$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/D6344C556CB88A244AE43DD23D620550C754F24F.cer File: D6344C556CB88A244AE43DD23D620550C754F24F.cer (raw, json) Hash identifier: AxDKQUa+Qp91QYlu6gNxuT6LKJq5ucA2wxXi6FEbpv0= Subject key identifier: D6:34:4C:55:6C:B8:8A:24:4A:E4:3D:D2:3D:62:05:50:C7:54:F2:4F Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 605F0831436B54FD9DD3C9678A1188CFC941827D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/172d1752-4853-4c74-b574-994d3b124090/0/D6344C556CB88A244AE43DD23D620550C754F24F.mft caRepository: rsync://rpki-rsync.idnic.net/repo/172d1752-4853-4c74-b574-994d3b124090/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:54:40 +0000 Certificate not after: Sat 01 May 2027 23:59:40 +0000 Subordinate resources: IP: 157.20.94.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 May 2026 12:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:5f:08:31:43:6b:54:fd:9d:d3:c9:67:8a:11:88:cf:c9:41:82:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 23:54:40 2026 GMT Not After : May 1 23:59:40 2027 GMT Subject: CN=D6344C556CB88A244AE43DD23D620550C754F24F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:a0:6b:95:e5:a4:d0:a0:d3:bd:6f:c8:04:c1: 56:47:1a:5e:2e:53:c3:19:9a:60:3f:58:ed:0a:94: 30:bf:d5:2f:11:ca:1e:81:62:23:3e:98:66:a2:f6: de:56:84:fd:5f:e5:6b:33:97:c0:96:08:a4:28:fd: 7a:6c:7a:64:30:0d:a3:c4:2c:8f:e4:99:69:87:a7: 98:e3:f5:82:b1:83:67:80:57:d0:ac:6f:45:e7:fe: 81:4a:56:0e:85:bb:3b:ca:cb:64:02:b2:48:08:43: e8:8a:e8:5b:2e:b2:88:08:42:2b:a3:f7:f5:94:4d: 3b:ec:12:bf:d0:95:ec:bc:c0:d1:06:bf:94:98:38: 08:8b:91:f0:a8:0c:87:a2:33:c2:5a:db:b9:c8:65: ce:06:fa:7e:fd:da:5e:1c:cd:d7:7e:a4:bc:ce:61: a3:74:4b:6f:d4:e0:29:af:d8:50:c2:19:0b:15:1e: 06:c4:26:c8:77:00:fb:17:5f:e2:53:7e:38:90:a6: 8d:87:44:a9:a1:0a:43:db:fb:d8:70:97:db:25:18: e0:f0:f9:6a:51:53:8f:ec:55:9b:fa:3d:ce:a8:a3: 45:aa:3e:87:83:b6:fd:bb:0b:99:1d:47:9e:f6:4b: 66:7e:27:1c:3d:3b:58:42:98:80:34:88:a0:34:ca: 93:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D6:34:4C:55:6C:B8:8A:24:4A:E4:3D:D2:3D:62:05:50:C7:54:F2:4F X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/172d1752-4853-4c74-b574-994d3b124090/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/172d1752-4853-4c74-b574-994d3b124090/0/D6344C556CB88A244AE43DD23D620550C754F24F.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.94.0/24 Signature Algorithm: sha256WithRSAEncryption 90:f5:1c:19:8b:62:61:cd:4d:76:83:e9:47:2b:2c:bf:c0:9c: 2b:92:d4:ff:70:16:a9:ec:21:69:1f:56:40:8b:df:9b:a9:b3: 6c:d2:38:dc:e1:51:44:d7:dc:0b:5b:87:58:09:78:31:d7:55: b9:b1:05:19:13:16:d2:5a:88:c3:8e:e8:18:38:d5:b5:8e:ba: b8:e1:3e:0d:bf:81:35:cd:e1:80:2d:9b:38:fc:8f:1f:fc:8b: 91:eb:a2:aa:90:9e:bf:e3:ab:26:e5:a5:9e:e1:ce:3a:42:33: 1e:ae:d6:b5:ee:28:73:00:85:b6:e1:7d:5d:cb:b5:1e:b9:2b: 19:df:9a:0d:99:fd:9c:9f:56:d3:33:a1:b4:8f:ec:70:28:a8: 11:59:61:fc:fb:bb:d4:37:29:b8:61:80:f9:a2:8f:4c:73:ba: 38:ab:5e:40:f2:5d:fe:ca:04:e0:91:b6:0b:76:b4:e0:90:e2: 33:02:05:2b:fa:bc:22:2c:0b:46:2a:be:c3:49:d0:f4:54:01: 67:ce:22:bf:18:ae:66:ed:68:76:c6:2f:6b:83:d9:7c:47:98: 02:90:db:13:03:c8:cc:be:29:a9:ad:f1:74:9c:1d:11:3b:a8: 94:58:16:8b:38:49:31:2c:4f:1e:db:48:d3:6c:80:8c:7a:d1: f5:ba:3d:fc -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUYF8IMUNrVP2d08lnihGIz8lBgn0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjIzNTQ0MFoX DTI3MDUwMTIzNTk0MFowMzExMC8GA1UEAxMoRDYzNDRDNTU2Q0I4OEEyNDRBRTQz REQyM0Q2MjA1NTBDNzU0RjI0RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJWga5XlpNCg071vyATBVkcaXi5TwxmaYD9Y7QqUML/VLxHKHoFiIz6YZqL2 3laE/V/lazOXwJYIpCj9emx6ZDANo8Qsj+SZaYenmOP1grGDZ4BX0KxvRef+gUpW DoW7O8rLZAKySAhD6IroWy6yiAhCK6P39ZRNO+wSv9CV7LzA0Qa/lJg4CIuR8KgM h6Izwlrbuchlzgb6fv3aXhzN136kvM5ho3RLb9TgKa/YUMIZCxUeBsQmyHcA+xdf 4lN+OJCmjYdEqaEKQ9v72HCX2yUY4PD5alFTj+xVm/o9zqijRao+h4O2/bsLmR1H nvZLZn4nHD07WEKYgDSIoDTKk9kCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNY0TFVsuIokSuQ90j1iBVDHVPJPMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzE3MmQxNzUyLTQ4NTMtNGM3NC1iNTc0LTk5NGQzYjEyNDA5MC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8xNzJkMTc1 Mi00ODUzLTRjNzQtYjU3NC05OTRkM2IxMjQwOTAvMC9ENjM0NEM1NTZDQjg4QTI0 NEFFNDNERDIzRDYyMDU1MEM3NTRGMjRGLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAnRReMA0GCSqGSIb3DQEBCwUAA4IBAQCQ9RwZi2JhzU12g+lHKyy/wJwrktT/ cBap7CFpH1ZAi9+bqbNs0jjc4VFE19wLW4dYCXgx11W5sQUZExbSWojDjugYONW1 jrq44T4Nv4E1zeGALZs4/I8f/IuR66KqkJ6/46sm5aWe4c46QjMerta17ihzAIW2 4X1dy7UeuSsZ35oNmf2cn1bTM6G0j+xwKKgRWWH8+7vUNym4YYD5oo9Mc7o4q15A 8l3+ygTgkbYLdrTgkOIzAgUr+rwiLAtGKr7DSdD0VAFnziK/GK5m7Wh2xi9rg9l8 R5gCkNsTA8jMvimprfF0nB0RO6iUWBaLOEkxLE8e20jTbICMetH1uj38 -----END CERTIFICATE-----Generated at Wed May 13 11:56:07 2026 by rpki-client