$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/CF89794EBA26CE0126FCB172A8D35407DD0DCF4A.cer File: CF89794EBA26CE0126FCB172A8D35407DD0DCF4A.cer (raw, json) Hash identifier: 7rasncRxwWU5NahEMInuj30gPP6yQN87LeXDuadouiY= Subject key identifier: CF:89:79:4E:BA:26:CE:01:26:FC:B1:72:A8:D3:54:07:DD:0D:CF:4A Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 43043A9859EF39207C64CC7D6FE3F1A637B9D9BC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/dacb7187-7a5f-4e23-be94-593a0c288cb9/0/CF89794EBA26CE0126FCB172A8D35407DD0DCF4A.mft caRepository: rsync://rpki-rsync.idnic.net/repo/dacb7187-7a5f-4e23-be94-593a0c288cb9/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:03:25 +0000 Certificate not after: Sun 02 May 2027 02:08:25 +0000 Subordinate resources: IP: 103.10.70.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:04:3a:98:59:ef:39:20:7c:64:cc:7d:6f:e3:f1:a6:37:b9:d9:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 02:03:25 2026 GMT Not After : May 2 02:08:25 2027 GMT Subject: CN=CF89794EBA26CE0126FCB172A8D35407DD0DCF4A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:4d:df:4e:28:37:76:ae:dc:f7:17:7b:c1:0f: b3:7d:2b:b1:b4:b1:bd:72:05:2e:21:3c:dc:46:45: 96:49:35:91:54:7a:62:e6:c8:99:d7:ad:93:c3:ed: c7:e6:52:38:4c:a2:a9:52:c2:5b:c0:c4:cd:39:e5: cb:45:7b:0e:34:c3:59:1c:b4:7a:bb:fa:7f:87:ee: 59:cc:bd:18:70:88:3e:dd:52:98:09:81:35:45:8b: 57:6b:38:55:da:8f:8e:39:55:58:97:a3:2e:ca:27: 6a:a0:d7:43:ae:68:78:04:6d:78:06:7a:fc:06:25: b9:69:64:89:65:d0:96:27:52:33:af:91:a0:40:09: 4b:05:cf:a8:d6:77:73:46:a0:fb:93:4c:3f:a8:81: d1:87:2b:20:f0:95:9d:9f:79:8b:47:ea:e4:f4:d4: b2:18:c7:61:8d:8b:a7:7d:47:1c:e7:7c:82:f7:0b: 32:1c:dc:22:b5:a9:47:d0:2b:d5:4f:db:8d:28:ef: a5:4d:f8:fa:58:3c:83:0c:3e:3b:6c:3a:71:d6:a6: 3d:7d:1d:c9:00:af:75:55:55:76:49:f1:10:98:82: 38:36:27:4d:72:58:f1:e8:bd:15:80:19:43:83:e2: 0c:60:82:2e:db:0e:61:ff:70:59:59:12:e2:0e:e6: a0:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: CF:89:79:4E:BA:26:CE:01:26:FC:B1:72:A8:D3:54:07:DD:0D:CF:4A X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/dacb7187-7a5f-4e23-be94-593a0c288cb9/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/dacb7187-7a5f-4e23-be94-593a0c288cb9/0/CF89794EBA26CE0126FCB172A8D35407DD0DCF4A.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.10.70.0/23 Signature Algorithm: sha256WithRSAEncryption 6f:93:53:d9:c0:74:fd:b4:89:a7:7d:c4:25:f0:d0:da:31:9f: b5:2a:33:d5:ff:54:46:8b:af:9f:c7:16:32:c1:e3:ed:16:23: d6:0e:6d:1c:43:29:5f:fd:cc:69:c5:bd:d6:cb:90:4b:36:7a: 8f:91:ca:73:a9:9b:9d:b6:c8:d8:4a:d4:de:c3:59:6c:a8:f8: 06:86:7a:28:a4:01:b3:c6:de:a3:47:9c:ed:0e:e1:f9:6b:e1: 51:e5:b4:af:67:cf:bc:d0:50:db:42:ba:21:5a:1a:e8:a2:92: 5b:a5:ea:e3:f5:c9:96:89:e4:67:23:cc:47:78:c4:b3:ca:5f: 15:71:97:66:7f:36:96:17:12:39:4e:95:b5:da:97:66:f1:57: 1b:23:55:14:47:f6:61:e3:75:e9:78:8b:61:ea:e4:22:7b:bd: 17:5c:d2:6f:32:94:1a:ac:da:26:c4:c5:86:d6:e6:bb:03:b5: 5d:cd:12:e4:17:54:7b:a0:68:ce:f9:5d:1f:c4:bb:74:7d:8a: bd:b5:e3:58:dc:c8:c7:77:a0:9d:ae:17:6d:83:09:8d:2d:c8: 64:8f:f2:0d:25:ca:02:9e:e7:16:4c:06:6f:94:86:9f:31:ac: dc:d3:a9:8d:93:6e:91:88:b1:28:62:e5:35:12:d4:7e:3c:b9: a1:b3:15:37 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUQwQ6mFnvOSB8ZMx9b+Pxpje52bwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAyMDMyNVoX DTI3MDUwMjAyMDgyNVowMzExMC8GA1UEAxMoQ0Y4OTc5NEVCQTI2Q0UwMTI2RkNC MTcyQThEMzU0MDdERDBEQ0Y0QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMhN304oN3au3PcXe8EPs30rsbSxvXIFLiE83EZFlkk1kVR6YubImdetk8Pt x+ZSOEyiqVLCW8DEzTnly0V7DjTDWRy0erv6f4fuWcy9GHCIPt1SmAmBNUWLV2s4 VdqPjjlVWJejLsonaqDXQ65oeARteAZ6/AYluWlkiWXQlidSM6+RoEAJSwXPqNZ3 c0ag+5NMP6iB0YcrIPCVnZ95i0fq5PTUshjHYY2Lp31HHOd8gvcLMhzcIrWpR9Ar 1U/bjSjvpU34+lg8gww+O2w6cdamPX0dyQCvdVVVdknxEJiCODYnTXJY8ei9FYAZ Q4PiDGCCLtsOYf9wWVkS4g7moMsCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFM+JeU66Js4BJvyxcqjTVAfdDc9KMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2RhY2I3MTg3LTdhNWYtNGUyMy1iZTk0LTU5M2EwYzI4OGNiOS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9kYWNiNzE4 Ny03YTVmLTRlMjMtYmU5NC01OTNhMGMyODhjYjkvMC9DRjg5Nzk0RUJBMjZDRTAx MjZGQ0IxNzJBOEQzNTQwN0REMERDRjRBLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZwpGMA0GCSqGSIb3DQEBCwUAA4IBAQBvk1PZwHT9tImnfcQl8NDaMZ+1KjPV /1RGi6+fxxYywePtFiPWDm0cQylf/cxpxb3Wy5BLNnqPkcpzqZudtsjYStTew1ls qPgGhnoopAGzxt6jR5ztDuH5a+FR5bSvZ8+80FDbQrohWhroopJbperj9cmWieRn I8xHeMSzyl8VcZdmfzaWFxI5TpW12pdm8VcbI1UUR/Zh43XpeIth6uQie70XXNJv MpQarNomxMWG1ua7A7VdzRLkF1R7oGjO+V0fxLt0fYq9teNY3MjHd6CdrhdtgwmN Lchkj/INJcoCnucWTAZvlIafMazc06mNk26RiLEoYuU1EtR+PLmhsxU3 -----END CERTIFICATE-----Generated at Tue May 12 22:52:57 2026 by rpki-client