$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/42842AAEE7117FB6F7F441F21019E9D0E143FACE.cer File: 42842AAEE7117FB6F7F441F21019E9D0E143FACE.cer (raw, json) Hash identifier: BfBvFhxpuUPlT5H1RGMncoAxjx5RLzhlU5s3he2zGDc= Subject key identifier: 42:84:2A:AE:E7:11:7F:B6:F7:F4:41:F2:10:19:E9:D0:E1:43:FA:CE Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 441D8F4C637EF41F064F4FF6F01D5E689C7167FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/2677b00c-dc2c-419c-a100-50b2fc7b1bc1/0/42842AAEE7117FB6F7F441F21019E9D0E143FACE.mft caRepository: rsync://rpki-rsync.idnic.net/repo/2677b00c-dc2c-419c-a100-50b2fc7b1bc1/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:04:40 +0000 Certificate not after: Sun 02 May 2027 00:09:40 +0000 Subordinate resources: IP: 103.164.16.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 09 May 2026 05:34:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:1d:8f:4c:63:7e:f4:1f:06:4f:4f:f6:f0:1d:5e:68:9c:71:67:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:04:40 2026 GMT Not After : May 2 00:09:40 2027 GMT Subject: CN=42842AAEE7117FB6F7F441F21019E9D0E143FACE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:c3:07:af:00:b1:ef:b5:5a:9e:e3:46:cd:f6: 82:73:2f:bc:fd:96:ce:8a:81:10:5a:f4:15:6a:00: b0:b3:14:b1:6a:9b:48:3b:0f:d1:a7:df:77:b4:86: 02:34:e2:2e:2b:fa:75:38:0b:ba:19:e7:b8:55:24: 8d:f6:67:2b:33:18:b1:12:f3:32:74:2f:51:a4:69: 09:1d:47:db:f1:e4:62:e6:f2:d4:73:97:a9:7f:12: 4f:85:3b:a3:ad:49:a4:9e:ca:dd:ca:15:b7:5c:49: 52:33:2e:a1:e5:e4:d3:18:e5:87:3a:5c:1e:ab:fb: 58:96:51:75:64:cd:a5:f3:8b:05:ec:91:ef:c9:7c: da:75:dd:89:30:4a:76:97:64:cc:00:37:b6:e0:92: 1a:8e:73:3d:b8:db:f1:65:87:63:a7:4f:89:89:aa: 30:0b:df:97:d7:9d:bc:d4:8a:46:cd:f4:5d:f3:90: 3d:b8:13:15:27:cb:44:91:4c:aa:e0:f4:48:eb:44: 0a:10:fb:00:99:f3:1e:20:21:20:b4:ce:73:01:e6: c6:36:d9:0f:de:be:3a:63:32:46:cb:f1:15:2a:0f: 63:0d:ec:f0:b3:59:a7:5c:1e:96:e1:45:00:de:35: 61:0b:72:ed:42:79:6c:fb:f6:87:06:25:9b:5b:0f: dc:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 42:84:2A:AE:E7:11:7F:B6:F7:F4:41:F2:10:19:E9:D0:E1:43:FA:CE X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/2677b00c-dc2c-419c-a100-50b2fc7b1bc1/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/2677b00c-dc2c-419c-a100-50b2fc7b1bc1/0/42842AAEE7117FB6F7F441F21019E9D0E143FACE.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.164.16.0/23 Signature Algorithm: sha256WithRSAEncryption 88:56:12:1f:b0:99:dd:b2:53:e3:b2:40:de:e0:d9:34:13:05: c1:37:b9:d8:c1:ef:dd:a2:22:4f:ea:f7:92:32:d4:10:30:99: 90:f1:de:1a:bb:35:e0:ca:3e:bb:75:04:4f:ef:7b:e5:ed:71: 06:4d:1d:c4:2c:cc:96:84:31:da:33:33:40:74:a3:c0:95:0b: b8:fe:9e:e1:6d:c1:35:a4:11:03:b4:04:43:08:d9:6f:fe:20: 26:ce:1d:79:e3:b0:83:96:e3:1a:82:1b:ff:19:ce:ad:81:e3: d6:48:c3:6e:f8:43:0a:37:22:a3:b6:e4:75:ad:5d:3a:85:d6: 51:88:87:c9:fe:35:9f:76:96:63:c1:18:f6:77:fa:0f:b9:81: 47:6c:2e:d9:f2:5a:36:43:dc:85:05:42:6b:c2:34:de:9e:e3: c0:d4:a7:33:41:16:84:9c:04:14:e2:c9:c6:16:c5:05:c3:99: ab:bd:75:2b:89:72:25:cd:78:4b:70:82:48:90:90:99:2b:a6: 08:f6:d3:99:cb:d8:6d:c4:b2:7d:53:b7:c0:5b:aa:c0:02:64: e4:b9:9c:bb:eb:c5:1e:af:4c:e1:3a:f1:9f:dd:07:63:a5:d8: ba:9a:ea:dd:62:14:51:61:8b:d6:4c:e9:b9:97:50:14:13:97: c1:ba:fc:51 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIURB2PTGN+9B8GT0/28B1eaJxxZ/0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMDQ0MFoX DTI3MDUwMjAwMDk0MFowMzExMC8GA1UEAxMoNDI4NDJBQUVFNzExN0ZCNkY3RjQ0 MUYyMTAxOUU5RDBFMTQzRkFDRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANDDB68Ase+1Wp7jRs32gnMvvP2WzoqBEFr0FWoAsLMUsWqbSDsP0affd7SG AjTiLiv6dTgLuhnnuFUkjfZnKzMYsRLzMnQvUaRpCR1H2/HkYuby1HOXqX8ST4U7 o61JpJ7K3coVt1xJUjMuoeXk0xjlhzpcHqv7WJZRdWTNpfOLBeyR78l82nXdiTBK dpdkzAA3tuCSGo5zPbjb8WWHY6dPiYmqMAvfl9edvNSKRs30XfOQPbgTFSfLRJFM quD0SOtEChD7AJnzHiAhILTOcwHmxjbZD96+OmMyRsvxFSoPYw3s8LNZp1weluFF AN41YQty7UJ5bPv2hwYlm1sP3KsCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEKEKq7nEX+29/RB8hAZ6dDhQ/rOMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzI2NzdiMDBjLWRjMmMtNDE5Yy1hMTAwLTUwYjJmYzdiMWJjMS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8yNjc3YjAw Yy1kYzJjLTQxOWMtYTEwMC01MGIyZmM3YjFiYzEvMC80Mjg0MkFBRUU3MTE3RkI2 RjdGNDQxRjIxMDE5RTlEMEUxNDNGQUNFLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6QQMA0GCSqGSIb3DQEBCwUAA4IBAQCIVhIfsJndslPjskDe4Nk0EwXBN7nY we/doiJP6veSMtQQMJmQ8d4auzXgyj67dQRP73vl7XEGTR3ELMyWhDHaMzNAdKPA lQu4/p7hbcE1pBEDtARDCNlv/iAmzh1547CDluMaghv/Gc6tgePWSMNu+EMKNyKj tuR1rV06hdZRiIfJ/jWfdpZjwRj2d/oPuYFHbC7Z8lo2Q9yFBUJrwjTenuPA1Kcz QRaEnAQU4snGFsUFw5mrvXUriXIlzXhLcIJIkJCZK6YI9tOZy9htxLJ9U7fAW6rA AmTkuZy768Uer0zhOvGf3Qdjpdi6murdYhRRYYvWTOm5l1AUE5fBuvxR -----END CERTIFICATE-----Generated at Fri May 8 07:29:35 2026 by rpki-client