$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/D85622299CA02E9652CA0DB7304F71B950BF346D.cer File: D85622299CA02E9652CA0DB7304F71B950BF346D.cer (raw, json) Hash identifier: J5VEGu3fH4ciapWn98cO7mVfUTlU1BH2sy8Z90ZiLUc= Subject key identifier: D8:56:22:29:9C:A0:2E:96:52:CA:0D:B7:30:4F:71:B9:50:BF:34:6D Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 3D8A147E54DDAD9A47ABCCE205FACD509DABBAAB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/8475338d-7acb-4aa7-bedc-d6459fd13504/1/D85622299CA02E9652CA0DB7304F71B950BF346D.mft caRepository: rsync://rpki-rsync.idnic.net/repo/8475338d-7acb-4aa7-bedc-d6459fd13504/1/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:09:01 +0000 Certificate not after: Sun 02 May 2027 01:14:01 +0000 Subordinate resources: IP: 2401:a5e0::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:8a:14:7e:54:dd:ad:9a:47:ab:cc:e2:05:fa:cd:50:9d:ab:ba:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:09:01 2026 GMT Not After : May 2 01:14:01 2027 GMT Subject: CN=D85622299CA02E9652CA0DB7304F71B950BF346D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:73:65:5c:37:89:39:d1:95:ff:7c:ef:a6:4a: 8d:d1:9c:35:a4:6b:57:58:0d:a8:69:99:8e:5f:79: 86:da:a4:42:8f:db:00:fa:47:4d:5d:2f:af:06:2c: 0a:ab:1a:16:aa:91:7f:83:d3:36:2e:e1:fd:14:f2: e7:41:78:47:da:1d:29:a8:5f:a3:3b:b0:c5:a8:20: 4a:d7:a5:bd:27:b2:bd:f9:8a:2a:5a:14:79:c3:68: 44:c6:a1:9b:b2:86:cb:a7:5e:2f:01:c7:2d:44:3e: a3:27:b0:da:f9:8d:a8:71:9b:c2:44:b1:a0:2b:c1: 1a:16:67:5b:f1:5f:56:0e:bc:50:28:32:f8:20:40: bd:96:46:94:2b:4f:6b:f3:43:74:08:58:bc:fc:f2: 62:9b:f8:44:fe:36:db:9f:bb:68:ac:83:24:4c:20: 78:8f:78:e6:a7:0e:cf:9e:7e:06:56:93:82:cc:7c: 31:26:55:93:a7:7b:c9:c6:61:e2:98:71:dd:f0:c1: 0e:52:1c:50:24:a5:40:08:b6:4a:51:9d:c2:93:9e: 45:b1:81:98:6d:0a:f3:49:8a:84:7b:32:bd:66:6a: 7d:49:45:ef:16:d6:4f:c7:e3:fa:dc:d2:8b:2b:6c: 89:59:c7:d9:0c:32:4e:4e:06:87:e6:38:68:69:7c: fa:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D8:56:22:29:9C:A0:2E:96:52:CA:0D:B7:30:4F:71:B9:50:BF:34:6D X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/8475338d-7acb-4aa7-bedc-d6459fd13504/1/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/8475338d-7acb-4aa7-bedc-d6459fd13504/1/D85622299CA02E9652CA0DB7304F71B950BF346D.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2401:a5e0::/32 Signature Algorithm: sha256WithRSAEncryption 6e:3c:95:4c:05:f0:15:e9:29:24:a4:d8:0b:44:04:1d:2b:97: a3:e5:77:3b:d2:38:87:e0:4e:70:f6:7d:fd:05:f2:86:5b:37: df:16:0a:09:66:40:4b:eb:af:c6:24:57:6d:c2:5c:d1:08:85: e6:3d:70:6e:38:c8:d5:f1:c2:1f:7c:b5:e0:ce:50:ea:0e:ba: 22:a7:b9:51:d5:93:e5:42:d7:82:aa:bc:34:d0:c8:8d:c9:b5: 02:73:0e:47:0d:1f:6d:ed:01:4f:8c:99:68:f1:c9:20:d0:77: ba:c1:b1:e3:4f:34:15:fb:1c:c5:dc:b3:05:be:35:26:9a:bd: ae:ff:c6:04:b0:b8:16:97:15:06:07:98:96:dd:fa:93:d0:7a: fb:8e:d5:bf:1d:f7:2e:4e:b5:f4:d6:8f:58:1c:5f:f6:b7:d3: c4:e6:94:09:d2:03:43:8d:a8:a5:5e:2e:45:5b:91:1c:8b:8d: cd:30:56:b9:2e:a3:e3:8e:d8:0c:59:88:c1:0f:27:e1:63:da: cc:fd:79:a3:39:c0:13:d7:cc:3e:44:5b:35:2d:eb:89:5e:58: 0c:ef:49:ee:f5:83:8a:23:32:18:92:fb:fd:87:02:be:24:9e: 0d:b0:d9:7d:16:28:6f:72:dd:98:f4:95:4c:84:8f:57:6e:b3: 25:d3:56:a6 -----BEGIN CERTIFICATE----- MIIFxzCCBK+gAwIBAgIUPYoUflTdrZpHq8ziBfrNUJ2ruqswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMDkwMVoX DTI3MDUwMjAxMTQwMVowMzExMC8GA1UEAxMoRDg1NjIyMjk5Q0EwMkU5NjUyQ0Ew REI3MzA0RjcxQjk1MEJGMzQ2RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFzZVw3iTnRlf9876ZKjdGcNaRrV1gNqGmZjl95htqkQo/bAPpHTV0vrwYs CqsaFqqRf4PTNi7h/RTy50F4R9odKahfozuwxaggStelvSeyvfmKKloUecNoRMah m7KGy6deLwHHLUQ+oyew2vmNqHGbwkSxoCvBGhZnW/FfVg68UCgy+CBAvZZGlCtP a/NDdAhYvPzyYpv4RP4225+7aKyDJEwgeI945qcOz55+BlaTgsx8MSZVk6d7ycZh 4phx3fDBDlIcUCSlQAi2SlGdwpOeRbGBmG0K80mKhHsyvWZqfUlF7xbWT8fj+tzS iytsiVnH2QwyTk4Gh+Y4aGl8+i8CAwEAAaOCArowggK2MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNhWIimcoC6WUsoNtzBPcblQvzRtMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv Lzg0NzUzMzhkLTdhY2ItNGFhNy1iZWRjLWQ2NDU5ZmQxMzUwNC8xLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby84NDc1MzM4 ZC03YWNiLTRhYTctYmVkYy1kNjQ1OWZkMTM1MDQvMS9EODU2MjIyOTlDQTAyRTk2 NTJDQTBEQjczMDRGNzFCOTUwQkYzNDZELm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH AwUAJAGl4DANBgkqhkiG9w0BAQsFAAOCAQEAbjyVTAXwFekpJKTYC0QEHSuXo+V3 O9I4h+BOcPZ9/QXyhls33xYKCWZAS+uvxiRXbcJc0QiF5j1wbjjI1fHCH3y14M5Q 6g66Iqe5UdWT5ULXgqq8NNDIjcm1AnMORw0fbe0BT4yZaPHJINB3usGx4080Ffsc xdyzBb41Jpq9rv/GBLC4FpcVBgeYlt36k9B6+47Vvx33Lk619NaPWBxf9rfTxOaU CdIDQ42opV4uRVuRHIuNzTBWuS6j447YDFmIwQ8n4WPazP15oznAE9fMPkRbNS3r iV5YDO9J7vWDiiMyGJL7/YcCviSeDbDZfRYob3LdmPSVTISPV26zJdNWpg== -----END CERTIFICATE-----Generated at Tue May 12 22:04:12 2026 by rpki-client