$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/BAF4A5F15CE419646D68FFC9C73C73EFE4D5A37D.cer File: BAF4A5F15CE419646D68FFC9C73C73EFE4D5A37D.cer (raw, json) Hash identifier: hAcFilmLXdOsfUdFHe8bRhxDWxyT6sWJV6hn9cQIcgg= Subject key identifier: BA:F4:A5:F1:5C:E4:19:64:6D:68:FF:C9:C7:3C:73:EF:E4:D5:A3:7D Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 49F3E9A07F57A8C29337DF5375DD3A86919775E5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/33ad3757-93a0-4b33-9128-24aa61304eff/0/BAF4A5F15CE419646D68FFC9C73C73EFE4D5A37D.mft caRepository: rsync://rpki-rsync.idnic.net/repo/33ad3757-93a0-4b33-9128-24aa61304eff/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:14:11 +0000 Certificate not after: Sun 02 May 2027 00:19:11 +0000 Subordinate resources: IP: 103.211.4.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:f3:e9:a0:7f:57:a8:c2:93:37:df:53:75:dd:3a:86:91:97:75:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:14:11 2026 GMT Not After : May 2 00:19:11 2027 GMT Subject: CN=BAF4A5F15CE419646D68FFC9C73C73EFE4D5A37D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:b4:22:ac:45:0c:a7:bd:8f:68:76:0b:da:e5: e8:27:a0:77:75:55:ec:ad:49:f5:b2:b1:a9:58:74: 90:e1:f4:f1:45:c3:ee:cb:f1:ee:db:11:f7:17:a4: eb:04:63:55:bc:b7:4b:d6:b7:57:7c:aa:d0:50:44: b2:c3:b4:60:0c:00:01:d5:bc:3f:a1:19:30:bf:c5: 5f:d4:3a:30:93:b2:38:59:55:66:20:9a:6b:83:25: 49:ec:2f:5a:fb:93:4d:6d:9f:72:ab:e9:5f:f9:27: e2:2f:d6:e0:75:9a:15:35:84:a2:74:70:73:1a:97: 78:5f:f2:f5:cd:77:1d:3c:69:40:3f:6b:77:93:36: 9d:b7:3f:1f:52:cf:24:43:65:88:27:68:3c:e3:db: f1:a9:f2:b0:4b:0e:bb:45:05:f5:61:ab:0f:f5:17: 23:8c:93:14:32:4a:4b:6c:4f:e6:8b:50:bc:93:19: df:9b:5c:cf:9d:35:b2:7f:64:7d:f6:8f:6f:a6:e0: 54:86:34:2a:18:ff:61:1f:34:64:cf:00:75:7a:b2: e7:0b:87:96:01:e4:22:46:9d:46:b8:93:75:b8:76: a4:70:56:26:97:5c:57:c5:0c:46:a8:a4:be:bb:c3: 5f:37:0c:af:ac:78:ed:5f:9e:e3:b4:3f:29:8b:0f: f7:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: BA:F4:A5:F1:5C:E4:19:64:6D:68:FF:C9:C7:3C:73:EF:E4:D5:A3:7D X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/33ad3757-93a0-4b33-9128-24aa61304eff/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/33ad3757-93a0-4b33-9128-24aa61304eff/0/BAF4A5F15CE419646D68FFC9C73C73EFE4D5A37D.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.211.4.0/23 Signature Algorithm: sha256WithRSAEncryption 7f:e2:b2:c0:f8:99:21:9d:9d:9b:aa:1d:f7:7f:24:27:3d:cc: 61:e2:86:98:ce:f9:f6:d2:f2:ce:72:4b:20:21:36:fb:4a:ee: f6:ca:b9:aa:b2:3f:c1:ef:bf:83:f5:cf:a9:db:4f:b9:5b:ce: 77:dc:d2:18:6c:2a:15:31:bd:a2:71:53:f4:e1:9a:31:4d:29: 42:07:65:12:28:38:b9:66:70:9b:d5:6c:7a:a6:02:bd:bc:ee: e7:d7:c2:b4:be:52:0c:ac:57:4e:84:d8:b5:81:17:04:13:ae: 5c:28:fe:08:3f:1e:f2:5f:8a:0d:84:d4:28:b8:b8:ec:d0:9e: b6:39:73:69:87:db:7b:45:a0:cb:82:6e:1f:98:da:2c:3f:96: f4:09:9e:bc:aa:98:d1:ae:a5:56:c7:2f:1c:fa:48:19:dc:08: d1:71:0e:64:bf:26:47:38:16:2c:a4:01:3f:cf:a6:36:86:1e: c4:15:7e:ff:fd:54:0a:9f:3f:77:c2:76:3f:a5:29:35:f5:53: f0:16:ba:ce:3e:1d:f8:62:68:76:dc:d0:7e:1d:cc:d1:3f:3e: b5:aa:a8:f7:d1:7f:a0:05:37:bd:9e:0a:5d:2a:de:ff:dc:c5: 77:e7:0e:b0:0b:11:c3:68:5a:25:5f:80:e8:d3:0c:07:08:b9: d4:56:57:50 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUSfPpoH9XqMKTN99Tdd06hpGXdeUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMTQxMVoX DTI3MDUwMjAwMTkxMVowMzExMC8GA1UEAxMoQkFGNEE1RjE1Q0U0MTk2NDZENjhG RkM5QzczQzczRUZFNEQ1QTM3RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMS0IqxFDKe9j2h2C9rl6Cegd3VV7K1J9bKxqVh0kOH08UXD7svx7tsR9xek 6wRjVby3S9a3V3yq0FBEssO0YAwAAdW8P6EZML/FX9Q6MJOyOFlVZiCaa4MlSewv WvuTTW2fcqvpX/kn4i/W4HWaFTWEonRwcxqXeF/y9c13HTxpQD9rd5M2nbc/H1LP JENliCdoPOPb8anysEsOu0UF9WGrD/UXI4yTFDJKS2xP5otQvJMZ35tcz501sn9k ffaPb6bgVIY0Khj/YR80ZM8AdXqy5wuHlgHkIkadRriTdbh2pHBWJpdcV8UMRqik vrvDXzcMr6x47V+e47Q/KYsP95MCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFLr0pfFc5BlkbWj/ycc8c+/k1aN9MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzMzYWQzNzU3LTkzYTAtNGIzMy05MTI4LTI0YWE2MTMwNGVmZi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8zM2FkMzc1 Ny05M2EwLTRiMzMtOTEyOC0yNGFhNjEzMDRlZmYvMC9CQUY0QTVGMTVDRTQxOTY0 NkQ2OEZGQzlDNzNDNzNFRkU0RDVBMzdELm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ9MEMA0GCSqGSIb3DQEBCwUAA4IBAQB/4rLA+JkhnZ2bqh33fyQnPcxh4oaY zvn20vLOcksgITb7Su72yrmqsj/B77+D9c+p20+5W8533NIYbCoVMb2icVP04Zox TSlCB2USKDi5ZnCb1Wx6pgK9vO7n18K0vlIMrFdOhNi1gRcEE65cKP4IPx7yX4oN hNQouLjs0J62OXNph9t7RaDLgm4fmNosP5b0CZ68qpjRrqVWxy8c+kgZ3AjRcQ5k vyZHOBYspAE/z6Y2hh7EFX7//VQKnz93wnY/pSk19VPwFrrOPh34Ymh23NB+HczR Pz61qqj30X+gBTe9ngpdKt7/3MV35w6wCxHDaFolX4Do0wwHCLnUVldQ -----END CERTIFICATE-----Generated at Tue May 12 22:39:16 2026 by rpki-client