$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/BA80E957332B450B1641062F6C02C57C817FFCB6.cer File: BA80E957332B450B1641062F6C02C57C817FFCB6.cer (raw, json) Hash identifier: mAfcdmWBYm6W2rbPaBLniATmBLqDrqeQ693jAPk+m9Y= Subject key identifier: BA:80:E9:57:33:2B:45:0B:16:41:06:2F:6C:02:C5:7C:81:7F:FC:B6 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 1A678686ADE09B3D78F4E943433B25BC5FCDBE40 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/1b3d14cb-ccc2-46d2-8e31-16f5bec0acd8/0/BA80E957332B450B1641062F6C02C57C817FFCB6.mft caRepository: rsync://rpki-rsync.idnic.net/repo/1b3d14cb-ccc2-46d2-8e31-16f5bec0acd8/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:57:17 +0000 Certificate not after: Sun 02 May 2027 00:02:17 +0000 Subordinate resources: IP: 103.152.94.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:67:86:86:ad:e0:9b:3d:78:f4:e9:43:43:3b:25:bc:5f:cd:be:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:57:17 2026 GMT Not After : May 2 00:02:17 2027 GMT Subject: CN=BA80E957332B450B1641062F6C02C57C817FFCB6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:d1:28:de:4b:48:24:1b:9a:12:db:97:cf:d4: 44:d7:67:83:e5:3b:51:80:2e:de:85:5a:0d:24:0f: 8d:6b:a3:fd:30:b6:4a:e1:a7:f1:9c:23:57:0e:26: 6b:1e:44:9e:8c:11:ff:da:45:ca:f0:5f:fc:2f:1d: ad:0f:3a:ca:83:11:6f:b9:68:db:2f:63:57:a7:e0: c6:49:ec:d8:d7:7f:90:74:95:16:4c:74:4d:7a:9c: 09:3f:bc:15:f3:22:e5:2e:a7:03:88:00:a6:9e:0d: d8:f3:f3:28:af:3c:46:96:fd:9c:71:1b:2b:1d:be: 54:e4:1a:1e:f9:7c:0f:49:47:5f:9c:3e:80:5d:fc: d9:96:86:c6:a7:90:31:cc:8e:81:c7:e7:db:7a:14: 91:2c:65:ca:d0:b5:53:30:3a:01:8a:fc:31:af:12: 2e:5f:40:1a:2f:b6:9e:2c:6f:30:0b:d8:c7:5b:17: 29:df:da:79:33:79:3e:58:94:82:e7:20:6d:31:70: dc:d1:27:59:a8:e9:b4:fe:2b:22:8f:8b:3a:87:d3: 1d:58:93:8d:f2:f7:99:ff:56:8e:e2:1a:a9:0a:96: 61:3f:f1:9d:05:70:e2:b6:a8:22:e2:ca:e5:fb:07: c6:89:cb:50:42:05:04:08:28:c2:2a:39:5a:74:24: c0:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: BA:80:E9:57:33:2B:45:0B:16:41:06:2F:6C:02:C5:7C:81:7F:FC:B6 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/1b3d14cb-ccc2-46d2-8e31-16f5bec0acd8/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/1b3d14cb-ccc2-46d2-8e31-16f5bec0acd8/0/BA80E957332B450B1641062F6C02C57C817FFCB6.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.152.94.0/23 Signature Algorithm: sha256WithRSAEncryption 5a:41:a9:a2:82:e7:52:de:c3:3a:92:1c:0c:f5:a4:01:8c:5b: 44:22:a7:5b:d4:c7:c3:ae:cc:f9:80:66:87:2b:e5:62:ff:d2: 6e:a8:a2:d3:45:f6:f7:0a:9f:17:9a:05:20:23:9b:19:68:3a: 21:df:ff:33:81:13:1f:7f:98:d7:b9:be:f0:f8:c6:05:ce:a8: 6b:ed:82:97:df:5d:d0:cd:9d:69:b6:8e:4b:78:36:e4:47:21: 06:eb:33:bc:9b:f4:af:67:51:5c:0f:b9:5e:9e:a1:ea:49:93: 40:61:83:97:4c:0f:59:a5:63:76:d6:14:39:90:06:51:9e:bd: 68:d2:25:be:44:43:03:6e:50:9b:12:76:ee:2e:17:fc:d6:37: c5:b1:01:ce:41:76:7a:88:58:f8:16:f8:06:3f:ac:43:75:ee: 03:a7:14:90:aa:ed:01:a7:36:3e:3a:b3:ea:09:3c:cd:8d:95: 77:fa:af:c9:4b:d4:bb:52:e1:e1:3d:7e:66:fc:72:32:b3:a2: c8:35:dd:03:ef:18:fc:98:b7:6f:55:da:d4:0a:91:65:d7:7f: e7:e9:af:de:25:ca:12:b7:55:8d:35:40:6f:cd:fb:25:85:c6: d4:4d:d3:5f:3c:a5:1b:9a:f6:1e:9d:df:c9:39:db:dc:4b:86: ce:b8:ed:fe -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUGmeGhq3gmz149OlDQzslvF/NvkAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNTcxN1oX DTI3MDUwMjAwMDIxN1owMzExMC8GA1UEAxMoQkE4MEU5NTczMzJCNDUwQjE2NDEw NjJGNkMwMkM1N0M4MTdGRkNCNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKrRKN5LSCQbmhLbl8/URNdng+U7UYAu3oVaDSQPjWuj/TC2SuGn8ZwjVw4m ax5EnowR/9pFyvBf/C8drQ86yoMRb7lo2y9jV6fgxkns2Nd/kHSVFkx0TXqcCT+8 FfMi5S6nA4gApp4N2PPzKK88Rpb9nHEbKx2+VOQaHvl8D0lHX5w+gF382ZaGxqeQ McyOgcfn23oUkSxlytC1UzA6AYr8Ma8SLl9AGi+2nixvMAvYx1sXKd/aeTN5PliU gucgbTFw3NEnWajptP4rIo+LOofTHViTjfL3mf9WjuIaqQqWYT/xnQVw4raoIuLK 5fsHxonLUEIFBAgowio5WnQkwIsCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFLqA6VczK0ULFkEGL2wCxXyBf/y2MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzFiM2QxNGNiLWNjYzItNDZkMi04ZTMxLTE2ZjViZWMwYWNkOC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8xYjNkMTRj Yi1jY2MyLTQ2ZDItOGUzMS0xNmY1YmVjMGFjZDgvMC9CQTgwRTk1NzMzMkI0NTBC MTY0MTA2MkY2QzAyQzU3QzgxN0ZGQ0I2Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ5heMA0GCSqGSIb3DQEBCwUAA4IBAQBaQamigudS3sM6khwM9aQBjFtEIqdb 1MfDrsz5gGaHK+Vi/9JuqKLTRfb3Cp8XmgUgI5sZaDoh3/8zgRMff5jXub7w+MYF zqhr7YKX313QzZ1pto5LeDbkRyEG6zO8m/SvZ1FcD7lenqHqSZNAYYOXTA9ZpWN2 1hQ5kAZRnr1o0iW+REMDblCbEnbuLhf81jfFsQHOQXZ6iFj4FvgGP6xDde4DpxSQ qu0BpzY+OrPqCTzNjZV3+q/JS9S7UuHhPX5m/HIys6LINd0D7xj8mLdvVdrUCpFl 13/n6a/eJcoSt1WNNUBvzfslhcbUTdNfPKUbmvYend/JOdvcS4bOuO3+ -----END CERTIFICATE-----Generated at Tue May 12 22:04:12 2026 by rpki-client