$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/CAFAFB903FE64EE5FCE12CC07BDD9F770547EF78.cer File: CAFAFB903FE64EE5FCE12CC07BDD9F770547EF78.cer (raw, json) Hash identifier: kT0BIhuaNUd2uB1nb+4I8kxiN/DaE+ropN3zKs/ZX6s= Subject key identifier: CA:FA:FB:90:3F:E6:4E:E5:FC:E1:2C:C0:7B:DD:9F:77:05:47:EF:78 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 605B3CBB0ABB316FF99BC249BD41FF5BE75877FE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/f5d77840-608e-449a-b22f-36a6e252fb23/0/CAFAFB903FE64EE5FCE12CC07BDD9F770547EF78.mft caRepository: rsync://rpki-rsync.idnic.net/repo/f5d77840-608e-449a-b22f-36a6e252fb23/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:37:10 +0000 Certificate not after: Sun 02 May 2027 02:42:10 +0000 Subordinate resources: IP: 103.160.160.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:5b:3c:bb:0a:bb:31:6f:f9:9b:c2:49:bd:41:ff:5b:e7:58:77:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 02:37:10 2026 GMT Not After : May 2 02:42:10 2027 GMT Subject: CN=CAFAFB903FE64EE5FCE12CC07BDD9F770547EF78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:34:3c:f6:2b:aa:db:45:2f:44:52:bf:f3:a2: ee:e3:6a:d1:3d:08:7a:bf:f2:31:30:6a:6d:1d:d4: d7:7a:fa:66:a2:19:06:2d:a7:cd:11:76:27:77:3c: 57:74:af:af:42:87:cf:f8:c0:69:99:d7:ee:87:f2: 8a:2a:68:4d:60:02:5a:ac:31:72:e2:62:56:03:2e: ab:9e:cb:d7:74:0b:48:ef:b4:67:ad:c9:c2:33:f3: 9b:28:0b:92:81:38:61:93:07:5f:37:ae:4c:39:63: 72:23:4e:0b:5e:f7:50:61:c5:f5:ff:be:77:1f:b9: 13:c9:e8:4f:d9:a7:57:42:d7:cb:be:a5:2c:88:0b: 98:6b:8a:1d:08:6d:d9:36:a2:83:64:8e:a9:b5:52: 8a:3c:0e:9a:42:27:99:9f:37:e8:9c:63:47:ed:4b: 2c:e9:8b:09:0f:0c:07:53:32:ab:de:c1:cc:85:e7: 93:42:0d:e8:06:d7:bd:d2:e0:36:21:ce:d9:ff:e2: 39:5c:86:f4:2f:6f:8b:66:29:eb:df:1a:14:07:3e: 30:21:1c:02:14:4d:00:87:8e:86:d9:33:f4:18:96: d0:a3:3c:49:80:99:17:ce:b5:0d:12:56:c2:b8:89: 30:8b:db:eb:1a:6e:62:5a:b4:08:8b:94:0a:92:80: cf:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: CA:FA:FB:90:3F:E6:4E:E5:FC:E1:2C:C0:7B:DD:9F:77:05:47:EF:78 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/f5d77840-608e-449a-b22f-36a6e252fb23/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/f5d77840-608e-449a-b22f-36a6e252fb23/0/CAFAFB903FE64EE5FCE12CC07BDD9F770547EF78.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.160.160.0/23 Signature Algorithm: sha256WithRSAEncryption 7f:71:92:41:df:7c:91:e1:3f:47:bc:ea:0a:bb:30:61:3c:a9: 29:f4:fd:55:8d:8b:c1:46:2e:21:89:8a:79:c2:13:59:11:28: 8a:a8:a0:94:18:95:ef:db:f1:f2:c4:2b:1b:83:05:ad:59:d1: c7:7f:3f:fd:7b:2e:66:72:ad:06:f4:b7:29:71:17:9a:1b:c7: 62:37:dd:31:45:c7:aa:56:e3:d3:5a:a2:5a:bc:83:77:64:85: ae:89:54:24:4e:59:3f:4c:8d:a9:dd:69:23:9d:2a:0d:ef:5e: 4b:b1:46:f3:a3:7c:4f:e7:a2:a5:fa:96:6a:a5:7c:38:92:fd: 02:44:64:b4:8d:36:b5:05:70:8a:c4:3a:70:39:73:a4:89:d1: 5d:6f:ad:c5:49:33:e8:bf:f4:cf:25:95:d8:5a:7b:b8:5c:7b: f7:84:9d:41:0b:29:8b:c6:3b:49:d6:04:f7:63:b4:eb:ba:08: a0:d9:10:f8:d1:16:8c:9e:af:17:a3:cc:3c:69:8c:c8:15:64: 9a:e2:01:d5:c7:0b:c6:ab:f8:3e:f5:7f:7f:4d:5b:90:9e:2e: 5d:0a:2f:3d:b8:ac:d9:c8:d5:31:a0:8d:aa:bf:d1:01:7e:83: 12:d4:ef:be:39:22:fe:03:28:fe:57:9d:1c:0e:98:9c:a2:a1: 39:61:8e:f1 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUYFs8uwq7MW/5m8JJvUH/W+dYd/4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAyMzcxMFoX DTI3MDUwMjAyNDIxMFowMzExMC8GA1UEAxMoQ0FGQUZCOTAzRkU2NEVFNUZDRTEy Q0MwN0JERDlGNzcwNTQ3RUY3ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL80PPYrqttFL0RSv/Oi7uNq0T0Ier/yMTBqbR3U13r6ZqIZBi2nzRF2J3c8 V3Svr0KHz/jAaZnX7ofyiipoTWACWqwxcuJiVgMuq57L13QLSO+0Z63JwjPzmygL koE4YZMHXzeuTDljciNOC173UGHF9f++dx+5E8noT9mnV0LXy76lLIgLmGuKHQht 2Taig2SOqbVSijwOmkInmZ836JxjR+1LLOmLCQ8MB1Myq97BzIXnk0IN6AbXvdLg NiHO2f/iOVyG9C9vi2Yp698aFAc+MCEcAhRNAIeOhtkz9BiW0KM8SYCZF861DRJW wriJMIvb6xpuYlq0CIuUCpKAz6UCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFMr6+5A/5k7l/OEswHvdn3cFR+94MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2Y1ZDc3ODQwLTYwOGUtNDQ5YS1iMjJmLTM2YTZlMjUyZmIyMy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9mNWQ3Nzg0 MC02MDhlLTQ0OWEtYjIyZi0zNmE2ZTI1MmZiMjMvMC9DQUZBRkI5MDNGRTY0RUU1 RkNFMTJDQzA3QkREOUY3NzA1NDdFRjc4Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6CgMA0GCSqGSIb3DQEBCwUAA4IBAQB/cZJB33yR4T9HvOoKuzBhPKkp9P1V jYvBRi4hiYp5whNZESiKqKCUGJXv2/HyxCsbgwWtWdHHfz/9ey5mcq0G9LcpcRea G8diN90xRceqVuPTWqJavIN3ZIWuiVQkTlk/TI2p3WkjnSoN715LsUbzo3xP56Kl +pZqpXw4kv0CRGS0jTa1BXCKxDpwOXOkidFdb63FSTPov/TPJZXYWnu4XHv3hJ1B CymLxjtJ1gT3Y7Trugig2RD40RaMnq8Xo8w8aYzIFWSa4gHVxwvGq/g+9X9/TVuQ ni5dCi89uKzZyNUxoI2qv9EBfoMS1O++OSL+Ayj+V50cDpicoqE5YY7x -----END CERTIFICATE-----Generated at Tue May 12 22:03:58 2026 by rpki-client