$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.cer File: D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.cer (raw, json) Hash identifier: MQxylxo3hF+NnQhwfeI33hDCXpw0ePxp83wROnk1OFc= Subject key identifier: D2:0C:1E:0D:D0:2A:A8:B1:CE:1F:EB:A4:76:97:7C:F8:BB:16:14:36 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 1284595D990289628F5EFDA3B7B209C75C9F8C44 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.mft caRepository: rsync://rpki-rsync.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:09:08 +0000 Certificate not after: Sun 02 May 2027 00:14:08 +0000 Subordinate resources: IP: 60.253.96.0/19 IP: 202.51.224.0/20 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:84:59:5d:99:02:89:62:8f:5e:fd:a3:b7:b2:09:c7:5c:9f:8c:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:09:08 2026 GMT Not After : May 2 00:14:08 2027 GMT Subject: CN=D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:f0:ab:b5:cc:ba:4b:cd:d2:75:8d:6d:40:39: 47:5a:94:ca:2e:41:37:77:25:83:57:cc:8b:17:cd: d0:eb:dd:60:a4:c4:53:3f:23:ba:c4:6a:87:dd:c5: ee:91:bf:f0:59:be:e5:6b:49:f9:e2:1e:4f:39:7e: 77:ec:c2:59:f6:9a:9e:a0:fa:5e:bb:23:83:3d:31: 3c:e4:b3:41:90:f6:ea:6e:0b:58:cb:60:58:93:dd: 06:82:ee:68:a5:51:b2:53:29:55:3e:d5:16:b0:53: f1:d0:3b:26:45:3e:ba:b5:be:ed:e1:6f:aa:36:0f: 5b:3b:3e:62:b9:8f:67:3d:7a:65:63:2d:1c:7a:73: 5a:33:54:ae:9c:a9:35:bc:16:6c:00:ba:d1:15:32: 29:01:e4:b1:98:11:bd:b6:cb:65:38:f1:32:d3:cd: cb:60:7f:47:c4:5f:cb:4c:2a:16:1a:76:f9:d7:ce: 4b:ae:1e:fc:5c:41:86:de:f7:09:de:b7:04:07:cc: 01:e1:cd:fa:01:60:57:8b:de:64:89:b8:d9:bb:f6: a7:f2:9f:39:19:ea:b5:00:75:4b:8b:ff:61:81:db: 54:f4:d8:11:83:bb:f0:8c:c1:4c:6b:ea:f3:7f:37: 2d:ec:7d:97:cf:b3:84:c5:cf:a3:32:5f:6b:9d:7c: 11:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D2:0C:1E:0D:D0:2A:A8:B1:CE:1F:EB:A4:76:97:7C:F8:BB:16:14:36 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/2cd7536d-9e10-4d49-b6ca-041cc9a5914e/0/D20C1E0DD02AA8B1CE1FEBA476977CF8BB161436.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 60.253.96.0/19 202.51.224.0/20 Signature Algorithm: sha256WithRSAEncryption 9a:fe:8b:19:34:d4:15:bd:dc:c7:4d:42:a5:55:25:85:2d:8b: d7:22:de:f3:4e:27:63:b2:52:c9:13:37:c1:64:9f:9f:29:27: 30:30:94:f3:4a:b1:90:ce:e9:13:06:00:d1:c9:7d:57:55:3d: 0d:d0:99:16:24:6b:d8:e3:73:72:6b:42:06:9c:10:5a:c4:7e: b9:65:31:c2:46:90:2c:fe:71:dd:00:a6:d9:f8:57:ca:16:34: 2e:1c:e3:c8:e7:d6:76:5a:0e:fd:45:27:bf:e5:3c:e8:d0:b5: ef:1a:08:9e:ff:4d:19:9b:88:c8:1c:07:b3:0d:36:eb:01:c9: dd:21:3c:3e:59:0f:66:03:2f:88:28:cc:c8:53:c8:91:8f:50: 68:f5:41:b0:07:15:13:22:01:2c:f8:ee:7a:f6:32:ed:cf:2d: 10:55:ca:95:8c:95:e4:cb:b5:12:4d:e1:30:e0:c9:59:da:c2: 05:10:d3:a6:aa:6c:3b:2e:39:4e:96:bd:2c:bb:7a:56:cd:af: 39:e2:eb:91:fa:e1:cf:ac:69:99:bc:9e:51:ee:d8:0f:16:c4: e8:0f:27:b2:cf:66:56:8b:1e:66:09:06:ea:a8:ac:ea:5b:46: 3a:89:b7:7a:9d:e4:37:a3:eb:81:8a:79:ed:48:c6:17:5b:86: bb:9e:04:4c -----BEGIN CERTIFICATE----- MIIFzDCCBLSgAwIBAgIUEoRZXZkCiWKPXv2jt7IJx1yfjEQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMDkwOFoX DTI3MDUwMjAwMTQwOFowMzExMC8GA1UEAxMoRDIwQzFFMEREMDJBQThCMUNFMUZF QkE0NzY5NzdDRjhCQjE2MTQzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALbwq7XMukvN0nWNbUA5R1qUyi5BN3clg1fMixfN0OvdYKTEUz8jusRqh93F 7pG/8Fm+5WtJ+eIeTzl+d+zCWfaanqD6Xrsjgz0xPOSzQZD26m4LWMtgWJPdBoLu aKVRslMpVT7VFrBT8dA7JkU+urW+7eFvqjYPWzs+YrmPZz16ZWMtHHpzWjNUrpyp NbwWbAC60RUyKQHksZgRvbbLZTjxMtPNy2B/R8Rfy0wqFhp2+dfOS64e/FxBht73 Cd63BAfMAeHN+gFgV4veZIm42bv2p/KfORnqtQB1S4v/YYHbVPTYEYO78IzBTGvq 8383Lex9l8+zhMXPozJfa518ESsCAwEAAaOCAr8wggK7MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNIMHg3QKqixzh/rpHaXfPi7FhQ2MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzJjZDc1MzZkLTllMTAtNGQ0OS1iNmNhLTA0MWNjOWE1OTE0ZS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8yY2Q3NTM2 ZC05ZTEwLTRkNDktYjZjYS0wNDFjYzlhNTkxNGUvMC9EMjBDMUUwREQwMkFBOEIx Q0UxRkVCQTQ3Njk3N0NGOEJCMTYxNDM2Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAM AwQFPP1gAwQEyjPgMA0GCSqGSIb3DQEBCwUAA4IBAQCa/osZNNQVvdzHTUKlVSWF LYvXIt7zTidjslLJEzfBZJ+fKScwMJTzSrGQzukTBgDRyX1XVT0N0JkWJGvY43Ny a0IGnBBaxH65ZTHCRpAs/nHdAKbZ+FfKFjQuHOPI59Z2Wg79RSe/5Tzo0LXvGgie /00Zm4jIHAezDTbrAcndITw+WQ9mAy+IKMzIU8iRj1Bo9UGwBxUTIgEs+O569jLt zy0QVcqVjJXky7USTeEw4MlZ2sIFENOmqmw7LjlOlr0su3pWza854uuR+uHPrGmZ vJ5R7tgPFsToDyeyz2ZWix5mCQbqqKzqW0Y6ibd6neQ3o+uBinntSMYXW4a7ngRM -----END CERTIFICATE-----Generated at Tue May 12 22:15:56 2026 by rpki-client