$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/DA8936DE23BD068FFF8B9D5B0392E00097BA0728.cer File: DA8936DE23BD068FFF8B9D5B0392E00097BA0728.cer (raw, json) Hash identifier: 8HqUP9qRAFvrQx3415UvzLUfy5Dv/EqVFO/v2zWWP2E= Subject key identifier: DA:89:36:DE:23:BD:06:8F:FF:8B:9D:5B:03:92:E0:00:97:BA:07:28 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 105F25FACFD94BEEC0B3E1119396896C39683B2F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/36aa3beb-5761-4c34-88d3-015ccc64002f/0/DA8936DE23BD068FFF8B9D5B0392E00097BA0728.mft caRepository: rsync://rpki-rsync.idnic.net/repo/36aa3beb-5761-4c34-88d3-015ccc64002f/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:16:06 +0000 Certificate not after: Sun 02 May 2027 00:21:06 +0000 Subordinate resources: IP: 203.145.58.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:5f:25:fa:cf:d9:4b:ee:c0:b3:e1:11:93:96:89:6c:39:68:3b:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:16:06 2026 GMT Not After : May 2 00:21:06 2027 GMT Subject: CN=DA8936DE23BD068FFF8B9D5B0392E00097BA0728 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:55:d3:c3:cd:05:22:ed:93:59:19:ec:5f:52: 82:20:58:21:f6:89:29:6d:a6:b6:95:36:07:63:41: 2d:08:d6:f0:f1:95:8e:5a:e1:17:4c:3c:8b:7a:60: 1e:56:ad:43:57:7f:ff:d9:a3:f6:d9:a0:4f:67:d8: 0a:74:6c:91:e7:e4:6f:ba:0f:22:a3:0b:e0:ef:7e: 66:05:80:3e:91:2a:9c:a0:82:da:78:f3:74:d2:4f: b3:c5:68:78:03:c0:7b:09:1d:fd:11:3c:35:ea:a1: 5c:f5:c0:5a:48:4d:bc:7d:6f:0a:3f:5e:2c:ef:ec: 3c:72:a8:e0:0f:dc:a9:a0:79:a9:80:0f:b8:f3:cf: 6c:a1:51:bc:64:d9:3a:16:8f:01:ee:2b:4e:8e:da: 23:be:66:e2:ed:2d:73:2c:db:48:89:b1:90:11:8a: 88:21:d0:9c:c5:14:a1:e9:eb:8a:53:be:ca:07:3a: 44:1d:75:ae:8b:58:c2:86:44:79:a4:13:2c:e7:35: a6:18:4a:b8:b0:a4:53:b8:8f:71:e3:32:17:2e:32: ad:0a:72:54:f6:1b:a0:8a:25:23:d7:8d:2a:d0:70: fa:a9:f1:63:7c:54:01:7c:e8:ad:e8:6d:02:c1:ac: 9d:8a:c9:a5:c9:db:aa:74:7c:03:62:33:c9:4f:ae: dd:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: DA:89:36:DE:23:BD:06:8F:FF:8B:9D:5B:03:92:E0:00:97:BA:07:28 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/36aa3beb-5761-4c34-88d3-015ccc64002f/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/36aa3beb-5761-4c34-88d3-015ccc64002f/0/DA8936DE23BD068FFF8B9D5B0392E00097BA0728.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.145.58.0/23 Signature Algorithm: sha256WithRSAEncryption 5b:f1:a2:38:54:4e:6d:ca:c3:20:12:86:82:f5:9c:3c:ef:bc: 98:dd:a3:cd:3e:a1:a0:5b:a9:e2:73:0a:44:a0:65:dc:e5:1d: 1a:b4:4c:94:f2:c1:56:e6:20:27:a2:21:dc:67:31:52:e7:c7: 82:2e:9b:02:2b:ff:90:e7:52:5b:ea:0d:08:18:a4:fe:c6:6a: 26:f5:b2:2b:63:c0:ac:09:e5:a3:ce:ab:00:06:b9:12:0f:84: 71:63:60:ba:b2:dd:fc:fe:53:98:10:ce:0b:53:cf:78:68:d7: 67:fd:78:b8:4a:11:b1:23:30:6b:b7:a6:3f:93:b9:92:ea:8d: 8f:8d:71:ba:3c:45:d8:06:33:ea:7e:79:ec:99:08:75:2a:04: f5:69:1b:2b:95:08:41:f8:7a:9a:c0:74:4f:25:7f:de:cb:79: 3b:40:ea:cf:fc:59:90:c3:d4:0e:6c:0a:1f:19:8c:a6:0b:63: d4:5e:00:2d:1f:61:d3:fa:6f:88:9a:6d:90:f9:56:64:bd:59: 6b:19:fe:fd:7c:ee:8e:bd:e3:dd:e2:db:d6:69:cc:75:c1:a5: 46:75:1a:81:86:e9:18:29:d8:8f:c4:ff:4f:18:2a:18:d5:7d: 6c:88:02:de:f6:c5:c1:c0:04:57:8b:d4:43:58:67:d0:ab:62: af:99:11:50 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUEF8l+s/ZS+7As+ERk5aJbDloOy8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMTYwNloX DTI3MDUwMjAwMjEwNlowMzExMC8GA1UEAxMoREE4OTM2REUyM0JEMDY4RkZGOEI5 RDVCMDM5MkUwMDA5N0JBMDcyODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFV08PNBSLtk1kZ7F9SgiBYIfaJKW2mtpU2B2NBLQjW8PGVjlrhF0w8i3pg HlatQ1d//9mj9tmgT2fYCnRskefkb7oPIqML4O9+ZgWAPpEqnKCC2njzdNJPs8Vo eAPAewkd/RE8NeqhXPXAWkhNvH1vCj9eLO/sPHKo4A/cqaB5qYAPuPPPbKFRvGTZ OhaPAe4rTo7aI75m4u0tcyzbSImxkBGKiCHQnMUUoenrilO+ygc6RB11rotYwoZE eaQTLOc1phhKuLCkU7iPceMyFy4yrQpyVPYboIolI9eNKtBw+qnxY3xUAXzoreht AsGsnYrJpcnbqnR8A2IzyU+u3Q8CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNqJNt4jvQaP/4udWwOS4ACXugcoMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzM2YWEzYmViLTU3NjEtNGMzNC04OGQzLTAxNWNjYzY0MDAyZi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8zNmFhM2Jl Yi01NzYxLTRjMzQtODhkMy0wMTVjY2M2NDAwMmYvMC9EQTg5MzZERTIzQkQwNjhG RkY4QjlENUIwMzkyRTAwMDk3QkEwNzI4Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBy5E6MA0GCSqGSIb3DQEBCwUAA4IBAQBb8aI4VE5tysMgEoaC9Zw877yY3aPN PqGgW6nicwpEoGXc5R0atEyU8sFW5iAnoiHcZzFS58eCLpsCK/+Q51Jb6g0IGKT+ xmom9bIrY8CsCeWjzqsABrkSD4RxY2C6st38/lOYEM4LU894aNdn/Xi4ShGxIzBr t6Y/k7mS6o2PjXG6PEXYBjPqfnnsmQh1KgT1aRsrlQhB+HqawHRPJX/ey3k7QOrP /FmQw9QObAofGYymC2PUXgAtH2HT+m+Imm2Q+VZkvVlrGf79fO6OvePd4tvWacx1 waVGdRqBhukYKdiPxP9PGCoY1X1siALe9sXBwARXi9RDWGfQq2KvmRFQ -----END CERTIFICATE-----Generated at Tue May 12 22:15:49 2026 by rpki-client