$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.cer File: A8D211A540A0A57C5D6ACB5032091B1A80BA458A.cer (raw, json) Hash identifier: gYtKFI2+F7eDvou1k9OcC/dd95PlU2XDBTW+DOwsh5g= Subject key identifier: A8:D2:11:A5:40:A0:A5:7C:5D:6A:CB:50:32:09:1B:1A:80:BA:45:8A Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5AA8E8DA9863EDBD485F2302334FA3C3717FB141 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.mft caRepository: rsync://rpki-rsync.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:10:39 +0000 Certificate not after: Sun 02 May 2027 01:15:39 +0000 Subordinate resources: IP: 103.70.16.0/22 IP: 2001:df3:6a00::/48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:a8:e8:da:98:63:ed:bd:48:5f:23:02:33:4f:a3:c3:71:7f:b1:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:10:39 2026 GMT Not After : May 2 01:15:39 2027 GMT Subject: CN=A8D211A540A0A57C5D6ACB5032091B1A80BA458A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:5d:d6:c2:9c:b2:f6:5b:83:91:ed:24:28:6d: 0b:4f:0d:ad:a7:89:07:f8:a6:51:d1:75:c1:48:fb: eb:d3:a7:84:90:54:7b:6d:84:fb:48:fd:d5:df:de: d7:9f:3f:bc:e5:4d:bd:bc:e9:ed:5f:57:73:e4:a1: e8:15:43:95:49:d8:e2:c8:3d:cb:8b:17:23:01:6d: 71:ca:be:b5:69:9c:dc:45:9c:29:a4:8e:84:79:b5: 0e:8f:94:ff:8a:f9:4f:17:36:71:9d:e7:04:b3:57: aa:b6:fd:65:f1:06:7c:69:80:0a:42:bb:01:8e:16: c8:44:69:cd:40:a6:be:fa:ef:54:5c:29:b2:fa:4d: 14:f7:60:0d:26:67:d5:67:4a:8d:34:80:e1:b9:ab: 6b:6a:a0:97:75:d2:a3:c5:f0:b7:3b:13:65:27:db: 0f:c9:af:91:af:e5:ef:cb:5e:7a:be:af:c0:d0:01: 6e:f5:77:28:99:85:d3:7c:8b:95:70:7f:1b:15:ec: d2:47:38:8a:30:cb:15:22:e0:95:80:26:46:81:ab: 56:98:b2:28:a8:48:64:7e:78:6b:2e:cd:6c:d5:4e: 33:3c:46:19:2a:b7:99:14:65:c6:61:66:7d:93:b2: f7:a0:53:bf:e9:05:4c:e6:f3:cc:a4:3f:84:a5:eb: 69:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: A8:D2:11:A5:40:A0:A5:7C:5D:6A:CB:50:32:09:1B:1A:80:BA:45:8A X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/86f4d4f1-b36c-4a46-8844-4e6c7a3c97d9/0/A8D211A540A0A57C5D6ACB5032091B1A80BA458A.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.70.16.0/22 IPv6: 2001:df3:6a00::/48 Signature Algorithm: sha256WithRSAEncryption 53:95:0f:ce:c5:a5:d3:00:1d:15:05:80:81:89:af:af:77:d5: 54:16:e9:c1:b8:a8:93:51:41:56:4f:d2:ec:13:69:b4:30:26: 19:9d:2a:f2:04:ee:65:9f:51:9f:63:2b:69:e5:92:f5:50:ac: 92:ed:87:94:f0:57:90:ad:06:d5:b2:bd:1a:2f:39:d8:84:54: 8e:74:72:7c:2d:38:b2:7b:78:4e:63:5f:b7:ea:c5:e4:8f:ac: 09:b5:17:c8:54:20:1a:f7:73:78:af:b1:6c:b1:b9:37:3a:76: 9e:67:2e:79:8d:75:4b:91:3b:fc:16:48:69:83:10:51:f9:1a: 51:cf:1f:88:da:78:b1:30:c2:04:f1:34:b3:d7:07:ec:a7:c6: d7:51:8b:5c:0f:59:ce:43:ea:66:d3:cd:df:5c:39:10:8f:7f: c3:6d:ed:4c:00:d4:b8:e8:52:95:30:a4:e4:2f:35:31:8c:6f: 79:df:ac:39:fc:74:ef:09:2a:42:1e:75:73:27:ee:59:51:25: bd:d5:63:69:98:07:3f:77:9c:4a:52:31:5d:1f:6e:5b:c5:6b: 74:82:2f:34:53:2c:45:ca:2d:97:4c:3f:aa:dd:91:1b:a7:4a: a0:c8:a6:1b:76:97:ea:f7:61:14:67:56:a8:d8:4d:ab:38:e5: 2f:f1:93:38 -----BEGIN CERTIFICATE----- MIIF1zCCBL+gAwIBAgIUWqjo2phj7b1IXyMCM0+jw3F/sUEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMTAzOVoX DTI3MDUwMjAxMTUzOVowMzExMC8GA1UEAxMoQThEMjExQTU0MEEwQTU3QzVENkFD QjUwMzIwOTFCMUE4MEJBNDU4QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL5d1sKcsvZbg5HtJChtC08NraeJB/imUdF1wUj769OnhJBUe22E+0j91d/e 158/vOVNvbzp7V9Xc+Sh6BVDlUnY4sg9y4sXIwFtccq+tWmc3EWcKaSOhHm1Do+U /4r5Txc2cZ3nBLNXqrb9ZfEGfGmACkK7AY4WyERpzUCmvvrvVFwpsvpNFPdgDSZn 1WdKjTSA4bmra2qgl3XSo8XwtzsTZSfbD8mvka/l78teer6vwNABbvV3KJmF03yL lXB/GxXs0kc4ijDLFSLglYAmRoGrVpiyKKhIZH54ay7NbNVOMzxGGSq3mRRlxmFm fZOy96BTv+kFTObzzKQ/hKXraUUCAwEAAaOCAsowggLGMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKjSEaVAoKV8XWrLUDIJGxqAukWKMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv Lzg2ZjRkNGYxLWIzNmMtNGE0Ni04ODQ0LTRlNmM3YTNjOTdkOS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby84NmY0ZDRm MS1iMzZjLTRhNDYtODg0NC00ZTZjN2EzYzk3ZDkvMC9BOEQyMTFBNTQwQTBBNTdD NUQ2QUNCNTAzMjA5MUIxQTgwQkE0NThBLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAG AwQCZ0YQMA8EAgACMAkDBwAgAQ3zagAwDQYJKoZIhvcNAQELBQADggEBAFOVD87F pdMAHRUFgIGJr6931VQW6cG4qJNRQVZP0uwTabQwJhmdKvIE7mWfUZ9jK2nlkvVQ rJLth5TwV5CtBtWyvRovOdiEVI50cnwtOLJ7eE5jX7fqxeSPrAm1F8hUIBr3c3iv sWyxuTc6dp5nLnmNdUuRO/wWSGmDEFH5GlHPH4jaeLEwwgTxNLPXB+ynxtdRi1wP Wc5D6mbTzd9cORCPf8Nt7UwA1LjoUpUwpOQvNTGMb3nfrDn8dO8JKkIedXMn7llR Jb3VY2mYBz93nEpSMV0fblvFa3SCLzRTLEXKLZdMP6rdkRunSqDIpht2l+r3YRRn VqjYTas45S/xkzg= -----END CERTIFICATE-----Generated at Tue May 12 22:49:50 2026 by rpki-client