$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/A8B4290DB1D500117291858DAF1B1EDF11D478CF.cer File: A8B4290DB1D500117291858DAF1B1EDF11D478CF.cer (raw, json) Hash identifier: 5W0IdtnyQQR2+zhq1nrJr1n4r1PdOfjQc/jbF5JJ+04= Subject key identifier: A8:B4:29:0D:B1:D5:00:11:72:91:85:8D:AF:1B:1E:DF:11:D4:78:CF Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 7AA48DA4D38BE2776E69023EF3FE84D24BFE2947 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/0c1e49ab-50ca-4b3e-823c-8b3d31ba85f2/0/A8B4290DB1D500117291858DAF1B1EDF11D478CF.mft caRepository: rsync://rpki-rsync.idnic.net/repo/0c1e49ab-50ca-4b3e-823c-8b3d31ba85f2/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:47:23 +0000 Certificate not after: Sat 01 May 2027 23:52:23 +0000 Subordinate resources: IP: 103.163.102.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:a4:8d:a4:d3:8b:e2:77:6e:69:02:3e:f3:fe:84:d2:4b:fe:29:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:47:23 2026 GMT Not After : May 1 23:52:23 2027 GMT Subject: CN=A8B4290DB1D500117291858DAF1B1EDF11D478CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:36:56:ce:5a:88:be:d0:17:f0:5c:42:6a:27: 59:9a:5e:47:b5:f4:27:05:8d:e3:8d:66:1c:29:9a: 7d:7d:58:84:0d:7d:76:de:0b:ab:6d:22:df:d7:65: 85:b9:ba:d6:df:3f:32:fd:a9:6d:03:ab:bb:69:8a: d8:ab:7b:21:07:1b:32:40:97:b6:7d:80:db:01:c9: 99:53:1b:52:b6:d3:fc:f6:19:35:ac:59:a4:c6:82: b9:ff:bc:e4:8a:df:ee:9b:b6:5a:8c:9c:ef:da:af: 9d:37:e1:4b:3a:99:af:57:91:03:ab:eb:b9:42:f9: a4:85:5e:0b:f3:46:77:5c:d8:fc:4a:cd:19:73:8b: 5f:fe:8c:f5:c9:d7:d7:f5:37:cb:ff:fa:26:08:3f: c1:97:1c:3a:a7:3e:99:73:91:91:bd:63:85:32:46: f3:1d:bb:2a:2d:db:ec:cf:31:5f:0c:1c:e5:78:f5: 6a:b5:a0:d9:ce:90:dc:98:7f:40:4c:78:e1:40:7a: e8:a5:dd:b9:67:d2:36:20:bd:01:fa:01:1d:60:94: 9c:dc:20:2e:e9:d9:8c:15:7f:26:b6:16:83:a0:51: 90:e4:6a:de:2a:8e:86:15:54:66:57:f5:ab:52:8c: a1:c8:ee:7a:69:0d:2e:cf:c7:2f:d4:72:31:aa:ce: c8:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: A8:B4:29:0D:B1:D5:00:11:72:91:85:8D:AF:1B:1E:DF:11:D4:78:CF X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/0c1e49ab-50ca-4b3e-823c-8b3d31ba85f2/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/0c1e49ab-50ca-4b3e-823c-8b3d31ba85f2/0/A8B4290DB1D500117291858DAF1B1EDF11D478CF.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.163.102.0/23 Signature Algorithm: sha256WithRSAEncryption 1d:6b:61:e9:fe:65:a3:b2:38:07:16:64:ef:3b:55:c7:44:aa: e7:e1:0c:e0:f3:7d:dd:82:e9:f4:a8:3c:4e:fc:92:bc:d1:9d: f7:be:46:1e:bb:67:b2:11:46:39:fd:ed:66:bb:13:2b:b8:cd: 3d:1a:a4:ae:84:90:cb:2f:a1:f5:fe:70:11:1a:b1:9b:b1:c5: b0:13:69:ed:e1:e1:5a:bc:3b:74:82:a0:5c:64:80:b4:9f:4b: 2d:56:ff:79:cd:f7:3d:09:71:ad:e0:9f:ed:c2:35:a5:4e:17: e1:d2:c7:6a:27:66:54:ca:43:8b:cc:6d:e3:d2:69:b5:bb:50: e0:26:d3:cf:c4:d9:4e:ab:2a:28:19:e4:d3:ce:5c:bc:d0:67: 7f:6f:6b:9a:e3:46:9d:5e:57:03:cf:71:01:1d:49:97:e5:b2: 4e:e1:53:df:82:4b:c1:9c:6e:97:fe:b5:ca:5d:a6:5b:db:ff: 09:9a:c0:bd:ad:1b:f3:e3:8f:63:eb:df:21:bf:78:cd:8b:a9: 0d:a9:65:2d:40:c1:8e:d2:56:d5:8e:0d:9e:8d:63:c6:14:d3: b8:13:66:a8:86:f0:f1:18:67:d0:ce:b0:8f:26:e4:64:49:a6: 5d:58:2c:92:d1:fe:b4:bb:07:ef:8e:e9:15:2b:df:a6:85:da: be:5c:ac:23 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUeqSNpNOL4nduaQI+8/6E0kv+KUcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNDcyM1oX DTI3MDUwMTIzNTIyM1owMzExMC8GA1UEAxMoQThCNDI5MERCMUQ1MDAxMTcyOTE4 NThEQUYxQjFFREYxMUQ0NzhDRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKM2Vs5aiL7QF/BcQmonWZpeR7X0JwWN441mHCmafX1YhA19dt4Lq20i39dl hbm61t8/Mv2pbQOru2mK2Kt7IQcbMkCXtn2A2wHJmVMbUrbT/PYZNaxZpMaCuf+8 5Irf7pu2Woyc79qvnTfhSzqZr1eRA6vruUL5pIVeC/NGd1zY/ErNGXOLX/6M9cnX 1/U3y//6Jgg/wZccOqc+mXORkb1jhTJG8x27Ki3b7M8xXwwc5Xj1arWg2c6Q3Jh/ QEx44UB66KXduWfSNiC9AfoBHWCUnNwgLunZjBV/JrYWg6BRkORq3iqOhhVUZlf1 q1KMocjuemkNLs/HL9RyMarOyIsCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKi0KQ2x1QARcpGFja8bHt8R1HjPMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzBjMWU0OWFiLTUwY2EtNGIzZS04MjNjLThiM2QzMWJhODVmMi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8wYzFlNDlh Yi01MGNhLTRiM2UtODIzYy04YjNkMzFiYTg1ZjIvMC9BOEI0MjkwREIxRDUwMDEx NzI5MTg1OERBRjFCMUVERjExRDQ3OENGLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6NmMA0GCSqGSIb3DQEBCwUAA4IBAQAda2Hp/mWjsjgHFmTvO1XHRKrn4Qzg 833dgun0qDxO/JK80Z33vkYeu2eyEUY5/e1muxMruM09GqSuhJDLL6H1/nARGrGb scWwE2nt4eFavDt0gqBcZIC0n0stVv95zfc9CXGt4J/twjWlThfh0sdqJ2ZUykOL zG3j0mm1u1DgJtPPxNlOqyooGeTTzly80Gd/b2ua40adXlcDz3EBHUmX5bJO4VPf gkvBnG6X/rXKXaZb2/8JmsC9rRvz449j698hv3jNi6kNqWUtQMGO0lbVjg2ejWPG FNO4E2aohvDxGGfQzrCPJuRkSaZdWCyS0f60uwfvjukVK9+mhdq+XKwj -----END CERTIFICATE-----Generated at Tue May 12 22:47:27 2026 by rpki-client