$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AA7E83DE7435AB78ADE6137B1EACFDC6F6BC958A.cer File: AA7E83DE7435AB78ADE6137B1EACFDC6F6BC958A.cer (raw, json) Hash identifier: 1hXAd99GWibHt9B5u+KvSutbIB/gN7voRn+NWuY4Awk= Subject key identifier: AA:7E:83:DE:74:35:AB:78:AD:E6:13:7B:1E:AC:FD:C6:F6:BC:95:8A Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 59016C5BC0BA961C0C6E8432BD4C487396697DA7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/5a519aeb-5c56-4cb3-94a0-0f400ea6a375/0/AA7E83DE7435AB78ADE6137B1EACFDC6F6BC958A.mft caRepository: rsync://rpki-rsync.idnic.net/repo/5a519aeb-5c56-4cb3-94a0-0f400ea6a375/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:39:35 +0000 Certificate not after: Sun 02 May 2027 00:44:35 +0000 Subordinate resources: IP: 103.140.130.0/23 IP: 2404:fec0::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:01:6c:5b:c0:ba:96:1c:0c:6e:84:32:bd:4c:48:73:96:69:7d:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:39:35 2026 GMT Not After : May 2 00:44:35 2027 GMT Subject: CN=AA7E83DE7435AB78ADE6137B1EACFDC6F6BC958A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:1e:e0:65:e1:eb:50:8e:38:ee:53:84:ed:3e: f6:16:35:6e:4b:a2:16:a6:d9:5b:d1:94:76:ed:18: 0c:75:95:2e:71:1a:6c:ab:64:06:86:22:0c:f2:ee: 9b:b4:7c:5d:8d:3b:55:b1:85:62:a9:2a:af:4b:db: 06:7d:49:e0:9d:5f:29:dd:fa:06:9e:43:4b:53:6b: dc:ac:b2:49:86:50:59:50:90:2d:51:62:a3:7f:a2: 71:67:59:a1:6d:16:6b:29:66:c9:b6:d8:a1:0e:76: b1:4d:55:27:60:9f:3a:41:a7:7f:75:61:b9:83:5b: e2:f5:c4:a9:87:92:23:a2:ab:8c:e3:33:6b:6f:d6: fe:74:87:90:fc:66:e4:b8:69:7a:12:93:b6:0b:a6: 26:a5:6b:00:ff:bd:17:6b:f5:e2:2f:64:41:63:28: 97:7a:2a:cb:a4:a7:08:03:93:96:8a:9c:5f:63:63: d2:4e:cd:fb:08:24:6a:9f:58:90:a6:ff:be:1b:c7: 13:33:66:d8:e8:10:32:8f:83:0d:e3:08:b4:34:4f: 65:a3:0c:20:7f:d7:b5:69:01:00:57:4d:f9:b6:b1: 6d:76:a0:78:b8:f9:8d:41:c7:07:ae:09:bf:7f:10: 54:e8:e9:0b:a3:cc:db:54:70:84:d7:9f:55:5b:c1: c1:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AA:7E:83:DE:74:35:AB:78:AD:E6:13:7B:1E:AC:FD:C6:F6:BC:95:8A X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/5a519aeb-5c56-4cb3-94a0-0f400ea6a375/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/5a519aeb-5c56-4cb3-94a0-0f400ea6a375/0/AA7E83DE7435AB78ADE6137B1EACFDC6F6BC958A.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.140.130.0/23 IPv6: 2404:fec0::/32 Signature Algorithm: sha256WithRSAEncryption 31:70:fb:1e:60:94:5c:d5:70:7f:f9:3f:07:93:9c:68:32:34: 41:d3:82:ee:0b:42:b1:d5:e5:2e:aa:48:1d:cd:a5:68:05:a0: c4:f2:eb:d0:08:da:d0:71:1a:2f:0f:95:97:d4:e8:90:be:78: fe:80:67:e8:4b:8a:ae:8b:a7:c1:f8:50:78:88:a9:da:d3:2b: 23:ec:bc:a7:17:99:ba:b9:32:2f:95:79:d4:28:37:05:35:f4: 29:07:69:7a:f8:7f:2a:4c:65:96:d7:c4:3f:87:7f:a9:d8:c3: 4b:56:75:9c:00:c1:6c:24:64:30:5b:9f:78:01:e1:1b:ee:39: ee:3f:9c:3c:ad:a3:38:c5:ae:7f:cd:be:93:5b:25:2f:d8:a2: 73:f4:04:0e:62:a2:bb:0c:9c:56:3d:ef:49:8c:5a:09:c9:d5: 23:be:a7:af:2d:25:3f:80:0a:9e:66:d3:f7:58:1f:58:9a:d5: 92:e5:aa:43:fa:92:e0:0f:61:da:03:99:e2:90:f6:b8:e9:3a: ae:62:c1:16:80:e5:9c:16:1c:ed:73:3a:5f:b6:dd:2d:4f:0d: a1:68:73:46:fb:27:99:06:a9:1a:40:8b:57:a3:8a:64:35:4d: 53:30:0b:d5:e0:b3:89:3f:9c:b5:e3:45:de:1a:9d:43:d4:a5: 88:53:40:d2 -----BEGIN CERTIFICATE----- MIIF1TCCBL2gAwIBAgIUWQFsW8C6lhwMboQyvUxIc5ZpfacwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMzkzNVoX DTI3MDUwMjAwNDQzNVowMzExMC8GA1UEAxMoQUE3RTgzREU3NDM1QUI3OEFERTYx MzdCMUVBQ0ZEQzZGNkJDOTU4QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMMe4GXh61COOO5ThO0+9hY1bkuiFqbZW9GUdu0YDHWVLnEabKtkBoYiDPLu m7R8XY07VbGFYqkqr0vbBn1J4J1fKd36Bp5DS1Nr3KyySYZQWVCQLVFio3+icWdZ oW0WaylmybbYoQ52sU1VJ2CfOkGnf3VhuYNb4vXEqYeSI6KrjOMza2/W/nSHkPxm 5LhpehKTtgumJqVrAP+9F2v14i9kQWMol3oqy6SnCAOTloqcX2Nj0k7N+wgkap9Y kKb/vhvHEzNm2OgQMo+DDeMItDRPZaMMIH/XtWkBAFdN+baxbXageLj5jUHHB64J v38QVOjpC6PM21RwhNefVVvBwecCAwEAAaOCAsgwggLEMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKp+g950Nat4reYTex6s/cb2vJWKMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzVhNTE5YWViLTVjNTYtNGNiMy05NGEwLTBmNDAwZWE2YTM3NS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby81YTUxOWFl Yi01YzU2LTRjYjMtOTRhMC0wZjQwMGVhNmEzNzUvMC9BQTdFODNERTc0MzVBQjc4 QURFNjEzN0IxRUFDRkRDNkY2QkM5NThBLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAG AwQBZ4yCMA0EAgACMAcDBQAkBP7AMA0GCSqGSIb3DQEBCwUAA4IBAQAxcPseYJRc 1XB/+T8Hk5xoMjRB04LuC0Kx1eUuqkgdzaVoBaDE8uvQCNrQcRovD5WX1OiQvnj+ gGfoS4qui6fB+FB4iKna0ysj7LynF5m6uTIvlXnUKDcFNfQpB2l6+H8qTGWW18Q/ h3+p2MNLVnWcAMFsJGQwW594AeEb7jnuP5w8raM4xa5/zb6TWyUv2KJz9AQOYqK7 DJxWPe9JjFoJydUjvqevLSU/gAqeZtP3WB9YmtWS5apD+pLgD2HaA5nikPa46Tqu YsEWgOWcFhztczpftt0tTw2haHNG+yeZBqkaQItXo4pkNU1TMAvV4LOJP5y140Xe Gp1D1KWIU0DS -----END CERTIFICATE-----Generated at Tue May 12 22:09:55 2026 by rpki-client