$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/D4FA2DC5A4A1A1CD6E63EC678B76D8F90B430236.cer File: D4FA2DC5A4A1A1CD6E63EC678B76D8F90B430236.cer (raw, json) Hash identifier: 8D/GBfarA7twkx9K85K0DrrOrIzJh4Db3p+68ziPKBo= Subject key identifier: D4:FA:2D:C5:A4:A1:A1:CD:6E:63:EC:67:8B:76:D8:F9:0B:43:02:36 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 06E888952B13316450658C4171A6B6611C6D1B55 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/5679cbf6-0913-4821-8ae1-bb511eaf088f/0/D4FA2DC5A4A1A1CD6E63EC678B76D8F90B430236.mft caRepository: rsync://rpki-rsync.idnic.net/repo/5679cbf6-0913-4821-8ae1-bb511eaf088f/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:36:49 +0000 Certificate not after: Sun 02 May 2027 00:41:49 +0000 Subordinate resources: IP: 103.185.36.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:e8:88:95:2b:13:31:64:50:65:8c:41:71:a6:b6:61:1c:6d:1b:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:36:49 2026 GMT Not After : May 2 00:41:49 2027 GMT Subject: CN=D4FA2DC5A4A1A1CD6E63EC678B76D8F90B430236 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:88:12:d4:ac:2b:53:4a:e7:4e:d8:be:dc:ba: 83:cd:20:f0:0a:cc:b5:6c:36:a7:af:99:8d:91:07: 29:63:45:0f:70:4a:f8:5c:e5:ea:26:c9:2f:92:dc: c0:6f:54:f7:04:5d:32:a3:94:4b:fb:20:df:25:60: 06:62:4f:e4:af:99:42:7d:71:5a:9d:e9:76:0a:7d: 6d:f8:16:f2:45:27:2b:b7:0a:3a:81:a1:0f:a7:ff: 58:87:bf:ae:7d:04:d6:95:41:73:62:34:e1:2d:28: ad:42:30:e6:d8:e6:1c:b3:7b:b0:d1:aa:f2:da:9d: 5d:a3:ad:66:ca:9c:b3:2b:63:e4:86:ee:e3:18:ec: c7:93:60:1b:e1:e9:96:51:cc:d4:cb:4e:af:4c:ae: e2:d7:09:10:68:c1:69:35:01:50:5e:f8:74:de:e5: 38:ac:1d:d2:b5:e6:20:dc:7b:1b:cf:28:06:72:ec: 66:e6:bc:fb:e9:b1:7f:cb:c6:1f:d0:71:2b:02:37: 92:74:01:02:a4:80:08:df:7a:40:62:0b:bd:97:62: bf:c3:7c:89:93:e1:9b:33:68:b6:a3:bf:3d:96:b6: 2f:5b:00:f7:6b:b0:11:3c:46:c1:ca:2c:34:bb:6b: cf:4d:bc:8d:14:66:b5:54:56:80:12:39:ec:3c:ad: 1a:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D4:FA:2D:C5:A4:A1:A1:CD:6E:63:EC:67:8B:76:D8:F9:0B:43:02:36 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/5679cbf6-0913-4821-8ae1-bb511eaf088f/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/5679cbf6-0913-4821-8ae1-bb511eaf088f/0/D4FA2DC5A4A1A1CD6E63EC678B76D8F90B430236.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.185.36.0/23 Signature Algorithm: sha256WithRSAEncryption 3c:f8:d5:ab:53:3a:42:09:1c:4c:c8:7a:98:df:2c:d4:66:92: 35:b4:b9:23:9c:39:02:be:06:d1:ad:77:39:65:2f:12:68:78: df:c2:ed:19:5f:20:e8:8d:95:3b:7a:5a:70:1b:b9:ae:3f:42: c3:50:cc:15:0f:f3:b5:3a:43:0b:1a:de:28:22:a8:0e:2b:84: f7:2a:cb:70:a4:06:01:50:8b:90:3f:c7:ef:15:3c:10:9f:73: e7:37:b5:cc:94:3d:b7:29:cf:c0:ec:c2:d9:80:ef:2f:51:dd: a7:65:e5:38:45:59:00:7f:5c:cf:8e:21:9c:a2:fe:88:75:f3: 74:f8:5a:c6:c9:9e:18:85:06:1a:bd:8a:12:d8:ea:d9:e4:58: 07:a6:73:a7:e9:41:22:b8:ff:64:50:5e:aa:0d:01:4c:b0:38: e8:30:00:a7:c3:47:cd:33:8c:f6:a4:01:8e:dd:89:33:3d:a8: fd:98:94:70:94:0d:22:23:c2:a0:1c:ad:19:ed:b9:19:a5:2e: de:c4:4b:2b:64:5a:45:20:ce:38:bd:7d:eb:63:b7:ca:bf:72: df:1e:08:fe:89:03:45:48:f5:5a:a9:13:72:ab:52:aa:d5:ac: 5e:d8:84:6c:ce:d6:d6:24:e2:0b:6d:2e:f7:ed:b2:8f:c1:e0: 37:a0:a4:75 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUBuiIlSsTMWRQZYxBcaa2YRxtG1UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMzY0OVoX DTI3MDUwMjAwNDE0OVowMzExMC8GA1UEAxMoRDRGQTJEQzVBNEExQTFDRDZFNjNF QzY3OEI3NkQ4RjkwQjQzMDIzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ2IEtSsK1NK507Yvty6g80g8ArMtWw2p6+ZjZEHKWNFD3BK+Fzl6ibJL5Lc wG9U9wRdMqOUS/sg3yVgBmJP5K+ZQn1xWp3pdgp9bfgW8kUnK7cKOoGhD6f/WIe/ rn0E1pVBc2I04S0orUIw5tjmHLN7sNGq8tqdXaOtZsqcsytj5Ibu4xjsx5NgG+Hp llHM1MtOr0yu4tcJEGjBaTUBUF74dN7lOKwd0rXmINx7G88oBnLsZua8++mxf8vG H9BxKwI3knQBAqSACN96QGILvZdiv8N8iZPhmzNotqO/PZa2L1sA92uwETxGwcos NLtrz028jRRmtVRWgBI57DytGj8CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNT6LcWkoaHNbmPsZ4t22PkLQwI2MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzU2NzljYmY2LTA5MTMtNDgyMS04YWUxLWJiNTExZWFmMDg4Zi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby81Njc5Y2Jm Ni0wOTEzLTQ4MjEtOGFlMS1iYjUxMWVhZjA4OGYvMC9ENEZBMkRDNUE0QTFBMUNE NkU2M0VDNjc4Qjc2RDhGOTBCNDMwMjM2Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ7kkMA0GCSqGSIb3DQEBCwUAA4IBAQA8+NWrUzpCCRxMyHqY3yzUZpI1tLkj nDkCvgbRrXc5ZS8SaHjfwu0ZXyDojZU7elpwG7muP0LDUMwVD/O1OkMLGt4oIqgO K4T3KstwpAYBUIuQP8fvFTwQn3PnN7XMlD23Kc/A7MLZgO8vUd2nZeU4RVkAf1zP jiGcov6IdfN0+FrGyZ4YhQYavYoS2OrZ5FgHpnOn6UEiuP9kUF6qDQFMsDjoMACn w0fNM4z2pAGO3YkzPaj9mJRwlA0iI8KgHK0Z7bkZpS7exEsrZFpFIM44vX3rY7fK v3LfHgj+iQNFSPVaqRNyq1Kq1axe2IRsztbWJOILbS737bKPweA3oKR1 -----END CERTIFICATE-----Generated at Tue May 12 22:45:47 2026 by rpki-client