$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/D31497BCB1472C5592E6CB6AED8B3CBFEAB99430.cer File: D31497BCB1472C5592E6CB6AED8B3CBFEAB99430.cer (raw, json) Hash identifier: X+EgIGCu14/y8Xdia2QreyaHBwNBLnSicy/VquP5aMw= Subject key identifier: D3:14:97:BC:B1:47:2C:55:92:E6:CB:6A:ED:8B:3C:BF:EA:B9:94:30 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 211289B80E0AEEE2A4941F788648E9F260B52925 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/519166a1-18cd-44d3-a6e0-2ef82f760d28/0/D31497BCB1472C5592E6CB6AED8B3CBFEAB99430.mft caRepository: rsync://rpki-rsync.idnic.net/repo/519166a1-18cd-44d3-a6e0-2ef82f760d28/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:33:24 +0000 Certificate not after: Sun 02 May 2027 00:38:24 +0000 Subordinate resources: IP: 103.41.192.0/22 IP: 117.53.144.0/22 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:12:89:b8:0e:0a:ee:e2:a4:94:1f:78:86:48:e9:f2:60:b5:29:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:33:24 2026 GMT Not After : May 2 00:38:24 2027 GMT Subject: CN=D31497BCB1472C5592E6CB6AED8B3CBFEAB99430 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:fa:27:be:04:03:93:05:72:28:97:c2:ad:3b: 20:da:43:5c:f2:22:da:70:32:7c:69:7e:28:9d:70: 99:63:9b:e7:2a:2d:13:46:5b:bf:fb:e3:4f:6f:e9: 91:f0:d2:9a:64:92:99:78:3e:4b:a8:5f:fd:47:90: a8:ab:7e:bb:12:fb:0b:8f:28:16:f9:ff:82:76:8e: 37:8d:12:f8:27:3d:55:65:f1:39:cc:be:76:35:eb: e3:7b:84:d6:c6:c2:8d:ee:72:b1:47:1a:fc:23:45: 06:a0:06:f2:f5:7f:10:1c:fd:67:70:95:9b:b7:f5: 93:c5:1e:2c:ee:df:11:93:ae:3e:a7:d8:a8:a5:4d: c7:5c:6b:ad:ec:42:30:38:90:16:27:71:2f:87:2c: 38:23:86:1c:23:0a:e4:ba:60:1d:8d:e5:dd:3d:79: 51:97:91:40:47:6f:27:ea:28:4c:00:02:94:10:39: a0:4b:81:c8:c2:ed:ea:49:e3:98:51:5e:ac:00:bf: d5:7c:0f:32:b0:46:05:8f:6b:2c:7d:29:ac:e1:a8: c1:7e:1e:cc:c5:1a:b8:5b:03:77:6e:ed:75:50:d9: 1f:d2:19:ab:08:e8:b4:36:90:0c:0b:1c:b2:ce:b7: 15:5a:04:4d:32:97:99:65:f7:1c:20:bf:89:44:6f: aa:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D3:14:97:BC:B1:47:2C:55:92:E6:CB:6A:ED:8B:3C:BF:EA:B9:94:30 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/519166a1-18cd-44d3-a6e0-2ef82f760d28/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/519166a1-18cd-44d3-a6e0-2ef82f760d28/0/D31497BCB1472C5592E6CB6AED8B3CBFEAB99430.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.41.192.0/22 117.53.144.0/22 Signature Algorithm: sha256WithRSAEncryption 47:ae:a3:cc:62:08:ac:f6:4c:1f:d6:c7:97:86:19:12:e0:82: 77:bc:1c:b0:4c:7e:b7:7e:a8:d1:1d:f1:f1:3f:91:30:e7:f2: a5:53:8b:16:2c:68:d3:fc:8c:e7:77:44:c8:c0:80:b5:5f:90: 34:b4:10:9e:3d:a2:3f:36:87:a7:35:48:29:03:fe:ad:f1:e2: 7b:5c:1e:0e:35:bc:01:b5:76:4a:21:00:3b:f8:99:2e:cb:03: a2:ff:42:dc:1d:c3:30:12:75:04:12:05:c0:48:2e:2d:cf:51: 58:33:f8:f0:7c:14:47:cd:ea:ff:b4:c7:03:8d:41:f4:86:f3: 80:54:57:68:91:36:42:0c:69:4e:00:87:60:3e:78:67:fa:35: eb:d1:e1:12:7c:a3:64:f4:0d:21:52:49:22:29:26:e5:a6:ca: 56:2c:e3:b1:29:70:4c:14:27:07:ee:77:31:11:8c:28:ee:02: 39:1a:36:5d:ed:cd:89:71:a8:87:49:5f:af:23:1a:30:ed:07: 7f:d2:41:1f:58:24:aa:16:eb:2f:e5:78:50:43:62:5f:7a:d7: 1e:9e:2a:be:81:78:a1:ee:4e:a8:cb:d9:ab:6c:a9:5e:95:6f: 1a:c2:1c:8c:1d:2f:92:7e:82:1f:ae:c5:4d:75:a5:56:9a:d3: 3e:11:a5:ab -----BEGIN CERTIFICATE----- MIIFzDCCBLSgAwIBAgIUIRKJuA4K7uKklB94hkjp8mC1KSUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMzMyNFoX DTI3MDUwMjAwMzgyNFowMzExMC8GA1UEAxMoRDMxNDk3QkNCMTQ3MkM1NTkyRTZD QjZBRUQ4QjNDQkZFQUI5OTQzMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKj6J74EA5MFciiXwq07INpDXPIi2nAyfGl+KJ1wmWOb5yotE0Zbv/vjT2/p kfDSmmSSmXg+S6hf/UeQqKt+uxL7C48oFvn/gnaON40S+Cc9VWXxOcy+djXr43uE 1sbCje5ysUca/CNFBqAG8vV/EBz9Z3CVm7f1k8UeLO7fEZOuPqfYqKVNx1xrrexC MDiQFidxL4csOCOGHCMK5LpgHY3l3T15UZeRQEdvJ+ooTAAClBA5oEuByMLt6knj mFFerAC/1XwPMrBGBY9rLH0prOGowX4ezMUauFsDd27tdVDZH9IZqwjotDaQDAsc ss63FVoETTKXmWX3HCC/iURvqnUCAwEAAaOCAr8wggK7MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNMUl7yxRyxVkubLau2LPL/quZQwMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzUxOTE2NmExLTE4Y2QtNDRkMy1hNmUwLTJlZjgyZjc2MGQyOC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby81MTkxNjZh MS0xOGNkLTQ0ZDMtYTZlMC0yZWY4MmY3NjBkMjgvMC9EMzE0OTdCQ0IxNDcyQzU1 OTJFNkNCNkFFRDhCM0NCRkVBQjk5NDMwLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAM AwQCZynAAwQCdTWQMA0GCSqGSIb3DQEBCwUAA4IBAQBHrqPMYgis9kwf1seXhhkS 4IJ3vBywTH63fqjRHfHxP5Ew5/KlU4sWLGjT/Iznd0TIwIC1X5A0tBCePaI/Noen NUgpA/6t8eJ7XB4ONbwBtXZKIQA7+JkuywOi/0LcHcMwEnUEEgXASC4tz1FYM/jw fBRHzer/tMcDjUH0hvOAVFdokTZCDGlOAIdgPnhn+jXr0eESfKNk9A0hUkkiKSbl pspWLOOxKXBMFCcH7ncxEYwo7gI5GjZd7c2JcaiHSV+vIxow7Qd/0kEfWCSqFusv 5XhQQ2Jfetceniq+gXih7k6oy9mrbKlelW8awhyMHS+SfoIfrsVNdaVWmtM+EaWr -----END CERTIFICATE-----Generated at Tue May 12 22:03:29 2026 by rpki-client