$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/D8A963CE57E99B1ABE162A8452D9E4D368BB012A.cer File: D8A963CE57E99B1ABE162A8452D9E4D368BB012A.cer (raw, json) Hash identifier: tjKn690XLW4qxW9kQbT52Y/fEOZA3lTw3EhPmajEbqk= Subject key identifier: D8:A9:63:CE:57:E9:9B:1A:BE:16:2A:84:52:D9:E4:D3:68:BB:01:2A Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 42C3A8FCFDAC55382922B05A18A96CAE786B2802 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/b11ca620-dace-4a9f-b8e8-a3a2e581500e/0/D8A963CE57E99B1ABE162A8452D9E4D368BB012A.mft caRepository: rsync://rpki-rsync.idnic.net/repo/b11ca620-dace-4a9f-b8e8-a3a2e581500e/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:38:24 +0000 Certificate not after: Sun 02 May 2027 01:43:24 +0000 Subordinate resources: IP: 103.169.238.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:c3:a8:fc:fd:ac:55:38:29:22:b0:5a:18:a9:6c:ae:78:6b:28:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:38:24 2026 GMT Not After : May 2 01:43:24 2027 GMT Subject: CN=D8A963CE57E99B1ABE162A8452D9E4D368BB012A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:92:11:c4:13:72:47:29:8d:17:83:8b:86:d5: b4:06:f9:cf:03:0f:79:82:58:1b:01:ba:72:60:43: 13:19:75:a7:4a:21:d8:9f:c1:54:07:a7:e6:a9:c0: 5c:b4:76:ff:73:b5:32:46:0c:16:11:cc:95:be:78: af:bd:8f:07:80:bf:b9:c1:a4:57:1b:43:e8:49:ee: d9:a3:d5:36:96:49:e1:b7:d5:bc:09:18:f7:44:f0: fd:00:10:1d:c7:dc:35:25:8b:2d:aa:7d:a3:11:c1: a8:ca:73:eb:cc:19:97:53:b0:fd:8e:2e:fc:a1:92: 70:e3:e2:fc:e2:c2:fc:c3:d2:4e:6d:c7:a3:67:36: 13:3d:6b:7f:9e:84:de:33:b6:25:27:a5:13:05:32: 4a:f8:0c:c8:61:6b:7b:57:74:94:73:b4:95:a4:69: fa:ac:ce:be:72:ab:d3:75:f2:73:e8:31:3c:e2:d1: 48:a8:a5:80:c6:4a:85:d2:9c:e8:c7:98:d0:f3:dd: c5:9c:1b:8b:a3:62:71:c8:ab:cf:14:0b:fa:8d:b7: bd:53:61:9c:3b:fa:28:74:e9:01:7d:81:ae:65:cf: 6f:50:a6:a9:8a:6e:e7:69:0f:88:d4:84:00:51:16: 65:f7:39:ed:14:bb:11:8e:a1:9b:c2:9b:02:d1:02: 7e:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D8:A9:63:CE:57:E9:9B:1A:BE:16:2A:84:52:D9:E4:D3:68:BB:01:2A X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/b11ca620-dace-4a9f-b8e8-a3a2e581500e/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/b11ca620-dace-4a9f-b8e8-a3a2e581500e/0/D8A963CE57E99B1ABE162A8452D9E4D368BB012A.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.169.238.0/23 Signature Algorithm: sha256WithRSAEncryption a6:72:bc:ce:4c:b2:23:ed:81:bf:4b:85:c8:d1:a5:fe:4d:1d: df:05:26:84:c3:07:07:96:25:36:38:50:47:fd:6b:b6:70:32: 5d:ef:d8:47:cf:4e:d4:77:4b:a1:95:de:ff:e7:37:f3:23:28: 39:8d:37:18:bc:4d:ff:15:6a:a7:3e:51:ff:1a:59:a5:06:ee: 43:66:a8:6f:38:3b:98:ed:82:27:24:01:4d:9f:45:ea:32:9f: 75:47:76:a3:20:81:15:c6:fc:13:a0:d7:cb:1a:d1:66:28:2b: 0d:95:b6:17:ba:7e:00:bb:f2:3b:ed:dd:a2:4f:70:91:38:35: 20:ad:30:ee:5d:27:79:ce:22:24:11:81:ea:d4:88:65:eb:5b: e3:af:3d:dd:93:bc:74:7d:83:9b:ca:e8:cf:e4:04:a9:ca:f3: ae:34:22:7d:08:57:ac:2e:7e:83:2a:2b:1f:29:44:a6:34:17: 1d:bf:9e:d6:f4:3f:29:58:91:13:89:c8:c1:1c:56:80:61:33: fa:74:36:19:19:f1:c4:ee:b3:83:65:1b:7d:e0:89:b8:3a:22: f1:79:9d:84:9e:98:3a:af:b7:f6:6b:c0:a1:13:fe:9f:de:b8: 63:eb:5f:9d:7a:82:61:de:bf:23:20:ff:81:40:fc:67:40:1b: d9:18:67:ff -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUQsOo/P2sVTgpIrBaGKlsrnhrKAIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMzgyNFoX DTI3MDUwMjAxNDMyNFowMzExMC8GA1UEAxMoRDhBOTYzQ0U1N0U5OUIxQUJFMTYy QTg0NTJEOUU0RDM2OEJCMDEyQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPeSEcQTckcpjReDi4bVtAb5zwMPeYJYGwG6cmBDExl1p0oh2J/BVAen5qnA XLR2/3O1MkYMFhHMlb54r72PB4C/ucGkVxtD6Enu2aPVNpZJ4bfVvAkY90Tw/QAQ HcfcNSWLLap9oxHBqMpz68wZl1Ow/Y4u/KGScOPi/OLC/MPSTm3Ho2c2Ez1rf56E 3jO2JSelEwUySvgMyGFre1d0lHO0laRp+qzOvnKr03Xyc+gxPOLRSKilgMZKhdKc 6MeY0PPdxZwbi6NiccirzxQL+o23vVNhnDv6KHTpAX2BrmXPb1CmqYpu52kPiNSE AFEWZfc57RS7EY6hm8KbAtECfvsCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNipY85X6ZsavhYqhFLZ5NNouwEqMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2IxMWNhNjIwLWRhY2UtNGE5Zi1iOGU4LWEzYTJlNTgxNTAwZS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9iMTFjYTYy MC1kYWNlLTRhOWYtYjhlOC1hM2EyZTU4MTUwMGUvMC9EOEE5NjNDRTU3RTk5QjFB QkUxNjJBODQ1MkQ5RTREMzY4QkIwMTJBLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6nuMA0GCSqGSIb3DQEBCwUAA4IBAQCmcrzOTLIj7YG/S4XI0aX+TR3fBSaE wwcHliU2OFBH/Wu2cDJd79hHz07Ud0uhld7/5zfzIyg5jTcYvE3/FWqnPlH/Glml Bu5DZqhvODuY7YInJAFNn0XqMp91R3ajIIEVxvwToNfLGtFmKCsNlbYXun4Au/I7 7d2iT3CRODUgrTDuXSd5ziIkEYHq1Ihl61vjrz3dk7x0fYObyujP5ASpyvOuNCJ9 CFesLn6DKisfKUSmNBcdv57W9D8pWJETicjBHFaAYTP6dDYZGfHE7rODZRt94Im4 OiLxeZ2Enpg6r7f2a8ChE/6f3rhj61+deoJh3r8jIP+BQPxnQBvZGGf/ -----END CERTIFICATE-----Generated at Tue May 12 22:33:12 2026 by rpki-client