$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/ACF266E9010F46F691CC6A492EB1EAC623155D6B.cer File: ACF266E9010F46F691CC6A492EB1EAC623155D6B.cer (raw, json) Hash identifier: wA+pAKoYV2bIStY80JdDOB3338d8gUFx6Kvh2XLBtys= Subject key identifier: AC:F2:66:E9:01:0F:46:F6:91:CC:6A:49:2E:B1:EA:C6:23:15:5D:6B Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 76E3B36A7440C063AC06653B2C4B22F03BB1FC11 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/4bf2ad4f-a72a-46d1-bd7d-a560c31efcad/0/ACF266E9010F46F691CC6A492EB1EAC623155D6B.mft caRepository: rsync://rpki-rsync.idnic.net/repo/4bf2ad4f-a72a-46d1-bd7d-a560c31efcad/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:29:55 +0000 Certificate not after: Sun 02 May 2027 00:34:55 +0000 Subordinate resources: IP: 43.249.208.0/22 IP: 103.247.244.0/23 IP: 103.253.106.0/23 IP: 182.16.240.0/20 IP: 202.43.72.0/22 IP: 203.171.221.0/24 IP: 203.209.190.0/24 IP: 2405:700::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:e3:b3:6a:74:40:c0:63:ac:06:65:3b:2c:4b:22:f0:3b:b1:fc:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:29:55 2026 GMT Not After : May 2 00:34:55 2027 GMT Subject: CN=ACF266E9010F46F691CC6A492EB1EAC623155D6B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:14:dd:82:cb:56:e3:91:25:1c:79:30:0e:c4: a0:48:62:ee:88:5d:f1:c9:43:18:08:3d:57:df:d8: ab:0f:5e:e6:48:2d:80:81:49:88:01:ab:2c:a7:30: 56:1d:f4:ca:35:29:88:da:c5:f6:91:1f:8e:47:4f: 81:39:ba:3d:98:54:70:71:74:bd:e3:d3:67:ea:0b: fc:71:1c:39:94:46:e4:69:af:5d:87:d1:2a:16:8b: dc:bc:e6:05:e2:58:82:dc:cc:10:09:d5:d6:bd:d1: 38:a4:73:81:7e:5a:b4:bc:bd:8e:5f:15:ef:68:8f: 54:8a:87:cb:3b:07:a3:8b:39:00:99:b0:eb:0e:f4: f0:b7:e1:10:6b:2d:38:7e:28:c6:f6:a3:11:25:08: c7:f2:b6:c1:28:6c:fb:cb:95:02:83:e8:e1:58:df: 26:46:0d:cf:cd:cc:78:5c:3b:5a:1a:2e:d7:ad:d7: ea:6e:37:8f:62:45:33:6e:78:f0:82:36:36:71:9c: a1:d3:df:87:73:92:78:fa:77:16:cd:2d:e2:41:08: d8:00:eb:8d:ce:7a:1a:1a:4e:ab:8a:c1:dd:76:b8: 47:b5:65:be:8c:93:d7:f5:85:06:03:70:38:be:b2: fa:31:7f:14:ea:59:30:96:82:05:70:19:9a:9f:46: 3f:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AC:F2:66:E9:01:0F:46:F6:91:CC:6A:49:2E:B1:EA:C6:23:15:5D:6B X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/4bf2ad4f-a72a-46d1-bd7d-a560c31efcad/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/4bf2ad4f-a72a-46d1-bd7d-a560c31efcad/0/ACF266E9010F46F691CC6A492EB1EAC623155D6B.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.249.208.0/22 103.247.244.0/23 103.253.106.0/23 182.16.240.0/20 202.43.72.0/22 203.171.221.0/24 203.209.190.0/24 IPv6: 2405:700::/32 Signature Algorithm: sha256WithRSAEncryption 64:a0:a4:86:f3:89:f1:61:0b:aa:a8:26:c7:22:4c:d5:b5:4d: b0:aa:62:27:d8:12:ee:6a:39:10:e0:e8:1a:9b:d8:c0:bb:a4: 55:7a:28:5a:92:58:ad:11:3d:fc:8e:01:ca:a9:fb:e0:c9:d3: bc:a4:5b:3a:df:45:66:b0:6e:80:85:53:20:93:6b:03:a1:b9: d0:73:c9:ac:eb:81:e2:12:1e:b9:8c:5a:c3:3d:a4:2d:78:8a: f0:e9:c2:74:ca:0f:f2:6c:a2:a5:68:b3:a9:56:1b:e2:86:29: 87:31:89:82:81:23:45:da:f1:82:6c:85:37:cf:9a:bb:0b:01: 79:6d:b9:a6:f6:88:f2:1e:6b:55:d7:6d:ae:1e:ad:d7:10:15: b5:ed:73:c0:59:85:3f:3e:b6:db:70:6e:1a:9d:77:05:60:e1: bd:88:2e:f2:9e:89:0d:dc:76:e8:2f:3d:81:2b:99:56:6d:76: 36:b8:74:52:f7:cf:3e:d7:9f:f9:3e:8e:47:30:9e:03:b4:5a: ad:97:f8:18:6d:d5:58:cc:f9:33:f5:dd:d0:28:de:32:8a:5c: 36:5a:48:18:50:6f:d9:04:8e:4d:e4:8f:70:f4:e6:1f:08:20: a1:75:bf:d7:e2:69:87:22:04:56:50:74:6a:f8:fa:68:de:ac: 8c:12:a2:0b -----BEGIN CERTIFICATE----- MIIF+TCCBOGgAwIBAgIUduOzanRAwGOsBmU7LEsi8Dux/BEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMjk1NVoX DTI3MDUwMjAwMzQ1NVowMzExMC8GA1UEAxMoQUNGMjY2RTkwMTBGNDZGNjkxQ0M2 QTQ5MkVCMUVBQzYyMzE1NUQ2QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALwU3YLLVuORJRx5MA7EoEhi7ohd8clDGAg9V9/Yqw9e5kgtgIFJiAGrLKcw Vh30yjUpiNrF9pEfjkdPgTm6PZhUcHF0vePTZ+oL/HEcOZRG5GmvXYfRKhaL3Lzm BeJYgtzMEAnV1r3ROKRzgX5atLy9jl8V72iPVIqHyzsHo4s5AJmw6w708LfhEGst OH4oxvajESUIx/K2wShs+8uVAoPo4VjfJkYNz83MeFw7Whou163X6m43j2JFM254 8II2NnGcodPfh3OSePp3Fs0t4kEI2ADrjc56GhpOq4rB3Xa4R7VlvoyT1/WFBgNw OL6y+jF/FOpZMJaCBXAZmp9GPxsCAwEAAaOCAuwwggLoMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKzyZukBD0b2kcxqSS6x6sYjFV1rMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzRiZjJhZDRmLWE3MmEtNDZkMS1iZDdkLWE1NjBjMzFlZmNhZC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby80YmYyYWQ0 Zi1hNzJhLTQ2ZDEtYmQ3ZC1hNTYwYzMxZWZjYWQvMC9BQ0YyNjZFOTAxMEY0NkY2 OTFDQzZBNDkyRUIxRUFDNjIzMTU1RDZCLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAq AwQCK/nQAwQBZ/f0AwQBZ/1qAwQEthDwAwQCyitIAwQAy6vdAwQAy9G+MA0EAgAC MAcDBQAkBQcAMA0GCSqGSIb3DQEBCwUAA4IBAQBkoKSG84nxYQuqqCbHIkzVtU2w qmIn2BLuajkQ4Ogam9jAu6RVeihaklitET38jgHKqfvgydO8pFs630VmsG6AhVMg k2sDobnQc8ms64HiEh65jFrDPaQteIrw6cJ0yg/ybKKlaLOpVhvihimHMYmCgSNF 2vGCbIU3z5q7CwF5bbmm9ojyHmtV122uHq3XEBW17XPAWYU/PrbbcG4anXcFYOG9 iC7ynokN3HboLz2BK5lWbXY2uHRS988+15/5Po5HMJ4DtFqtl/gYbdVYzPkz9d3Q KN4yilw2WkgYUG/ZBI5N5I9w9OYfCCChdb/X4mmHIgRWUHRq+Ppo3qyMEqIL -----END CERTIFICATE-----Generated at Tue May 12 22:46:08 2026 by rpki-client