$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF.cer File: A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF.cer (raw, json) Hash identifier: 1IIaQOcid8JfmYASU8YsSWFfw3xeEoPvI0UA4/8YOBk= Subject key identifier: A8:9E:28:00:8F:43:B7:04:C2:FD:C3:EA:D3:FA:F0:83:0E:6C:1A:EF Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 295FCA614468A47FFD66A957DED10EF667C22459 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/a640abe6-8dee-4bd1-814c-2af31a3d9cdf/0/A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF.mft caRepository: rsync://rpki-rsync.idnic.net/repo/a640abe6-8dee-4bd1-814c-2af31a3d9cdf/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:30:53 +0000 Certificate not after: Sun 02 May 2027 01:35:53 +0000 Subordinate resources: IP: 103.196.118.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:5f:ca:61:44:68:a4:7f:fd:66:a9:57:de:d1:0e:f6:67:c2:24:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:30:53 2026 GMT Not After : May 2 01:35:53 2027 GMT Subject: CN=A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:32:69:cf:7c:00:fc:21:c4:b9:2f:e5:c5:e2: 49:5e:8a:8c:c4:e1:d8:1c:7d:ff:c1:bf:e9:62:b2: 22:a4:ea:59:29:66:ab:20:f0:6e:29:12:18:80:d8: 06:d9:36:0d:69:df:e2:fa:11:e8:60:75:2e:97:cd: 76:fa:f5:ae:67:e3:08:00:66:d0:e9:f7:e7:70:21: 88:cc:8d:94:1a:fa:e0:28:3d:1d:b8:a7:56:8d:c2: 31:af:ef:e5:8a:d8:4d:32:6e:90:cb:d6:ec:18:1a: 66:f2:54:54:ae:27:47:30:6e:68:09:3b:83:59:f5: 61:82:29:24:20:26:b0:d7:15:d8:5c:c4:39:27:5e: 50:9d:0f:20:9c:28:0b:0c:73:3c:d2:08:ad:3c:c4: d5:65:78:66:ac:43:27:bf:6e:51:c2:30:ef:e1:07: 5a:b2:e6:fa:c2:28:d4:36:c7:c0:06:ed:aa:dd:16: 53:81:fc:dd:fa:04:65:e3:46:31:75:5b:ac:2a:28: 2d:e3:35:b9:c4:5b:4b:70:87:e1:bf:7b:ab:0d:f4: 32:14:83:64:2f:f9:b6:15:59:17:bc:a5:29:68:ba: 98:a2:69:3d:0b:5b:58:6c:09:a2:b7:4e:0d:7f:2c: e4:8a:02:3e:03:39:f1:39:cf:ad:54:cc:f4:d6:e8: 6a:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: A8:9E:28:00:8F:43:B7:04:C2:FD:C3:EA:D3:FA:F0:83:0E:6C:1A:EF X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/a640abe6-8dee-4bd1-814c-2af31a3d9cdf/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/a640abe6-8dee-4bd1-814c-2af31a3d9cdf/0/A89E28008F43B704C2FDC3EAD3FAF0830E6C1AEF.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.196.118.0/23 Signature Algorithm: sha256WithRSAEncryption 4f:00:96:7e:e9:c6:fb:ae:2c:cd:8f:70:a0:d7:b4:66:b6:08: f4:4a:d0:89:2f:b6:af:33:ac:3b:db:fd:48:ff:47:61:19:4b: de:ff:ef:ca:64:2d:b9:d7:c7:a4:99:74:d7:cb:e7:fe:7a:0f: 0f:16:6b:2c:c1:7b:0f:5e:aa:4e:7f:8b:9f:e3:d4:a8:c0:ff: 6c:18:75:01:9e:ef:9e:3e:12:88:34:bb:0c:26:fb:2c:3e:ef: 3b:96:f6:d9:a4:b5:7e:0d:f5:0a:e1:30:e3:68:76:23:77:cc: c5:31:1c:fe:0f:3c:85:01:24:36:e1:71:27:da:66:69:de:52: fb:ee:9a:32:6e:d8:2b:17:96:e5:ce:57:62:fa:bb:33:9f:e9: 6b:9b:5c:75:d3:04:cc:18:5e:7c:6e:63:b2:30:57:f7:ff:c6: bd:05:2d:86:bd:88:80:de:3e:5b:38:c4:55:ef:d2:f4:03:bb: 75:f5:0f:b0:89:a3:84:2f:70:2c:9d:6f:a2:7c:40:00:f9:74: af:e9:5c:f5:53:6b:1b:bf:10:68:ba:61:09:97:39:a7:22:73: 10:09:07:56:9f:a3:83:1c:1e:ab:8f:a5:83:7a:69:49:b6:24: d3:0f:c1:57:86:34:e8:78:1e:b0:54:e3:15:a1:0a:b7:d5:7e: 38:4a:47:7e -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUKV/KYURopH/9ZqlX3tEO9mfCJFkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMzA1M1oX DTI3MDUwMjAxMzU1M1owMzExMC8GA1UEAxMoQTg5RTI4MDA4RjQzQjcwNEMyRkRD M0VBRDNGQUYwODMwRTZDMUFFRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMYyac98APwhxLkv5cXiSV6KjMTh2Bx9/8G/6WKyIqTqWSlmqyDwbikSGIDY Btk2DWnf4voR6GB1LpfNdvr1rmfjCABm0On353AhiMyNlBr64Cg9HbinVo3CMa/v 5YrYTTJukMvW7BgaZvJUVK4nRzBuaAk7g1n1YYIpJCAmsNcV2FzEOSdeUJ0PIJwo CwxzPNIIrTzE1WV4ZqxDJ79uUcIw7+EHWrLm+sIo1DbHwAbtqt0WU4H83foEZeNG MXVbrCooLeM1ucRbS3CH4b97qw30MhSDZC/5thVZF7ylKWi6mKJpPQtbWGwJordO DX8s5IoCPgM58TnPrVTM9NboaqkCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKieKACPQ7cEwv3D6tP68IMObBrvMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2E2NDBhYmU2LThkZWUtNGJkMS04MTRjLTJhZjMxYTNkOWNkZi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9hNjQwYWJl Ni04ZGVlLTRiZDEtODE0Yy0yYWYzMWEzZDljZGYvMC9BODlFMjgwMDhGNDNCNzA0 QzJGREMzRUFEM0ZBRjA4MzBFNkMxQUVGLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ8R2MA0GCSqGSIb3DQEBCwUAA4IBAQBPAJZ+6cb7rizNj3Cg17Rmtgj0StCJ L7avM6w72/1I/0dhGUve/+/KZC2518ekmXTXy+f+eg8PFmsswXsPXqpOf4uf49So wP9sGHUBnu+ePhKINLsMJvssPu87lvbZpLV+DfUK4TDjaHYjd8zFMRz+DzyFASQ2 4XEn2mZp3lL77poybtgrF5blzldi+rszn+lrm1x10wTMGF58bmOyMFf3/8a9BS2G vYiA3j5bOMRV79L0A7t19Q+wiaOEL3AsnW+ifEAA+XSv6Vz1U2sbvxBoumEJlzmn InMQCQdWn6ODHB6rj6WDemlJtiTTD8FXhjToeB6wVOMVoQq31X44Skd+ -----END CERTIFICATE-----Generated at Tue May 12 22:52:54 2026 by rpki-client