$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/CD0A24B4D508D43D8C25BB8EC5D44F77E13A51A6.cer File: CD0A24B4D508D43D8C25BB8EC5D44F77E13A51A6.cer (raw, json) Hash identifier: W1Ohzif6rWc0k3GgjZ84KlOtKrDaj6c4WWXcF+H6ooQ= Subject key identifier: CD:0A:24:B4:D5:08:D4:3D:8C:25:BB:8E:C5:D4:4F:77:E1:3A:51:A6 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 4FB427CA09AD79E4C84D8E900EDE6765C1D22BDD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/9e30ac64-0f13-4162-968f-afe5cc714cf6/0/CD0A24B4D508D43D8C25BB8EC5D44F77E13A51A6.mft caRepository: rsync://rpki-rsync.idnic.net/repo/9e30ac64-0f13-4162-968f-afe5cc714cf6/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:25:48 +0000 Certificate not after: Sun 02 May 2027 01:30:48 +0000 Subordinate resources: IP: 103.189.166.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:b4:27:ca:09:ad:79:e4:c8:4d:8e:90:0e:de:67:65:c1:d2:2b:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:25:48 2026 GMT Not After : May 2 01:30:48 2027 GMT Subject: CN=CD0A24B4D508D43D8C25BB8EC5D44F77E13A51A6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:4e:fc:a3:13:19:3e:5a:67:e4:f2:e4:bf:e0: 8f:e7:f3:c6:9d:0e:81:37:76:8c:ca:61:b0:9b:e1: 9c:be:04:f6:0d:a2:90:68:1d:f3:3f:c4:a8:40:f6: 09:75:76:81:36:46:c4:7f:00:4d:c9:9b:d4:93:0f: cb:53:7f:f4:4f:98:62:fa:9c:f1:c4:b8:ed:0b:cb: 59:fc:2b:aa:bd:25:c9:10:1a:a9:32:ee:b0:1d:b2: 5c:14:8b:bb:95:60:c9:b2:b2:d3:e5:cc:8c:fb:3c: a8:eb:cd:83:7c:ed:79:9b:6b:2f:0c:57:18:5b:a6: e8:b4:a5:3a:34:7f:2b:42:eb:74:96:d3:05:b5:dc: c9:22:de:5a:5d:65:a2:2e:3a:2d:a5:92:28:49:5a: 20:22:a2:38:12:65:f6:35:22:1c:b3:69:7c:e7:04: 01:88:79:73:4e:af:2e:ac:5a:cf:cc:37:aa:fc:de: b8:e6:3f:da:65:c1:bd:dc:ca:2c:8c:0a:d6:f7:ff: 30:de:cc:58:83:82:da:1f:0a:9b:15:cb:3e:f2:91: 71:20:83:a8:9a:ba:6b:13:24:63:25:71:c1:50:be: af:45:f7:1f:bf:05:46:a1:00:6f:6c:64:9c:47:87: 4b:97:2e:f8:83:e1:59:fb:a8:08:1e:c7:43:7f:3a: 61:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: CD:0A:24:B4:D5:08:D4:3D:8C:25:BB:8E:C5:D4:4F:77:E1:3A:51:A6 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/9e30ac64-0f13-4162-968f-afe5cc714cf6/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/9e30ac64-0f13-4162-968f-afe5cc714cf6/0/CD0A24B4D508D43D8C25BB8EC5D44F77E13A51A6.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.189.166.0/23 Signature Algorithm: sha256WithRSAEncryption 90:44:59:2b:1b:e0:db:91:e3:f8:22:4b:12:13:27:4f:d0:ca: 7e:b9:8e:de:aa:cd:eb:50:db:7f:a5:6a:f7:6f:75:89:48:78: d7:02:62:e9:a1:fb:1f:47:ef:38:95:d6:22:8b:88:43:63:a4: 8a:24:be:64:bc:e6:5b:37:8a:4e:c0:f5:cb:e6:05:00:13:4d: e7:d1:0a:58:74:92:75:3c:a6:fa:a5:52:8d:c4:1e:d5:b6:b0: bd:fd:23:46:b5:42:7b:66:d4:74:f2:6e:87:6d:1a:90:9a:ca: 19:1c:c5:fc:5b:fc:99:8e:f9:21:03:cb:f9:b6:98:6b:ef:1c: ad:f1:9b:1c:2a:a4:c1:db:15:e9:64:50:b8:f1:7f:60:0f:a8: a0:5c:ea:5c:9f:9c:83:1d:bc:f9:96:1f:71:82:19:44:16:8c: 40:0e:12:cf:20:a7:d1:9f:cc:e5:39:c9:35:65:1a:78:85:ad: 9a:e7:f3:78:47:4c:0e:6b:a9:15:bd:79:7f:c6:c0:b9:92:10: eb:40:64:54:16:46:3e:13:36:e9:e1:28:08:b4:02:8a:29:8f: 33:ac:f4:0d:30:c7:65:35:a3:9d:f3:f0:16:61:e6:d2:27:4e: 02:a1:59:d2:ea:c2:39:74:3b:ce:75:e4:97:49:72:f0:ad:1d: 2e:87:f4:ce -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUT7QnygmteeTITY6QDt5nZcHSK90wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMjU0OFoX DTI3MDUwMjAxMzA0OFowMzExMC8GA1UEAxMoQ0QwQTI0QjRENTA4RDQzRDhDMjVC QjhFQzVENDRGNzdFMTNBNTFBNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMlO/KMTGT5aZ+Ty5L/gj+fzxp0OgTd2jMphsJvhnL4E9g2ikGgd8z/EqED2 CXV2gTZGxH8ATcmb1JMPy1N/9E+YYvqc8cS47QvLWfwrqr0lyRAaqTLusB2yXBSL u5VgybKy0+XMjPs8qOvNg3zteZtrLwxXGFum6LSlOjR/K0LrdJbTBbXcySLeWl1l oi46LaWSKElaICKiOBJl9jUiHLNpfOcEAYh5c06vLqxaz8w3qvzeuOY/2mXBvdzK LIwK1vf/MN7MWIOC2h8KmxXLPvKRcSCDqJq6axMkYyVxwVC+r0X3H78FRqEAb2xk nEeHS5cu+IPhWfuoCB7HQ386YTcCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFM0KJLTVCNQ9jCW7jsXUT3fhOlGmMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzllMzBhYzY0LTBmMTMtNDE2Mi05NjhmLWFmZTVjYzcxNGNmNi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby85ZTMwYWM2 NC0wZjEzLTQxNjItOTY4Zi1hZmU1Y2M3MTRjZjYvMC9DRDBBMjRCNEQ1MDhENDNE OEMyNUJCOEVDNUQ0NEY3N0UxM0E1MUE2Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ72mMA0GCSqGSIb3DQEBCwUAA4IBAQCQRFkrG+DbkeP4IksSEydP0Mp+uY7e qs3rUNt/pWr3b3WJSHjXAmLpofsfR+84ldYii4hDY6SKJL5kvOZbN4pOwPXL5gUA E03n0QpYdJJ1PKb6pVKNxB7VtrC9/SNGtUJ7ZtR08m6HbRqQmsoZHMX8W/yZjvkh A8v5tphr7xyt8ZscKqTB2xXpZFC48X9gD6igXOpcn5yDHbz5lh9xghlEFoxADhLP IKfRn8zlOck1ZRp4ha2a5/N4R0wOa6kVvXl/xsC5khDrQGRUFkY+Ezbp4SgItAKK KY8zrPQNMMdlNaOd8/AWYebSJ04CoVnS6sI5dDvOdeSXSXLwrR0uh/TO -----END CERTIFICATE-----Generated at Tue May 12 22:03:02 2026 by rpki-client