$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/9DD7FD1C0A74FE317EDA41E4D1CDC857AFC1779D.cer File: 9DD7FD1C0A74FE317EDA41E4D1CDC857AFC1779D.cer (raw, json) Hash identifier: LJapaX8KEKCIUcad7jYR1LhjSPEfLnDqXkoh93WN9kE= Subject key identifier: 9D:D7:FD:1C:0A:74:FE:31:7E:DA:41:E4:D1:CD:C8:57:AF:C1:77:9D Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 7C512853805D3AEE36EDFC6CD8DD877EB2F43340 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/690c9009-ad53-4fa6-a183-34b3457bea03/0/9DD7FD1C0A74FE317EDA41E4D1CDC857AFC1779D.mft caRepository: rsync://rpki-rsync.idnic.net/repo/690c9009-ad53-4fa6-a183-34b3457bea03/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:49:31 +0000 Certificate not after: Sun 02 May 2027 00:54:31 +0000 Subordinate resources: IP: 43.227.148.0/22 IP: 103.10.184.0/22 IP: 116.213.48.0/20 IP: 202.69.96.0/20 IP: 202.151.8.0/22 IP: 203.89.16.0/21 IP: 220.157.96.0/20 IP: 223.164.0.0/16 IP: 2403:7200::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:51:28:53:80:5d:3a:ee:36:ed:fc:6c:d8:dd:87:7e:b2:f4:33:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:49:31 2026 GMT Not After : May 2 00:54:31 2027 GMT Subject: CN=9DD7FD1C0A74FE317EDA41E4D1CDC857AFC1779D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:0b:d1:bb:56:84:44:d7:d9:b8:36:98:36:c3: 64:3d:98:6c:20:69:7a:6e:d4:bb:90:12:67:b8:56: 5d:bb:50:3b:c1:86:ad:ce:86:39:79:cb:8a:3f:08: 8f:e6:2f:e9:bf:9f:99:6b:df:83:88:69:38:b0:f6: db:b1:f0:ba:2f:ee:54:2d:81:51:15:c4:8a:f3:a3: 5f:6e:9c:80:f1:92:49:18:e8:0d:06:66:34:4e:3d: ab:e8:97:95:90:bc:0d:0b:a6:8a:35:b7:13:1f:61: 2a:0b:de:c4:36:78:98:66:21:cd:f8:82:73:60:b0: f9:3c:ed:60:c8:66:d7:6e:0f:77:6a:c4:24:bc:d0: 4d:b3:b9:9d:4e:b3:7c:2e:f7:ef:98:44:f3:49:83: c3:d6:76:f3:22:1e:50:b6:fd:e5:b5:26:dd:84:5d: 3a:0b:b1:66:c8:66:c6:5f:13:b3:79:d9:ce:27:8f: f3:90:5c:32:0b:ad:07:45:99:f4:6c:09:32:fc:53: b6:cc:cb:06:37:36:f4:98:2e:fe:8b:9e:43:23:e7: c6:98:1a:df:81:83:72:17:73:61:46:31:c3:bd:34: c4:98:36:28:f1:59:c3:c6:0f:cb:97:5c:ff:75:e8: e9:65:8d:05:c9:95:91:6b:fb:b9:9c:8f:b3:ba:74: a0:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 9D:D7:FD:1C:0A:74:FE:31:7E:DA:41:E4:D1:CD:C8:57:AF:C1:77:9D X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/690c9009-ad53-4fa6-a183-34b3457bea03/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/690c9009-ad53-4fa6-a183-34b3457bea03/0/9DD7FD1C0A74FE317EDA41E4D1CDC857AFC1779D.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.227.148.0/22 103.10.184.0/22 116.213.48.0/20 202.69.96.0/20 202.151.8.0/22 203.89.16.0/21 220.157.96.0/20 223.164.0.0/16 IPv6: 2403:7200::/32 Signature Algorithm: sha256WithRSAEncryption 74:bf:56:3b:27:51:ad:db:27:db:42:34:af:14:d1:3f:58:b4: 7d:02:d1:49:10:9f:fe:34:08:48:b7:79:31:f3:49:3b:bd:cc: d5:11:b9:6d:70:14:57:97:6c:b9:4e:cc:b8:33:3a:19:f9:34: ea:09:ea:47:ea:d7:70:1a:7d:bb:6b:0c:64:c6:4b:67:43:0b: fe:72:d5:d2:84:54:ba:21:5c:e6:d7:0c:01:2e:00:43:ed:36: e8:de:ed:76:37:5d:c8:de:62:3d:34:f6:20:fb:22:f3:b4:37: 29:6e:1b:18:9b:6e:d8:b2:10:8e:3e:35:61:56:95:b1:d4:da: be:2d:db:57:08:76:b3:19:2f:e2:61:f7:20:96:b1:3f:da:28: b5:ed:77:f1:a4:2a:f2:7f:00:34:53:3a:dc:a7:66:90:5b:34: 0e:7b:6b:93:d9:56:60:bc:48:69:49:37:4d:7c:17:03:06:71: 56:15:24:d7:22:f0:a0:4b:c7:2c:25:50:ff:2d:0f:2e:6e:48: 42:b0:d5:72:03:e4:61:e5:e3:23:4b:cd:b2:00:60:e9:81:95: 96:b9:e3:b1:40:01:20:20:e3:fe:2f:1d:2c:44:a5:db:be:af: 60:71:c1:fd:c5:02:7e:44:3d:fb:95:de:8e:de:22:81:a6:ae: 3e:5b:41:94 -----BEGIN CERTIFICATE----- MIIF/jCCBOagAwIBAgIUfFEoU4BdOu427fxs2N2HfrL0M0AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwNDkzMVoX DTI3MDUwMjAwNTQzMVowMzExMC8GA1UEAxMoOUREN0ZEMUMwQTc0RkUzMTdFREE0 MUU0RDFDREM4NTdBRkMxNzc5RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANEL0btWhETX2bg2mDbDZD2YbCBpem7Uu5ASZ7hWXbtQO8GGrc6GOXnLij8I j+Yv6b+fmWvfg4hpOLD227Hwui/uVC2BURXEivOjX26cgPGSSRjoDQZmNE49q+iX lZC8DQumijW3Ex9hKgvexDZ4mGYhzfiCc2Cw+TztYMhm124Pd2rEJLzQTbO5nU6z fC7375hE80mDw9Z28yIeULb95bUm3YRdOguxZshmxl8Ts3nZzieP85BcMgutB0WZ 9GwJMvxTtszLBjc29Jgu/oueQyPnxpga34GDchdzYUYxw700xJg2KPFZw8YPy5dc /3Xo6WWNBcmVkWv7uZyPs7p0oBcCAwEAAaOCAvEwggLtMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFJ3X/RwKdP4xftpB5NHNyFevwXedMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzY5MGM5MDA5LWFkNTMtNGZhNi1hMTgzLTM0YjM0NTdiZWEwMy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby82OTBjOTAw OS1hZDUzLTRmYTYtYTE4My0zNGIzNDU3YmVhMDMvMC85REQ3RkQxQzBBNzRGRTMx N0VEQTQxRTREMUNEQzg1N0FGQzE3NzlELm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAv AwQCK+OUAwQCZwq4AwQEdNUwAwQEykVgAwQCypcIAwQDy1kQAwQE3J1gAwMA36Qw DQQCAAIwBwMFACQDcgAwDQYJKoZIhvcNAQELBQADggEBAHS/VjsnUa3bJ9tCNK8U 0T9YtH0C0UkQn/40CEi3eTHzSTu9zNURuW1wFFeXbLlOzLgzOhn5NOoJ6kfq13Aa fbtrDGTGS2dDC/5y1dKEVLohXObXDAEuAEPtNuje7XY3XcjeYj009iD7IvO0Nylu GxibbtiyEI4+NWFWlbHU2r4t21cIdrMZL+Jh9yCWsT/aKLXtd/GkKvJ/ADRTOtyn ZpBbNA57a5PZVmC8SGlJN018FwMGcVYVJNci8KBLxywlUP8tDy5uSEKw1XID5GHl 4yNLzbIAYOmBlZa547FAASAg4/4vHSxEpdu+r2Bxwf3FAn5EPfuV3o7eIoGmrj5b QZQ= -----END CERTIFICATE-----Generated at Tue May 12 22:45:40 2026 by rpki-client