$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/8BA221ECCD92C8CB8DD59503B2722C57C3367BF6.cer File: 8BA221ECCD92C8CB8DD59503B2722C57C3367BF6.cer (raw, json) Hash identifier: ctCmT4ONyMLHn7ALCBTKpKjtp7+eI17b4o2Ouf64NsU= Subject key identifier: 8B:A2:21:EC:CD:92:C8:CB:8D:D5:95:03:B2:72:2C:57:C3:36:7B:F6 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 750FFEDF792EA9D6AD633E7AF0DE86E8C1E6F971 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/ad440c85-3471-4461-b590-1601e19f5318/0/8BA221ECCD92C8CB8DD59503B2722C57C3367BF6.mft caRepository: rsync://rpki-rsync.idnic.net/repo/ad440c85-3471-4461-b590-1601e19f5318/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:35:59 +0000 Certificate not after: Sun 02 May 2027 01:40:59 +0000 Subordinate resources: IP: 103.165.146.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:0f:fe:df:79:2e:a9:d6:ad:63:3e:7a:f0:de:86:e8:c1:e6:f9:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:35:59 2026 GMT Not After : May 2 01:40:59 2027 GMT Subject: CN=8BA221ECCD92C8CB8DD59503B2722C57C3367BF6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:10:16:8a:a5:d3:d6:7a:e0:a4:b9:0f:3e:97: 1f:1f:fd:bf:7d:a5:15:2a:69:54:ed:1e:7c:b6:ac: f1:77:06:5d:56:a0:9e:90:08:07:ba:1c:33:7e:48: b0:8e:37:91:b7:38:27:38:ec:23:c8:23:73:0c:64: c4:ab:80:9e:27:75:4f:e4:21:96:8e:e9:bb:33:0e: 26:be:5c:84:12:c8:de:92:68:47:67:87:db:1f:c9: fb:f1:98:52:1d:a7:0c:b5:2a:0d:0c:d3:3f:d9:3c: 05:ae:f2:73:f2:c5:29:4a:8a:86:83:96:2b:7f:64: 78:6e:0a:a4:3e:c9:8f:8f:60:46:8c:b6:3d:61:2c: be:fe:d4:2e:17:f1:ce:51:cd:fe:be:20:6f:d4:ca: fe:9c:94:18:d0:cf:3a:92:4b:74:ef:32:c6:48:5d: 29:42:4e:b7:8b:69:4d:86:58:c4:c7:ec:50:08:00: ed:6d:51:fd:63:3c:f0:14:4b:1a:c6:f7:a1:d4:3f: bc:44:52:51:66:8e:6b:cf:ce:47:84:fc:83:ee:ba: 3a:ec:30:10:ff:75:77:fe:aa:3d:2f:01:b8:4e:23: 89:2c:e3:a2:72:e8:ff:53:f5:88:9e:47:bd:bb:c1: 06:df:1a:0f:e8:58:a1:75:04:e1:0c:de:e3:34:9f: 12:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 8B:A2:21:EC:CD:92:C8:CB:8D:D5:95:03:B2:72:2C:57:C3:36:7B:F6 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/ad440c85-3471-4461-b590-1601e19f5318/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/ad440c85-3471-4461-b590-1601e19f5318/0/8BA221ECCD92C8CB8DD59503B2722C57C3367BF6.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.165.146.0/23 Signature Algorithm: sha256WithRSAEncryption 63:6b:34:7e:cc:07:36:6a:7c:96:ed:c0:12:d0:9b:17:26:de: 40:ac:69:bf:37:72:15:21:19:69:90:48:65:b9:54:17:bc:48: 26:6c:bf:ba:93:2d:2b:ee:d2:c1:fb:77:07:fe:b0:29:90:1e: 86:cd:c3:04:97:af:6a:a4:ee:63:e5:94:44:b8:fd:ee:52:d8: e0:05:84:fc:2a:80:a9:f9:9f:af:3d:9e:d1:f4:5d:d4:2a:c6: ce:35:e6:4c:19:ec:94:12:10:64:9a:29:51:99:2c:75:d0:e1: d2:c9:0c:0c:0c:f5:b5:76:d0:b8:01:2f:a4:fe:40:9b:06:ee: e0:e5:30:c3:78:2b:9f:aa:4b:4b:39:bf:64:8e:a3:02:cc:4a: 81:08:8b:a6:be:5a:80:c5:bb:b9:08:fe:3d:d6:e8:ab:d1:04: 68:ae:4c:d8:89:f5:3d:51:06:b0:3d:48:ac:f4:15:61:14:3d: 87:8d:d1:00:1a:69:37:66:72:2c:20:ed:9f:70:96:90:81:98: 3c:cb:92:05:6e:5b:2c:3d:5e:bc:fa:a9:2d:38:61:9a:66:85: 6e:2d:93:0d:8c:6e:ec:16:8d:72:97:3a:44:41:06:56:03:a9: 79:94:5d:74:d4:f0:77:d1:ab:5c:59:ad:41:f4:6f:39:06:34: e3:31:a3:d9 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUdQ/+33kuqdatYz568N6G6MHm+XEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMzU1OVoX DTI3MDUwMjAxNDA1OVowMzExMC8GA1UEAxMoOEJBMjIxRUNDRDkyQzhDQjhERDU5 NTAzQjI3MjJDNTdDMzM2N0JGNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL8QFoql09Z64KS5Dz6XHx/9v32lFSppVO0efLas8XcGXVagnpAIB7ocM35I sI43kbc4JzjsI8gjcwxkxKuAnid1T+Qhlo7puzMOJr5chBLI3pJoR2eH2x/J+/GY Uh2nDLUqDQzTP9k8Ba7yc/LFKUqKhoOWK39keG4KpD7Jj49gRoy2PWEsvv7ULhfx zlHN/r4gb9TK/pyUGNDPOpJLdO8yxkhdKUJOt4tpTYZYxMfsUAgA7W1R/WM88BRL Gsb3odQ/vERSUWaOa8/OR4T8g+66OuwwEP91d/6qPS8BuE4jiSzjonLo/1P1iJ5H vbvBBt8aD+hYoXUE4Qze4zSfEnkCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFIuiIezNksjLjdWVA7JyLFfDNnv2MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2FkNDQwYzg1LTM0NzEtNDQ2MS1iNTkwLTE2MDFlMTlmNTMxOC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9hZDQ0MGM4 NS0zNDcxLTQ0NjEtYjU5MC0xNjAxZTE5ZjUzMTgvMC84QkEyMjFFQ0NEOTJDOENC OERENTk1MDNCMjcyMkM1N0MzMzY3QkY2Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6WSMA0GCSqGSIb3DQEBCwUAA4IBAQBjazR+zAc2anyW7cAS0JsXJt5ArGm/ N3IVIRlpkEhluVQXvEgmbL+6ky0r7tLB+3cH/rApkB6GzcMEl69qpO5j5ZREuP3u UtjgBYT8KoCp+Z+vPZ7R9F3UKsbONeZMGeyUEhBkmilRmSx10OHSyQwMDPW1dtC4 AS+k/kCbBu7g5TDDeCufqktLOb9kjqMCzEqBCIumvlqAxbu5CP491uir0QRorkzY ifU9UQawPUis9BVhFD2HjdEAGmk3ZnIsIO2fcJaQgZg8y5IFblssPV68+qktOGGa ZoVuLZMNjG7sFo1ylzpEQQZWA6l5lF101PB30atcWa1B9G85BjTjMaPZ -----END CERTIFICATE-----Generated at Tue May 12 22:45:41 2026 by rpki-client