$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/BF4EFC4EBC0B959DAB2CA76AEB9D9C3017FFC710.cer File: BF4EFC4EBC0B959DAB2CA76AEB9D9C3017FFC710.cer (raw, json) Hash identifier: qkX25vsg0FB/46Zr2UOwAdoKd5CBVZmifzwzwTReoLU= Subject key identifier: BF:4E:FC:4E:BC:0B:95:9D:AB:2C:A7:6A:EB:9D:9C:30:17:FF:C7:10 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 58658628D275AE86BCD7473AB2942E761EC621F1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/1ecfd3f5-85da-48a7-b502-f61a59796c33/0/BF4EFC4EBC0B959DAB2CA76AEB9D9C3017FFC710.mft caRepository: rsync://rpki-rsync.idnic.net/repo/1ecfd3f5-85da-48a7-b502-f61a59796c33/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:59:47 +0000 Certificate not after: Sun 02 May 2027 00:04:47 +0000 Subordinate resources: IP: 103.167.236.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:65:86:28:d2:75:ae:86:bc:d7:47:3a:b2:94:2e:76:1e:c6:21:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:59:47 2026 GMT Not After : May 2 00:04:47 2027 GMT Subject: CN=BF4EFC4EBC0B959DAB2CA76AEB9D9C3017FFC710 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:83:c1:4b:f3:85:8e:03:35:ff:cc:40:51:7d: 36:9c:cc:80:d1:27:c1:b6:54:b0:81:fa:12:78:56: d6:8b:fd:b6:c9:11:46:0e:96:c4:2f:34:36:57:90: a7:9e:df:9f:45:54:2b:23:46:ea:c7:b1:05:d0:dd: b5:30:dc:d4:b2:3c:2f:3b:77:17:54:f9:58:30:30: 14:4f:ac:f8:41:59:70:c2:9e:31:7b:33:64:55:d8: 65:bc:61:c5:f5:d7:34:60:0a:bb:88:ef:a0:32:27: 19:0c:f6:3b:45:8d:04:8e:9a:fa:c0:df:7f:06:fa: cf:15:45:9d:99:c3:da:5b:65:87:8c:78:62:19:1a: 52:34:c5:8f:ac:0d:98:b7:e4:57:e5:91:bb:d6:6a: a7:8e:22:b6:f6:34:fc:41:24:a2:97:c3:74:df:03: 4c:c2:7c:ff:f1:28:4d:92:23:bf:18:74:2b:b0:26: 7c:c5:ef:97:a8:db:2c:06:91:e3:37:9b:b6:63:3c: b6:ea:25:6d:90:a6:6e:6a:e2:78:76:e9:7f:48:12: 1d:b6:1b:2b:84:5c:8d:2e:6e:b4:db:63:95:2d:f6: 42:4a:e7:34:3f:38:c5:86:d7:65:8e:ac:e0:d3:45: 47:e5:f5:1b:94:65:ef:9e:1c:11:b8:a6:79:fe:83: c7:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: BF:4E:FC:4E:BC:0B:95:9D:AB:2C:A7:6A:EB:9D:9C:30:17:FF:C7:10 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/1ecfd3f5-85da-48a7-b502-f61a59796c33/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/1ecfd3f5-85da-48a7-b502-f61a59796c33/0/BF4EFC4EBC0B959DAB2CA76AEB9D9C3017FFC710.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.167.236.0/23 Signature Algorithm: sha256WithRSAEncryption 10:ff:15:21:fd:6f:9e:d1:29:44:16:ce:3b:bf:68:9d:aa:38: cd:38:41:48:03:fa:67:16:9f:a4:02:b2:ad:94:ed:bf:1f:35: 62:db:87:4e:05:e4:aa:59:4b:30:e7:e5:98:47:73:5c:a7:87: 1d:72:62:fa:65:2a:4c:d4:2a:cf:88:5e:90:33:ea:16:8b:6f: f5:6e:07:af:f0:e4:5e:d1:ba:ca:bd:3c:bf:15:cc:25:89:2e: da:e4:1f:e3:98:04:5d:cc:64:33:da:a3:a9:79:e6:12:5a:bc: 84:ed:8f:9a:aa:cc:c4:4b:04:28:5e:82:d4:56:ff:68:a3:af: 54:6f:61:c2:f3:ee:56:6c:07:6e:a0:8b:3f:fb:28:37:7f:5f: 28:fb:09:5a:07:12:7a:db:ff:0b:ce:f0:72:fa:50:d3:dd:61: 96:32:39:e9:98:31:fd:db:a8:1f:ee:6b:b5:ce:93:b1:28:35: a0:6c:d0:6c:5e:2f:f3:41:fa:8f:3f:99:15:31:4a:c2:f1:44: 11:ff:25:a3:17:8f:81:df:27:4c:e7:cb:5f:17:16:b4:55:ef: 75:b6:97:f3:45:59:cc:84:95:b1:14:55:b9:b1:31:12:02:bf: 7d:48:f6:1e:af:88:65:fe:8e:0a:06:4a:b9:0e:a5:62:48:a2: af:39:42:47 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUWGWGKNJ1roa810c6spQudh7GIfEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNTk0N1oX DTI3MDUwMjAwMDQ0N1owMzExMC8GA1UEAxMoQkY0RUZDNEVCQzBCOTU5REFCMkNB NzZBRUI5RDlDMzAxN0ZGQzcxMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKaDwUvzhY4DNf/MQFF9NpzMgNEnwbZUsIH6EnhW1ov9tskRRg6WxC80NleQ p57fn0VUKyNG6sexBdDdtTDc1LI8Lzt3F1T5WDAwFE+s+EFZcMKeMXszZFXYZbxh xfXXNGAKu4jvoDInGQz2O0WNBI6a+sDffwb6zxVFnZnD2ltlh4x4YhkaUjTFj6wN mLfkV+WRu9Zqp44itvY0/EEkopfDdN8DTMJ8//EoTZIjvxh0K7AmfMXvl6jbLAaR 4zebtmM8tuolbZCmbmrieHbpf0gSHbYbK4RcjS5utNtjlS32QkrnND84xYbXZY6s 4NNFR+X1G5Rl754cEbimef6Dx+sCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFL9O/E68C5WdqyynauudnDAX/8cQMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzFlY2ZkM2Y1LTg1ZGEtNDhhNy1iNTAyLWY2MWE1OTc5NmMzMy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8xZWNmZDNm NS04NWRhLTQ4YTctYjUwMi1mNjFhNTk3OTZjMzMvMC9CRjRFRkM0RUJDMEI5NTlE QUIyQ0E3NkFFQjlEOUMzMDE3RkZDNzEwLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6fsMA0GCSqGSIb3DQEBCwUAA4IBAQAQ/xUh/W+e0SlEFs47v2idqjjNOEFI A/pnFp+kArKtlO2/HzVi24dOBeSqWUsw5+WYR3Ncp4cdcmL6ZSpM1CrPiF6QM+oW i2/1bgev8ORe0brKvTy/FcwliS7a5B/jmARdzGQz2qOpeeYSWryE7Y+aqszESwQo XoLUVv9oo69Ub2HC8+5WbAduoIs/+yg3f18o+wlaBxJ62/8LzvBy+lDT3WGWMjnp mDH926gf7mu1zpOxKDWgbNBsXi/zQfqPP5kVMUrC8UQR/yWjF4+B3ydM58tfFxa0 Ve91tpfzRVnMhJWxFFW5sTESAr99SPYer4hl/o4KBkq5DqViSKKvOUJH -----END CERTIFICATE-----Generated at Tue May 12 22:38:56 2026 by rpki-client