$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/D04E8EDA1C6E0AE6B589887ACF355D77EE1758C0.cer File: D04E8EDA1C6E0AE6B589887ACF355D77EE1758C0.cer (raw, json) Hash identifier: GW8MocoeWyITXzBqu8AHONL2Gv5xnI9IWy6CnACZAkY= Subject key identifier: D0:4E:8E:DA:1C:6E:0A:E6:B5:89:88:7A:CF:35:5D:77:EE:17:58:C0 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 1666FF1B0C6705482B7A0E9401BDC35F29C907C9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/6f4d1c36-4a31-4857-9e36-0ddf3d691eb5/0/D04E8EDA1C6E0AE6B589887ACF355D77EE1758C0.mft caRepository: rsync://rpki-rsync.idnic.net/repo/6f4d1c36-4a31-4857-9e36-0ddf3d691eb5/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:53:51 +0000 Certificate not after: Sun 02 May 2027 00:58:51 +0000 Subordinate resources: IP: 103.22.136.0/22 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:66:ff:1b:0c:67:05:48:2b:7a:0e:94:01:bd:c3:5f:29:c9:07:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:53:51 2026 GMT Not After : May 2 00:58:51 2027 GMT Subject: CN=D04E8EDA1C6E0AE6B589887ACF355D77EE1758C0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:b6:24:d5:83:68:30:97:72:4f:24:a3:e6:fd: ec:ea:0c:d0:90:36:8f:79:a6:dc:38:09:3d:3f:ac: 42:ee:ad:11:64:a2:a3:0a:a8:6c:5b:d3:03:05:64: 28:45:ab:df:eb:14:92:09:92:69:68:fb:6a:93:49: 34:0f:60:59:7d:13:65:84:9a:f2:e1:b5:0f:21:53: a6:48:c1:e6:8f:78:4b:77:38:eb:6a:64:88:4d:fa: 39:b7:4c:bf:82:3a:62:4a:ef:94:4a:a5:b6:4e:fb: fd:eb:d5:ba:b8:af:58:cb:16:e5:f9:57:dd:99:d4: 30:5a:2f:0f:ef:76:f4:66:af:e9:24:5d:76:b8:b9: d6:cd:74:d7:98:f2:f2:56:ed:aa:24:b2:94:2d:9e: b2:e8:ec:9b:a0:b8:85:37:79:ad:45:bc:a8:e2:a5: 81:7f:08:d0:43:93:dc:4c:c5:23:34:29:04:40:6e: c1:8e:89:8b:38:8e:4a:0c:22:de:c5:48:1b:23:94: 36:e8:55:dd:63:0f:2a:18:3b:e1:9f:2e:62:2a:cb: 26:a7:98:1c:4f:48:6f:a7:bd:54:d5:2b:24:fd:5b: 56:36:44:81:cd:14:d1:c0:aa:b7:09:fc:62:47:df: 1f:a9:6c:aa:38:4f:7e:13:d0:36:cc:c2:f5:a3:58: 2b:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D0:4E:8E:DA:1C:6E:0A:E6:B5:89:88:7A:CF:35:5D:77:EE:17:58:C0 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/6f4d1c36-4a31-4857-9e36-0ddf3d691eb5/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/6f4d1c36-4a31-4857-9e36-0ddf3d691eb5/0/D04E8EDA1C6E0AE6B589887ACF355D77EE1758C0.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.22.136.0/22 Signature Algorithm: sha256WithRSAEncryption 3a:ad:55:e6:10:bb:7d:31:c7:3e:07:5a:8a:77:61:b6:bf:fc: 28:7c:0a:e7:70:39:c0:bb:ea:38:68:42:c8:84:d3:f5:5d:50: ab:1b:75:3d:ca:36:55:f4:17:dd:fd:14:09:68:8c:4b:96:5e: a7:4e:76:4f:7e:47:86:6d:7f:28:22:c6:57:19:ac:39:c7:d7: 0d:e6:42:ed:1c:86:31:af:4a:eb:81:fb:b5:3a:cb:e9:d1:9d: 57:be:12:2e:9a:eb:fa:9c:07:be:c9:92:5c:35:4f:4a:f4:d1: c6:18:36:e8:75:c5:4f:30:a5:03:d4:cb:0a:ee:49:04:69:cd: 21:b3:d2:25:af:b1:6e:0a:01:60:78:8f:ca:b0:2b:b2:c5:83: a4:a6:a1:a8:9c:b8:c6:47:77:82:ad:84:73:0d:e5:2e:e5:98: c3:50:3d:4e:23:18:39:9f:a1:cb:a0:5c:65:af:8b:1d:94:b7: 7a:55:81:32:5c:a9:15:01:3c:e0:65:18:dd:12:33:32:93:be: e1:6d:71:3c:80:e0:0c:9e:a8:a7:97:7a:19:16:c7:38:ee:0a: c6:bc:52:45:57:ce:92:41:f1:51:14:e1:2f:0e:9a:a0:fb:c7: 0f:19:a2:6b:f3:35:3a:4f:d9:c5:24:25:96:f4:2b:bd:f5:13: 10:42:e1:56 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUFmb/GwxnBUgreg6UAb3DXynJB8kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwNTM1MVoX DTI3MDUwMjAwNTg1MVowMzExMC8GA1UEAxMoRDA0RThFREExQzZFMEFFNkI1ODk4 ODdBQ0YzNTVENzdFRTE3NThDMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANq2JNWDaDCXck8ko+b97OoM0JA2j3mm3DgJPT+sQu6tEWSiowqobFvTAwVk KEWr3+sUkgmSaWj7apNJNA9gWX0TZYSa8uG1DyFTpkjB5o94S3c462pkiE36ObdM v4I6YkrvlEqltk77/evVurivWMsW5flX3ZnUMFovD+929Gav6SRddri51s1015jy 8lbtqiSylC2esujsm6C4hTd5rUW8qOKlgX8I0EOT3EzFIzQpBEBuwY6JiziOSgwi 3sVIGyOUNuhV3WMPKhg74Z8uYirLJqeYHE9Ib6e9VNUrJP1bVjZEgc0U0cCqtwn8 YkffH6lsqjhPfhPQNszC9aNYK6kCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNBOjtocbgrmtYmIes81XXfuF1jAMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzZmNGQxYzM2LTRhMzEtNDg1Ny05ZTM2LTBkZGYzZDY5MWViNS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby82ZjRkMWMz Ni00YTMxLTQ4NTctOWUzNi0wZGRmM2Q2OTFlYjUvMC9EMDRFOEVEQTFDNkUwQUU2 QjU4OTg4N0FDRjM1NUQ3N0VFMTc1OEMwLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZxaIMA0GCSqGSIb3DQEBCwUAA4IBAQA6rVXmELt9Mcc+B1qKd2G2v/wofArn cDnAu+o4aELIhNP1XVCrG3U9yjZV9Bfd/RQJaIxLll6nTnZPfkeGbX8oIsZXGaw5 x9cN5kLtHIYxr0rrgfu1Osvp0Z1XvhIumuv6nAe+yZJcNU9K9NHGGDbodcVPMKUD 1MsK7kkEac0hs9Ilr7FuCgFgeI/KsCuyxYOkpqGonLjGR3eCrYRzDeUu5ZjDUD1O Ixg5n6HLoFxlr4sdlLd6VYEyXKkVATzgZRjdEjMyk77hbXE8gOAMnqinl3oZFsc4 7grGvFJFV86SQfFRFOEvDpqg+8cPGaJr8zU6T9nFJCWW9Cu99RMQQuFW -----END CERTIFICATE-----Generated at Tue May 12 22:02:36 2026 by rpki-client