$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/C858999BCD42FDA190703525FA3DB0036EF8DC4B.cer File: C858999BCD42FDA190703525FA3DB0036EF8DC4B.cer (raw, json) Hash identifier: OGOk5DiCm5AaiLTJZTYYgmXVQ6yobaRmmZKK6PNEBKA= Subject key identifier: C8:58:99:9B:CD:42:FD:A1:90:70:35:25:FA:3D:B0:03:6E:F8:DC:4B Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 22706BE8B2FF5CCE417B73DF86AA6B3077B047B6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/5d094d3e-089c-4c68-80a2-56b5cbfc103d/0/C858999BCD42FDA190703525FA3DB0036EF8DC4B.mft caRepository: rsync://rpki-rsync.idnic.net/repo/5d094d3e-089c-4c68-80a2-56b5cbfc103d/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:41:42 +0000 Certificate not after: Sun 02 May 2027 00:46:42 +0000 Subordinate resources: IP: 103.161.162.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:70:6b:e8:b2:ff:5c:ce:41:7b:73:df:86:aa:6b:30:77:b0:47:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:41:42 2026 GMT Not After : May 2 00:46:42 2027 GMT Subject: CN=C858999BCD42FDA190703525FA3DB0036EF8DC4B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:1e:7b:89:b7:84:03:52:31:d4:7d:4d:8b:06: 09:dd:b7:4e:6a:25:74:ca:31:5e:3d:b2:42:57:42: d6:f8:ec:85:56:3a:65:e4:d0:6a:62:6f:ca:5d:b2: b3:61:57:7a:9f:88:cd:ce:d1:c4:0a:04:46:b5:17: 69:e9:0c:6c:f8:93:27:70:13:f4:20:1e:08:e6:e0: 4d:da:7f:83:7d:89:69:ef:99:af:46:d9:66:6d:c2: 47:5e:2b:39:f7:5c:26:86:da:75:c6:7b:2c:c0:79: 26:89:82:75:0f:f4:be:2b:fc:d7:87:3e:9d:0d:a3: 0b:6c:87:e6:cc:a8:df:24:fd:09:3c:38:36:0a:ad: aa:b4:12:b3:b8:f6:d0:67:05:41:5a:7f:99:67:23: 1a:89:85:d6:c5:e4:e7:b9:dd:65:f0:d8:65:78:1b: cc:1c:56:c8:32:24:e5:54:00:7f:5d:37:56:f4:84: a2:b4:e4:8e:5e:e4:20:d0:d1:29:0c:70:a2:29:d8: db:8c:2c:6e:73:6f:4f:93:5c:0d:31:2e:a6:04:c3: 4c:8b:56:1f:75:c8:56:bf:3e:61:de:e2:66:c0:95: 93:39:db:72:78:ac:60:63:50:a3:af:ec:99:68:c6: 19:25:4d:0c:10:16:58:92:f1:89:46:28:ae:9b:94: e8:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: C8:58:99:9B:CD:42:FD:A1:90:70:35:25:FA:3D:B0:03:6E:F8:DC:4B X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/5d094d3e-089c-4c68-80a2-56b5cbfc103d/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/5d094d3e-089c-4c68-80a2-56b5cbfc103d/0/C858999BCD42FDA190703525FA3DB0036EF8DC4B.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.161.162.0/23 Signature Algorithm: sha256WithRSAEncryption 39:0e:50:bb:5d:06:80:40:23:49:cb:1f:a1:f6:19:9f:05:3d: 47:2f:f7:82:7d:77:d2:22:31:55:7a:ea:42:c8:66:24:83:32: cc:6e:c1:14:ba:82:b9:ad:c8:dc:3f:6f:00:37:c3:83:e3:1d: bf:65:b2:ac:5d:65:8e:49:57:08:5f:c2:34:e3:50:08:a8:3b: 35:1f:e8:66:11:49:c5:bb:91:fd:37:80:65:5d:07:1f:ff:ff: 78:96:8e:9e:7f:9c:38:c7:e6:fa:19:f1:60:97:7b:12:ac:30: 55:64:80:22:26:36:b5:49:f6:36:10:fa:0a:56:0e:23:b3:54: 2e:af:0b:a3:db:42:e2:ae:03:4f:87:ea:51:98:57:18:42:37: aa:7b:bf:a7:d8:28:5b:5b:a7:ee:e0:63:3b:9c:b9:be:46:27: c9:e9:9d:55:49:55:03:31:94:4e:49:8a:9e:92:b2:df:78:64: 67:13:37:dc:f4:96:f1:26:ab:46:47:33:a2:d2:f6:2b:00:e9: 82:5c:50:19:9e:f8:e6:3f:57:98:91:4d:29:24:b8:9a:96:e0: 17:ff:be:41:50:a8:08:bd:71:09:26:a8:28:07:97:86:d2:fb: a5:20:f0:46:80:15:bc:18:ea:7f:75:b4:db:34:5c:06:c5:fd: fc:bc:6f:43 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUInBr6LL/XM5Be3PfhqprMHewR7YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwNDE0MloX DTI3MDUwMjAwNDY0MlowMzExMC8GA1UEAxMoQzg1ODk5OUJDRDQyRkRBMTkwNzAz NTI1RkEzREIwMDM2RUY4REM0QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALwee4m3hANSMdR9TYsGCd23TmoldMoxXj2yQldC1vjshVY6ZeTQamJvyl2y s2FXep+Izc7RxAoERrUXaekMbPiTJ3AT9CAeCObgTdp/g32Jae+Zr0bZZm3CR14r OfdcJobadcZ7LMB5JomCdQ/0viv814c+nQ2jC2yH5syo3yT9CTw4NgqtqrQSs7j2 0GcFQVp/mWcjGomF1sXk57ndZfDYZXgbzBxWyDIk5VQAf103VvSEorTkjl7kINDR KQxwoinY24wsbnNvT5NcDTEupgTDTItWH3XIVr8+Yd7iZsCVkznbcnisYGNQo6/s mWjGGSVNDBAWWJLxiUYorpuU6A8CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFMhYmZvNQv2hkHA1Jfo9sANu+NxLMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzVkMDk0ZDNlLTA4OWMtNGM2OC04MGEyLTU2YjVjYmZjMTAzZC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby81ZDA5NGQz ZS0wODljLTRjNjgtODBhMi01NmI1Y2JmYzEwM2QvMC9DODU4OTk5QkNENDJGREEx OTA3MDM1MjVGQTNEQjAwMzZFRjhEQzRCLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6GiMA0GCSqGSIb3DQEBCwUAA4IBAQA5DlC7XQaAQCNJyx+h9hmfBT1HL/eC fXfSIjFVeupCyGYkgzLMbsEUuoK5rcjcP28AN8OD4x2/ZbKsXWWOSVcIX8I041AI qDs1H+hmEUnFu5H9N4BlXQcf//94lo6ef5w4x+b6GfFgl3sSrDBVZIAiJja1SfY2 EPoKVg4js1Qurwuj20LirgNPh+pRmFcYQjeqe7+n2ChbW6fu4GM7nLm+RifJ6Z1V SVUDMZROSYqekrLfeGRnEzfc9JbxJqtGRzOi0vYrAOmCXFAZnvjmP1eYkU0pJLia luAX/75BUKgIvXEJJqgoB5eG0vulIPBGgBW8GOp/dbTbNFwGxf38vG9D -----END CERTIFICATE-----Generated at Tue May 12 22:47:35 2026 by rpki-client