$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/8FFAA6656CAEB189705F03C7B4148624E4A80597.cer File: 8FFAA6656CAEB189705F03C7B4148624E4A80597.cer (raw, json) Hash identifier: Svk3IR+1p8m1OnLvcxW0hWMh3CxSCOs0V7dUCOnmGlM= Subject key identifier: 8F:FA:A6:65:6C:AE:B1:89:70:5F:03:C7:B4:14:86:24:E4:A8:05:97 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2A6403C07CDDBFF2D7A6D715FDC7B21B3B03D86E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/52880dee-7aa2-4be4-bf35-cdbd11d79507/0/8FFAA6656CAEB189705F03C7B4148624E4A80597.mft caRepository: rsync://rpki-rsync.idnic.net/repo/52880dee-7aa2-4be4-bf35-cdbd11d79507/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:34:10 +0000 Certificate not after: Sun 02 May 2027 00:39:10 +0000 Subordinate resources: IP: 121.50.128.0/20 IP: 202.50.200.0/22 IP: 203.190.184.0/21 IP: 2400:c900::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:64:03:c0:7c:dd:bf:f2:d7:a6:d7:15:fd:c7:b2:1b:3b:03:d8:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:34:10 2026 GMT Not After : May 2 00:39:10 2027 GMT Subject: CN=8FFAA6656CAEB189705F03C7B4148624E4A80597 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:a8:d3:09:0f:6d:e2:d3:e2:5e:e4:dd:60:12: e6:08:c9:28:d2:36:1d:69:5b:e9:93:b8:57:71:11: 7b:e9:db:4e:7e:50:bc:99:f3:3c:1b:0e:6e:b5:83: 54:cf:e7:b7:05:13:66:15:4a:37:36:30:dd:91:43: 88:7d:92:7a:95:ab:81:70:8c:58:41:bd:d6:f6:aa: 1a:a3:47:96:7d:4e:11:2a:e3:48:85:9d:e9:9c:d2: e6:c8:bb:91:a2:44:2d:e5:c3:a9:e8:0e:c1:3f:46: 7e:41:8f:95:33:b5:51:fc:b1:a0:af:cb:97:00:84: cd:0f:94:a3:d0:de:29:19:4a:7f:da:ee:64:be:7d: d7:41:60:e8:92:7f:c1:6a:67:0c:e8:10:28:26:9b: a8:80:17:70:b4:71:68:b6:96:7f:33:04:9c:e8:39: 85:b6:35:00:83:62:9d:e0:74:4f:b0:58:23:67:49: 24:7e:cc:cf:f2:62:5c:28:31:d9:84:83:79:0a:12: 61:d6:5f:7b:08:a0:80:f1:1c:70:fe:bd:dd:06:6a: 5d:8c:71:c8:8b:bd:5c:ee:3e:ea:43:d8:be:f2:a5: ab:ea:4d:ec:11:6b:3e:31:52:c3:49:c8:7e:7b:83: 49:4c:14:84:48:c2:40:5b:97:56:32:77:88:12:dd: b5:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 8F:FA:A6:65:6C:AE:B1:89:70:5F:03:C7:B4:14:86:24:E4:A8:05:97 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/52880dee-7aa2-4be4-bf35-cdbd11d79507/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/52880dee-7aa2-4be4-bf35-cdbd11d79507/0/8FFAA6656CAEB189705F03C7B4148624E4A80597.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 121.50.128.0/20 202.50.200.0/22 203.190.184.0/21 IPv6: 2400:c900::/32 Signature Algorithm: sha256WithRSAEncryption 23:ab:31:fb:29:20:37:3e:d1:2e:e0:0d:0e:ad:c2:4d:c3:16: be:6f:ca:ed:83:8f:1d:e7:67:29:6c:e1:b2:17:ee:99:09:39: 9d:89:d5:1e:31:78:d6:c1:26:07:0b:aa:db:b6:d4:7c:12:8f: eb:8b:c6:5f:44:48:59:77:33:69:66:9c:53:8b:07:98:2e:b5: 88:d3:cb:45:64:07:75:17:57:c8:e3:ac:50:2e:be:da:41:7e: 9d:da:3d:42:f4:39:b6:0f:27:22:34:f1:2a:99:ce:20:ae:82: d4:96:c8:9d:9f:73:f6:db:47:f5:a0:d9:0b:d3:b0:d3:50:7d: bc:46:c2:cc:d4:7d:35:eb:20:f8:f3:41:af:3a:cf:56:93:09: 06:4a:8a:6f:cd:c4:ed:46:e3:0c:f6:19:c5:28:28:1b:6f:1c: 8c:01:c2:3b:20:80:12:23:83:07:09:55:6a:15:e5:34:1b:a9: 11:19:1e:d3:d2:29:9c:59:43:ef:55:89:16:5f:34:57:11:35: 57:92:48:dd:cd:69:10:0f:37:5d:7c:c1:b2:27:51:f7:a9:8e: a0:fb:a4:a5:b4:78:e1:95:09:75:c4:1d:e2:72:13:8e:c0:12: 35:35:3a:03:98:ed:c3:d7:18:08:b7:07:04:fc:45:27:e1:c9: f0:04:ba:22 -----BEGIN CERTIFICATE----- MIIF4TCCBMmgAwIBAgIUKmQDwHzdv/LXptcV/ceyGzsD2G4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMzQxMFoX DTI3MDUwMjAwMzkxMFowMzExMC8GA1UEAxMoOEZGQUE2NjU2Q0FFQjE4OTcwNUYw M0M3QjQxNDg2MjRFNEE4MDU5NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKao0wkPbeLT4l7k3WAS5gjJKNI2HWlb6ZO4V3ERe+nbTn5QvJnzPBsObrWD VM/ntwUTZhVKNzYw3ZFDiH2SepWrgXCMWEG91vaqGqNHln1OESrjSIWd6ZzS5si7 kaJELeXDqegOwT9GfkGPlTO1UfyxoK/LlwCEzQ+Uo9DeKRlKf9ruZL5910Fg6JJ/ wWpnDOgQKCabqIAXcLRxaLaWfzMEnOg5hbY1AINineB0T7BYI2dJJH7Mz/JiXCgx 2YSDeQoSYdZfewiggPEccP693QZqXYxxyIu9XO4+6kPYvvKlq+pN7BFrPjFSw0nI fnuDSUwUhEjCQFuXVjJ3iBLdtcUCAwEAAaOCAtQwggLQMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFI/6pmVsrrGJcF8Dx7QUhiTkqAWXMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzUyODgwZGVlLTdhYTItNGJlNC1iZjM1LWNkYmQxMWQ3OTUwNy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby81Mjg4MGRl ZS03YWEyLTRiZTQtYmYzNS1jZGJkMTFkNzk1MDcvMC84RkZBQTY2NTZDQUVCMTg5 NzA1RjAzQzdCNDE0ODYyNEU0QTgwNTk3Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATAS AwQEeTKAAwQCyjLIAwQDy764MA0EAgACMAcDBQAkAMkAMA0GCSqGSIb3DQEBCwUA A4IBAQAjqzH7KSA3PtEu4A0OrcJNwxa+b8rtg48d52cpbOGyF+6ZCTmdidUeMXjW wSYHC6rbttR8Eo/ri8ZfREhZdzNpZpxTiweYLrWI08tFZAd1F1fI46xQLr7aQX6d 2j1C9Dm2DyciNPEqmc4groLUlsidn3P220f1oNkL07DTUH28RsLM1H016yD480Gv Os9WkwkGSopvzcTtRuMM9hnFKCgbbxyMAcI7IIASI4MHCVVqFeU0G6kRGR7T0imc WUPvVYkWXzRXETVXkkjdzWkQDzddfMGyJ1H3qY6g+6SltHjhlQl1xB3ichOOwBI1 NToDmO3D1xgItwcE/EUn4cnwBLoi -----END CERTIFICATE-----Generated at Tue May 12 22:50:06 2026 by rpki-client