$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.cer File: 684DE34A64F3AFED44A02385FCB35882FB2E6AA5.cer (raw, json) Hash identifier: eYSfBUYDdnKw3TrJbt+Tk7NcA7BKPcuYhvMmG/bpNKc= Subject key identifier: 68:4D:E3:4A:64:F3:AF:ED:44:A0:23:85:FC:B3:58:82:FB:2E:6A:A5 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 0FC95224B96CFF70B8CA28E73F5991C2EA20A610 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.mft caRepository: rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:17:18 +0000 Certificate not after: Sun 02 May 2027 00:22:18 +0000 Subordinate resources: IP: 122.128.16.0/21 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 04 May 2026 19:20:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:c9:52:24:b9:6c:ff:70:b8:ca:28:e7:3f:59:91:c2:ea:20:a6:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:17:18 2026 GMT Not After : May 2 00:22:18 2027 GMT Subject: CN=684DE34A64F3AFED44A02385FCB35882FB2E6AA5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:64:47:e0:b4:11:5f:d8:d8:8a:7e:22:66:a2: 9f:e7:88:53:2d:fd:02:50:0d:e8:79:eb:74:ee:8a: 1e:03:70:a9:4e:cb:b3:68:43:ef:73:e5:09:c1:9f: 69:ec:98:c5:24:5c:68:95:15:f7:51:40:af:94:fc: 7e:37:a1:d0:63:c9:12:e1:45:26:6c:32:08:1a:a9: 4a:bd:30:a6:a2:c6:c7:9d:74:d3:4e:b7:61:d8:9a: a8:f5:f2:94:57:61:91:fd:ed:e4:99:b2:55:04:43: ec:37:29:a8:8f:29:0f:a5:3d:97:0b:21:0b:fd:6c: 90:fd:fb:6d:70:9f:fc:5b:c9:bb:7d:e8:d9:79:33: cb:76:ae:bc:65:b2:29:60:85:ba:a4:d4:cf:a0:47: 6c:cc:fd:77:2f:48:6d:50:f0:b9:d3:fc:f8:b4:c2: 4e:14:64:f2:a6:39:19:fe:44:3a:cf:b4:be:a5:4b: 9c:f2:f9:16:48:b7:b5:b7:3c:44:8b:b4:72:83:2a: 2e:6a:bf:cb:00:bb:1c:e8:17:27:45:c9:c2:ff:60: 93:4b:37:f7:c9:be:27:d9:94:00:d9:44:d3:7a:94: 8d:c4:d7:45:95:17:d5:e0:89:5b:c6:af:7f:2e:7b: 7c:4b:ef:2b:66:af:89:a3:99:e8:3d:2b:cf:86:1a: b1:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 68:4D:E3:4A:64:F3:AF:ED:44:A0:23:85:FC:B3:58:82:FB:2E:6A:A5 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/3853f228-37f2-47d9-b9fe-476bade13393/0/684DE34A64F3AFED44A02385FCB35882FB2E6AA5.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.128.16.0/21 Signature Algorithm: sha256WithRSAEncryption 54:31:c5:9b:0a:db:86:5d:6e:cd:bd:e9:ef:1e:b5:ca:3e:34: 7d:18:97:f2:93:00:69:ed:24:6d:ee:0e:ad:df:61:a0:89:1b: b4:c4:3c:bb:90:0e:14:cb:d3:29:c4:7a:7d:dc:90:82:c6:d1: 26:91:be:0e:ef:c7:2e:e6:cd:3d:10:93:5b:c9:d8:f3:b6:ed: b8:ce:6c:24:c4:81:6f:89:8a:ab:7f:d6:5e:2e:6e:ab:6e:73: 4e:76:b7:6a:a2:cb:c3:e6:87:91:21:7f:7c:69:c3:24:b2:21: 3e:82:00:b6:78:2a:a3:7d:06:1e:0c:b4:23:95:1d:b7:f1:05: 41:a4:7a:15:dc:bc:65:a4:5e:05:a5:4a:2f:0e:b9:24:86:59: 21:9e:de:a5:17:5a:8c:22:c5:52:12:8f:e4:28:39:34:7e:93: a5:d0:f4:35:7b:04:fd:7b:42:b5:19:4f:e7:70:a2:b8:0f:0e: db:2b:48:65:38:f5:0b:d3:d8:8c:59:7f:ac:ad:f3:8b:36:0d: 7c:12:ec:a0:cc:60:05:2e:8b:20:a4:8e:f0:79:2f:88:00:30: c6:08:72:fb:62:90:94:74:b9:cb:80:9c:9a:c8:34:5f:5f:1b: f7:47:f5:b6:1d:55:94:90:ed:ef:a3:f6:0d:d2:27:77:25:fa: 69:38:cf:20 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUD8lSJLls/3C4yijnP1mRwuogphAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMTcxOFoX DTI3MDUwMjAwMjIxOFowMzExMC8GA1UEAxMoNjg0REUzNEE2NEYzQUZFRDQ0QTAy Mzg1RkNCMzU4ODJGQjJFNkFBNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ5kR+C0EV/Y2Ip+Imain+eIUy39AlAN6HnrdO6KHgNwqU7Ls2hD73PlCcGf aeyYxSRcaJUV91FAr5T8fjeh0GPJEuFFJmwyCBqpSr0wpqLGx5100063YdiaqPXy lFdhkf3t5JmyVQRD7DcpqI8pD6U9lwshC/1skP37bXCf/FvJu33o2Xkzy3auvGWy KWCFuqTUz6BHbMz9dy9IbVDwudP8+LTCThRk8qY5Gf5EOs+0vqVLnPL5Fki3tbc8 RIu0coMqLmq/ywC7HOgXJ0XJwv9gk0s398m+J9mUANlE03qUjcTXRZUX1eCJW8av fy57fEvvK2aviaOZ6D0rz4Yase0CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFGhN40pk86/tRKAjhfyzWIL7LmqlMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzM4NTNmMjI4LTM3ZjItNDdkOS1iOWZlLTQ3NmJhZGUxMzM5My8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8zODUzZjIy OC0zN2YyLTQ3ZDktYjlmZS00NzZiYWRlMTMzOTMvMC82ODRERTM0QTY0RjNBRkVE NDRBMDIzODVGQ0IzNTg4MkZCMkU2QUE1Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQDeoAQMA0GCSqGSIb3DQEBCwUAA4IBAQBUMcWbCtuGXW7NvenvHrXKPjR9GJfy kwBp7SRt7g6t32GgiRu0xDy7kA4Uy9MpxHp93JCCxtEmkb4O78cu5s09EJNbydjz tu24zmwkxIFviYqrf9ZeLm6rbnNOdrdqosvD5oeRIX98acMksiE+ggC2eCqjfQYe DLQjlR238QVBpHoV3LxlpF4FpUovDrkkhlkhnt6lF1qMIsVSEo/kKDk0fpOl0PQ1 ewT9e0K1GU/ncKK4Dw7bK0hlOPUL09iMWX+srfOLNg18EuygzGAFLosgpI7weS+I ADDGCHL7YpCUdLnLgJyayDRfXxv3R/W2HVWUkO3vo/YN0id3JfppOM8g -----END CERTIFICATE-----Generated at Sun May 3 19:18:54 2026 by rpki-client