$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/A3E8D0D56AA90FC98DB7BB6ADCABD1F4D64C9D27.cer File: A3E8D0D56AA90FC98DB7BB6ADCABD1F4D64C9D27.cer (raw, json) Hash identifier: suUBrM2fWqQNQzByz9cRgN0Gq+JeQ4Pp+5EwTDkqGPQ= Subject key identifier: A3:E8:D0:D5:6A:A9:0F:C9:8D:B7:BB:6A:DC:AB:D1:F4:D6:4C:9D:27 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 21414CFA2A3F8FCC857894A0FA58F2DCEC128238 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/a7099e42-2e9f-4e8a-99e8-ad50453b066f/0/A3E8D0D56AA90FC98DB7BB6ADCABD1F4D64C9D27.mft caRepository: rsync://rpki-rsync.idnic.net/repo/a7099e42-2e9f-4e8a-99e8-ad50453b066f/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:32:01 +0000 Certificate not after: Sun 02 May 2027 01:37:01 +0000 Subordinate resources: IP: 203.111.252.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:41:4c:fa:2a:3f:8f:cc:85:78:94:a0:fa:58:f2:dc:ec:12:82:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:32:01 2026 GMT Not After : May 2 01:37:01 2027 GMT Subject: CN=A3E8D0D56AA90FC98DB7BB6ADCABD1F4D64C9D27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:67:45:d4:8d:d4:7b:2f:60:c8:70:b8:f9:b4: 98:d4:b1:6f:69:b1:b1:4c:fb:39:ef:11:c7:06:26: 95:32:2a:8a:cc:6f:2e:bd:a8:09:cb:9c:71:58:a8: 85:0e:1e:ae:bb:99:86:66:8f:63:42:88:ca:5a:40: 2b:77:7c:41:ee:f7:2c:25:1e:af:b5:ff:49:f9:44: 50:29:2e:82:66:cd:81:d8:66:17:af:b7:8b:87:ae: 57:69:2e:1b:ba:4b:b8:8a:bb:68:45:4a:b2:70:4a: c1:a0:fd:3f:0f:6b:78:69:20:7b:27:5a:a4:82:e4: 5b:36:35:da:ad:98:74:01:a6:5c:ed:95:a7:98:f0: df:ff:f0:32:ea:ce:cb:16:87:58:5a:f0:e9:d7:eb: 38:2d:05:07:ec:7a:b2:e8:7b:fc:41:37:db:a6:27: 3f:83:fa:95:8d:98:e6:67:ed:c7:6c:e3:1d:7d:b4: e8:43:ed:b4:53:6d:c0:b4:ba:02:d0:3e:a6:35:99: 58:a1:39:8d:c2:0d:40:78:36:eb:dd:3f:fb:71:fd: bb:20:b0:a0:be:fa:fd:2e:95:51:d9:84:11:b5:19: ea:90:3b:cf:cb:30:a3:2d:cf:98:4b:3e:5f:13:7b: fd:e7:7e:0d:50:c2:03:fe:86:54:de:66:01:0e:7e: ed:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: A3:E8:D0:D5:6A:A9:0F:C9:8D:B7:BB:6A:DC:AB:D1:F4:D6:4C:9D:27 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/a7099e42-2e9f-4e8a-99e8-ad50453b066f/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/a7099e42-2e9f-4e8a-99e8-ad50453b066f/0/A3E8D0D56AA90FC98DB7BB6ADCABD1F4D64C9D27.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.111.252.0/23 Signature Algorithm: sha256WithRSAEncryption 89:19:7f:c4:e4:1c:be:e1:d5:d1:53:6c:6e:26:63:fa:ee:0d: 79:18:75:5c:fc:72:e3:b9:b8:40:c6:b7:3a:4f:7c:06:f8:f7: 23:96:2f:7d:d3:22:20:ed:30:82:bc:89:41:c2:04:48:84:b9: 8b:5a:be:b6:41:1e:d1:2f:28:ec:5b:d1:cb:55:d6:f2:80:f6: 5d:34:6a:56:16:ff:2c:6d:c8:35:ab:7a:1c:3e:6d:17:e0:16: 22:97:a1:d1:86:31:8d:06:8d:dd:a1:46:f0:e0:61:df:7a:4f: 7f:4c:de:05:24:9d:1f:30:bc:dd:25:ca:56:0f:0d:da:b2:33: 11:36:21:37:1c:10:30:86:db:00:b7:6a:8e:81:eb:b0:84:62: ef:ee:71:59:4d:d6:9f:40:07:99:41:72:57:a5:a6:aa:66:39: 0e:0e:0d:6d:3a:e9:0d:32:19:df:7c:40:42:6f:07:44:bc:bc: 89:fb:4b:a4:65:24:d7:02:f7:36:9a:05:1e:e1:ba:2d:87:4e: 47:74:78:82:06:ae:86:83:42:aa:02:ba:0b:88:75:14:a7:05: cf:87:9b:73:27:30:12:06:17:f9:1a:2c:a8:e0:39:82:8e:c3: 42:7c:19:e8:e4:f2:28:19:3f:e7:a6:95:28:99:0f:66:89:f4: e2:62:3d:1e -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUIUFM+io/j8yFeJSg+ljy3OwSgjgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMzIwMVoX DTI3MDUwMjAxMzcwMVowMzExMC8GA1UEAxMoQTNFOEQwRDU2QUE5MEZDOThEQjdC QjZBRENBQkQxRjRENjRDOUQyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKJnRdSN1HsvYMhwuPm0mNSxb2mxsUz7Oe8RxwYmlTIqisxvLr2oCcuccVio hQ4erruZhmaPY0KIylpAK3d8Qe73LCUer7X/SflEUCkugmbNgdhmF6+3i4euV2ku G7pLuIq7aEVKsnBKwaD9Pw9reGkgeydapILkWzY12q2YdAGmXO2Vp5jw3//wMurO yxaHWFrw6dfrOC0FB+x6suh7/EE326YnP4P6lY2Y5mftx2zjHX206EPttFNtwLS6 AtA+pjWZWKE5jcINQHg2690/+3H9uyCwoL76/S6VUdmEEbUZ6pA7z8swoy3PmEs+ XxN7/ed+DVDCA/6GVN5mAQ5+7bsCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKPo0NVqqQ/Jjbe7atyr0fTWTJ0nMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2E3MDk5ZTQyLTJlOWYtNGU4YS05OWU4LWFkNTA0NTNiMDY2Zi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9hNzA5OWU0 Mi0yZTlmLTRlOGEtOTllOC1hZDUwNDUzYjA2NmYvMC9BM0U4RDBENTZBQTkwRkM5 OERCN0JCNkFEQ0FCRDFGNEQ2NEM5RDI3Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBy2/8MA0GCSqGSIb3DQEBCwUAA4IBAQCJGX/E5By+4dXRU2xuJmP67g15GHVc /HLjubhAxrc6T3wG+Pcjli990yIg7TCCvIlBwgRIhLmLWr62QR7RLyjsW9HLVdby gPZdNGpWFv8sbcg1q3ocPm0X4BYil6HRhjGNBo3doUbw4GHfek9/TN4FJJ0fMLzd JcpWDw3asjMRNiE3HBAwhtsAt2qOgeuwhGLv7nFZTdafQAeZQXJXpaaqZjkODg1t OukNMhnffEBCbwdEvLyJ+0ukZSTXAvc2mgUe4both05HdHiCBq6Gg0KqAroLiHUU pwXPh5tzJzASBhf5Giyo4DmCjsNCfBno5PIoGT/nppUomQ9mifTiYj0e -----END CERTIFICATE-----Generated at Tue May 12 22:47:37 2026 by rpki-client