$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/8FFA8BB9C09DC4CA42C95C817C0FFD95B14C896C.cer File: 8FFA8BB9C09DC4CA42C95C817C0FFD95B14C896C.cer (raw, json) Hash identifier: fPaqFCLiQ9N7bhh/OhVpYwGBNKa4FZYhcPp+fz1RGKg= Subject key identifier: 8F:FA:8B:B9:C0:9D:C4:CA:42:C9:5C:81:7C:0F:FD:95:B1:4C:89:6C Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 79DD848A75FF27CB3C278C8304F8E43EFF7C4C9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/5d5af22c-7e3e-40b5-ac50-637772a95c21/0/8FFA8BB9C09DC4CA42C95C817C0FFD95B14C896C.mft caRepository: rsync://rpki-rsync.idnic.net/repo/5d5af22c-7e3e-40b5-ac50-637772a95c21/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:41:59 +0000 Certificate not after: Sun 02 May 2027 00:46:59 +0000 Subordinate resources: IP: 103.236.130.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:dd:84:8a:75:ff:27:cb:3c:27:8c:83:04:f8:e4:3e:ff:7c:4c:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:41:59 2026 GMT Not After : May 2 00:46:59 2027 GMT Subject: CN=8FFA8BB9C09DC4CA42C95C817C0FFD95B14C896C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:d7:f4:70:78:bc:8a:27:28:2b:45:e9:16:fa: f0:98:40:74:7b:d5:6c:1e:a6:32:21:ca:c2:3a:51: ed:e1:fb:1e:ed:cb:bd:fc:20:ca:c3:41:2f:8b:35: 36:b4:21:83:42:52:5b:77:2b:97:dc:29:78:fc:24: fc:46:d5:b3:5e:de:fc:20:d6:39:cd:5d:1b:d8:c2: 34:97:8c:34:76:1f:c1:41:da:d6:b2:f9:30:33:86: 89:ab:77:99:06:89:54:f7:3d:5b:08:c9:35:f9:1f: 6c:4d:66:ab:98:55:22:96:58:72:e7:fe:7f:5d:fa: 08:37:b3:de:76:73:82:c0:87:49:7a:15:91:a5:a4: 0c:54:d8:20:a1:bd:fa:69:6f:89:a4:36:19:b1:b3: ee:8f:3a:c3:b5:74:e5:e2:17:76:6e:dc:88:e4:a1: 05:72:1d:09:1b:41:7b:d0:4c:3f:2a:ff:de:60:60: 6a:5f:2b:f7:31:78:e7:a8:ba:27:d8:45:5f:f4:50: c8:e4:18:30:41:de:38:61:a9:b5:85:00:21:ac:2f: 91:c6:e1:31:05:5e:4c:6d:e2:31:17:43:89:f5:72: b8:82:a0:07:32:0f:bc:36:b0:1b:10:d0:6d:07:0a: 48:c8:72:27:e3:d8:71:b7:c5:08:06:84:d4:91:58: 28:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 8F:FA:8B:B9:C0:9D:C4:CA:42:C9:5C:81:7C:0F:FD:95:B1:4C:89:6C X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/5d5af22c-7e3e-40b5-ac50-637772a95c21/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/5d5af22c-7e3e-40b5-ac50-637772a95c21/0/8FFA8BB9C09DC4CA42C95C817C0FFD95B14C896C.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.236.130.0/23 Signature Algorithm: sha256WithRSAEncryption 33:7b:59:b1:e3:fa:ce:88:3e:6d:ba:9f:85:e5:6c:21:57:a8: 44:10:d2:bc:3b:3e:c9:30:21:31:31:e8:8e:61:af:9e:74:13: 8a:eb:59:02:e9:4c:d3:bc:6f:71:83:f9:55:e1:45:68:d4:69: f3:ea:ed:28:a0:d6:47:79:38:46:ae:c4:b0:d8:d1:cc:3c:93: 02:25:7e:b0:af:fa:16:a2:6d:ea:69:ec:aa:28:d3:db:b1:9e: b5:8a:3e:99:fe:fe:9b:8d:2e:0e:dc:4f:11:9e:d1:d2:ee:79: 8d:a3:48:c5:2e:bd:fc:9a:43:ad:7d:1e:33:50:46:e0:58:e2: 32:0f:5b:46:b0:3d:41:50:b9:36:f4:29:44:ed:31:d0:4e:a7: 03:1a:d6:ad:30:31:86:9e:68:7d:96:e9:c7:d5:ce:ba:1c:99: a1:3a:f9:cc:c9:dd:17:48:a9:78:cd:38:d2:00:63:9d:0b:8b: 43:e8:4d:70:cc:fe:83:40:b5:ae:b5:e4:23:15:b9:ee:c9:4a: 83:70:02:3d:70:e4:16:f6:01:aa:38:98:1a:41:df:84:e1:8e: c1:c9:b0:a9:e2:1e:d0:13:fd:c9:91:27:da:35:b1:41:3d:46: e1:ca:a9:05:c9:b3:85:32:a2:6e:4f:8a:a2:65:4a:bb:85:72: ae:15:d5:d7 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUed2EinX/J8s8J4yDBPjkPv98TJ4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwNDE1OVoX DTI3MDUwMjAwNDY1OVowMzExMC8GA1UEAxMoOEZGQThCQjlDMDlEQzRDQTQyQzk1 QzgxN0MwRkZEOTVCMTRDODk2QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMHX9HB4vIonKCtF6Rb68JhAdHvVbB6mMiHKwjpR7eH7Hu3LvfwgysNBL4s1 NrQhg0JSW3crl9wpePwk/EbVs17e/CDWOc1dG9jCNJeMNHYfwUHa1rL5MDOGiat3 mQaJVPc9WwjJNfkfbE1mq5hVIpZYcuf+f136CDez3nZzgsCHSXoVkaWkDFTYIKG9 +mlviaQ2GbGz7o86w7V05eIXdm7ciOShBXIdCRtBe9BMPyr/3mBgal8r9zF456i6 J9hFX/RQyOQYMEHeOGGptYUAIawvkcbhMQVeTG3iMRdDifVyuIKgBzIPvDawGxDQ bQcKSMhyJ+PYcbfFCAaE1JFYKJ8CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFI/6i7nAncTKQslcgXwP/ZWxTIlsMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzVkNWFmMjJjLTdlM2UtNDBiNS1hYzUwLTYzNzc3MmE5NWMyMS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby81ZDVhZjIy Yy03ZTNlLTQwYjUtYWM1MC02Mzc3NzJhOTVjMjEvMC84RkZBOEJCOUMwOURDNENB NDJDOTVDODE3QzBGRkQ5NUIxNEM4OTZDLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ+yCMA0GCSqGSIb3DQEBCwUAA4IBAQAze1mx4/rOiD5tup+F5WwhV6hEENK8 Oz7JMCExMeiOYa+edBOK61kC6UzTvG9xg/lV4UVo1Gnz6u0ooNZHeThGrsSw2NHM PJMCJX6wr/oWom3qaeyqKNPbsZ61ij6Z/v6bjS4O3E8RntHS7nmNo0jFLr38mkOt fR4zUEbgWOIyD1tGsD1BULk29ClE7THQTqcDGtatMDGGnmh9lunH1c66HJmhOvnM yd0XSKl4zTjSAGOdC4tD6E1wzP6DQLWuteQjFbnuyUqDcAI9cOQW9gGqOJgaQd+E 4Y7BybCp4h7QE/3JkSfaNbFBPUbhyqkFybOFMqJuT4qiZUq7hXKuFdXX -----END CERTIFICATE-----Generated at Tue May 12 22:16:40 2026 by rpki-client