$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/20DB1585229FF1D4E2D6BD3ACC136A4920B1F409.cer File: 20DB1585229FF1D4E2D6BD3ACC136A4920B1F409.cer (raw, json) Hash identifier: 5N/dYKpnSTtCFsSTOjaJrMgBpkN+exaSlLMvekYkheo= Subject key identifier: 20:DB:15:85:22:9F:F1:D4:E2:D6:BD:3A:CC:13:6A:49:20:B1:F4:09 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 612525C24000A61493F0B95967C9E0C3C8ED9A97 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/d18c0383-629f-46e2-b114-188cc921a6a5/0/20DB1585229FF1D4E2D6BD3ACC136A4920B1F409.mft caRepository: rsync://rpki-rsync.idnic.net/repo/d18c0383-629f-46e2-b114-188cc921a6a5/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:57:48 +0000 Certificate not after: Sun 02 May 2027 02:02:48 +0000 Subordinate resources: IP: 103.191.168.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:25:25:c2:40:00:a6:14:93:f0:b9:59:67:c9:e0:c3:c8:ed:9a:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:57:48 2026 GMT Not After : May 2 02:02:48 2027 GMT Subject: CN=20DB1585229FF1D4E2D6BD3ACC136A4920B1F409 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:6b:25:20:73:18:6d:82:03:5e:04:38:fe:0a: c7:12:79:0f:e0:61:4f:f1:90:64:86:08:83:b4:b5: 87:e8:47:56:f7:7d:14:19:54:7e:3b:92:96:ba:ec: 58:53:27:af:71:a9:6c:1a:ba:3d:17:c1:58:ec:f5: 7d:16:c1:ef:32:6e:f0:6f:15:87:f4:a2:85:00:49: 75:f4:d0:27:d3:36:ab:d8:df:de:26:6b:25:7c:88: 98:0f:69:04:cd:29:be:24:73:80:70:f3:bc:5e:b7: df:3b:fc:e6:d5:ff:7d:c9:d7:08:bb:41:22:a1:94: 28:70:e5:3f:93:a0:42:a6:50:3a:39:be:79:3f:31: 6d:f0:da:a4:0f:a1:9b:6a:11:e3:37:68:60:e0:a8: 91:66:d2:cd:16:53:27:bf:70:bd:d2:d2:6e:91:8c: 66:14:be:3f:59:bd:35:39:9e:b3:3a:36:d2:5e:da: 23:09:ee:d8:88:5b:05:f7:ae:74:84:5f:f8:56:6f: 16:ce:be:31:d0:49:2c:93:26:cc:ac:aa:0c:99:56: e6:42:1d:c4:3c:ca:d3:84:6d:9c:5b:c5:3f:25:5d: 55:6a:a0:db:ee:09:59:8b:8e:f6:64:8c:7e:3f:a2: b0:69:fc:e5:01:8b:e8:98:d7:4d:3e:50:0f:99:d1: 87:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 20:DB:15:85:22:9F:F1:D4:E2:D6:BD:3A:CC:13:6A:49:20:B1:F4:09 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/d18c0383-629f-46e2-b114-188cc921a6a5/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/d18c0383-629f-46e2-b114-188cc921a6a5/0/20DB1585229FF1D4E2D6BD3ACC136A4920B1F409.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.191.168.0/23 Signature Algorithm: sha256WithRSAEncryption 6b:99:cc:92:68:5e:81:37:79:11:47:b3:aa:cc:8c:40:68:b8: 8f:3c:b8:a7:0f:83:70:af:96:bc:63:0e:69:83:e2:7b:9c:56: f9:69:5e:e9:81:a0:63:c1:0c:84:1e:74:50:fe:9e:6c:8e:24: e2:91:b5:e8:a7:d2:72:71:21:54:26:f0:aa:88:23:16:f6:6b: e7:54:b8:35:e6:a4:ad:31:3d:f8:b3:a6:9c:6a:ad:2e:e3:4a: aa:05:18:00:ad:12:27:29:59:06:18:02:f7:94:c2:ab:b9:03: 27:1d:83:34:4e:d9:98:71:21:6a:a8:8b:8f:ac:23:55:03:11: 47:a2:0d:f7:10:8e:f1:eb:79:f4:af:0a:51:7f:6a:31:92:8e: ca:10:8e:50:8b:04:55:0c:d0:db:ff:08:65:c9:e4:3b:31:0c: 93:81:b9:f1:5e:fd:ab:8f:67:73:b4:00:76:78:45:fa:c3:16: 2d:46:cc:1c:a0:a9:88:d7:77:8f:1e:2f:e1:6e:01:17:f4:cb: 85:4a:96:50:a5:13:11:14:e9:0c:5c:48:99:1c:12:7d:17:1c: 4b:fa:e4:08:ec:df:32:2a:27:9b:48:ba:3d:b7:1f:f7:58:48: ce:35:3c:28:dc:e1:77:83:63:a4:74:a3:da:f7:50:91:57:cb: f8:d0:4b:c2 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUYSUlwkAAphST8LlZZ8ngw8jtmpcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxNTc0OFoX DTI3MDUwMjAyMDI0OFowMzExMC8GA1UEAxMoMjBEQjE1ODUyMjlGRjFENEUyRDZC RDNBQ0MxMzZBNDkyMEIxRjQwOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALRrJSBzGG2CA14EOP4KxxJ5D+BhT/GQZIYIg7S1h+hHVvd9FBlUfjuSlrrs WFMnr3GpbBq6PRfBWOz1fRbB7zJu8G8Vh/SihQBJdfTQJ9M2q9jf3iZrJXyImA9p BM0pviRzgHDzvF633zv85tX/fcnXCLtBIqGUKHDlP5OgQqZQOjm+eT8xbfDapA+h m2oR4zdoYOCokWbSzRZTJ79wvdLSbpGMZhS+P1m9NTmeszo20l7aIwnu2IhbBfeu dIRf+FZvFs6+MdBJLJMmzKyqDJlW5kIdxDzK04RtnFvFPyVdVWqg2+4JWYuO9mSM fj+isGn85QGL6JjXTT5QD5nRh08CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCDbFYUin/HU4ta9OswTakkgsfQJMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2QxOGMwMzgzLTYyOWYtNDZlMi1iMTE0LTE4OGNjOTIxYTZhNS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9kMThjMDM4 My02MjlmLTQ2ZTItYjExNC0xODhjYzkyMWE2YTUvMC8yMERCMTU4NTIyOUZGMUQ0 RTJENkJEM0FDQzEzNkE0OTIwQjFGNDA5Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ7+oMA0GCSqGSIb3DQEBCwUAA4IBAQBrmcySaF6BN3kRR7OqzIxAaLiPPLin D4Nwr5a8Yw5pg+J7nFb5aV7pgaBjwQyEHnRQ/p5sjiTikbXop9JycSFUJvCqiCMW 9mvnVLg15qStMT34s6acaq0u40qqBRgArRInKVkGGAL3lMKruQMnHYM0TtmYcSFq qIuPrCNVAxFHog33EI7x63n0rwpRf2oxko7KEI5QiwRVDNDb/whlyeQ7MQyTgbnx Xv2rj2dztAB2eEX6wxYtRswcoKmI13ePHi/hbgEX9MuFSpZQpRMRFOkMXEiZHBJ9 FxxL+uQI7N8yKiebSLo9tx/3WEjONTwo3OF3g2OkdKPa91CRV8v40EvC -----END CERTIFICATE-----Generated at Tue May 12 22:04:02 2026 by rpki-client