$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A.cer File: D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A.cer (raw, json) Hash identifier: SO/rT/w2w4nGVKa5nJ/0Ja4x/bJjY3gCw0INbQyWuVI= Subject key identifier: D8:5D:DC:BE:5B:D7:5A:50:DB:0F:9F:99:16:12:3B:E9:7C:C8:E0:1A Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 568BBE6E4B463F467507418DA0052E5BAD1D1BE6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/9eab0a01-8ee4-4825-840d-112daef0aca8/0/D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A.mft caRepository: rsync://rpki-rsync.idnic.net/repo/9eab0a01-8ee4-4825-840d-112daef0aca8/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:26:11 +0000 Certificate not after: Sun 02 May 2027 01:31:11 +0000 Subordinate resources: IP: 103.174.14.0/23 IP: 2001:df0:a40::/48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:8b:be:6e:4b:46:3f:46:75:07:41:8d:a0:05:2e:5b:ad:1d:1b:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:26:11 2026 GMT Not After : May 2 01:31:11 2027 GMT Subject: CN=D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:36:b3:43:c4:13:ac:5c:92:47:7d:6d:cc:a4: 33:93:ee:c1:ee:71:e5:72:56:81:82:58:6d:9c:2a: 8c:34:a7:a6:55:ae:0d:72:0c:8c:14:99:2e:7f:1c: 3a:4a:03:37:73:5f:99:c3:c0:57:bf:56:54:1e:9d: 2c:01:27:b7:4c:ed:46:4e:a1:f5:2d:e2:9c:2a:ff: 7e:88:4a:3e:f6:37:d9:45:e5:c9:89:56:8f:93:8b: 8f:41:55:5a:2a:ac:2d:9d:86:5e:2e:1c:e8:99:13: 57:5f:7d:f3:e5:c0:82:c7:ec:63:c2:2a:12:27:a8: 16:57:de:7c:12:d8:6f:d4:89:51:90:e3:d9:18:f4: 63:53:cc:c2:ce:bd:4e:d6:0b:f2:94:a7:37:74:05: 20:cf:44:0b:07:42:ef:e5:f5:d5:db:cd:0a:4c:ea: 1c:45:af:e7:b8:82:c5:93:32:be:dc:ae:80:54:fc: 93:87:fc:2e:51:41:e1:61:ef:69:6a:b3:2c:20:1b: cb:d0:99:7b:fc:c3:4f:e0:61:b0:93:98:bb:04:1b: 2f:b9:17:33:12:75:7d:69:f6:fb:a7:39:be:a7:ec: 03:19:2a:6d:47:7b:39:0b:54:38:ae:49:38:a8:01: 11:7b:2c:2d:05:01:c4:73:16:7a:01:c4:3d:07:a8: 7e:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D8:5D:DC:BE:5B:D7:5A:50:DB:0F:9F:99:16:12:3B:E9:7C:C8:E0:1A X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/9eab0a01-8ee4-4825-840d-112daef0aca8/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/9eab0a01-8ee4-4825-840d-112daef0aca8/0/D85DDCBE5BD75A50DB0F9F9916123BE97CC8E01A.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.174.14.0/23 IPv6: 2001:df0:a40::/48 Signature Algorithm: sha256WithRSAEncryption 07:0a:10:63:6c:0e:30:73:49:d1:a3:bd:80:ae:be:c0:a7:60: 78:cf:8a:7e:e6:cb:de:33:d0:7e:ca:bb:28:1e:0c:18:c1:00: d0:57:1c:56:20:1f:0f:5e:49:2f:0a:83:2c:cf:2a:a2:2f:db: 86:10:c8:98:c5:7e:83:8a:4c:64:62:55:36:71:53:aa:34:5a: ce:08:bb:a4:9d:b5:2b:9b:3b:bd:dc:37:19:33:9b:2a:73:cc: a8:01:a7:cf:b3:ff:67:21:2f:db:e9:a1:3f:cb:2a:44:b7:e5: 28:c0:d8:64:8a:29:9e:55:76:1f:60:7f:04:4d:31:bc:19:83: f1:e0:86:0d:46:80:52:65:1a:57:fb:4c:42:a7:23:d4:d4:57: a2:b6:12:8d:5c:76:36:5c:c2:64:f9:4a:bd:31:21:dd:12:38: 12:4a:4e:12:d8:b0:44:e4:70:df:00:26:53:b7:fa:7c:d6:dd: 65:15:32:35:ff:15:67:d9:30:16:f2:d3:45:64:7c:4e:30:0a: 70:b3:1e:2b:c0:9c:e5:98:2e:4e:76:de:50:72:95:3a:80:91: be:54:f7:0a:fc:ab:e4:83:81:3b:f2:27:11:ea:f6:ef:83:90: 71:cd:4a:f7:ec:9d:0e:36:ea:66:a7:46:62:72:76:f4:53:a9: 06:9e:b3:67 -----BEGIN CERTIFICATE----- MIIF1zCCBL+gAwIBAgIUVou+bktGP0Z1B0GNoAUuW60dG+YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMjYxMVoX DTI3MDUwMjAxMzExMVowMzExMC8GA1UEAxMoRDg1RERDQkU1QkQ3NUE1MERCMEY5 Rjk5MTYxMjNCRTk3Q0M4RTAxQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM42s0PEE6xckkd9bcykM5Puwe5x5XJWgYJYbZwqjDSnplWuDXIMjBSZLn8c OkoDN3NfmcPAV79WVB6dLAEnt0ztRk6h9S3inCr/fohKPvY32UXlyYlWj5OLj0FV WiqsLZ2GXi4c6JkTV1998+XAgsfsY8IqEieoFlfefBLYb9SJUZDj2Rj0Y1PMws69 TtYL8pSnN3QFIM9ECwdC7+X11dvNCkzqHEWv57iCxZMyvtyugFT8k4f8LlFB4WHv aWqzLCAby9CZe/zDT+BhsJOYuwQbL7kXMxJ1fWn2+6c5vqfsAxkqbUd7OQtUOK5J OKgBEXssLQUBxHMWegHEPQeofmUCAwEAAaOCAsowggLGMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNhd3L5b11pQ2w+fmRYSO+l8yOAaMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzllYWIwYTAxLThlZTQtNDgyNS04NDBkLTExMmRhZWYwYWNhOC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby85ZWFiMGEw MS04ZWU0LTQ4MjUtODQwZC0xMTJkYWVmMGFjYTgvMC9EODVERENCRTVCRDc1QTUw REIwRjlGOTkxNjEyM0JFOTdDQzhFMDFBLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAG AwQBZ64OMA8EAgACMAkDBwAgAQ3wCkAwDQYJKoZIhvcNAQELBQADggEBAAcKEGNs DjBzSdGjvYCuvsCnYHjPin7my94z0H7KuygeDBjBANBXHFYgHw9eSS8KgyzPKqIv 24YQyJjFfoOKTGRiVTZxU6o0Ws4Iu6SdtSubO73cNxkzmypzzKgBp8+z/2chL9vp oT/LKkS35SjA2GSKKZ5Vdh9gfwRNMbwZg/Hghg1GgFJlGlf7TEKnI9TUV6K2Eo1c djZcwmT5Sr0xId0SOBJKThLYsETkcN8AJlO3+nzW3WUVMjX/FWfZMBby00VkfE4w CnCzHivAnOWYLk523lBylTqAkb5U9wr8q+SDgTvyJxHq9u+DkHHNSvfsnQ426man RmJydvRTqQaes2c= -----END CERTIFICATE-----Generated at Tue May 12 22:45:38 2026 by rpki-client