$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/CFAB76BA352A38D20728AC2158C798F4B46EB514.cer File: CFAB76BA352A38D20728AC2158C798F4B46EB514.cer (raw, json) Hash identifier: towfYR+Lz0LWjXkYmoiyxgcEvNHLh4uhC3vBWkgu3pk= Subject key identifier: CF:AB:76:BA:35:2A:38:D2:07:28:AC:21:58:C7:98:F4:B4:6E:B5:14 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2693E4C616E1F98FD461C8E31EA588EF2BEAE987 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/76542839-2858-49f0-acdf-fa7d3ab9c558/0/CFAB76BA352A38D20728AC2158C798F4B46EB514.mft caRepository: rsync://rpki-rsync.idnic.net/repo/76542839-2858-49f0-acdf-fa7d3ab9c558/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:58:23 +0000 Certificate not after: Sun 02 May 2027 01:03:23 +0000 Subordinate resources: IP: 103.129.20.0/22 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:93:e4:c6:16:e1:f9:8f:d4:61:c8:e3:1e:a5:88:ef:2b:ea:e9:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:58:23 2026 GMT Not After : May 2 01:03:23 2027 GMT Subject: CN=CFAB76BA352A38D20728AC2158C798F4B46EB514 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:2c:1c:20:40:f0:c6:b5:f8:79:52:34:91:84: 29:d2:b7:00:b3:24:97:43:05:63:8b:9e:55:36:2f: ad:74:34:8e:8b:0b:05:68:9b:25:12:19:5a:aa:8b: 54:94:36:77:f2:2b:3c:a2:ea:be:de:c5:a8:39:e2: 48:27:cc:66:8e:6c:ca:46:a1:64:d8:19:d7:72:c9: 13:04:cc:c8:b9:c9:9c:cb:22:38:2e:59:99:8c:7c: 06:40:50:7c:ea:79:aa:6b:98:f8:69:39:f6:03:84: fa:54:97:23:19:53:65:bd:fe:7d:ab:28:36:62:ae: 06:0b:4b:e8:8d:e4:07:0e:12:f8:4c:fc:f4:eb:06: 22:4c:52:10:57:11:2b:49:b2:d2:b1:f0:c3:1b:8b: 0e:50:81:7f:e9:4c:d0:db:17:75:f7:aa:83:60:c0: ac:92:c3:3d:3d:0a:92:ce:5e:8a:2e:a7:1b:8f:bb: 65:1b:10:59:a5:e8:b7:dc:34:c7:6c:02:de:6d:83: f7:c0:85:1b:b2:9b:aa:ed:55:09:b5:45:89:9e:d5: ec:16:d1:5c:37:c5:62:be:84:e2:45:26:48:33:55: 27:e0:ee:33:30:5a:33:9c:c1:4e:b8:b2:7a:a1:c1: e8:c3:05:84:92:35:c2:21:27:72:16:e0:6c:8a:69: 17:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: CF:AB:76:BA:35:2A:38:D2:07:28:AC:21:58:C7:98:F4:B4:6E:B5:14 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/76542839-2858-49f0-acdf-fa7d3ab9c558/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/76542839-2858-49f0-acdf-fa7d3ab9c558/0/CFAB76BA352A38D20728AC2158C798F4B46EB514.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.129.20.0/22 Signature Algorithm: sha256WithRSAEncryption 1e:fb:ad:f3:dc:ce:1c:ce:b8:d9:75:e2:a5:df:65:e4:74:13: ca:59:2e:d0:04:02:02:97:79:2d:49:3a:6f:b6:92:88:96:fc: 12:c7:24:c4:96:ea:57:88:2f:b5:82:47:53:44:dd:ae:12:88: 96:45:d1:0e:c4:62:43:cd:d5:02:f3:00:e3:e6:b7:14:c7:8e: 42:bc:eb:ae:6e:d2:e0:83:7b:22:a6:37:2f:49:d8:3b:62:56: 47:40:53:03:ce:3b:9f:c1:ce:19:7c:d5:b6:69:11:9a:8b:6c: 95:92:09:8d:a9:63:74:eb:f3:32:1f:da:fa:cb:3f:8c:e4:53: ab:cd:da:b6:66:45:7b:fe:fe:e2:2a:a1:b0:f2:f5:11:4b:76: 46:65:fe:e7:6e:2d:70:6c:4d:50:83:de:53:b6:ff:df:84:77: 01:08:54:9e:83:54:b7:d7:3d:f3:64:79:bb:df:b0:d7:97:3b: d5:78:ce:4f:f5:71:a8:60:12:81:56:cb:5a:c3:26:91:90:fc: 92:22:46:85:0a:3d:48:4f:f5:4b:96:d3:7b:52:ed:73:a4:d8: 51:51:00:93:99:89:7f:83:d2:1d:68:09:55:01:e1:25:0b:dc: 01:a5:a1:b8:86:91:5e:17:b6:8f:e7:9e:3a:1c:d0:2a:92:46: 12:bc:f4:b2 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUJpPkxhbh+Y/UYcjjHqWI7yvq6YcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwNTgyM1oX DTI3MDUwMjAxMDMyM1owMzExMC8GA1UEAxMoQ0ZBQjc2QkEzNTJBMzhEMjA3MjhB QzIxNThDNzk4RjRCNDZFQjUxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL8sHCBA8Ma1+HlSNJGEKdK3ALMkl0MFY4ueVTYvrXQ0josLBWibJRIZWqqL VJQ2d/IrPKLqvt7FqDniSCfMZo5sykahZNgZ13LJEwTMyLnJnMsiOC5ZmYx8BkBQ fOp5qmuY+Gk59gOE+lSXIxlTZb3+fasoNmKuBgtL6I3kBw4S+Ez89OsGIkxSEFcR K0my0rHwwxuLDlCBf+lM0NsXdfeqg2DArJLDPT0Kks5eii6nG4+7ZRsQWaXot9w0 x2wC3m2D98CFG7Kbqu1VCbVFiZ7V7BbRXDfFYr6E4kUmSDNVJ+DuMzBaM5zBTriy eqHB6MMFhJI1wiEnchbgbIppF4sCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFM+rdro1KjjSByisIVjHmPS0brUUMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv Lzc2NTQyODM5LTI4NTgtNDlmMC1hY2RmLWZhN2QzYWI5YzU1OC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby83NjU0Mjgz OS0yODU4LTQ5ZjAtYWNkZi1mYTdkM2FiOWM1NTgvMC9DRkFCNzZCQTM1MkEzOEQy MDcyOEFDMjE1OEM3OThGNEI0NkVCNTE0Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ4EUMA0GCSqGSIb3DQEBCwUAA4IBAQAe+63z3M4czrjZdeKl32XkdBPKWS7Q BAICl3ktSTpvtpKIlvwSxyTElupXiC+1gkdTRN2uEoiWRdEOxGJDzdUC8wDj5rcU x45CvOuubtLgg3sipjcvSdg7YlZHQFMDzjufwc4ZfNW2aRGai2yVkgmNqWN06/My H9r6yz+M5FOrzdq2ZkV7/v7iKqGw8vURS3ZGZf7nbi1wbE1Qg95Ttv/fhHcBCFSe g1S31z3zZHm737DXlzvVeM5P9XGoYBKBVstawyaRkPySIkaFCj1IT/VLltN7Uu1z pNhRUQCTmYl/g9IdaAlVAeElC9wBpaG4hpFeF7aP5546HNAqkkYSvPSy -----END CERTIFICATE-----Generated at Tue May 12 22:10:36 2026 by rpki-client