$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/41071AAF0C0E6BD84877680334B4F604B4B4E786.cer File: 41071AAF0C0E6BD84877680334B4F604B4B4E786.cer (raw, json) Hash identifier: MPBCEdVtJmwAqdYKiBFaIW6xVmKLJSm4mobiJ9EsaFU= Subject key identifier: 41:07:1A:AF:0C:0E:6B:D8:48:77:68:03:34:B4:F6:04:B4:B4:E7:86 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 686BF09D142C3C33C165514C495F53AD3221FFF7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/7e27b3e1-f611-4afe-9a49-5fa4fd557653/0/41071AAF0C0E6BD84877680334B4F604B4B4E786.mft caRepository: rsync://repo-rpki.idnic.net/repo/7e27b3e1-f611-4afe-9a49-5fa4fd557653/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 04 Apr 2026 09:58:33 +0000 Certificate not after: Sat 03 Apr 2027 10:03:33 +0000 Subordinate resources: IP: 103.167.2.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Apr 2026 00:44:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:6b:f0:9d:14:2c:3c:33:c1:65:51:4c:49:5f:53:ad:32:21:ff:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Apr 4 09:58:33 2026 GMT Not After : Apr 3 10:03:33 2027 GMT Subject: CN=41071AAF0C0E6BD84877680334B4F604B4B4E786 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:11:13:6e:56:87:b6:35:aa:53:65:4f:77:77: 1b:e6:da:1c:b1:72:37:a7:aa:23:a3:43:1c:f2:26: 3b:46:ab:1b:48:b5:05:61:02:18:18:fb:de:27:9f: e0:1d:61:27:f5:38:72:4b:d9:40:9a:d6:5d:75:41: b9:31:92:46:1b:75:6f:6d:4e:2c:9a:49:3d:a3:93: 00:df:ff:92:b8:04:5c:02:42:15:bf:c7:7a:be:90: bb:a5:fb:7a:31:71:c3:1e:60:a8:50:f8:56:d8:46: 61:5b:16:94:b4:70:1e:4f:9c:8f:ea:a2:21:dc:44: 0c:d7:0c:79:5c:22:ca:82:24:73:d3:17:34:7c:f0: 82:10:4c:0f:b5:4b:cc:4a:d8:96:68:2d:bb:1b:40: 6f:5e:47:fe:20:2a:77:11:ed:aa:df:b1:8e:e8:26: 38:4a:08:1e:65:43:3b:8e:98:02:04:f7:60:ab:24: 13:d0:7f:fa:3b:d4:bf:dc:69:3e:ca:2c:f5:80:ec: 6e:60:78:e6:b1:c6:f8:c2:77:cd:c2:f0:c9:38:29: e8:df:f0:79:f4:2f:ae:3f:db:b0:23:e4:33:a0:c2: c4:48:ea:43:e2:94:74:ab:40:d8:0c:ee:41:69:ee: c4:59:02:f6:29:a5:6b:c3:15:39:76:0b:be:93:e8: 99:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 41:07:1A:AF:0C:0E:6B:D8:48:77:68:03:34:B4:F6:04:B4:B4:E7:86 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/7e27b3e1-f611-4afe-9a49-5fa4fd557653/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/7e27b3e1-f611-4afe-9a49-5fa4fd557653/0/41071AAF0C0E6BD84877680334B4F604B4B4E786.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.167.2.0/24 Signature Algorithm: sha256WithRSAEncryption 95:f7:ae:65:56:e2:ce:cb:eb:d5:42:ae:82:2c:8a:96:90:7b: a7:fb:52:c8:e1:eb:f4:13:bc:84:02:15:0d:36:b3:0a:71:00: 55:54:f2:a4:7a:24:23:0b:e6:b3:d7:70:86:40:2c:2d:c2:ac: bf:93:92:d1:ac:4c:35:9f:d9:49:e0:00:63:7c:16:15:6a:7e: 99:81:00:86:83:3c:b3:a4:20:16:a4:a6:eb:5b:a4:a9:fe:ab: 24:dd:ba:f9:32:9c:70:53:28:ec:ba:08:5a:20:0f:77:d6:be: a2:41:b1:2c:6c:11:eb:6d:c5:04:a5:61:91:87:70:d5:a4:8e: 85:2e:71:ff:24:77:5f:f0:c9:28:1d:98:c7:38:5c:ea:74:6f: 63:6e:2d:08:64:0c:78:21:7b:19:4b:c8:08:5e:e0:41:29:3c: 66:82:3b:b8:75:96:8d:f2:0f:2a:bd:91:98:5d:70:b0:b6:4e: 3e:ae:80:c7:e0:a9:8e:65:d6:94:49:8b:3c:b3:d4:8d:50:ce: 12:78:24:15:29:12:16:f7:50:dd:e3:ab:13:19:16:f9:d3:6d: 02:e1:77:0c:21:c1:50:6e:43:d9:74:b2:23:40:91:1c:32:be: c3:c8:6a:b5:f5:07:70:1e:42:ea:94:be:06:36:5c:7e:f2:75: 58:8e:c6:5e -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUaGvwnRQsPDPBZVFMSV9TrTIh//cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDQwNDA5NTgzM1oX DTI3MDQwMzEwMDMzM1owMzExMC8GA1UEAxMoNDEwNzFBQUYwQzBFNkJEODQ4Nzc2 ODAzMzRCNEY2MDRCNEI0RTc4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMARE25Wh7Y1qlNlT3d3G+baHLFyN6eqI6NDHPImO0arG0i1BWECGBj73ief 4B1hJ/U4ckvZQJrWXXVBuTGSRht1b21OLJpJPaOTAN//krgEXAJCFb/Her6Qu6X7 ejFxwx5gqFD4VthGYVsWlLRwHk+cj+qiIdxEDNcMeVwiyoIkc9MXNHzwghBMD7VL zErYlmgtuxtAb15H/iAqdxHtqt+xjugmOEoIHmVDO46YAgT3YKskE9B/+jvUv9xp Psos9YDsbmB45rHG+MJ3zcLwyTgp6N/wefQvrj/bsCPkM6DCxEjqQ+KUdKtA2Azu QWnuxFkC9imla8MVOXYLvpPomc0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEEHGq8MDmvYSHdoAzS09gS0tOeGMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83ZTI3YjNlMS1mNjExLTRhZmUtOWE0OS01ZmE0ZmQ1NTc2NTMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdlMjdiM2Ux LWY2MTEtNGFmZS05YTQ5LTVmYTRmZDU1NzY1My8wLzQxMDcxQUFGMEMwRTZCRDg0 ODc3NjgwMzM0QjRGNjA0QjRCNEU3ODYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnpwIwDQYJKoZIhvcNAQELBQADggEBAJX3rmVW4s7L69VCroIsipaQe6f7Usjh 6/QTvIQCFQ02swpxAFVU8qR6JCML5rPXcIZALC3CrL+TktGsTDWf2UngAGN8FhVq fpmBAIaDPLOkIBakputbpKn+qyTduvkynHBTKOy6CFogD3fWvqJBsSxsEettxQSl YZGHcNWkjoUucf8kd1/wySgdmMc4XOp0b2NuLQhkDHghexlLyAhe4EEpPGaCO7h1 lo3yDyq9kZhdcLC2Tj6ugMfgqY5l1pRJizyz1I1QzhJ4JBUpEhb3UN3jqxMZFvnT bQLhdwwhwVBuQ9l0siNAkRwyvsPIarX1B3AeQuqUvgY2XH7ydViOxl4= -----END CERTIFICATE-----Generated at Fri Apr 17 15:21:44 2026 by rpki-client