$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.cer File: AFA3294E5580B68203BC0DF04FD00722AA74F5D0.cer (raw, json) Hash identifier: iCva7Kt3R5oTspmmMErXS2A6Sdiqx/KryfsmgGKozPQ= Subject key identifier: AF:A3:29:4E:55:80:B6:82:03:BC:0D:F0:4F:D0:07:22:AA:74:F5:D0 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2722C0423E2BC0B836B081EB3C8773E4A2033C1F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/43ad5226-656d-461d-9cff-c83ac0742f20/0/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.mft caRepository: rsync://rpki-rsync.idnic.net/repo/43ad5226-656d-461d-9cff-c83ac0742f20/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:24:34 +0000 Certificate not after: Sun 02 May 2027 00:29:34 +0000 Subordinate resources: IP: 103.189.118.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:22:c0:42:3e:2b:c0:b8:36:b0:81:eb:3c:87:73:e4:a2:03:3c:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:24:34 2026 GMT Not After : May 2 00:29:34 2027 GMT Subject: CN=AFA3294E5580B68203BC0DF04FD00722AA74F5D0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:7a:10:39:b1:ba:cc:f2:e6:30:a7:cb:f9:88: 87:d8:83:57:6f:77:70:3f:f9:2e:88:87:9e:77:d5: 86:17:0d:a6:11:f3:8a:26:9b:10:c3:8e:88:d9:7e: ee:ba:77:c9:8b:ee:90:75:e6:f9:f7:1b:6e:df:f9: 31:ac:eb:91:19:57:99:2f:c1:96:cb:67:56:f5:f1: 60:c6:47:ee:15:ea:24:87:95:69:b0:a1:50:2e:98: 22:76:90:6d:c3:0f:b1:6d:54:89:d3:21:30:71:b9: ff:a5:15:ab:15:93:bd:d2:4d:18:bf:33:58:37:db: 32:bf:81:0c:1a:38:9f:6c:c9:2a:3e:fd:71:9b:f6: 71:73:71:94:53:13:9e:e8:b8:7d:62:22:1c:2a:eb: 20:43:90:1d:47:d2:f1:06:b7:f5:10:c8:77:44:3c: e4:15:f5:c7:1b:69:b0:40:45:6c:5e:28:72:74:27: ce:46:92:e3:bb:e1:9f:67:6c:86:70:40:97:9e:b5: 31:5c:c4:86:d8:e4:5b:4a:7e:4f:5f:20:02:66:27: 55:f7:32:5a:bb:03:96:01:ef:cc:e6:68:bf:c5:98: 25:9c:10:b8:6d:51:a3:67:59:85:98:6a:66:aa:36: 5d:10:6e:ee:96:1b:46:22:5d:9f:ab:8f:b7:cc:6f: 94:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AF:A3:29:4E:55:80:B6:82:03:BC:0D:F0:4F:D0:07:22:AA:74:F5:D0 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/43ad5226-656d-461d-9cff-c83ac0742f20/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/43ad5226-656d-461d-9cff-c83ac0742f20/0/AFA3294E5580B68203BC0DF04FD00722AA74F5D0.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.189.118.0/23 Signature Algorithm: sha256WithRSAEncryption 6f:0e:b1:86:32:d0:a6:93:29:de:20:b7:96:85:82:b0:d8:87: 25:a0:11:d5:f8:fa:f0:7a:45:4b:98:3c:84:10:5c:fc:ec:db: d4:ce:63:bf:ac:d8:76:dd:01:29:16:a2:c3:9d:5f:b0:24:3b: c9:be:e9:de:a3:07:9b:6c:2b:0d:72:de:bc:ca:0e:f7:3e:45: 7c:93:e8:81:dd:ce:56:e8:61:d8:d7:ea:0f:56:0e:8e:4f:a3: 2d:76:54:37:bb:cb:73:95:cd:7f:c8:63:74:27:94:a2:24:af: 55:82:33:51:0c:86:64:06:23:bf:ef:fd:a1:3c:cc:16:cd:0b: ae:03:6e:8b:89:3f:6d:00:78:8d:fc:4e:37:b3:4a:8e:48:ff: 20:e1:31:fe:02:c7:24:0a:32:bc:91:b8:58:0b:98:a6:3c:2c: e9:7e:f2:68:fc:6e:73:c6:1b:68:62:d1:b9:b0:ea:3b:91:04: 66:ee:01:95:c9:07:6d:50:11:bb:50:bf:d0:76:3f:e4:53:41: 91:e8:26:ff:49:2d:44:ba:81:0f:ff:04:a6:af:d1:26:e6:3d: f9:98:29:62:1f:b0:47:4c:cc:0e:c8:58:b0:3f:fe:97:2e:c1: 95:97:34:62:58:7b:ee:06:eb:a5:a2:6e:0b:9c:e2:5b:ab:35: 94:09:24:cb -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUJyLAQj4rwLg2sIHrPIdz5KIDPB8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMjQzNFoX DTI3MDUwMjAwMjkzNFowMzExMC8GA1UEAxMoQUZBMzI5NEU1NTgwQjY4MjAzQkMw REYwNEZEMDA3MjJBQTc0RjVEMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM16EDmxuszy5jCny/mIh9iDV293cD/5LoiHnnfVhhcNphHziiabEMOOiNl+ 7rp3yYvukHXm+fcbbt/5MazrkRlXmS/BlstnVvXxYMZH7hXqJIeVabChUC6YInaQ bcMPsW1UidMhMHG5/6UVqxWTvdJNGL8zWDfbMr+BDBo4n2zJKj79cZv2cXNxlFMT nui4fWIiHCrrIEOQHUfS8Qa39RDId0Q85BX1xxtpsEBFbF4ocnQnzkaS47vhn2ds hnBAl561MVzEhtjkW0p+T18gAmYnVfcyWrsDlgHvzOZov8WYJZwQuG1Ro2dZhZhq Zqo2XRBu7pYbRiJdn6uPt8xvlMECAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFK+jKU5VgLaCA7wN8E/QByKqdPXQMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzQzYWQ1MjI2LTY1NmQtNDYxZC05Y2ZmLWM4M2FjMDc0MmYyMC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby80M2FkNTIy Ni02NTZkLTQ2MWQtOWNmZi1jODNhYzA3NDJmMjAvMC9BRkEzMjk0RTU1ODBCNjgy MDNCQzBERjA0RkQwMDcyMkFBNzRGNUQwLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ712MA0GCSqGSIb3DQEBCwUAA4IBAQBvDrGGMtCmkyneILeWhYKw2IcloBHV +PrwekVLmDyEEFz87NvUzmO/rNh23QEpFqLDnV+wJDvJvuneowebbCsNct68yg73 PkV8k+iB3c5W6GHY1+oPVg6OT6MtdlQ3u8tzlc1/yGN0J5SiJK9VgjNRDIZkBiO/ 7/2hPMwWzQuuA26LiT9tAHiN/E43s0qOSP8g4TH+AsckCjK8kbhYC5imPCzpfvJo /G5zxhtoYtG5sOo7kQRm7gGVyQdtUBG7UL/Qdj/kU0GR6Cb/SS1EuoEP/wSmr9Em 5j35mCliH7BHTMwOyFiwP/6XLsGVlzRiWHvuBuulom4LnOJbqzWUCSTL -----END CERTIFICATE-----Generated at Tue May 12 22:46:08 2026 by rpki-client