbSaSAeOjqZGXnV +FAFxAxwwBAuz2PKgHkM1wFO7D2hm0/LMGlFehIZO+4KXy4t8WkZI5DpAQ4TXsvS wrlC8kCfz9tCuMj99N12EFSZNANHCdD6v7iAv81b+231Pe+Qs2uCjuXsPDfjsOwd VL8QOGnFh6vYnNqS2n9BjJQVM0IB9fEnQPHVJQ8g/lhAuoqS2YbhpnwiOdn5TyPN kNRvvYJeSFSSr8zB5HrSobUZ3qECAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFIqlLbXbcfY46UElSmsM5oNh23imMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2ZlMWNiZDc5LThmMjYtNGIwZS04YjNiLWFiOWU5OTM4ZmNhZS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9mZTFjYmQ3 OS04ZjI2LTRiMGUtOGIzYi1hYjllOTkzOGZjYWUvMC84QUE1MkRCNURCNzFGNjM4 RTk0MTI1NEE2QjBDRTY4MzYxREI3OEE2Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ7VMMA0GCSqGSIb3DQEBCwUAA4IBAQBwxCgy4HJuKyGJzxLAoXGGiHxwyKyC VCrjWheeC8R1rAaT978eC2X8YfDTsErLrPdLX7cp4gYmJcGcxxI4Sa7EorfwpMS1 tuAEb67+lMLaiNhJEx8BSc5wNxEXnvEiA9Q473Qf9qze6HkkOUcH5d3pZ73Mz+WM G6lcVdqueGw39nQ+EPn23f5cNvoceA9TX9Nww/rnA/EX2iXP6BnEWAyUELN6Rjea VNnoHk8d7YIXCO0AWDDp+RMbmN8+6QV4VAsHjVSsTShn/Yc+RrAPkLVp6YwVXDbm i+9seKHcFcyXIOg4+BpCkW3rnrFFzk/1VbI0gV+eAuZtVpnfWIF0Ut8i -----END CERTIFICATE-----Generated at Tue May 12 22:45:46 2026 by rpki-client