$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/DB9A40F2EADC881D0DA3EEA0057E81002994C3FC.cer File: DB9A40F2EADC881D0DA3EEA0057E81002994C3FC.cer (raw, json) Hash identifier: kPnQsAdxkU4ce4ceFdQ01TQo3Ecl/sqX7+tCvaKt2t4= Subject key identifier: DB:9A:40:F2:EA:DC:88:1D:0D:A3:EE:A0:05:7E:81:00:29:94:C3:FC Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 669F76612547FBD347B145A70534CBE3D5CFB32C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/7cf01ec6-8e89-402a-90c7-50c6f14cd242/1/DB9A40F2EADC881D0DA3EEA0057E81002994C3FC.mft caRepository: rsync://rpki-rsync.idnic.net/repo/7cf01ec6-8e89-402a-90c7-50c6f14cd242/1/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:03:07 +0000 Certificate not after: Sun 02 May 2027 01:08:07 +0000 Subordinate resources: IP: 2001:df3:d940::/48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:9f:76:61:25:47:fb:d3:47:b1:45:a7:05:34:cb:e3:d5:cf:b3:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:03:07 2026 GMT Not After : May 2 01:08:07 2027 GMT Subject: CN=DB9A40F2EADC881D0DA3EEA0057E81002994C3FC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:b6:f9:41:ad:77:e9:e7:f0:33:19:bd:03:63: 10:ae:cf:89:5d:1c:54:da:d8:78:ed:4e:15:65:2b: 97:ae:f8:a5:34:45:0a:56:bf:71:c2:13:f9:ff:d8: 76:28:ef:c3:88:0e:3c:c2:bf:44:45:66:0f:4b:62: 47:95:12:ec:18:07:fd:00:78:8b:92:5f:9f:c8:0f: cc:41:ea:c5:f0:e3:ac:85:70:60:06:9f:60:55:b0: e9:7a:ca:87:68:0d:5b:1f:37:e7:db:d4:04:8a:e7: 7e:63:e3:57:36:78:11:85:5e:fc:75:58:a3:35:c1: 6a:88:89:22:e8:3a:1f:41:3b:37:07:e9:d6:45:3a: 01:3d:3d:b1:57:5c:ed:1d:8f:04:eb:c5:c3:9e:24: 84:29:9a:e6:00:c2:d2:ca:a2:b0:40:73:25:52:e4: 8e:4f:e3:e7:ef:92:f0:1f:b8:e2:43:0a:a0:73:90: 79:7e:04:60:30:65:60:76:10:42:ef:80:6d:56:aa: 3a:a7:b6:d0:c7:2e:0a:28:4f:ac:9b:f5:0d:69:ab: 1b:53:8c:bf:6f:82:fa:c6:a3:c0:16:bc:e4:92:5d: 17:55:96:b0:2c:b6:b2:ee:46:1a:ab:f1:a7:d8:02: 84:fc:f5:d7:9d:3b:ef:c2:1e:da:0b:1b:9f:47:9e: 6c:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: DB:9A:40:F2:EA:DC:88:1D:0D:A3:EE:A0:05:7E:81:00:29:94:C3:FC X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/7cf01ec6-8e89-402a-90c7-50c6f14cd242/1/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/7cf01ec6-8e89-402a-90c7-50c6f14cd242/1/DB9A40F2EADC881D0DA3EEA0057E81002994C3FC.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:d940::/48 Signature Algorithm: sha256WithRSAEncryption 9d:2e:17:63:1d:b9:6f:45:bc:bb:1f:aa:a1:1f:a8:ca:45:cc: b0:37:46:e1:5a:eb:a2:55:fb:43:45:b4:7f:5c:fa:a8:d3:8d: 15:57:61:b1:3d:37:63:5a:94:be:6c:97:1f:07:84:e7:fc:7a: 06:10:60:1e:04:a7:83:16:90:73:5d:1d:9b:b4:57:e1:cb:ee: 28:37:38:0d:3f:bf:6a:a3:d9:29:78:84:3f:6a:08:b6:35:e7: 2a:f2:02:3c:3d:fb:c1:5a:ee:93:ee:02:a1:a0:ea:3b:27:7b: 8a:13:07:b2:a7:ca:42:d6:17:95:8f:d1:94:4c:84:a5:de:90: c9:53:78:8f:51:0e:5d:8a:de:26:00:ba:0b:83:40:93:40:63: 55:47:15:a9:53:a7:35:f9:e2:bd:18:19:5b:7a:9c:10:d9:b1: 28:20:df:4f:21:4a:19:85:68:7b:e9:e2:d7:e3:85:eb:46:64: f9:16:98:c4:59:47:2e:23:77:58:31:46:3a:b5:6a:ea:7d:81: 8f:4c:ea:42:82:eb:e0:74:f2:0f:be:19:64:eb:96:d2:f7:96: d5:f4:ee:ec:39:ff:0c:13:84:e6:e0:4d:f6:4e:48:d5:86:5c: 8a:e4:74:62:76:da:b4:63:f0:d2:64:7e:f4:2c:ad:fb:f2:18: 19:02:09:f2 -----BEGIN CERTIFICATE----- MIIFyTCCBLGgAwIBAgIUZp92YSVH+9NHsUWnBTTL49XPsywwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMDMwN1oX DTI3MDUwMjAxMDgwN1owMzExMC8GA1UEAxMoREI5QTQwRjJFQURDODgxRDBEQTNF RUEwMDU3RTgxMDAyOTk0QzNGQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIq2+UGtd+nn8DMZvQNjEK7PiV0cVNrYeO1OFWUrl674pTRFCla/ccIT+f/Y dijvw4gOPMK/REVmD0tiR5US7BgH/QB4i5Jfn8gPzEHqxfDjrIVwYAafYFWw6XrK h2gNWx8359vUBIrnfmPjVzZ4EYVe/HVYozXBaoiJIug6H0E7Nwfp1kU6AT09sVdc 7R2PBOvFw54khCma5gDC0sqisEBzJVLkjk/j5++S8B+44kMKoHOQeX4EYDBlYHYQ Qu+AbVaqOqe20McuCihPrJv1DWmrG1OMv2+C+sajwBa85JJdF1WWsCy2su5GGqvx p9gChPz1150778Ie2gsbn0eebDkCAwEAAaOCArwwggK4MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNuaQPLq3IgdDaPuoAV+gQAplMP8MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzdjZjAxZWM2LThlODktNDAyYS05MGM3LTUwYzZmMTRjZDI0Mi8xLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby83Y2YwMWVj Ni04ZTg5LTQwMmEtOTBjNy01MGM2ZjE0Y2QyNDIvMS9EQjlBNDBGMkVBREM4ODFE MERBM0VFQTAwNTdFODEwMDI5OTRDM0ZDLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAIAEN89lAMA0GCSqGSIb3DQEBCwUAA4IBAQCdLhdjHblvRby7H6qhH6jKRcyw N0bhWuuiVftDRbR/XPqo040VV2GxPTdjWpS+bJcfB4Tn/HoGEGAeBKeDFpBzXR2b tFfhy+4oNzgNP79qo9kpeIQ/agi2Necq8gI8PfvBWu6T7gKhoOo7J3uKEweyp8pC 1heVj9GUTISl3pDJU3iPUQ5dit4mALoLg0CTQGNVRxWpU6c1+eK9GBlbepwQ2bEo IN9PIUoZhWh76eLX44XrRmT5FpjEWUcuI3dYMUY6tWrqfYGPTOpCguvgdPIPvhlk 65bS95bV9O7sOf8ME4Tm4E32TkjVhlyK5HRidtq0Y/DSZH70LK378hgZAgny -----END CERTIFICATE-----Generated at Tue May 12 22:39:16 2026 by rpki-client