$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AA8D66437A40D4CB7037D059FE692144FA3EE83F.cer File: AA8D66437A40D4CB7037D059FE692144FA3EE83F.cer (raw, json) Hash identifier: n/1SveE3Uc8y6DtKr6OoX0Q6J3x6h+GnQhFfSu+yCzY= Subject key identifier: AA:8D:66:43:7A:40:D4:CB:70:37:D0:59:FE:69:21:44:FA:3E:E8:3F Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 3ED026EACDA7F4750316AF0ABCA1E6F20D187408 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/b27b11c2-ab90-420f-b49c-3cc332eb7d64/0/AA8D66437A40D4CB7037D059FE692144FA3EE83F.mft caRepository: rsync://rpki-rsync.idnic.net/repo/b27b11c2-ab90-420f-b49c-3cc332eb7d64/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:39:23 +0000 Certificate not after: Sun 02 May 2027 01:44:23 +0000 Subordinate resources: IP: 103.155.28.0/24 IP: 2001:df4:ad80::/48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:d0:26:ea:cd:a7:f4:75:03:16:af:0a:bc:a1:e6:f2:0d:18:74:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:39:23 2026 GMT Not After : May 2 01:44:23 2027 GMT Subject: CN=AA8D66437A40D4CB7037D059FE692144FA3EE83F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:0e:04:16:be:ed:a1:90:f4:18:fd:d2:66:00: e7:44:50:65:a8:b1:ef:04:6c:32:8a:a1:2b:0c:98: 6d:22:f1:c2:28:82:a3:25:06:93:28:96:4c:46:01: bb:4d:c9:d0:c0:37:c0:ed:0c:09:73:46:77:a9:db: 62:65:60:53:c1:5a:de:5e:06:c5:a6:07:b4:c1:67: 31:e8:30:88:46:81:d3:ea:7e:a6:84:d7:2a:95:fa: 93:c5:3a:1d:ea:4b:2b:35:a6:5f:70:f9:0d:7b:57: 92:4e:e7:bc:d0:cf:ed:a5:5b:9e:60:df:e7:08:df: 90:a3:15:f0:f2:64:b7:28:1a:48:4b:e1:5c:2d:f9: 7a:66:d9:4a:b3:68:2d:1d:c5:c3:09:5a:13:0e:6f: 29:fb:b5:20:3a:16:d9:60:85:fd:dc:6b:1f:c8:33: b1:d6:71:59:64:76:30:b3:f7:be:d7:ef:5f:83:ff: e8:76:05:2f:27:80:45:b5:14:83:b1:2c:42:3c:bf: 64:da:46:be:d2:aa:52:70:5e:08:8c:b6:4c:ec:14: 4c:7f:00:16:ec:30:02:d3:9d:19:4a:a1:bd:fc:d7: b9:a1:32:41:8b:ef:ea:28:f2:e4:8b:b6:27:3a:88: b3:98:6b:35:66:e0:ab:64:0a:65:23:f4:c5:64:fb: 4b:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AA:8D:66:43:7A:40:D4:CB:70:37:D0:59:FE:69:21:44:FA:3E:E8:3F X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/b27b11c2-ab90-420f-b49c-3cc332eb7d64/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/b27b11c2-ab90-420f-b49c-3cc332eb7d64/0/AA8D66437A40D4CB7037D059FE692144FA3EE83F.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.155.28.0/24 IPv6: 2001:df4:ad80::/48 Signature Algorithm: sha256WithRSAEncryption 11:84:f5:35:59:90:ab:8c:6a:0d:99:05:c0:41:45:06:33:f3: f5:23:7f:7e:34:21:84:cc:7d:b2:10:30:eb:74:8f:08:73:31: 93:16:6b:de:fc:61:84:b4:af:40:b2:26:42:47:bd:f5:83:d4: 29:b0:5c:41:7b:c4:3d:5c:13:39:ab:87:4e:b8:90:69:dd:dc: 76:07:37:de:77:fe:b5:b5:ab:51:6c:94:0b:56:38:af:b6:24: 59:88:79:09:e2:01:79:bb:a1:71:39:c8:e8:d0:45:69:20:fb: 62:4a:78:e9:9f:0e:e8:b5:c2:eb:22:16:6f:e1:96:dc:40:48: 17:cb:b0:53:6c:35:52:ab:1f:1c:38:46:7a:f9:1d:76:77:b1: 20:a9:9e:09:24:73:84:3d:4e:7a:14:88:72:fa:9e:82:ef:15: 37:b2:c6:da:80:17:6d:4f:b2:f8:01:cb:2c:34:26:dc:8d:ae: 80:c0:0a:64:ac:c7:58:06:59:85:49:ee:c5:ea:a4:31:a8:43: 00:76:c7:d6:36:35:58:37:fa:2c:4a:de:8a:a3:74:ae:9a:3b: 09:34:b0:3e:7d:bd:55:ab:70:e4:c1:eb:87:c7:26:59:7c:c8: 25:b7:5a:50:5c:70:16:3e:34:81:57:91:17:66:28:94:01:79: b8:e5:2c:c3 -----BEGIN CERTIFICATE----- MIIF1zCCBL+gAwIBAgIUPtAm6s2n9HUDFq8KvKHm8g0YdAgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMzkyM1oX DTI3MDUwMjAxNDQyM1owMzExMC8GA1UEAxMoQUE4RDY2NDM3QTQwRDRDQjcwMzdE MDU5RkU2OTIxNDRGQTNFRTgzRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALUOBBa+7aGQ9Bj90mYA50RQZaix7wRsMoqhKwyYbSLxwiiCoyUGkyiWTEYB u03J0MA3wO0MCXNGd6nbYmVgU8Fa3l4GxaYHtMFnMegwiEaB0+p+poTXKpX6k8U6 HepLKzWmX3D5DXtXkk7nvNDP7aVbnmDf5wjfkKMV8PJktygaSEvhXC35embZSrNo LR3FwwlaEw5vKfu1IDoW2WCF/dxrH8gzsdZxWWR2MLP3vtfvX4P/6HYFLyeARbUU g7EsQjy/ZNpGvtKqUnBeCIy2TOwUTH8AFuwwAtOdGUqhvfzXuaEyQYvv6ijy5Iu2 JzqIs5hrNWbgq2QKZSP0xWT7S9MCAwEAAaOCAsowggLGMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKqNZkN6QNTLcDfQWf5pIUT6Pug/MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2IyN2IxMWMyLWFiOTAtNDIwZi1iNDljLTNjYzMzMmViN2Q2NC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9iMjdiMTFj Mi1hYjkwLTQyMGYtYjQ5Yy0zY2MzMzJlYjdkNjQvMC9BQThENjY0MzdBNDBENENC NzAzN0QwNTlGRTY5MjE0NEZBM0VFODNGLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAG AwQAZ5scMA8EAgACMAkDBwAgAQ30rYAwDQYJKoZIhvcNAQELBQADggEBABGE9TVZ kKuMag2ZBcBBRQYz8/Ujf340IYTMfbIQMOt0jwhzMZMWa978YYS0r0CyJkJHvfWD 1CmwXEF7xD1cEzmrh064kGnd3HYHN953/rW1q1FslAtWOK+2JFmIeQniAXm7oXE5 yOjQRWkg+2JKeOmfDui1wusiFm/hltxASBfLsFNsNVKrHxw4Rnr5HXZ3sSCpngkk c4Q9TnoUiHL6noLvFTeyxtqAF21PsvgByyw0JtyNroDACmSsx1gGWYVJ7sXqpDGo QwB2x9Y2NVg3+ixK3oqjdK6aOwk0sD59vVWrcOTB64fHJll8yCW3WlBccBY+NIFX kRdmKJQBebjlLMM= -----END CERTIFICATE-----Generated at Tue May 12 22:02:51 2026 by rpki-client