$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/D21FEA1A58BBE03288B8857877AB42210C1B816B.cer File: D21FEA1A58BBE03288B8857877AB42210C1B816B.cer (raw, json) Hash identifier: 26+l9AcXtPtomXAkWlfMwIbtQee8q8Z8TDx6Q4ALri0= Subject key identifier: D2:1F:EA:1A:58:BB:E0:32:88:B8:85:78:77:AB:42:21:0C:1B:81:6B Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2C2A741ADEC2F251742F6CEE996FDDECE92C53D3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/ecdae0a5-b4f6-4e08-8beb-63ebe0853df3/0/D21FEA1A58BBE03288B8857877AB42210C1B816B.mft caRepository: rsync://rpki-rsync.idnic.net/repo/ecdae0a5-b4f6-4e08-8beb-63ebe0853df3/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:25:42 +0000 Certificate not after: Sun 02 May 2027 02:30:42 +0000 Subordinate resources: IP: 103.40.92.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:2a:74:1a:de:c2:f2:51:74:2f:6c:ee:99:6f:dd:ec:e9:2c:53:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 02:25:42 2026 GMT Not After : May 2 02:30:42 2027 GMT Subject: CN=D21FEA1A58BBE03288B8857877AB42210C1B816B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:92:02:06:86:14:23:a8:91:c2:af:09:a8:f4: 8c:e9:b6:b4:42:0b:18:cd:a2:34:8b:3a:ca:68:39: a2:d1:b0:d2:8f:85:92:e8:b5:58:66:71:93:d5:c7: 92:5a:20:1e:1f:3f:81:ca:dc:0b:2f:ba:ce:ae:61: d0:a1:81:21:cc:66:a4:60:98:52:da:67:7c:84:54: e4:1a:91:3c:ef:7d:5e:b3:0f:a2:4c:2c:d7:8a:12: fe:43:c8:6b:27:6a:fc:86:1d:27:18:5b:b7:cb:eb: 84:58:d1:d4:a3:0b:87:e3:a7:e9:50:07:05:ca:90: 07:8a:11:93:c3:11:70:d4:5c:8e:77:9c:05:ba:df: 02:8a:92:52:44:1b:80:82:32:3b:53:24:17:64:2f: b9:fe:50:64:3a:34:47:57:a7:4f:d5:a2:86:1c:7e: 55:b2:53:b0:b2:34:ea:3b:45:43:17:a7:ac:1c:7d: 74:69:e7:67:b7:59:fa:01:ed:be:34:56:48:af:a0: d5:80:50:a8:6e:53:b9:c6:f6:0e:8b:6d:9d:ec:57: 8f:ba:f6:e3:df:0c:e7:e1:67:67:e8:a6:6e:0a:a2: 09:6d:31:ab:1d:07:4d:69:c8:09:21:56:52:4a:66: 63:42:ae:eb:49:4f:16:ec:6a:91:ea:70:1e:1c:ea: f3:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D2:1F:EA:1A:58:BB:E0:32:88:B8:85:78:77:AB:42:21:0C:1B:81:6B X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/ecdae0a5-b4f6-4e08-8beb-63ebe0853df3/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/ecdae0a5-b4f6-4e08-8beb-63ebe0853df3/0/D21FEA1A58BBE03288B8857877AB42210C1B816B.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.40.92.0/23 Signature Algorithm: sha256WithRSAEncryption 7f:65:38:f8:3d:7c:d8:28:54:81:0e:1a:f0:76:df:1b:bb:e3: 0b:0d:fb:7c:2f:6d:05:42:17:fd:37:eb:01:57:10:f7:0b:af: ee:cd:87:5c:73:82:3a:33:64:67:1c:ca:2c:88:b0:14:43:a4: d9:8a:83:b1:97:c5:76:c7:9c:8d:86:75:29:76:c0:5f:9c:46: 18:73:46:b5:2f:96:b7:35:7f:2e:b3:e2:c9:99:94:0d:fe:98: 91:50:b2:18:13:82:72:ea:91:51:5c:aa:90:27:1b:37:72:5a: bb:1b:69:70:11:b4:9e:cf:59:53:89:e0:6f:15:c4:ba:13:29: bb:fa:18:0a:b2:b2:ea:b6:01:6a:dc:46:1b:ed:6c:76:ff:e5: a5:cb:81:c1:de:1f:94:a5:50:5e:92:14:5b:ad:57:6b:bc:50: e9:6a:84:80:9f:bb:5e:02:dc:b8:54:57:8c:a7:aa:28:21:00: 2b:d4:20:ed:dc:e7:fd:f2:94:e4:12:6f:b7:fa:19:51:23:5d: 90:b0:09:44:42:25:b0:04:c2:f2:90:9f:70:0b:f0:b7:45:a4: 4b:8c:9c:e2:ee:bd:69:58:88:e5:b5:9a:22:3d:ca:8a:29:9b: 62:02:c3:ee:30:20:42:a9:dc:98:b7:fa:67:e4:23:0f:ac:b6: 88:b8:cc:ed -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIULCp0Gt7C8lF0L2zumW/d7OksU9MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAyMjU0MloX DTI3MDUwMjAyMzA0MlowMzExMC8GA1UEAxMoRDIxRkVBMUE1OEJCRTAzMjg4Qjg4 NTc4NzdBQjQyMjEwQzFCODE2QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOuSAgaGFCOokcKvCaj0jOm2tEILGM2iNIs6ymg5otGw0o+Fkui1WGZxk9XH klogHh8/gcrcCy+6zq5h0KGBIcxmpGCYUtpnfIRU5BqRPO99XrMPokws14oS/kPI aydq/IYdJxhbt8vrhFjR1KMLh+On6VAHBcqQB4oRk8MRcNRcjnecBbrfAoqSUkQb gIIyO1MkF2Qvuf5QZDo0R1enT9Wihhx+VbJTsLI06jtFQxenrBx9dGnnZ7dZ+gHt vjRWSK+g1YBQqG5Tucb2DottnexXj7r2498M5+FnZ+imbgqiCW0xqx0HTWnICSFW UkpmY0Ku60lPFuxqkepwHhzq8ycCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNIf6hpYu+AyiLiFeHerQiEMG4FrMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2VjZGFlMGE1LWI0ZjYtNGUwOC04YmViLTYzZWJlMDg1M2RmMy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9lY2RhZTBh NS1iNGY2LTRlMDgtOGJlYi02M2ViZTA4NTNkZjMvMC9EMjFGRUExQTU4QkJFMDMy ODhCODg1Nzg3N0FCNDIyMTBDMUI4MTZCLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZyhcMA0GCSqGSIb3DQEBCwUAA4IBAQB/ZTj4PXzYKFSBDhrwdt8bu+MLDft8 L20FQhf9N+sBVxD3C6/uzYdcc4I6M2RnHMosiLAUQ6TZioOxl8V2x5yNhnUpdsBf nEYYc0a1L5a3NX8us+LJmZQN/piRULIYE4Jy6pFRXKqQJxs3clq7G2lwEbSez1lT ieBvFcS6Eym7+hgKsrLqtgFq3EYb7Wx2/+Wly4HB3h+UpVBekhRbrVdrvFDpaoSA n7teAty4VFeMp6ooIQAr1CDt3Of98pTkEm+3+hlRI12QsAlEQiWwBMLykJ9wC/C3 RaRLjJzi7r1pWIjltZoiPcqKKZtiAsPuMCBCqdyYt/pn5CMPrLaIuMzt -----END CERTIFICATE-----Generated at Wed May 13 00:53:59 2026 by rpki-client