$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/FA0C81FA8B24B445E3FFBB9162EAF43F73936B03.cer File: FA0C81FA8B24B445E3FFBB9162EAF43F73936B03.cer (raw, json) Hash identifier: AgqA/2Pg17OHzONDCjll5lUze913u9rXaAxOjXsKL5w= Subject key identifier: FA:0C:81:FA:8B:24:B4:45:E3:FF:BB:91:62:EA:F4:3F:73:93:6B:03 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 539DE41CB0860CDFC212A0C53F1BB80897A49D64 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/5ef08900-f2c6-4d07-b694-d188baa3b8f2/0/FA0C81FA8B24B445E3FFBB9162EAF43F73936B03.mft caRepository: rsync://rpki-rsync.idnic.net/repo/5ef08900-f2c6-4d07-b694-d188baa3b8f2/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:43:22 +0000 Certificate not after: Sun 02 May 2027 00:48:22 +0000 Subordinate resources: IP: 103.100.180.0/22 IP: 2401:bfc0::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:9d:e4:1c:b0:86:0c:df:c2:12:a0:c5:3f:1b:b8:08:97:a4:9d:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:43:22 2026 GMT Not After : May 2 00:48:22 2027 GMT Subject: CN=FA0C81FA8B24B445E3FFBB9162EAF43F73936B03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:32:ba:cd:97:20:75:17:fc:81:9f:38:fa:4b: b2:b2:b3:69:3d:be:fa:9a:99:35:6b:8f:e7:2d:13: a4:ca:1a:4d:a1:67:3a:10:44:d7:dd:32:cd:48:97: 9e:be:cf:f6:76:1d:3d:07:6e:cd:63:02:3d:b8:36: 58:2e:2e:db:fa:42:d9:05:f9:3d:47:bc:0e:fe:bd: a9:d7:5f:83:a8:80:af:39:d2:89:71:4a:b3:5b:79: 31:d0:57:55:28:4e:ea:60:ad:18:0f:48:89:00:f6: dd:c5:8f:cc:9e:7f:61:02:17:b8:79:3c:04:56:61: c6:6f:07:d0:d4:b0:39:8b:45:fc:01:7c:63:f8:88: 99:c0:b2:f5:e7:a4:3a:6d:52:8b:12:8d:9d:4a:a8: 37:95:5f:d2:c9:05:ff:ef:89:9e:c0:06:e3:23:a8: c5:7c:18:40:b5:b4:2e:7c:a4:61:97:41:11:56:88: 4b:23:e9:3b:69:dc:97:eb:cc:e7:54:1e:0e:b8:64: c4:c5:d9:87:b4:af:fa:14:35:4a:78:2e:35:ac:a6: 35:00:01:b8:57:0a:9a:02:b9:f6:d7:a3:a5:fe:e1: 7c:c3:2d:4c:46:18:79:e3:f1:a5:b6:98:48:e7:81: f7:21:a7:87:de:89:c1:9f:c5:3c:b0:40:bd:8a:97: 86:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: FA:0C:81:FA:8B:24:B4:45:E3:FF:BB:91:62:EA:F4:3F:73:93:6B:03 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/5ef08900-f2c6-4d07-b694-d188baa3b8f2/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/5ef08900-f2c6-4d07-b694-d188baa3b8f2/0/FA0C81FA8B24B445E3FFBB9162EAF43F73936B03.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.100.180.0/22 IPv6: 2401:bfc0::/32 Signature Algorithm: sha256WithRSAEncryption 4f:9d:90:a0:08:2e:13:7f:8e:f1:30:53:84:4c:49:e2:42:85: 4f:2d:f4:8b:e4:0e:ad:9a:fe:ce:89:90:17:53:c1:42:62:07: f1:cf:ce:68:54:e1:2e:c0:89:0a:13:2f:bb:d5:7e:68:c1:9f: ab:68:9d:8b:eb:0a:5a:c8:24:8d:f5:bd:41:40:58:aa:9b:0d: b9:57:92:6a:f1:11:c4:47:44:77:9f:0b:9d:aa:28:46:15:9c: dd:f5:eb:f4:c3:42:52:f7:47:cf:9c:8b:4c:af:67:54:33:01: 33:d1:b9:3d:07:2a:71:94:e9:b6:32:c2:c2:f5:40:ec:01:98: 01:a7:cd:03:a2:65:69:d1:15:25:3a:a2:3a:3e:b3:be:55:47: 14:1b:13:4c:0e:7e:9c:32:bf:a2:66:fa:ca:eb:07:ee:52:05: 73:c0:17:38:94:41:1d:29:01:f5:c4:ea:0e:1b:e9:b5:d3:45: 47:2b:66:98:42:98:32:4f:6c:34:6a:69:36:b9:06:54:f9:ca: f7:ca:ff:85:65:f7:17:f4:6d:2b:70:33:43:f1:2b:45:a6:a8: 61:6b:c9:f9:df:95:d3:9a:17:9d:7e:4f:22:21:e3:cd:03:78: d5:e4:03:78:b1:8b:22:03:b1:0f:bb:97:e9:cb:cd:77:b7:f4: 3e:1d:ae:4b -----BEGIN CERTIFICATE----- MIIF1TCCBL2gAwIBAgIUU53kHLCGDN/CEqDFPxu4CJeknWQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwNDMyMloX DTI3MDUwMjAwNDgyMlowMzExMC8GA1UEAxMoRkEwQzgxRkE4QjI0QjQ0NUUzRkZC QjkxNjJFQUY0M0Y3MzkzNkIwMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKUyus2XIHUX/IGfOPpLsrKzaT2++pqZNWuP5y0TpMoaTaFnOhBE190yzUiX nr7P9nYdPQduzWMCPbg2WC4u2/pC2QX5PUe8Dv69qddfg6iArznSiXFKs1t5MdBX VShO6mCtGA9IiQD23cWPzJ5/YQIXuHk8BFZhxm8H0NSwOYtF/AF8Y/iImcCy9eek Om1SixKNnUqoN5Vf0skF/++JnsAG4yOoxXwYQLW0LnykYZdBEVaISyPpO2ncl+vM 51QeDrhkxMXZh7Sv+hQ1SnguNaymNQABuFcKmgK59tejpf7hfMMtTEYYeePxpbaY SOeB9yGnh96JwZ/FPLBAvYqXhj0CAwEAAaOCAsgwggLEMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFPoMgfqLJLRF4/+7kWLq9D9zk2sDMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzVlZjA4OTAwLWYyYzYtNGQwNy1iNjk0LWQxODhiYWEzYjhmMi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby81ZWYwODkw MC1mMmM2LTRkMDctYjY5NC1kMTg4YmFhM2I4ZjIvMC9GQTBDODFGQThCMjRCNDQ1 RTNGRkJCOTE2MkVBRjQzRjczOTM2QjAzLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAG AwQCZ2S0MA0EAgACMAcDBQAkAb/AMA0GCSqGSIb3DQEBCwUAA4IBAQBPnZCgCC4T f47xMFOETEniQoVPLfSL5A6tmv7OiZAXU8FCYgfxz85oVOEuwIkKEy+71X5owZ+r aJ2L6wpayCSN9b1BQFiqmw25V5Jq8RHER0R3nwudqihGFZzd9ev0w0JS90fPnItM r2dUMwEz0bk9BypxlOm2MsLC9UDsAZgBp80DomVp0RUlOqI6PrO+VUcUGxNMDn6c Mr+iZvrK6wfuUgVzwBc4lEEdKQH1xOoOG+m100VHK2aYQpgyT2w0amk2uQZU+cr3 yv+FZfcX9G0rcDND8StFpqhha8n535XTmhedfk8iIePNA3jV5AN4sYsiA7EPu5fp y813t/Q+Ha5L -----END CERTIFICATE-----Generated at Tue May 12 22:33:21 2026 by rpki-client