$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/CE5ECD1D687D040F7BDA17704649E1DFA897CE1A.cer File: CE5ECD1D687D040F7BDA17704649E1DFA897CE1A.cer (raw, json) Hash identifier: kzEY6QapxNFFXIuhSuNo7VZrgyOVyt+2kYHMN7cS1tE= Subject key identifier: CE:5E:CD:1D:68:7D:04:0F:7B:DA:17:70:46:49:E1:DF:A8:97:CE:1A Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 75A6029946052E29D381A018603348DD8B8309F1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/16da0e82-0764-45d3-aed9-fd258e72b6e2/1/CE5ECD1D687D040F7BDA17704649E1DFA897CE1A.mft caRepository: rsync://rpki-rsync.idnic.net/repo/16da0e82-0764-45d3-aed9-fd258e72b6e2/1/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:54:21 +0000 Certificate not after: Sat 01 May 2027 23:59:21 +0000 Subordinate resources: IP: 2001:df3:dfc0::/48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:a6:02:99:46:05:2e:29:d3:81:a0:18:60:33:48:dd:8b:83:09:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:54:21 2026 GMT Not After : May 1 23:59:21 2027 GMT Subject: CN=CE5ECD1D687D040F7BDA17704649E1DFA897CE1A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:d9:32:e7:66:d8:c1:a4:7c:43:fe:20:45:d4: 16:a1:a9:2a:4d:16:7a:09:50:c5:68:58:37:2d:80: 0d:25:e9:5d:71:b0:a6:ba:ba:4d:d5:62:de:63:76: a3:a6:ca:ab:19:4d:bb:ee:ca:df:28:60:20:a6:a7: 38:f6:c3:a3:83:dc:2c:21:35:65:8b:dc:6a:49:8b: d8:45:76:44:4f:ad:9a:27:ec:47:3c:06:a5:76:a9: e1:a1:b8:b5:8c:66:88:d3:91:8d:d7:90:9d:ae:39: 2b:76:49:cc:21:cd:a2:71:98:3f:21:e9:f2:75:41: 22:a4:2e:fa:d4:4b:86:bd:b2:78:c1:62:b2:13:8f: ca:dd:ac:32:00:5b:ad:4c:62:c2:12:f7:eb:e7:75: eb:b6:1e:1d:dd:77:8d:43:0c:9a:bc:14:d2:26:e0: 00:61:0d:a9:0b:d8:36:6a:3c:2b:0f:40:e9:37:c5: 2d:ec:1c:6e:7b:8b:65:68:37:9f:c8:1c:96:06:87: 0f:35:82:a5:2a:f1:5d:15:39:ca:f4:98:f0:d4:ca: 47:1b:bb:f4:26:cb:d3:14:f0:e0:8e:ed:64:22:37: 4c:35:61:50:7f:b6:cb:10:7a:7a:d9:9d:5f:50:09: 58:13:47:60:b1:74:82:e7:bc:22:d2:2a:a5:7b:cb: 86:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: CE:5E:CD:1D:68:7D:04:0F:7B:DA:17:70:46:49:E1:DF:A8:97:CE:1A X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/16da0e82-0764-45d3-aed9-fd258e72b6e2/1/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/16da0e82-0764-45d3-aed9-fd258e72b6e2/1/CE5ECD1D687D040F7BDA17704649E1DFA897CE1A.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:dfc0::/48 Signature Algorithm: sha256WithRSAEncryption 8f:b8:e6:e7:41:df:e3:44:ec:dc:6c:fe:ce:7a:4f:6d:70:1a: 5a:93:85:5c:0b:60:95:50:c6:66:f1:5d:99:82:1d:cd:21:95: cf:68:d5:11:8c:b3:61:f6:ba:19:aa:6d:7d:4d:fc:4d:bc:73: 44:59:ea:28:e0:c3:27:46:78:3a:59:de:55:5f:76:7a:63:8a: 7a:5f:99:de:40:93:42:8e:10:e4:db:59:80:5a:ef:07:2e:9c: a5:40:16:e1:e8:f5:fa:50:57:fd:bc:8f:ea:66:9b:b5:4a:17: e0:66:69:57:24:80:16:62:42:7f:7d:dc:f3:27:79:f9:42:4c: bf:d5:a5:31:60:f6:39:d6:11:43:17:ce:0c:67:dd:a6:46:18: e8:66:90:6d:ca:e0:a5:0a:f6:c5:ec:58:e5:c1:c7:f0:20:07: a9:aa:34:45:2e:c0:24:a5:b7:02:53:01:7e:39:5d:ef:2f:e3: 0f:ef:ed:90:0d:14:53:9b:d5:0c:5a:d1:5f:c0:64:02:4e:ef: f6:a3:b9:3a:4c:2a:09:71:8e:f0:b3:8d:54:6e:4d:29:7a:31: 3c:a9:1d:b7:96:22:bf:52:dd:d2:82:e8:9a:48:1d:79:28:59: ef:e3:48:74:51:68:11:c5:7a:55:91:c9:38:5a:06:a0:21:a3: c1:4b:8e:4f -----BEGIN CERTIFICATE----- MIIFyTCCBLGgAwIBAgIUdaYCmUYFLinTgaAYYDNI3YuDCfEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNTQyMVoX DTI3MDUwMTIzNTkyMVowMzExMC8GA1UEAxMoQ0U1RUNEMUQ2ODdEMDQwRjdCREEx NzcwNDY0OUUxREZBODk3Q0UxQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL3ZMudm2MGkfEP+IEXUFqGpKk0WeglQxWhYNy2ADSXpXXGwprq6TdVi3mN2 o6bKqxlNu+7K3yhgIKanOPbDo4PcLCE1ZYvcakmL2EV2RE+tmifsRzwGpXap4aG4 tYxmiNORjdeQna45K3ZJzCHNonGYPyHp8nVBIqQu+tRLhr2yeMFishOPyt2sMgBb rUxiwhL36+d167YeHd13jUMMmrwU0ibgAGENqQvYNmo8Kw9A6TfFLewcbnuLZWg3 n8gclgaHDzWCpSrxXRU5yvSY8NTKRxu79CbL0xTw4I7tZCI3TDVhUH+2yxB6etmd X1AJWBNHYLF0gue8ItIqpXvLhpcCAwEAAaOCArwwggK4MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFM5ezR1ofQQPe9oXcEZJ4d+ol84aMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzE2ZGEwZTgyLTA3NjQtNDVkMy1hZWQ5LWZkMjU4ZTcyYjZlMi8xLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8xNmRhMGU4 Mi0wNzY0LTQ1ZDMtYWVkOS1mZDI1OGU3MmI2ZTIvMS9DRTVFQ0QxRDY4N0QwNDBG N0JEQTE3NzA0NjQ5RTFERkE4OTdDRTFBLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAIAEN89/AMA0GCSqGSIb3DQEBCwUAA4IBAQCPuObnQd/jROzcbP7Oek9tcBpa k4VcC2CVUMZm8V2Zgh3NIZXPaNURjLNh9roZqm19TfxNvHNEWeoo4MMnRng6Wd5V X3Z6Y4p6X5neQJNCjhDk21mAWu8HLpylQBbh6PX6UFf9vI/qZpu1ShfgZmlXJIAW YkJ/fdzzJ3n5Qky/1aUxYPY51hFDF84MZ92mRhjoZpBtyuClCvbF7FjlwcfwIAep qjRFLsAkpbcCUwF+OV3vL+MP7+2QDRRTm9UMWtFfwGQCTu/2o7k6TCoJcY7ws41U bk0pejE8qR23liK/Ut3SguiaSB15KFnv40h0UWgRxXpVkck4WgagIaPBS45P -----END CERTIFICATE-----Generated at Wed May 13 01:07:16 2026 by rpki-client