$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/AFB831541A03B6BE413D492F67453655438B76F4.cer File: AFB831541A03B6BE413D492F67453655438B76F4.cer (raw, json) Hash identifier: 6O6//DzyNJXKbkLKdHqb0Rd2koaLrqNlVZSWJMW2PvU= Subject key identifier: AF:B8:31:54:1A:03:B6:BE:41:3D:49:2F:67:45:36:55:43:8B:76:F4 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 097E177E879C9B3D6001E3FDF9A0A247A9BBECB1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/AFB831541A03B6BE413D492F67453655438B76F4.mft caRepository: rsync://rpki-rsync.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:12:39 +0000 Certificate not after: Sun 02 May 2027 00:17:39 +0000 Subordinate resources: IP: 43.230.128.0/22 IP: 103.238.200.0/22 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:7e:17:7e:87:9c:9b:3d:60:01:e3:fd:f9:a0:a2:47:a9:bb:ec:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:12:39 2026 GMT Not After : May 2 00:17:39 2027 GMT Subject: CN=AFB831541A03B6BE413D492F67453655438B76F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:17:4f:69:e8:02:70:99:08:57:79:69:e9:c1: 58:e6:a2:91:00:65:17:8a:ee:6e:bd:dd:51:68:a7: a4:29:fe:a2:b9:79:b3:35:ad:14:16:77:7e:6b:6d: 2a:22:00:74:90:d8:0f:d6:ef:78:84:05:c4:ea:d0: 4a:08:8d:3c:80:af:70:6c:24:42:8e:ce:9c:4a:33: d8:32:e3:c3:cf:c2:3d:de:ce:e8:55:13:64:b6:58: 2a:f4:03:68:35:34:28:75:ad:f5:02:29:15:55:24: a8:50:f5:7c:9e:44:7d:34:76:91:31:24:79:a0:b5: 1d:38:d1:b0:9d:ac:8d:da:af:2c:f1:cf:50:70:d7: a1:2b:a1:e7:08:8c:e7:83:a6:86:0b:d1:7b:1f:74: 44:bf:f6:05:de:8d:68:26:63:2f:94:2e:7c:f7:63: 31:47:01:5a:2d:09:f4:b3:7b:97:36:c7:b8:0f:8a: 72:fd:39:d4:0c:35:41:7a:67:88:51:22:a0:45:e6: 89:f0:7e:e7:b5:d1:67:83:81:fd:90:58:83:66:69: b8:cd:a5:f0:78:7c:0f:a0:ec:7f:b9:86:94:f3:71: e5:00:68:bb:20:e4:e7:07:0c:94:a0:32:0d:d9:1b: 96:a6:70:c9:30:96:3c:20:d6:d8:99:64:6d:67:1d: fe:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AF:B8:31:54:1A:03:B6:BE:41:3D:49:2F:67:45:36:55:43:8B:76:F4 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/324a65f4-4f4b-44b6-a2eb-59957bc6a4d3/0/AFB831541A03B6BE413D492F67453655438B76F4.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.230.128.0/22 103.238.200.0/22 Signature Algorithm: sha256WithRSAEncryption 4d:11:1e:ff:87:81:0e:9b:38:c4:74:bf:81:0f:7b:96:ae:3e: c3:80:dd:0d:6a:ce:44:f4:9e:61:f8:01:4f:08:77:79:88:61: 2d:cf:63:21:24:3e:23:46:09:86:31:d5:31:b4:b2:3c:2f:fa: cf:16:9a:05:9d:15:4c:6a:75:ee:46:6a:52:d8:b5:b2:53:22: f4:f0:19:50:a9:d2:d5:e8:ff:80:36:46:33:75:4f:fc:14:ee: 05:59:c1:2d:57:d0:6f:ee:70:c0:1e:01:11:39:9f:e4:e5:ae: 8a:9d:7f:e5:05:33:f7:c2:03:14:8f:6d:bd:d3:85:7b:f6:b1: c6:6f:ed:ec:29:de:7c:a0:52:83:22:8d:53:c4:a7:8b:f5:a0: a7:d9:50:2a:f6:15:34:47:4b:e7:2e:92:c9:e9:c6:6f:1e:65: e3:18:8d:59:78:71:3c:26:c6:11:4a:9f:e3:3d:9b:8b:f2:8e: 14:82:bc:c8:91:9c:ac:f5:e3:ee:a8:a8:76:76:a8:e1:b8:7f: 11:fa:d3:ed:6a:9f:f8:da:6c:a1:d3:20:ca:b0:74:8a:de:0a: 9a:19:bd:d1:29:43:f3:61:ba:cd:40:06:98:41:7d:69:86:8a: 54:db:7e:2c:17:55:24:5b:69:7b:1e:75:74:a1:a7:2a:46:2f: b0:7d:32:37 -----BEGIN CERTIFICATE----- MIIFzDCCBLSgAwIBAgIUCX4Xfoecmz1gAeP9+aCiR6m77LEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMTIzOVoX DTI3MDUwMjAwMTczOVowMzExMC8GA1UEAxMoQUZCODMxNTQxQTAzQjZCRTQxM0Q0 OTJGNjc0NTM2NTU0MzhCNzZGNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN4XT2noAnCZCFd5aenBWOaikQBlF4rubr3dUWinpCn+orl5szWtFBZ3fmtt KiIAdJDYD9bveIQFxOrQSgiNPICvcGwkQo7OnEoz2DLjw8/CPd7O6FUTZLZYKvQD aDU0KHWt9QIpFVUkqFD1fJ5EfTR2kTEkeaC1HTjRsJ2sjdqvLPHPUHDXoSuh5wiM 54OmhgvRex90RL/2Bd6NaCZjL5QufPdjMUcBWi0J9LN7lzbHuA+Kcv051Aw1QXpn iFEioEXmifB+57XRZ4OB/ZBYg2ZpuM2l8Hh8D6Dsf7mGlPNx5QBouyDk5wcMlKAy DdkblqZwyTCWPCDW2JlkbWcd/vkCAwEAAaOCAr8wggK7MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFK+4MVQaA7a+QT1JL2dFNlVDi3b0MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzMyNGE2NWY0LTRmNGItNDRiNi1hMmViLTU5OTU3YmM2YTRkMy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8zMjRhNjVm NC00ZjRiLTQ0YjYtYTJlYi01OTk1N2JjNmE0ZDMvMC9BRkI4MzE1NDFBMDNCNkJF NDEzRDQ5MkY2NzQ1MzY1NTQzOEI3NkY0Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAM AwQCK+aAAwQCZ+7IMA0GCSqGSIb3DQEBCwUAA4IBAQBNER7/h4EOmzjEdL+BD3uW rj7DgN0Nas5E9J5h+AFPCHd5iGEtz2MhJD4jRgmGMdUxtLI8L/rPFpoFnRVManXu RmpS2LWyUyL08BlQqdLV6P+ANkYzdU/8FO4FWcEtV9Bv7nDAHgEROZ/k5a6KnX/l BTP3wgMUj22904V79rHGb+3sKd58oFKDIo1TxKeL9aCn2VAq9hU0R0vnLpLJ6cZv HmXjGI1ZeHE8JsYRSp/jPZuL8o4UgrzIkZys9ePuqKh2dqjhuH8R+tPtap/42myh 0yDKsHSK3gqaGb3RKUPzYbrNQAaYQX1phopU234sF1UkW2l7HnV0oacqRi+wfTI3 -----END CERTIFICATE-----Generated at Tue May 12 22:09:56 2026 by rpki-client