$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/95E9D033C44AD503C429A782A64C7B0AF8A9FF36.cer File: 95E9D033C44AD503C429A782A64C7B0AF8A9FF36.cer (raw, json) Hash identifier: Ln/ePypd9yopAzRBrxd8Wtnf6keWqPFzJQfbQX/u998= Subject key identifier: 95:E9:D0:33:C4:4A:D5:03:C4:29:A7:82:A6:4C:7B:0A:F8:A9:FF:36 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 523E5D40FDC64FB9C1F4C53888E6608A6890781A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/ff76b773-405f-458f-9b88-852095173f16/0/95E9D033C44AD503C429A782A64C7B0AF8A9FF36.mft caRepository: rsync://rpki-rsync.idnic.net/repo/ff76b773-405f-458f-9b88-852095173f16/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:49:05 +0000 Certificate not after: Sun 02 May 2027 02:54:05 +0000 Subordinate resources: IP: 103.167.20.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:3e:5d:40:fd:c6:4f:b9:c1:f4:c5:38:88:e6:60:8a:68:90:78:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 02:49:05 2026 GMT Not After : May 2 02:54:05 2027 GMT Subject: CN=95E9D033C44AD503C429A782A64C7B0AF8A9FF36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:44:33:46:05:ff:26:f5:2d:fb:c0:9f:4a:e7: c6:c5:36:70:5e:bd:3d:47:36:d4:90:8b:76:30:aa: ce:b2:e8:84:7a:93:04:3b:15:34:71:c4:ef:24:95: 01:d2:d1:f1:e2:db:b2:da:ee:6b:d8:d1:03:7e:2d: ab:98:f2:78:b2:0a:58:ce:95:59:50:38:db:76:dc: 19:e3:21:a2:0b:64:08:fb:33:bf:22:8f:50:a9:27: 2f:34:45:97:57:70:65:de:3a:58:00:ca:77:6d:2c: 88:21:90:26:1f:92:5e:a6:c7:85:9c:e6:d8:1d:ad: 92:07:fc:83:c4:72:ba:28:b6:4b:57:bc:a4:8c:7c: f5:52:b8:5a:94:d8:91:59:48:26:38:b9:cb:cd:c9: bb:20:1a:fa:47:ad:a6:da:4b:ce:83:ae:62:b6:20: 65:a7:d0:55:52:93:81:a7:99:f4:8d:17:16:38:b1: b2:2f:82:30:9a:ff:26:bc:6a:4e:95:ea:70:95:24: c1:c1:03:aa:f6:28:28:8f:ba:b9:e1:49:1d:b4:34: d8:36:a0:3e:9e:aa:51:40:96:42:21:56:a5:98:94: b8:35:9f:43:8e:16:45:53:37:c1:f1:93:d1:8c:97: 42:f1:64:80:26:c1:0c:41:43:df:ed:ef:cc:2c:e3: 97:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 95:E9:D0:33:C4:4A:D5:03:C4:29:A7:82:A6:4C:7B:0A:F8:A9:FF:36 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/ff76b773-405f-458f-9b88-852095173f16/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/ff76b773-405f-458f-9b88-852095173f16/0/95E9D033C44AD503C429A782A64C7B0AF8A9FF36.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.167.20.0/24 Signature Algorithm: sha256WithRSAEncryption 73:59:d5:8a:72:e0:0a:2f:a7:38:b7:bd:73:38:8b:68:1e:47: c1:f2:e4:5e:e8:8a:41:ef:b8:cc:22:9d:4c:eb:26:b4:fe:f8: 40:a2:e4:38:96:b6:b1:c4:ba:5f:5a:f9:ff:3d:cd:9e:f0:82: 93:19:c1:5a:57:82:9b:77:0a:94:7d:71:72:63:44:c1:7f:78: e5:8f:5d:ec:c2:16:69:33:42:00:98:d4:30:6b:2c:85:40:a5: a7:34:fc:b7:7a:1e:7e:43:e9:7a:9d:25:d8:fb:9b:70:93:82: 45:1e:90:df:64:90:cc:da:8b:ad:2d:8c:11:c4:ea:8a:b3:b3: 9d:c5:99:0e:b7:41:f6:00:e4:79:42:24:0f:ce:90:61:bf:12: 33:ac:57:b6:c3:46:07:c0:20:13:d7:40:30:7b:7a:b2:a4:f1: 0f:a2:0c:c8:19:c9:03:12:6d:b4:ca:15:8d:ab:c2:aa:9d:e5: 77:e0:5a:38:3f:07:50:c2:3d:cb:e3:6a:6d:7a:a0:1f:ec:0f: 17:3b:3c:c7:73:2a:3a:66:66:b6:86:f5:25:0b:1b:33:a3:2b: 07:ef:74:64:ae:ca:c3:87:58:fd:d1:aa:07:37:40:31:3a:61: 4d:54:be:2c:62:8d:1d:a4:dc:40:ab:33:0c:d4:a5:78:5a:d3: a7:33:46:25 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUUj5dQP3GT7nB9MU4iOZgimiQeBowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAyNDkwNVoX DTI3MDUwMjAyNTQwNVowMzExMC8GA1UEAxMoOTVFOUQwMzNDNDRBRDUwM0M0MjlB NzgyQTY0QzdCMEFGOEE5RkYzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM5EM0YF/yb1LfvAn0rnxsU2cF69PUc21JCLdjCqzrLohHqTBDsVNHHE7ySV AdLR8eLbstrua9jRA34tq5jyeLIKWM6VWVA423bcGeMhogtkCPszvyKPUKknLzRF l1dwZd46WADKd20siCGQJh+SXqbHhZzm2B2tkgf8g8Ryuii2S1e8pIx89VK4WpTY kVlIJji5y83JuyAa+ketptpLzoOuYrYgZafQVVKTgaeZ9I0XFjixsi+CMJr/Jrxq TpXqcJUkwcEDqvYoKI+6ueFJHbQ02DagPp6qUUCWQiFWpZiUuDWfQ44WRVM3wfGT 0YyXQvFkgCbBDEFD3+3vzCzjly8CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFJXp0DPEStUDxCmngqZMewr4qf82MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2ZmNzZiNzczLTQwNWYtNDU4Zi05Yjg4LTg1MjA5NTE3M2YxNi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9mZjc2Yjc3 My00MDVmLTQ1OGYtOWI4OC04NTIwOTUxNzNmMTYvMC85NUU5RDAzM0M0NEFENTAz QzQyOUE3ODJBNjRDN0IwQUY4QTlGRjM2Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ6cUMA0GCSqGSIb3DQEBCwUAA4IBAQBzWdWKcuAKL6c4t71zOItoHkfB8uRe 6IpB77jMIp1M6ya0/vhAouQ4lraxxLpfWvn/Pc2e8IKTGcFaV4KbdwqUfXFyY0TB f3jlj13swhZpM0IAmNQwayyFQKWnNPy3eh5+Q+l6nSXY+5twk4JFHpDfZJDM2out LYwRxOqKs7OdxZkOt0H2AOR5QiQPzpBhvxIzrFe2w0YHwCAT10Awe3qypPEPogzI GckDEm20yhWNq8KqneV34Fo4PwdQwj3L42pteqAf7A8XOzzHcyo6Zma2hvUlCxsz oysH73RkrsrDh1j90aoHN0AxOmFNVL4sYo0dpNxAqzMM1KV4WtOnM0Yl -----END CERTIFICATE-----Generated at Tue May 12 22:10:23 2026 by rpki-client