$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/D713503939D2573A44FA29703CDDCC704F03A75E.cer File: D713503939D2573A44FA29703CDDCC704F03A75E.cer (raw, json) Hash identifier: GClqAjw1nW6Mc/Yx5sfTs33lXEEFsv43b2Q1CYTuRXI= Subject key identifier: D7:13:50:39:39:D2:57:3A:44:FA:29:70:3C:DD:CC:70:4F:03:A7:5E Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 0A84B9F368605A1C55BD7EDFDD424E5BD6B6973A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/3b905766-440e-4bcb-ae72-3e78831ce9dc/0/D713503939D2573A44FA29703CDDCC704F03A75E.mft caRepository: rsync://rpki-rsync.idnic.net/repo/3b905766-440e-4bcb-ae72-3e78831ce9dc/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:19:26 +0000 Certificate not after: Sun 02 May 2027 00:24:26 +0000 Subordinate resources: IP: 103.17.32.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 06 May 2026 09:33:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:84:b9:f3:68:60:5a:1c:55:bd:7e:df:dd:42:4e:5b:d6:b6:97:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:19:26 2026 GMT Not After : May 2 00:24:26 2027 GMT Subject: CN=D713503939D2573A44FA29703CDDCC704F03A75E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:7e:41:71:15:f2:d5:f5:e6:0d:72:bf:a4:0e: 8c:24:1f:e1:4a:23:aa:26:0a:56:67:7a:51:b6:6a: 20:70:dd:a4:8b:d8:8a:0b:5a:c7:36:63:06:2b:df: 28:18:ea:5e:ff:90:2f:2b:eb:68:e1:f7:37:4b:30: 3a:19:92:42:92:d9:a7:12:92:e4:d0:ba:fb:2f:0c: c6:f6:32:83:44:68:79:28:c1:f0:c4:a6:ee:41:ff: e8:10:ae:cc:6e:d1:0d:4d:59:8f:64:10:24:f7:45: e6:2f:16:9a:4a:1f:4e:3b:1e:f4:b4:00:7d:f0:4d: 20:3c:11:04:b6:41:ee:90:a7:3c:5a:54:0a:93:53: 02:4e:c3:74:0d:9f:03:ab:cc:5c:7c:9f:b8:e3:7e: b0:6b:8f:4b:18:52:47:5e:bb:62:27:1d:23:06:7c: 57:cd:30:61:9d:24:74:11:73:44:3d:d4:61:1e:f6: 7d:02:0e:ef:2b:df:1a:1f:d0:75:93:5b:1d:69:b8: 6c:54:29:82:58:89:63:c0:55:1b:0b:8a:37:9c:35: 8a:1b:b2:b5:72:e1:6b:22:fd:37:11:c1:ca:93:86: e9:9c:03:c4:f9:3a:16:fe:95:99:f3:77:c6:8b:bc: 9e:64:6b:e5:83:46:28:0b:85:08:d4:5d:f1:79:e4: 6f:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D7:13:50:39:39:D2:57:3A:44:FA:29:70:3C:DD:CC:70:4F:03:A7:5E X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/3b905766-440e-4bcb-ae72-3e78831ce9dc/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/3b905766-440e-4bcb-ae72-3e78831ce9dc/0/D713503939D2573A44FA29703CDDCC704F03A75E.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.17.32.0/23 Signature Algorithm: sha256WithRSAEncryption 38:fa:3c:5f:f7:94:44:4b:b3:35:dd:e5:88:46:66:35:00:9c: 3f:f0:26:aa:c9:f3:bc:32:2d:1b:cf:5a:ab:9a:36:f3:70:f0: 7b:ab:73:e9:1d:32:b5:67:ce:83:53:d7:6b:2e:19:8e:7e:f1: 4a:06:ac:4a:28:7f:19:94:7c:66:41:11:c3:20:2f:3b:bf:20: 4d:04:af:66:a9:be:94:d8:5a:a3:98:15:71:aa:bf:ac:14:65: b9:9e:16:d1:33:48:1d:cf:93:d0:fd:96:79:fe:9b:97:40:6d: 22:a1:cb:41:c7:a2:6a:5d:b4:29:54:b0:75:cd:3b:e1:72:2c: de:c6:12:d4:dc:7a:d9:93:e9:41:f8:fe:19:ca:ff:4f:ea:fb: 1a:4a:c3:1d:94:e2:43:a3:d8:ad:1f:ec:b1:e5:18:f0:fa:bd: 08:55:6c:89:5d:10:c4:74:00:6f:8b:c1:21:78:26:64:82:73: 99:17:ea:9e:17:50:05:2c:65:fa:d6:eb:de:98:e2:3a:4c:e1: e8:23:e6:7d:fc:49:b9:6f:8b:10:fd:46:fe:3a:8b:e1:07:cb: 46:ed:8d:0d:bf:b8:d1:26:76:98:64:ca:a5:c5:0e:cd:55:14: 35:f2:66:a3:6b:5b:9c:d5:80:52:0a:a3:78:2c:f2:49:6c:9a: 78:a9:e4:07 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUCoS582hgWhxVvX7f3UJOW9a2lzowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMTkyNloX DTI3MDUwMjAwMjQyNlowMzExMC8GA1UEAxMoRDcxMzUwMzkzOUQyNTczQTQ0RkEy OTcwM0NERENDNzA0RjAzQTc1RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKh+QXEV8tX15g1yv6QOjCQf4UojqiYKVmd6UbZqIHDdpIvYigtaxzZjBivf KBjqXv+QLyvraOH3N0swOhmSQpLZpxKS5NC6+y8MxvYyg0RoeSjB8MSm7kH/6BCu zG7RDU1Zj2QQJPdF5i8WmkofTjse9LQAffBNIDwRBLZB7pCnPFpUCpNTAk7DdA2f A6vMXHyfuON+sGuPSxhSR167YicdIwZ8V80wYZ0kdBFzRD3UYR72fQIO7yvfGh/Q dZNbHWm4bFQpgliJY8BVGwuKN5w1ihuytXLhayL9NxHBypOG6ZwDxPk6Fv6VmfN3 xou8nmRr5YNGKAuFCNRd8Xnkbz0CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNcTUDk50lc6RPopcDzdzHBPA6deMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzNiOTA1NzY2LTQ0MGUtNGJjYi1hZTcyLTNlNzg4MzFjZTlkYy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8zYjkwNTc2 Ni00NDBlLTRiY2ItYWU3Mi0zZTc4ODMxY2U5ZGMvMC9ENzEzNTAzOTM5RDI1NzNB NDRGQTI5NzAzQ0REQ0M3MDRGMDNBNzVFLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZxEgMA0GCSqGSIb3DQEBCwUAA4IBAQA4+jxf95RES7M13eWIRmY1AJw/8Caq yfO8Mi0bz1qrmjbzcPB7q3PpHTK1Z86DU9drLhmOfvFKBqxKKH8ZlHxmQRHDIC87 vyBNBK9mqb6U2FqjmBVxqr+sFGW5nhbRM0gdz5PQ/ZZ5/puXQG0ioctBx6JqXbQp VLB1zTvhcizexhLU3HrZk+lB+P4Zyv9P6vsaSsMdlOJDo9itH+yx5Rjw+r0IVWyJ XRDEdABvi8EheCZkgnOZF+qeF1AFLGX61uvemOI6TOHoI+Z9/Em5b4sQ/Ub+Oovh B8tG7Y0Nv7jRJnaYZMqlxQ7NVRQ18maja1uc1YBSCqN4LPJJbJp4qeQH -----END CERTIFICATE-----Generated at Tue May 5 11:14:16 2026 by rpki-client