$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/DD34ACE6274D2C13A1B423EC1A9CD75EEDF18D24.cer File: DD34ACE6274D2C13A1B423EC1A9CD75EEDF18D24.cer (raw, json) Hash identifier: +lJKXr0I1AAxJREhfQbPDFg686G/E3Zmgsh4fz9hDxc= Subject key identifier: DD:34:AC:E6:27:4D:2C:13:A1:B4:23:EC:1A:9C:D7:5E:ED:F1:8D:24 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 097A95477482ABD62604006E6B7AE984C98B951A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/afcaf27d-64e9-474b-a73b-35adbe9b2f01/0/DD34ACE6274D2C13A1B423EC1A9CD75EEDF18D24.mft caRepository: rsync://rpki-rsync.idnic.net/repo/afcaf27d-64e9-474b-a73b-35adbe9b2f01/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:37:49 +0000 Certificate not after: Sun 02 May 2027 01:42:49 +0000 Subordinate resources: IP: 103.166.104.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:7a:95:47:74:82:ab:d6:26:04:00:6e:6b:7a:e9:84:c9:8b:95:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:37:49 2026 GMT Not After : May 2 01:42:49 2027 GMT Subject: CN=DD34ACE6274D2C13A1B423EC1A9CD75EEDF18D24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:95:09:c8:b0:1d:25:23:9f:28:e2:91:b7:a9: 78:de:fd:e3:2d:99:ef:c7:e7:40:d3:5a:0f:f3:b7: 38:56:0c:c5:4d:71:09:b1:b5:f8:f8:0c:9a:ef:5a: 35:58:2b:d9:fb:5b:e8:c4:c5:54:e7:24:aa:69:79: b2:b5:d3:bf:a1:b2:2f:7b:3c:a8:51:01:e9:45:1f: 11:57:ab:a8:7d:7f:d6:dc:c7:a6:31:12:94:f9:d6: d4:da:d5:a2:01:ad:40:99:b8:09:ee:6c:ed:f0:b7: 6e:4a:c2:0b:a7:19:c1:b8:9b:e2:0a:d5:f3:fe:57: 9b:0f:eb:ce:77:65:49:12:49:08:59:3f:c6:c8:47: cc:12:42:f9:46:9b:b9:c8:13:28:d2:c7:b5:bd:28: 08:ca:b9:8e:40:c2:4f:cd:5a:3f:27:14:13:91:01: e5:5b:4d:78:f6:71:f0:27:90:a9:b8:97:34:21:dc: 0e:21:3f:aa:ac:40:48:c3:62:54:8d:4d:ae:2b:8f: 88:dd:dc:e2:cf:71:a2:ee:03:71:09:80:05:70:70: 2f:b7:d7:05:43:ee:e8:62:49:0e:c6:79:17:e8:94: 9a:cd:d2:e2:06:e4:74:6c:59:55:a9:0a:af:ac:85: f4:05:b3:9f:55:17:4f:a0:1e:7b:56:fc:e9:89:04: 38:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: DD:34:AC:E6:27:4D:2C:13:A1:B4:23:EC:1A:9C:D7:5E:ED:F1:8D:24 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/afcaf27d-64e9-474b-a73b-35adbe9b2f01/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/afcaf27d-64e9-474b-a73b-35adbe9b2f01/0/DD34ACE6274D2C13A1B423EC1A9CD75EEDF18D24.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.166.104.0/23 Signature Algorithm: sha256WithRSAEncryption a5:c1:a9:da:33:be:e8:8d:92:b2:6e:09:56:76:98:db:cd:72: 79:fb:b6:b6:06:25:95:24:d2:a4:e8:60:82:ac:ff:0f:dc:e8: 3a:8c:ad:29:db:cf:39:c6:55:1e:8d:cc:dc:db:23:a4:40:a4: a1:24:af:e8:e8:50:93:8c:f0:e3:e9:aa:55:98:9a:97:f3:d9: da:9c:80:69:3f:bb:33:4c:34:cd:6f:68:69:98:2c:f7:52:d1: f4:f1:d6:99:4a:10:1e:e4:22:87:fa:5a:fe:5e:6e:a3:71:20: e2:15:d9:81:dc:83:a5:a7:4c:c5:dc:17:91:dc:e1:e7:7d:72: 9f:3f:5b:67:2a:b4:91:26:f9:e2:98:62:f2:77:6e:e5:25:0f: 18:2b:92:ea:7f:95:13:07:5d:d8:97:42:24:af:66:a3:27:34: 56:4d:8a:55:da:3c:bf:b3:80:cf:62:49:8a:55:84:09:52:a4: c8:02:51:06:ce:c1:55:68:ea:e8:3e:04:13:12:a6:5a:2f:06: 4b:62:c2:31:0b:e4:20:db:2b:a2:8e:f8:97:23:34:03:92:ec: ae:96:5c:97:d4:95:b2:80:e1:18:24:60:c9:81:6e:42:9e:52: ba:63:14:16:90:ac:aa:cb:fd:3c:11:7a:68:3f:d8:d3:c8:18: 4f:07:45:e9 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUCXqVR3SCq9YmBABua3rphMmLlRowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMzc0OVoX DTI3MDUwMjAxNDI0OVowMzExMC8GA1UEAxMoREQzNEFDRTYyNzREMkMxM0ExQjQy M0VDMUE5Q0Q3NUVFREYxOEQyNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJmVCciwHSUjnyjikbepeN794y2Z78fnQNNaD/O3OFYMxU1xCbG1+PgMmu9a NVgr2ftb6MTFVOckqml5srXTv6GyL3s8qFEB6UUfEVerqH1/1tzHpjESlPnW1NrV ogGtQJm4Ce5s7fC3bkrCC6cZwbib4grV8/5Xmw/rzndlSRJJCFk/xshHzBJC+Uab ucgTKNLHtb0oCMq5jkDCT81aPycUE5EB5VtNePZx8CeQqbiXNCHcDiE/qqxASMNi VI1NriuPiN3c4s9xou4DcQmABXBwL7fXBUPu6GJJDsZ5F+iUms3S4gbkdGxZVakK r6yF9AWzn1UXT6Aee1b86YkEOFUCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFN00rOYnTSwTobQj7Bqc117t8Y0kMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2FmY2FmMjdkLTY0ZTktNDc0Yi1hNzNiLTM1YWRiZTliMmYwMS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9hZmNhZjI3 ZC02NGU5LTQ3NGItYTczYi0zNWFkYmU5YjJmMDEvMC9ERDM0QUNFNjI3NEQyQzEz QTFCNDIzRUMxQTlDRDc1RUVERjE4RDI0Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBZ6ZoMA0GCSqGSIb3DQEBCwUAA4IBAQClwanaM77ojZKybglWdpjbzXJ5+7a2 BiWVJNKk6GCCrP8P3Og6jK0p2885xlUejczc2yOkQKShJK/o6FCTjPDj6apVmJqX 89nanIBpP7szTDTNb2hpmCz3UtH08daZShAe5CKH+lr+Xm6jcSDiFdmB3IOlp0zF 3BeR3OHnfXKfP1tnKrSRJvnimGLyd27lJQ8YK5Lqf5UTB13Yl0Ikr2ajJzRWTYpV 2jy/s4DPYkmKVYQJUqTIAlEGzsFVaOroPgQTEqZaLwZLYsIxC+Qg2yuijviXIzQD kuyullyX1JWygOEYJGDJgW5CnlK6YxQWkKyqy/08EXpoP9jTyBhPB0Xp -----END CERTIFICATE-----Generated at Tue May 12 22:10:11 2026 by rpki-client