$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/B8A1A7850FE4606645CDB993613F0326921CB0E7.cer File: B8A1A7850FE4606645CDB993613F0326921CB0E7.cer (raw, json) Hash identifier: 7QE4EzUmy28ENc1Y23sqn9dXLVNEM0NO20PSEc6qNlk= Subject key identifier: B8:A1:A7:85:0F:E4:60:66:45:CD:B9:93:61:3F:03:26:92:1C:B0:E7 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 18AC71B243458BA0E6950482DB0CFA59FC710810 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/1b4e195e-12de-4c3c-93e5-522ee54018d6/0/B8A1A7850FE4606645CDB993613F0326921CB0E7.mft caRepository: rsync://rpki-rsync.idnic.net/repo/1b4e195e-12de-4c3c-93e5-522ee54018d6/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:57:14 +0000 Certificate not after: Sun 02 May 2027 00:02:14 +0000 Subordinate resources: IP: 43.252.72.0/22 IP: 103.10.60.0/22 IP: 114.129.16.0/21 IP: 120.29.152.0/21 IP: 122.102.40.0/21 IP: 180.178.96.0/20 IP: 202.93.224.0/21 IP: 203.176.176.0/22 IP: 2404:3e00::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:ac:71:b2:43:45:8b:a0:e6:95:04:82:db:0c:fa:59:fc:71:08:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:57:14 2026 GMT Not After : May 2 00:02:14 2027 GMT Subject: CN=B8A1A7850FE4606645CDB993613F0326921CB0E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:8d:05:48:e7:97:8a:2f:ac:8b:66:68:12:dd: a7:f4:b3:0f:8a:41:bf:24:aa:a2:53:99:b8:fd:0f: 11:b6:0f:54:e8:ac:9f:5b:e2:9a:c8:d0:4f:f7:12: 16:40:ed:26:8d:42:7f:19:7e:7d:a5:d6:55:b8:0e: 9e:44:f4:bf:50:4c:6d:26:ab:b6:d3:95:54:f8:e9: 27:a8:b6:2f:7f:44:e2:7a:92:bf:36:fd:7d:f6:7b: 7f:fc:b4:7c:00:23:dc:ae:a4:a0:b1:37:a1:41:27: e1:23:a8:cc:e1:e7:a8:dc:fa:af:77:77:88:70:74: e5:06:93:a6:23:06:47:01:88:59:57:88:21:89:2b: f6:1b:6e:b5:aa:39:bb:9c:d8:42:87:ff:5b:e8:dd: e9:03:64:5e:8a:12:0b:5e:da:6b:53:3c:67:aa:3f: fe:5a:4d:6b:8a:e6:7c:e3:c9:48:b5:12:5f:1f:c8: 52:ca:3b:d3:6e:b3:6c:c0:d0:94:f5:2f:ea:c0:0c: 57:03:5c:f9:6e:fc:b0:10:ca:5a:c3:ba:48:eb:d2: 40:2b:0b:89:a9:22:7a:95:60:db:9f:68:df:78:d4: d2:8d:2a:92:72:44:20:f2:f7:31:11:f4:87:db:bf: e5:78:c7:24:b6:01:6a:fa:f0:3f:97:87:04:24:f7: 39:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: B8:A1:A7:85:0F:E4:60:66:45:CD:B9:93:61:3F:03:26:92:1C:B0:E7 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/1b4e195e-12de-4c3c-93e5-522ee54018d6/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/1b4e195e-12de-4c3c-93e5-522ee54018d6/0/B8A1A7850FE4606645CDB993613F0326921CB0E7.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.252.72.0/22 103.10.60.0/22 114.129.16.0/21 120.29.152.0/21 122.102.40.0/21 180.178.96.0/20 202.93.224.0/21 203.176.176.0/22 IPv6: 2404:3e00::/32 Signature Algorithm: sha256WithRSAEncryption 26:e3:9f:ef:89:87:1e:29:e5:f9:2c:c0:04:f6:a0:c6:b0:e9: a2:35:c5:ae:9a:e3:6a:ce:50:97:4c:b8:9b:4f:7b:2f:61:f0: a7:15:fa:63:64:10:34:3e:09:58:bd:0c:e9:5a:0e:b0:d3:84: 06:66:e8:7a:61:e2:df:ce:8c:23:f7:1a:2c:6d:73:14:f6:0a: a7:08:8e:19:e0:01:9d:2f:7c:6b:9f:12:74:00:f8:95:7e:e7: 5d:08:e7:2f:b6:e4:d9:e2:b7:c8:69:9a:2e:ef:f2:24:6d:1b: 4a:b8:02:b2:02:c9:8b:0b:ad:d4:c2:93:99:7a:60:51:4c:81: 9d:da:81:96:7e:da:c7:80:20:a5:95:08:e5:86:80:35:43:a5: f8:eb:a2:fe:f0:8b:78:4a:dd:5a:9b:ac:92:cb:97:70:bc:32: 21:32:2f:e9:66:e1:b9:8c:af:33:4c:44:9f:ea:36:de:fd:19: 93:15:75:bd:99:ad:99:d1:64:16:44:f7:85:ba:8b:1e:bc:06: 26:41:e1:c5:f9:7c:10:7a:c1:ce:3c:1b:3a:af:61:55:c5:6b: ed:f6:e3:fe:bc:32:c4:25:49:4a:75:fe:2a:8f:1a:c5:2c:f9: 18:74:41:84:ae:15:05:5a:5a:07:e1:82:90:49:8b:e7:b3:e2: eb:22:84:9b -----BEGIN CERTIFICATE----- MIIF/zCCBOegAwIBAgIUGKxxskNFi6DmlQSC2wz6WfxxCBAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNTcxNFoX DTI3MDUwMjAwMDIxNFowMzExMC8GA1UEAxMoQjhBMUE3ODUwRkU0NjA2NjQ1Q0RC OTkzNjEzRjAzMjY5MjFDQjBFNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMKNBUjnl4ovrItmaBLdp/SzD4pBvySqolOZuP0PEbYPVOisn1vimsjQT/cS FkDtJo1Cfxl+faXWVbgOnkT0v1BMbSarttOVVPjpJ6i2L39E4nqSvzb9ffZ7f/y0 fAAj3K6koLE3oUEn4SOozOHnqNz6r3d3iHB05QaTpiMGRwGIWVeIIYkr9htutao5 u5zYQof/W+jd6QNkXooSC17aa1M8Z6o//lpNa4rmfOPJSLUSXx/IUso7026zbMDQ lPUv6sAMVwNc+W78sBDKWsO6SOvSQCsLiakiepVg259o33jU0o0qknJEIPL3MRH0 h9u/5XjHJLYBavrwP5eHBCT3OXcCAwEAAaOCAvIwggLuMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFLihp4UP5GBmRc25k2E/AyaSHLDnMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzFiNGUxOTVlLTEyZGUtNGMzYy05M2U1LTUyMmVlNTQwMThkNi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8xYjRlMTk1 ZS0xMmRlLTRjM2MtOTNlNS01MjJlZTU0MDE4ZDYvMC9COEExQTc4NTBGRTQ2MDY2 NDVDREI5OTM2MTNGMDMyNjkyMUNCMEU3Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAw AwQCK/xIAwQCZwo8AwQDcoEQAwQDeB2YAwQDemYoAwQEtLJgAwQDyl3gAwQCy7Cw MA0EAgACMAcDBQAkBD4AMA0GCSqGSIb3DQEBCwUAA4IBAQAm45/viYceKeX5LMAE 9qDGsOmiNcWumuNqzlCXTLibT3svYfCnFfpjZBA0PglYvQzpWg6w04QGZuh6YeLf zowj9xosbXMU9gqnCI4Z4AGdL3xrnxJ0APiVfuddCOcvtuTZ4rfIaZou7/IkbRtK uAKyAsmLC63UwpOZemBRTIGd2oGWftrHgCCllQjlhoA1Q6X466L+8It4St1am6yS y5dwvDIhMi/pZuG5jK8zTESf6jbe/RmTFXW9ma2Z0WQWRPeFuosevAYmQeHF+XwQ esHOPBs6r2FVxWvt9uP+vDLEJUlKdf4qjxrFLPkYdEGErhUFWloH4YKQSYvns+Lr IoSb -----END CERTIFICATE-----Generated at Tue May 12 22:29:01 2026 by rpki-client