$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/BAA4294A62FFBF344CA7AF61DA13D0994A0000E3.cer File: BAA4294A62FFBF344CA7AF61DA13D0994A0000E3.cer (raw, json) Hash identifier: r+kYYqjad4FgV/SABvizW8xXBcl7fefqzJldRO/0vTo= Subject key identifier: BA:A4:29:4A:62:FF:BF:34:4C:A7:AF:61:DA:13:D0:99:4A:00:00:E3 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 5E7983D340088F566342B0802B7ECAAD49589533 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/f73ab79d-00d5-49cb-ac10-3bd4f2386bc6/0/BAA4294A62FFBF344CA7AF61DA13D0994A0000E3.mft caRepository: rsync://rpki-rsync.idnic.net/repo/f73ab79d-00d5-49cb-ac10-3bd4f2386bc6/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:38:49 +0000 Certificate not after: Sun 02 May 2027 02:43:49 +0000 Subordinate resources: IP: 103.140.78.0/23 IP: 2001:df0:b280::/48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 06 May 2026 13:33:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:79:83:d3:40:08:8f:56:63:42:b0:80:2b:7e:ca:ad:49:58:95:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 02:38:49 2026 GMT Not After : May 2 02:43:49 2027 GMT Subject: CN=BAA4294A62FFBF344CA7AF61DA13D0994A0000E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:13:04:84:28:08:3d:3c:15:69:ac:9a:cf:96: d1:80:7a:f1:55:18:70:c8:14:a9:d6:cd:23:79:41: 45:56:7c:41:35:b4:98:b0:dd:44:54:32:f4:7d:77: 50:33:9e:4e:40:ab:16:bb:48:b6:5a:5a:f6:79:2f: bd:00:9c:34:ce:4e:54:67:26:a9:a3:39:da:46:d1: 67:82:ef:e7:81:69:0e:f6:61:04:62:cf:5c:60:c7: 6c:64:ea:0c:12:27:7c:3a:1c:14:c7:98:76:92:ea: b2:e0:d2:e9:ee:1a:c7:e8:e8:d0:25:e2:fa:4d:cd: 05:93:23:b1:c2:81:c4:00:7f:2b:45:88:a1:86:46: 62:8e:57:34:47:16:b9:87:1e:ca:ea:5c:53:3d:68: 25:4f:bf:5a:75:f7:de:d4:42:92:b6:30:49:d0:55: 0e:d1:35:3a:21:31:28:2a:a6:15:02:4e:3f:35:ce: 7b:77:2b:b9:c6:fc:ff:c2:e7:be:a7:e7:ed:74:9f: 69:07:ad:13:19:f9:a4:0d:12:d4:6f:bc:53:74:05: e2:27:86:9c:b4:c8:b0:29:6e:be:f9:41:44:60:25: 4e:63:4a:58:86:75:b6:1c:4a:de:47:51:5c:5b:fc: 80:d9:fc:b3:b2:2a:7c:c8:45:90:08:63:30:bb:10: 0a:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: BA:A4:29:4A:62:FF:BF:34:4C:A7:AF:61:DA:13:D0:99:4A:00:00:E3 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/f73ab79d-00d5-49cb-ac10-3bd4f2386bc6/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/f73ab79d-00d5-49cb-ac10-3bd4f2386bc6/0/BAA4294A62FFBF344CA7AF61DA13D0994A0000E3.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.140.78.0/23 IPv6: 2001:df0:b280::/48 Signature Algorithm: sha256WithRSAEncryption 8c:7d:45:6a:b0:ce:0e:d6:ef:0f:1a:83:d3:96:55:b1:52:6b: a5:07:1e:04:90:8d:28:46:05:fc:85:60:54:88:f8:3b:29:67: 69:b4:1c:60:e3:3d:b5:5a:6a:21:11:38:a1:ed:4b:d2:e4:cf: 9f:ee:69:77:ce:2e:ab:fc:70:61:a4:7b:b9:ac:e7:67:56:a5: 2a:63:1a:3f:f5:b6:09:ef:96:19:28:f0:cc:82:a2:a9:60:fe: 68:fe:b6:72:2e:a9:df:f4:2c:7e:5c:53:9a:4e:19:0e:b8:39: 6f:7d:ff:83:e8:2e:cf:c6:5e:75:a5:69:36:0e:2c:54:f6:60: 0b:9e:b4:a6:cd:4a:0e:69:fc:ce:4a:5a:82:55:1a:ef:07:00: 90:a9:62:f1:73:b8:b0:ab:77:75:73:89:e8:99:c2:7b:1c:35: 46:eb:68:2a:ff:81:ca:0b:86:59:78:f8:0f:1a:c1:00:2d:6c: 8b:57:91:08:91:ea:63:46:9f:9a:5a:d8:57:f5:d3:e3:d8:b7: 3d:0b:2b:96:d3:9f:f4:3f:0f:c6:f8:c2:7b:5f:6d:7e:a2:6e: 4e:9c:ba:26:ec:04:53:ab:14:60:f4:64:63:8e:cc:48:27:85: 5d:c3:9f:0a:1f:a9:2a:5c:a1:a6:74:ad:f3:85:06:ea:6f:1b: 49:48:9d:22 -----BEGIN CERTIFICATE----- MIIF1zCCBL+gAwIBAgIUXnmD00AIj1ZjQrCAK37KrUlYlTMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAyMzg0OVoX DTI3MDUwMjAyNDM0OVowMzExMC8GA1UEAxMoQkFBNDI5NEE2MkZGQkYzNDRDQTdB RjYxREExM0QwOTk0QTAwMDBFMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALITBIQoCD08FWmsms+W0YB68VUYcMgUqdbNI3lBRVZ8QTW0mLDdRFQy9H13 UDOeTkCrFrtItlpa9nkvvQCcNM5OVGcmqaM52kbRZ4Lv54FpDvZhBGLPXGDHbGTq DBInfDocFMeYdpLqsuDS6e4ax+jo0CXi+k3NBZMjscKBxAB/K0WIoYZGYo5XNEcW uYceyupcUz1oJU+/WnX33tRCkrYwSdBVDtE1OiExKCqmFQJOPzXOe3crucb8/8Ln vqfn7XSfaQetExn5pA0S1G+8U3QF4ieGnLTIsCluvvlBRGAlTmNKWIZ1thxK3kdR XFv8gNn8s7IqfMhFkAhjMLsQCj0CAwEAAaOCAsowggLGMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFLqkKUpi/780TKevYdoT0JlKAADjMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2Y3M2FiNzlkLTAwZDUtNDljYi1hYzEwLTNiZDRmMjM4NmJjNi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9mNzNhYjc5 ZC0wMGQ1LTQ5Y2ItYWMxMC0zYmQ0ZjIzODZiYzYvMC9CQUE0Mjk0QTYyRkZCRjM0 NENBN0FGNjFEQTEzRDA5OTRBMDAwMEUzLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAG AwQBZ4xOMA8EAgACMAkDBwAgAQ3wsoAwDQYJKoZIhvcNAQELBQADggEBAIx9RWqw zg7W7w8ag9OWVbFSa6UHHgSQjShGBfyFYFSI+DspZ2m0HGDjPbVaaiEROKHtS9Lk z5/uaXfOLqv8cGGke7ms52dWpSpjGj/1tgnvlhko8MyCoqlg/mj+tnIuqd/0LH5c U5pOGQ64OW99/4PoLs/GXnWlaTYOLFT2YAuetKbNSg5p/M5KWoJVGu8HAJCpYvFz uLCrd3VzieiZwnscNUbraCr/gcoLhll4+A8awQAtbItXkQiR6mNGn5pa2Ff10+PY tz0LK5bTn/Q/D8b4wntfbX6ibk6cuibsBFOrFGD0ZGOOzEgnhV3DnwofqSpcoaZ0 rfOFBupvG0lInSI= -----END CERTIFICATE-----Generated at Tue May 5 17:58:24 2026 by rpki-client