$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/DD7F02C2990558E514DC3B1B7A7E2BAE031A3F5B.cer File: DD7F02C2990558E514DC3B1B7A7E2BAE031A3F5B.cer (raw, json) Hash identifier: saH+q/NyeY63qNRD5eKOvyPh+h3qyk4MnuHnHf6BpN4= Subject key identifier: DD:7F:02:C2:99:05:58:E5:14:DC:3B:1B:7A:7E:2B:AE:03:1A:3F:5B Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 321BB98782207D94B9599ADC314D6ABF48096341 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/9b3784fe-f9fe-4cbe-8768-263a76986a3a/0/DD7F02C2990558E514DC3B1B7A7E2BAE031A3F5B.mft caRepository: rsync://rpki-rsync.idnic.net/repo/9b3784fe-f9fe-4cbe-8768-263a76986a3a/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:23:39 +0000 Certificate not after: Sun 02 May 2027 01:28:39 +0000 Subordinate resources: IP: 103.121.132.0/22 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:1b:b9:87:82:20:7d:94:b9:59:9a:dc:31:4d:6a:bf:48:09:63:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:23:39 2026 GMT Not After : May 2 01:28:39 2027 GMT Subject: CN=DD7F02C2990558E514DC3B1B7A7E2BAE031A3F5B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:ff:8b:f8:be:57:07:bc:ae:cb:11:c6:57:d6: b7:35:1c:4f:8f:e7:38:1d:48:65:e5:ac:3f:69:04: 34:63:eb:0b:8e:4c:e1:22:99:80:7a:d3:77:cd:e1: a2:bd:73:cc:9d:80:67:24:39:c9:70:bd:41:1e:dd: 04:60:bb:51:bc:f4:56:da:64:b1:4a:fc:fb:4a:8d: 07:b7:c8:0c:42:79:c9:ea:74:54:00:df:04:72:18: 04:e7:22:c9:e0:84:e9:e7:b0:24:71:84:55:50:71: 0c:17:9a:63:ef:bf:8b:d5:7a:b1:2c:93:6f:cf:5d: 04:0f:3d:22:b8:fb:35:ba:00:3a:7a:58:24:82:09: a9:8c:b5:64:30:7b:19:44:b0:c8:be:9b:22:04:43: 05:39:c2:03:89:ca:f4:7d:0d:71:71:69:ca:bf:f2: a3:75:3f:9f:65:19:3e:84:f9:e5:a3:e7:87:b8:bc: da:47:21:74:f4:7a:24:23:4a:9b:1e:06:43:14:54: 0f:89:92:a8:df:4f:01:b5:3c:9b:9a:b1:d7:62:21: 23:58:0c:04:30:25:12:cb:00:05:06:44:84:82:97: 4b:d3:c5:1a:06:58:51:f4:73:f6:fe:e3:03:1e:dd: 38:ec:ec:92:18:d4:82:cd:a0:82:c0:b9:91:6b:48: a9:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: DD:7F:02:C2:99:05:58:E5:14:DC:3B:1B:7A:7E:2B:AE:03:1A:3F:5B X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/9b3784fe-f9fe-4cbe-8768-263a76986a3a/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/9b3784fe-f9fe-4cbe-8768-263a76986a3a/0/DD7F02C2990558E514DC3B1B7A7E2BAE031A3F5B.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.121.132.0/22 Signature Algorithm: sha256WithRSAEncryption 82:41:0a:a0:91:2d:36:cd:24:ce:72:c4:bd:8e:16:16:e8:16: bb:e2:1c:20:8d:89:9a:60:ca:53:86:ec:8b:84:92:db:73:52: 92:bb:7c:f7:e0:57:5a:e1:a6:83:fb:52:50:14:50:c1:f1:43: a6:9d:73:f0:53:3f:3d:51:ed:8d:f1:ea:ae:1c:94:05:3b:42: cc:49:8e:4b:97:d5:8d:47:5c:10:43:5d:e0:d8:96:f7:5c:63: e1:97:7d:50:81:89:3d:73:b3:26:ad:c6:50:f7:e9:01:0d:3a: 2a:a6:5b:5a:f5:42:8e:95:67:8e:63:a4:03:9c:4a:eb:00:d0: bf:a0:53:3b:b0:13:2b:eb:60:4e:70:00:92:ae:23:de:6c:a1: 70:06:17:d5:bf:a5:70:b7:d2:d6:dd:7b:3e:1b:32:54:ca:d1: a7:8a:f1:d1:44:08:ed:60:3a:5a:b3:05:3d:7b:69:95:63:2f: 96:21:b5:10:59:46:6f:a1:fa:b3:6b:e7:e0:f5:7d:25:f0:8e: 3c:21:c2:54:f6:82:0c:64:b4:3e:bf:7f:29:a2:de:0c:1d:17: d7:21:9b:bc:7a:0a:a5:f8:e7:d2:b7:64:c7:5a:c6:7a:db:9f: b8:dc:47:e5:07:2c:84:bb:7c:64:29:0c:d4:30:92:c8:91:7a: 0c:ac:95:ef -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUMhu5h4IgfZS5WZrcMU1qv0gJY0EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMjMzOVoX DTI3MDUwMjAxMjgzOVowMzExMC8GA1UEAxMoREQ3RjAyQzI5OTA1NThFNTE0REMz QjFCN0E3RTJCQUUwMzFBM0Y1QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKL/i/i+Vwe8rssRxlfWtzUcT4/nOB1IZeWsP2kENGPrC45M4SKZgHrTd83h or1zzJ2AZyQ5yXC9QR7dBGC7Ubz0VtpksUr8+0qNB7fIDEJ5yep0VADfBHIYBOci yeCE6eewJHGEVVBxDBeaY++/i9V6sSyTb89dBA89Irj7NboAOnpYJIIJqYy1ZDB7 GUSwyL6bIgRDBTnCA4nK9H0NcXFpyr/yo3U/n2UZPoT55aPnh7i82kchdPR6JCNK mx4GQxRUD4mSqN9PAbU8m5qx12IhI1gMBDAlEssABQZEhIKXS9PFGgZYUfRz9v7j Ax7dOOzskhjUgs2ggsC5kWtIqY8CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFN1/AsKZBVjlFNw7G3p+K64DGj9bMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzliMzc4NGZlLWY5ZmUtNGNiZS04NzY4LTI2M2E3Njk4NmEzYS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby85YjM3ODRm ZS1mOWZlLTRjYmUtODc2OC0yNjNhNzY5ODZhM2EvMC9ERDdGMDJDMjk5MDU1OEU1 MTREQzNCMUI3QTdFMkJBRTAzMUEzRjVCLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQCZ3mEMA0GCSqGSIb3DQEBCwUAA4IBAQCCQQqgkS02zSTOcsS9jhYW6Ba74hwg jYmaYMpThuyLhJLbc1KSu3z34Fda4aaD+1JQFFDB8UOmnXPwUz89Ue2N8equHJQF O0LMSY5Ll9WNR1wQQ13g2Jb3XGPhl31QgYk9c7MmrcZQ9+kBDToqplta9UKOlWeO Y6QDnErrANC/oFM7sBMr62BOcACSriPebKFwBhfVv6Vwt9LW3Xs+GzJUytGnivHR RAjtYDpaswU9e2mVYy+WIbUQWUZvofqza+fg9X0l8I48IcJU9oIMZLQ+v38pot4M HRfXIZu8egql+OfSt2THWsZ625+43EflByyEu3xkKQzUMJLIkXoMrJXv -----END CERTIFICATE-----Generated at Tue May 12 22:38:54 2026 by rpki-client