$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/964CECE4DB02A6D978CE7F22B0B336E78E7EFE21.cer File: 964CECE4DB02A6D978CE7F22B0B336E78E7EFE21.cer (raw, json) Hash identifier: KXtGwwcULgbseWJuGvtZvTpct1xI5155DDGrhKUIyT0= Subject key identifier: 96:4C:EC:E4:DB:02:A6:D9:78:CE:7F:22:B0:B3:36:E7:8E:7E:FE:21 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 51458AD89755980C338130D538944ECC23A093D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/8f3151db-1330-4e70-9cc4-9b8fcd5ed2d2/0/964CECE4DB02A6D978CE7F22B0B336E78E7EFE21.mft caRepository: rsync://rpki-rsync.idnic.net/repo/8f3151db-1330-4e70-9cc4-9b8fcd5ed2d2/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:16:05 +0000 Certificate not after: Sun 02 May 2027 01:21:05 +0000 Subordinate resources: IP: 103.162.16.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:45:8a:d8:97:55:98:0c:33:81:30:d5:38:94:4e:cc:23:a0:93:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:16:05 2026 GMT Not After : May 2 01:21:05 2027 GMT Subject: CN=964CECE4DB02A6D978CE7F22B0B336E78E7EFE21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d5:4d:4e:8d:c5:6d:09:0c:ce:1b:9b:2d:1f: d8:9d:9d:ca:81:aa:a9:08:ab:48:34:db:11:9c:3c: 41:4b:a7:5e:a4:bd:ed:a7:31:51:90:20:bc:c3:cf: 94:12:98:6c:02:ed:b9:5a:28:cf:e4:e3:b9:da:32: 7c:fc:0d:06:3b:9e:e3:88:b2:c8:70:52:3a:60:f1: 25:31:07:f6:c1:39:97:6c:49:83:3d:d6:6f:ab:f4: fe:38:1a:11:85:60:97:1f:af:4c:55:38:41:c7:ab: 09:60:3b:19:be:1b:33:c6:ef:de:38:df:6e:d2:2a: 4c:f1:54:5c:ea:78:3d:1f:e5:b6:25:a5:5e:c2:6b: bf:4a:ca:97:21:fc:32:d4:e7:df:82:8f:da:0b:b1: f1:6b:2e:4f:52:6d:c1:f5:ba:d8:c7:17:3e:fc:f3: 69:e6:ab:8e:80:00:3b:11:21:09:43:76:03:fd:69: 89:45:74:e2:80:05:29:0f:e1:5d:c6:f0:22:65:ef: 01:6f:24:91:bd:64:11:bb:bd:f1:cc:19:33:79:a1: ae:12:f3:25:9f:df:49:bc:35:08:d6:04:ac:18:42: de:00:a6:b0:92:3a:6c:04:df:1e:46:7a:92:5c:97: e8:e1:11:03:c8:2b:f6:bb:6d:ff:8d:2a:27:69:37: 07:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 96:4C:EC:E4:DB:02:A6:D9:78:CE:7F:22:B0:B3:36:E7:8E:7E:FE:21 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/8f3151db-1330-4e70-9cc4-9b8fcd5ed2d2/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/8f3151db-1330-4e70-9cc4-9b8fcd5ed2d2/0/964CECE4DB02A6D978CE7F22B0B336E78E7EFE21.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.162.16.0/23 Signature Algorithm: sha256WithRSAEncryption 26:71:ac:2e:26:3a:68:6c:df:02:e4:bb:5a:63:77:21:4f:21: d2:dc:e0:73:a2:f5:5a:3a:27:25:1b:d3:53:07:95:b0:a7:2a: e0:87:76:a3:d4:90:0f:f0:04:eb:25:4d:be:23:84:f2:ca:ec: ce:4b:51:7a:ce:83:0c:6d:81:72:85:94:83:64:1f:d3:4f:20: d6:00:eb:0e:b1:e9:36:87:46:2a:86:28:f4:02:9f:8d:d7:0c: 95:b7:a8:2c:b9:80:8f:73:29:f5:54:97:0d:34:ea:c6:0a:8d: b6:24:35:bd:ac:d7:ef:85:ca:c6:81:27:f3:57:96:bf:94:d4: 56:1d:6a:88:76:ea:77:75:fb:c6:c0:81:0f:85:bb:be:e4:32: 7e:a6:d4:b9:99:5e:c4:eb:80:8d:24:b7:5b:f2:56:aa:99:5d: 4b:d0:2e:b3:af:db:ae:5a:04:59:10:76:8d:ff:69:7d:79:c7: 0a:3c:11:45:41:a5:eb:84:46:7c:86:d9:c1:46:a4:2d:fa:33: 81:24:25:fb:4f:01:4e:97:17:9e:d1:49:22:1e:0e:60:72:f4: c8:fe:29:e8:56:e9:4b:da:2b:bb:f0:14:4e:f8:52:85:1e:6d: 9f:1f:0b:a9:ee:bd:30:5a:0e:77:a9:60:5e:bd:61:fb:1a:0b: d7:2f:61:ba -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUUUWK2JdVmAwzgTDVOJROzCOgk9QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMTYwNVoX DTI3MDUwMjAxMjEwNVowMzExMC8GA1UEAxMoOTY0Q0VDRTREQjAyQTZEOTc4Q0U3 RjIyQjBCMzM2RTc4RTdFRkUyMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK7VTU6NxW0JDM4bmy0f2J2dyoGqqQirSDTbEZw8QUunXqS97acxUZAgvMPP lBKYbALtuVooz+TjudoyfPwNBjue44iyyHBSOmDxJTEH9sE5l2xJgz3Wb6v0/jga EYVglx+vTFU4QcerCWA7Gb4bM8bv3jjfbtIqTPFUXOp4PR/ltiWlXsJrv0rKlyH8 MtTn34KP2gux8WsuT1JtwfW62McXPvzzaearjoAAOxEhCUN2A/1piUV04oAFKQ/h XcbwImXvAW8kkb1kEbu98cwZM3mhrhLzJZ/fSbw1CNYErBhC3gCmsJI6bATfHkZ6 klyX6OERA8gr9rtt/40qJ2k3Bx0CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFJZM7OTbAqbZeM5/IrCzNueOfv4hMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzhmMzE1MWRiLTEzMzAtNGU3MC05Y2M0LTliOGZjZDVlZDJkMi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby84ZjMxNTFk Yi0xMzMwLTRlNzAtOWNjNC05YjhmY2Q1ZWQyZDIvMC85NjRDRUNFNERCMDJBNkQ5 NzhDRTdGMjJCMEIzMzZFNzhFN0VGRTIxLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6IQMA0GCSqGSIb3DQEBCwUAA4IBAQAmcawuJjpobN8C5LtaY3chTyHS3OBz ovVaOiclG9NTB5Wwpyrgh3aj1JAP8ATrJU2+I4TyyuzOS1F6zoMMbYFyhZSDZB/T TyDWAOsOsek2h0Yqhij0Ap+N1wyVt6gsuYCPcyn1VJcNNOrGCo22JDW9rNfvhcrG gSfzV5a/lNRWHWqIdup3dfvGwIEPhbu+5DJ+ptS5mV7E64CNJLdb8laqmV1L0C6z r9uuWgRZEHaN/2l9eccKPBFFQaXrhEZ8htnBRqQt+jOBJCX7TwFOlxee0UkiHg5g cvTI/inoVulL2iu78BRO+FKFHm2fHwup7r0wWg53qWBevWH7GgvXL2G6 -----END CERTIFICATE-----Generated at Tue May 12 22:09:59 2026 by rpki-client