$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/B2A07F1748E561B33DB8C4326981A55B27CEE93D.cer File: B2A07F1748E561B33DB8C4326981A55B27CEE93D.cer (raw, json) Hash identifier: K2B/JNQkVF+HiDgDF2qhj2pUM8EYSv1omcf4s3v2D/g= Subject key identifier: B2:A0:7F:17:48:E5:61:B3:3D:B8:C4:32:69:81:A5:5B:27:CE:E9:3D Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5A0506072E5FD31C90E253F943C80AEAC153EF1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/91e0d17c-edd1-4202-b736-3b527efa6ba2/0/B2A07F1748E561B33DB8C4326981A55B27CEE93D.mft caRepository: rsync://rpki-rsync.idnic.net/repo/91e0d17c-edd1-4202-b736-3b527efa6ba2/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:17:53 +0000 Certificate not after: Sun 02 May 2027 01:22:53 +0000 Subordinate resources: IP: 103.196.156.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:05:06:07:2e:5f:d3:1c:90:e2:53:f9:43:c8:0a:ea:c1:53:ef:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:17:53 2026 GMT Not After : May 2 01:22:53 2027 GMT Subject: CN=B2A07F1748E561B33DB8C4326981A55B27CEE93D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:29:62:cd:71:01:b8:3c:cc:a6:c5:60:fe:d4: 11:d2:df:79:84:d0:03:5b:b7:d4:20:5a:02:2b:a8: 3c:fa:77:43:1d:51:6e:3e:92:d1:b5:f9:ae:f8:a7: 05:fe:1c:ed:8d:46:29:9f:4c:80:64:1c:42:2f:54: 59:75:b2:ff:ab:53:a9:8f:43:05:4a:d7:9d:e6:be: 90:41:ea:2a:05:b6:26:83:a6:2f:bb:c4:89:bd:dd: 66:e8:60:38:02:0e:b6:da:79:37:f8:66:9e:34:3b: e0:20:90:f9:05:da:a4:2d:d5:f7:a6:a3:96:ad:99: 16:03:72:b7:2f:bb:76:08:dd:0d:47:93:63:9a:73: 1c:d8:95:05:6c:df:1c:69:13:ea:67:70:70:ae:ea: 4b:34:29:be:16:71:61:8e:06:f6:0a:c0:8e:17:d4: 85:fc:8e:f3:31:f5:81:d1:37:c0:3d:2a:90:1a:22: 2e:a3:9d:2c:51:9e:a3:76:47:91:db:ab:83:dd:23: dc:8b:80:a2:94:86:b3:1a:0e:42:41:90:28:76:79: 4c:5d:a2:28:f2:f1:fc:8c:3f:79:be:fa:6d:df:fb: ab:cb:0b:b1:c6:20:d2:c1:67:84:1c:bc:9c:da:1d: f0:b1:16:60:25:19:0c:88:10:71:85:2d:46:4b:1a: 25:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: B2:A0:7F:17:48:E5:61:B3:3D:B8:C4:32:69:81:A5:5B:27:CE:E9:3D X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/91e0d17c-edd1-4202-b736-3b527efa6ba2/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/91e0d17c-edd1-4202-b736-3b527efa6ba2/0/B2A07F1748E561B33DB8C4326981A55B27CEE93D.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.196.156.0/24 Signature Algorithm: sha256WithRSAEncryption 02:c9:70:d9:ff:2d:27:8b:bf:13:a0:42:56:82:df:22:7c:f9: d1:48:b3:66:27:6f:dc:a5:49:a9:36:6c:74:ab:4a:5a:f7:c3: 27:35:73:2f:60:e5:e4:d0:d5:dd:54:d0:bb:1f:0e:e6:17:0a: f0:7b:72:e7:4c:16:0b:44:d2:a1:14:cd:a9:70:0a:e9:24:ce: 9b:f7:38:a3:43:77:89:b1:0a:c6:ed:7d:50:71:fd:84:31:dc: d8:94:11:9d:8f:14:50:2e:c2:da:da:67:29:d7:2e:b8:d7:93: 60:8c:79:4a:d5:33:4d:83:92:dd:d1:2f:4c:8e:68:4d:f5:1e: 06:6f:ca:86:32:b8:4d:b7:b4:61:58:0b:d3:2b:0a:14:18:31: 3e:a7:8c:b5:43:a5:ca:13:3c:26:49:f2:95:05:48:01:ac:f7: 3e:50:17:a6:bc:3b:0f:b9:95:46:2c:d9:d4:86:e2:1f:ae:9e: 26:07:70:f1:23:50:73:c2:3f:73:ad:6d:2d:1d:8c:10:b4:77: 3d:0d:f5:46:05:e5:32:5a:07:5c:0f:e1:38:55:e7:da:e3:d3: 06:ce:bc:22:56:23:51:f1:ee:e6:f8:c0:7d:64:ef:2c:2d:f7: 28:43:93:f7:41:af:5e:97:f2:20:28:53:cd:4d:a0:3e:97:02: 88:ea:7f:ea -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUWgUGBy5f0xyQ4lP5Q8gK6sFT7x0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMTc1M1oX DTI3MDUwMjAxMjI1M1owMzExMC8GA1UEAxMoQjJBMDdGMTc0OEU1NjFCMzNEQjhD NDMyNjk4MUE1NUIyN0NFRTkzRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANApYs1xAbg8zKbFYP7UEdLfeYTQA1u31CBaAiuoPPp3Qx1Rbj6S0bX5rvin Bf4c7Y1GKZ9MgGQcQi9UWXWy/6tTqY9DBUrXnea+kEHqKgW2JoOmL7vEib3dZuhg OAIOttp5N/hmnjQ74CCQ+QXapC3V96ajlq2ZFgNyty+7dgjdDUeTY5pzHNiVBWzf HGkT6mdwcK7qSzQpvhZxYY4G9grAjhfUhfyO8zH1gdE3wD0qkBoiLqOdLFGeo3ZH kdurg90j3IuAopSGsxoOQkGQKHZ5TF2iKPLx/Iw/eb76bd/7q8sLscYg0sFnhBy8 nNod8LEWYCUZDIgQcYUtRksaJdECAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFLKgfxdI5WGzPbjEMmmBpVsnzuk9MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzkxZTBkMTdjLWVkZDEtNDIwMi1iNzM2LTNiNTI3ZWZhNmJhMi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby85MWUwZDE3 Yy1lZGQxLTQyMDItYjczNi0zYjUyN2VmYTZiYTIvMC9CMkEwN0YxNzQ4RTU2MUIz M0RCOEM0MzI2OTgxQTU1QjI3Q0VFOTNELm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZ8ScMA0GCSqGSIb3DQEBCwUAA4IBAQACyXDZ/y0ni78ToEJWgt8ifPnRSLNm J2/cpUmpNmx0q0pa98MnNXMvYOXk0NXdVNC7Hw7mFwrwe3LnTBYLRNKhFM2pcArp JM6b9zijQ3eJsQrG7X1Qcf2EMdzYlBGdjxRQLsLa2mcp1y6415NgjHlK1TNNg5Ld 0S9MjmhN9R4Gb8qGMrhNt7RhWAvTKwoUGDE+p4y1Q6XKEzwmSfKVBUgBrPc+UBem vDsPuZVGLNnUhuIfrp4mB3DxI1Bzwj9zrW0tHYwQtHc9DfVGBeUyWgdcD+E4Vefa 49MGzrwiViNR8e7m+MB9ZO8sLfcoQ5P3Qa9el/IgKFPNTaA+lwKI6n/q -----END CERTIFICATE-----Generated at Tue May 12 22:02:45 2026 by rpki-client