$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.cer File: CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.cer (raw, json) Hash identifier: L8PNSiXtVHTeY639bX6XQrw8SKl8hWEJnWjGXP3PRZc= Subject key identifier: CF:67:7D:C4:A0:E9:F5:2E:45:8D:7F:78:6C:11:00:4C:BC:C0:6B:E6 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 357A57D70D972E9A1498AB94F6A6D1E8E2510C2B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/b199c1af-d9c7-4ffd-ba03-a3e1cdd8aee0/0/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.mft caRepository: rsync://rpki-rsync.idnic.net/repo/b199c1af-d9c7-4ffd-ba03-a3e1cdd8aee0/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:38:40 +0000 Certificate not after: Sun 02 May 2027 01:43:40 +0000 Subordinate resources: IP: 43.248.24.0/22 IP: 103.10.96.0/22 IP: 103.23.240.0/22 IP: 203.128.64.0/19 IP: 203.201.50.0/23 IP: 2401:1b00::/32 IP: 2403:c600::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:7a:57:d7:0d:97:2e:9a:14:98:ab:94:f6:a6:d1:e8:e2:51:0c:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:38:40 2026 GMT Not After : May 2 01:43:40 2027 GMT Subject: CN=CF677DC4A0E9F52E458D7F786C11004CBCC06BE6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:fe:71:d6:f6:ae:9e:6e:40:a1:a6:5c:ec:73: 65:38:90:7d:aa:16:41:c8:a5:87:a8:8d:76:f6:6e: ab:51:eb:fd:c6:d2:c8:10:6b:79:7c:cc:10:b3:fe: b0:66:d4:4c:ef:08:75:6f:9b:9b:e7:ab:15:c5:07: 28:87:d3:fb:e7:72:17:2b:9d:e4:05:02:48:82:89: 53:cc:4e:22:66:45:49:6d:64:05:6c:cb:0e:af:ac: 0f:e9:79:25:f9:95:a9:b5:88:ab:2d:6b:2c:cb:e1: 46:b7:36:ee:b8:fd:62:19:d6:1f:68:a7:f3:9d:d9: 86:60:4b:ea:93:8b:32:2d:01:75:c3:3e:54:30:0c: 21:2d:31:87:2b:75:fd:e5:44:d7:4e:5f:60:1c:5e: 64:91:c2:69:5b:18:55:10:b9:45:83:d5:99:c9:01: ca:ba:94:82:f7:6f:e4:a3:f3:c1:3d:23:d5:30:bf: 1e:ef:67:b7:84:9d:88:1b:29:4c:61:f6:9a:ab:d8: 07:ad:fc:68:59:5d:f1:99:0b:0d:a0:3d:21:3b:61: 90:34:cf:29:84:6b:27:52:a3:df:09:84:73:86:55: cf:cf:3f:67:c7:d6:34:bf:7b:b0:3e:3c:32:b9:dd: 4f:38:d2:6f:eb:5b:01:c9:77:18:e0:17:d8:ed:0f: 25:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: CF:67:7D:C4:A0:E9:F5:2E:45:8D:7F:78:6C:11:00:4C:BC:C0:6B:E6 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/b199c1af-d9c7-4ffd-ba03-a3e1cdd8aee0/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/b199c1af-d9c7-4ffd-ba03-a3e1cdd8aee0/0/CF677DC4A0E9F52E458D7F786C11004CBCC06BE6.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.248.24.0/22 103.10.96.0/22 103.23.240.0/22 203.128.64.0/19 203.201.50.0/23 IPv6: 2401:1b00::/32 2403:c600::/32 Signature Algorithm: sha256WithRSAEncryption 43:ba:2b:5e:43:b7:57:80:df:c3:02:bf:fd:95:d3:77:de:4d: cd:d8:db:18:55:b3:b7:19:38:de:ff:ad:40:c1:1b:f8:cc:f6: 11:9f:41:c8:9c:75:bd:94:cf:6a:c7:fe:bc:78:e4:d6:1d:0b: e9:f9:6a:63:b9:de:59:18:13:fd:8c:25:96:e0:e0:1a:9c:45: c1:a8:ea:7b:8e:c7:ac:1c:91:8e:d0:43:db:cf:fb:a6:38:a5: 22:7b:1e:2a:b0:fc:62:14:77:35:93:e1:5a:0c:76:bd:d0:4f: ad:e6:39:62:0c:24:ba:49:a5:b1:79:90:be:11:52:a1:41:59: 1f:60:c1:6b:79:30:0f:b4:1e:e2:24:54:b2:4b:a9:c7:dd:9c: 4c:a0:fb:6f:5a:f6:52:6d:55:28:2f:e5:0e:1b:5a:39:b0:6b: 75:47:a8:01:43:30:ff:63:e4:59:72:d3:00:d5:e0:a7:bc:22: e1:0b:09:0a:90:34:8d:6b:f0:e8:eb:af:d0:d0:67:c2:20:68: ea:8e:a7:ca:9d:db:4e:33:5e:7f:38:08:ec:c6:1b:33:6f:c0: a8:c7:3f:c5:e0:0b:af:fb:b2:d7:08:41:82:c9:41:a2:13:41: 4a:9d:f6:af:75:68:81:12:7d:00:07:5d:2e:9f:48:0d:35:82: 12:03:57:f0 -----BEGIN CERTIFICATE----- MIIF9DCCBNygAwIBAgIUNXpX1w2XLpoUmKuU9qbR6OJRDCswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMzg0MFoX DTI3MDUwMjAxNDM0MFowMzExMC8GA1UEAxMoQ0Y2NzdEQzRBMEU5RjUyRTQ1OEQ3 Rjc4NkMxMTAwNENCQ0MwNkJFNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJb+cdb2rp5uQKGmXOxzZTiQfaoWQcilh6iNdvZuq1Hr/cbSyBBreXzMELP+ sGbUTO8IdW+bm+erFcUHKIfT++dyFyud5AUCSIKJU8xOImZFSW1kBWzLDq+sD+l5 JfmVqbWIqy1rLMvhRrc27rj9YhnWH2in853ZhmBL6pOLMi0BdcM+VDAMIS0xhyt1 /eVE105fYBxeZJHCaVsYVRC5RYPVmckByrqUgvdv5KPzwT0j1TC/Hu9nt4SdiBsp TGH2mqvYB638aFld8ZkLDaA9ITthkDTPKYRrJ1Kj3wmEc4ZVz88/Z8fWNL97sD48 MrndTzjSb+tbAcl3GOAX2O0PJYcCAwEAAaOCAucwggLjMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFM9nfcSg6fUuRY1/eGwRAEy8wGvmMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2IxOTljMWFmLWQ5YzctNGZmZC1iYTAzLWEzZTFjZGQ4YWVlMC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9iMTk5YzFh Zi1kOWM3LTRmZmQtYmEwMy1hM2UxY2RkOGFlZTAvMC9DRjY3N0RDNEEwRTlGNTJF NDU4RDdGNzg2QzExMDA0Q0JDQzA2QkU2Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAe AwQCK/gYAwQCZwpgAwQCZxfwAwQFy4BAAwQBy8kyMBQEAgACMA4DBQAkARsAAwUA JAPGADANBgkqhkiG9w0BAQsFAAOCAQEAQ7orXkO3V4DfwwK//ZXTd95NzdjbGFWz txk43v+tQMEb+Mz2EZ9ByJx1vZTPasf+vHjk1h0L6flqY7neWRgT/YwlluDgGpxF wajqe47HrByRjtBD28/7pjilInseKrD8YhR3NZPhWgx2vdBPreY5YgwkukmlsXmQ vhFSoUFZH2DBa3kwD7Qe4iRUskupx92cTKD7b1r2Um1VKC/lDhtaObBrdUeoAUMw /2PkWXLTANXgp7wi4QsJCpA0jWvw6Ouv0NBnwiBo6o6nyp3bTjNefzgI7MYbM2/A qMc/xeALr/uy1whBgslBohNBSp32r3VogRJ9AAddLp9IDTWCEgNX8A== -----END CERTIFICATE-----Generated at Tue May 12 22:47:23 2026 by rpki-client