$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.cer File: D67DDCB46CF40B52641F71BF7756DFA29F4159A2.cer (raw, json) Hash identifier: SkDSFFohL5E8/bSMFZCMqJOP05tOy4pm/qvD52Z7W80= Subject key identifier: D6:7D:DC:B4:6C:F4:0B:52:64:1F:71:BF:77:56:DF:A2:9F:41:59:A2 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 7B30FE4DBBD565F688731D5C1F23A8383D526C43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft caRepository: rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:46:02 +0000 Certificate not after: Sun 02 May 2027 02:51:02 +0000 Subordinate resources: IP: 203.153.96.0 -- 203.153.119.255 IP: 222.165.192.0/18 IP: 2404:f600::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:30:fe:4d:bb:d5:65:f6:88:73:1d:5c:1f:23:a8:38:3d:52:6c:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 02:46:02 2026 GMT Not After : May 2 02:51:02 2027 GMT Subject: CN=D67DDCB46CF40B52641F71BF7756DFA29F4159A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:4d:f8:4a:71:0c:10:25:3f:7c:15:e8:91:7f: a7:fd:e0:b7:06:84:aa:24:f1:eb:1b:da:15:b7:38: d2:1f:99:0e:16:41:0f:2d:eb:f2:62:63:10:de:8c: 80:66:e9:ea:10:6a:c2:3f:36:69:ed:7a:03:4d:32: 60:94:59:41:37:7d:ab:9a:80:6f:09:f0:b7:e9:28: 25:d8:54:1e:fe:1c:82:ec:a7:1f:41:2f:9d:5d:66: 0e:f5:2e:a1:c6:01:9e:cf:4e:29:ef:03:cb:c4:6a: bc:0b:eb:b7:02:1b:8e:5d:d8:1e:a1:6f:0c:43:f6: e1:76:63:0b:fb:17:8e:cf:60:c3:cf:a2:20:19:89: 6b:8a:7e:61:46:c6:b0:0d:fa:91:56:a2:fc:b3:b2: ed:1a:4c:0d:a5:20:31:6c:3b:80:15:c4:18:16:b4: c0:8c:2b:bd:e6:bc:ca:88:88:0a:03:77:2c:02:28: a4:3e:b8:f4:85:74:82:33:01:4a:57:98:44:5e:0f: 7e:a2:dc:b6:0c:84:32:4a:fe:49:28:a7:31:4e:04: ee:d8:d6:f2:69:9a:ed:ed:bc:1f:2d:3c:7b:00:aa: ee:64:54:29:c8:7f:97:6d:9b:74:e7:ac:d0:20:c4: da:03:e3:16:5c:ad:82:8d:bf:6f:58:23:52:5d:08: fb:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D6:7D:DC:B4:6C:F4:0B:52:64:1F:71:BF:77:56:DF:A2:9F:41:59:A2 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/fc7e8081-63af-49e7-9646-76c25a5e97ca/0/D67DDCB46CF40B52641F71BF7756DFA29F4159A2.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.153.96.0-203.153.119.255 222.165.192.0/18 IPv6: 2404:f600::/32 Signature Algorithm: sha256WithRSAEncryption 9e:4c:ba:27:27:e8:67:34:74:06:bb:6a:b9:0f:39:2f:2d:cf: 4c:3d:fb:50:66:65:84:18:45:c9:a0:4d:42:1d:b2:f3:05:2b: 25:a7:0b:8b:cf:55:45:eb:c1:b5:86:b6:e6:f9:75:b8:54:e0: cf:aa:eb:39:e4:f5:1b:2a:79:bd:6d:aa:83:99:da:13:fb:a1: 21:e7:2d:b1:29:78:84:d1:2e:9e:d7:a9:3c:75:55:0f:d7:85: 0d:d6:77:44:5f:e0:b5:a4:49:69:b3:a5:35:29:73:a8:d6:ed: 33:78:58:d0:13:68:e4:12:7f:10:88:eb:bd:24:3d:ef:d8:9c: 1d:74:bf:ad:4f:97:8d:4d:6f:92:ec:91:cf:cc:ca:b6:11:05: 28:2e:8a:b9:93:d5:a5:d7:2b:e4:a8:66:42:7f:6b:c1:f2:3a: a5:42:c6:e8:c7:0a:76:71:12:8c:e9:0e:b6:38:e7:49:f6:b9: ce:4f:62:56:77:a6:9c:09:4b:4d:c3:6f:94:e0:76:56:fc:71: bc:02:8a:fd:2a:cd:4e:ae:1b:d4:ad:99:d9:73:b7:0c:fb:b3: 3b:02:3c:05:54:39:74:73:d9:2c:92:7e:48:57:c5:29:f1:08: 8e:18:b6:a6:b3:79:67:f0:1e:37:dd:8a:99:b2:62:44:ad:32: 04:01:56:e2 -----BEGIN CERTIFICATE----- MIIF4zCCBMugAwIBAgIUezD+TbvVZfaIcx1cHyOoOD1SbEMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAyNDYwMloX DTI3MDUwMjAyNTEwMlowMzExMC8GA1UEAxMoRDY3RERDQjQ2Q0Y0MEI1MjY0MUY3 MUJGNzc1NkRGQTI5RjQxNTlBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALdN+EpxDBAlP3wV6JF/p/3gtwaEqiTx6xvaFbc40h+ZDhZBDy3r8mJjEN6M gGbp6hBqwj82ae16A00yYJRZQTd9q5qAbwnwt+koJdhUHv4cguynH0EvnV1mDvUu ocYBns9OKe8Dy8RqvAvrtwIbjl3YHqFvDEP24XZjC/sXjs9gw8+iIBmJa4p+YUbG sA36kVai/LOy7RpMDaUgMWw7gBXEGBa0wIwrvea8yoiICgN3LAIopD649IV0gjMB SleYRF4PfqLctgyEMkr+SSinMU4E7tjW8mma7e28Hy08ewCq7mRUKch/l22bdOes 0CDE2gPjFlytgo2/b1gjUl0I+20CAwEAAaOCAtYwggLSMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNZ93LRs9AtSZB9xv3dW36KfQVmiMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2ZjN2U4MDgxLTYzYWYtNDllNy05NjQ2LTc2YzI1YTVlOTdjYS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9mYzdlODA4 MS02M2FmLTQ5ZTctOTY0Ni03NmMyNWE1ZTk3Y2EvMC9ENjdERENCNDZDRjQwQjUy NjQxRjcxQkY3NzU2REZBMjlGNDE1OUEyLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAU MAwDBAXLmWADBAPLmXADBAbepcAwDQQCAAIwBwMFACQE9gAwDQYJKoZIhvcNAQEL BQADggEBAJ5Muicn6Gc0dAa7arkPOS8tz0w9+1BmZYQYRcmgTUIdsvMFKyWnC4vP VUXrwbWGtub5dbhU4M+q6znk9Rsqeb1tqoOZ2hP7oSHnLbEpeITRLp7XqTx1VQ/X hQ3Wd0Rf4LWkSWmzpTUpc6jW7TN4WNATaOQSfxCI670kPe/YnB10v61Pl41Nb5Ls kc/MyrYRBSguirmT1aXXK+SoZkJ/a8HyOqVCxujHCnZxEozpDrY450n2uc5PYlZ3 ppwJS03Db5Tgdlb8cbwCiv0qzU6uG9Stmdlztwz7szsCPAVUOXRz2SySfkhXxSnx CI4YtqazeWfwHjfdipmyYkStMgQBVuI= -----END CERTIFICATE-----Generated at Tue May 12 22:46:03 2026 by rpki-client