$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/D3D1A4AA48525A5C83525EAA537E49FE2AF4DFFA.cer File: D3D1A4AA48525A5C83525EAA537E49FE2AF4DFFA.cer (raw, json) Hash identifier: NZHR/0MRwJpXNHbgAR0J8Z+SMDxO3r1WTw4IRmpie/w= Subject key identifier: D3:D1:A4:AA:48:52:5A:5C:83:52:5E:AA:53:7E:49:FE:2A:F4:DF:FA Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 2DECA4BEA279A98BD3C1185C99496E57469626E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/f1cb2e8e-a1a2-4ca0-80b0-225518ffae14/0/D3D1A4AA48525A5C83525EAA537E49FE2AF4DFFA.mft caRepository: rsync://rpki-rsync.idnic.net/repo/f1cb2e8e-a1a2-4ca0-80b0-225518ffae14/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:30:53 +0000 Certificate not after: Sun 02 May 2027 02:35:53 +0000 Subordinate resources: IP: 103.169.136.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:ec:a4:be:a2:79:a9:8b:d3:c1:18:5c:99:49:6e:57:46:96:26:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 02:30:53 2026 GMT Not After : May 2 02:35:53 2027 GMT Subject: CN=D3D1A4AA48525A5C83525EAA537E49FE2AF4DFFA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:61:ca:19:f1:90:b8:e9:18:a6:68:02:3f:d1: 44:1d:b0:6b:d5:e1:ab:8e:22:70:27:9a:4a:83:89: 5e:71:3e:91:93:57:f9:d9:13:9a:6f:56:15:e8:08: 2a:ee:65:6f:94:a2:4d:19:c5:dd:ab:ea:60:13:70: 1f:10:3c:6b:9e:9d:ed:1d:7f:64:86:c6:71:c2:de: 65:7d:db:9f:b4:af:67:fe:05:b6:29:5e:7f:42:3c: a4:f2:09:64:05:46:1e:3b:d6:23:26:06:89:a3:f1: c6:b4:df:17:a6:07:2f:06:90:8c:58:41:e6:9a:e3: 1f:de:63:a5:de:ff:03:03:2c:dd:76:aa:0d:6f:ad: 7c:2c:3b:e6:59:b0:dd:26:4b:4f:6c:28:5b:b7:e8: fe:b1:84:66:e2:12:b2:01:a0:c3:0a:06:27:88:83: bb:c9:e0:dc:ce:ce:4c:1b:51:35:f1:28:eb:78:2e: e8:db:c2:33:6a:ef:b9:03:b0:90:ed:75:df:f4:55: 13:de:e0:2b:08:da:92:cb:f9:eb:cc:7e:d8:77:7c: 98:a8:f5:2a:63:d6:39:21:a4:02:8e:da:ca:51:56: e4:03:6c:5e:f8:df:f6:a0:af:a8:3e:b9:4f:17:94: 62:27:fe:57:8f:9a:d5:e8:58:1e:62:ba:2d:6b:4b: 34:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D3:D1:A4:AA:48:52:5A:5C:83:52:5E:AA:53:7E:49:FE:2A:F4:DF:FA X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/f1cb2e8e-a1a2-4ca0-80b0-225518ffae14/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/f1cb2e8e-a1a2-4ca0-80b0-225518ffae14/0/D3D1A4AA48525A5C83525EAA537E49FE2AF4DFFA.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.169.136.0/23 Signature Algorithm: sha256WithRSAEncryption 16:17:1e:b2:1f:29:14:95:4b:30:82:a0:a6:dd:2d:67:7e:2e: a4:e3:d2:48:0c:2b:3a:4d:5a:31:5d:79:cd:ab:dd:8b:92:dc: 6e:63:d1:e0:09:e1:67:9b:71:98:ed:35:35:64:1c:e4:fa:f1: 25:53:18:c6:a8:e8:49:5a:56:58:ce:9b:ee:ed:c7:74:f3:c3: 07:90:43:f7:9a:d3:be:a7:67:55:48:68:c2:a2:fc:6a:8e:39: b1:42:4e:6f:30:14:b1:cf:0b:d0:ca:5a:83:19:d8:e9:1c:f4: 25:4e:44:3c:14:6b:95:50:bb:a1:f3:b2:b3:39:1e:1f:dd:4a: ad:ea:53:8d:67:25:7d:93:34:3d:67:04:ae:e8:2d:60:c5:94: 77:1e:72:4c:80:5d:b9:17:71:ae:9c:08:ea:a5:98:da:a5:c2: 3d:8f:80:27:5c:df:bd:45:ec:8a:d1:3f:8e:df:8e:5b:98:88: 6c:c0:fc:02:26:3e:ba:8d:06:e0:63:6f:07:35:07:f7:29:44: a6:a6:26:1b:29:c3:4b:6c:51:ac:15:b2:28:23:d6:db:87:97: 12:ed:57:e8:7e:d3:f0:d5:80:dc:dc:30:be:e1:13:ae:ab:f2: 08:77:8d:68:c7:2a:6f:3b:f1:76:b2:61:e0:95:c3:6d:ab:a7: 93:16:2f:fe -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIULeykvqJ5qYvTwRhcmUluV0aWJugwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAyMzA1M1oX DTI3MDUwMjAyMzU1M1owMzExMC8GA1UEAxMoRDNEMUE0QUE0ODUyNUE1QzgzNTI1 RUFBNTM3RTQ5RkUyQUY0REZGQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOdhyhnxkLjpGKZoAj/RRB2wa9Xhq44icCeaSoOJXnE+kZNX+dkTmm9WFegI Ku5lb5SiTRnF3avqYBNwHxA8a56d7R1/ZIbGccLeZX3bn7SvZ/4Ftilef0I8pPIJ ZAVGHjvWIyYGiaPxxrTfF6YHLwaQjFhB5prjH95jpd7/AwMs3XaqDW+tfCw75lmw 3SZLT2woW7fo/rGEZuISsgGgwwoGJ4iDu8ng3M7OTBtRNfEo63gu6NvCM2rvuQOw kO113/RVE97gKwjaksv568x+2Hd8mKj1KmPWOSGkAo7aylFW5ANsXvjf9qCvqD65 TxeUYif+V4+a1ehYHmK6LWtLNGsCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNPRpKpIUlpcg1JeqlN+Sf4q9N/6MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2YxY2IyZThlLWExYTItNGNhMC04MGIwLTIyNTUxOGZmYWUxNC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9mMWNiMmU4 ZS1hMWEyLTRjYTAtODBiMC0yMjU1MThmZmFlMTQvMC9EM0QxQTRBQTQ4NTI1QTVD ODM1MjVFQUE1MzdFNDlGRTJBRjRERkZBLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6mIMA0GCSqGSIb3DQEBCwUAA4IBAQAWFx6yHykUlUswgqCm3S1nfi6k49JI DCs6TVoxXXnNq92LktxuY9HgCeFnm3GY7TU1ZBzk+vElUxjGqOhJWlZYzpvu7cd0 88MHkEP3mtO+p2dVSGjCovxqjjmxQk5vMBSxzwvQylqDGdjpHPQlTkQ8FGuVULuh 87KzOR4f3Uqt6lONZyV9kzQ9ZwSu6C1gxZR3HnJMgF25F3GunAjqpZjapcI9j4An XN+9ReyK0T+O345bmIhswPwCJj66jQbgY28HNQf3KUSmpiYbKcNLbFGsFbIoI9bb h5cS7VfoftPw1YDc3DC+4ROuq/IId41oxypvO/F2smHglcNtq6eTFi/+ -----END CERTIFICATE-----Generated at Tue May 12 22:03:21 2026 by rpki-client