$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/D9C4B6BE84C90BC406AB671E5F75A8C8656294F6.cer File: D9C4B6BE84C90BC406AB671E5F75A8C8656294F6.cer (raw, json) Hash identifier: LigkEJKk/DFz3wBde5rEpgMFtZs856UO9ry6cordC4Y= Subject key identifier: D9:C4:B6:BE:84:C9:0B:C4:06:AB:67:1E:5F:75:A8:C8:65:62:94:F6 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 2179A0A0CE208D819991AD0295DA343FDEB1D61F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/f195b4b4-bc8a-4ce5-b550-9aa7b36ee1fa/0/D9C4B6BE84C90BC406AB671E5F75A8C8656294F6.mft caRepository: rsync://rpki-rsync.idnic.net/repo/f195b4b4-bc8a-4ce5-b550-9aa7b36ee1fa/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:29:50 +0000 Certificate not after: Sun 02 May 2027 02:34:50 +0000 Subordinate resources: IP: 160.22.136.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:79:a0:a0:ce:20:8d:81:99:91:ad:02:95:da:34:3f:de:b1:d6:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 02:29:50 2026 GMT Not After : May 2 02:34:50 2027 GMT Subject: CN=D9C4B6BE84C90BC406AB671E5F75A8C8656294F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:10:2d:0f:10:48:bd:5f:ad:c6:63:85:7e:d5: 3b:5c:dc:dc:d5:b2:0f:b7:80:92:92:3d:f2:6b:4c: d6:5c:46:18:72:bc:a8:4b:ad:c2:20:2f:bd:e7:cb: 7d:7c:85:22:ff:be:46:5a:2c:5b:80:43:99:ec:ba: 19:31:0b:f3:1d:2a:24:5b:e3:db:48:41:b1:de:d3: 50:0f:b8:ea:d4:92:8c:c1:da:4a:9f:96:1c:11:52: 58:87:6a:32:97:9d:02:04:6a:d1:a7:a2:48:5a:78: 3c:9d:dc:d3:d4:82:d0:09:17:6b:7e:2b:ba:54:c8: 89:69:b5:db:98:45:27:81:d4:95:2f:d7:95:ba:f7: c2:9e:bd:0a:43:f6:c8:5b:84:61:58:82:4d:94:a0: 11:42:b1:f4:41:51:84:00:72:f6:53:0a:b4:24:22: 52:99:8f:11:f0:d4:76:bb:09:c1:8b:38:07:31:ed: f1:27:91:3e:90:02:17:60:d6:d4:c6:7e:b8:56:23: e6:cd:ce:38:3d:3f:bc:f3:a2:e5:af:40:b8:56:a6: 54:1e:54:a3:4b:60:bb:b8:4c:a9:2e:34:31:c4:2b: 0a:bd:cd:fd:75:4e:95:39:e6:24:d5:ed:4e:09:c1: 93:26:a8:02:c5:d6:e0:50:ce:6b:7c:5a:b7:c6:a8: a2:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D9:C4:B6:BE:84:C9:0B:C4:06:AB:67:1E:5F:75:A8:C8:65:62:94:F6 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/f195b4b4-bc8a-4ce5-b550-9aa7b36ee1fa/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/f195b4b4-bc8a-4ce5-b550-9aa7b36ee1fa/0/D9C4B6BE84C90BC406AB671E5F75A8C8656294F6.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.136.0/23 Signature Algorithm: sha256WithRSAEncryption 5f:d5:fc:e5:8a:7f:78:7d:69:53:4c:32:50:fc:df:32:58:3b: 0f:8c:53:28:da:63:62:54:3d:9d:18:34:df:fc:ee:ba:ce:81: ff:75:eb:13:d6:34:10:a0:91:29:bc:ce:16:c4:ef:b9:8f:53: 86:d6:2c:22:38:5a:12:3c:89:32:5e:e3:10:db:de:ea:ea:d2: cc:45:81:ea:65:d9:95:7c:f3:83:4d:6f:04:90:f7:56:37:a6: c4:ce:d7:ff:26:ad:0d:8f:f8:7a:2b:f4:7b:a0:4b:8d:64:34: a0:28:82:36:c9:5f:ad:2c:f4:34:01:40:dd:2a:6b:55:ea:1d: 62:c0:6e:3e:9b:a1:7d:e8:48:af:91:cb:33:23:4f:e6:c7:fc: 4d:88:75:c4:b8:a0:20:de:d6:49:ef:91:e0:03:31:1b:fb:44: 78:ad:a8:0b:2f:6b:b6:83:99:a5:60:58:eb:57:79:cf:db:18: c4:ff:2f:10:2c:f8:53:9e:40:d2:e7:be:b1:fa:10:1e:cb:7f: f3:ea:f3:41:c8:0e:48:b5:7e:ad:dc:2d:85:dc:25:08:1c:3a: c3:3a:1a:4e:99:45:6c:89:54:9c:12:46:7a:20:b3:8d:20:c9: 12:25:5f:c4:10:7c:72:3a:38:3c:2a:67:ff:7b:20:84:0a:96: 5d:01:83:0d -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUIXmgoM4gjYGZka0Cldo0P96x1h8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAyMjk1MFoX DTI3MDUwMjAyMzQ1MFowMzExMC8GA1UEAxMoRDlDNEI2QkU4NEM5MEJDNDA2QUI2 NzFFNUY3NUE4Qzg2NTYyOTRGNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOUQLQ8QSL1frcZjhX7VO1zc3NWyD7eAkpI98mtM1lxGGHK8qEutwiAvvefL fXyFIv++RlosW4BDmey6GTEL8x0qJFvj20hBsd7TUA+46tSSjMHaSp+WHBFSWIdq MpedAgRq0aeiSFp4PJ3c09SC0AkXa34rulTIiWm125hFJ4HUlS/Xlbr3wp69CkP2 yFuEYViCTZSgEUKx9EFRhABy9lMKtCQiUpmPEfDUdrsJwYs4BzHt8SeRPpACF2DW 1MZ+uFYj5s3OOD0/vPOi5a9AuFamVB5Uo0tgu7hMqS40McQrCr3N/XVOlTnmJNXt TgnBkyaoAsXW4FDOa3xat8aookECAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNnEtr6EyQvEBqtnHl91qMhlYpT2MB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2YxOTViNGI0LWJjOGEtNGNlNS1iNTUwLTlhYTdiMzZlZTFmYS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9mMTk1YjRi NC1iYzhhLTRjZTUtYjU1MC05YWE3YjM2ZWUxZmEvMC9EOUM0QjZCRTg0QzkwQkM0 MDZBQjY3MUU1Rjc1QThDODY1NjI5NEY2Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBoBaIMA0GCSqGSIb3DQEBCwUAA4IBAQBf1fzlin94fWlTTDJQ/N8yWDsPjFMo 2mNiVD2dGDTf/O66zoH/desT1jQQoJEpvM4WxO+5j1OG1iwiOFoSPIkyXuMQ297q 6tLMRYHqZdmVfPODTW8EkPdWN6bEztf/Jq0Nj/h6K/R7oEuNZDSgKII2yV+tLPQ0 AUDdKmtV6h1iwG4+m6F96EivkcszI0/mx/xNiHXEuKAg3tZJ75HgAzEb+0R4ragL L2u2g5mlYFjrV3nP2xjE/y8QLPhTnkDS576x+hAey3/z6vNByA5ItX6t3C2F3CUI HDrDOhpOmUVsiVScEkZ6ILONIMkSJV/EEHxyOjg8Kmf/eyCECpZdAYMN -----END CERTIFICATE-----Generated at Tue May 12 22:04:08 2026 by rpki-client