$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/DDAF8D6528C42D5B4531ACE77D6A1CBE1F046641.cer File: DDAF8D6528C42D5B4531ACE77D6A1CBE1F046641.cer (raw, json) Hash identifier: 8f0ORYXcO6c/ZLa/wpDwvH/TR+XbqMaBlEhAyFGjhbc= Subject key identifier: DD:AF:8D:65:28:C4:2D:5B:45:31:AC:E7:7D:6A:1C:BE:1F:04:66:41 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 6000B810E249B11C1DF5E17B475E95343E09A3E4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/4f6aa31a-dd0d-4c10-b5dd-b1a83fa57763/0/DDAF8D6528C42D5B4531ACE77D6A1CBE1F046641.mft caRepository: rsync://rpki-rsync.idnic.net/repo/4f6aa31a-dd0d-4c10-b5dd-b1a83fa57763/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:31:47 +0000 Certificate not after: Sun 02 May 2027 00:36:47 +0000 Subordinate resources: IP: 103.31.109.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:00:b8:10:e2:49:b1:1c:1d:f5:e1:7b:47:5e:95:34:3e:09:a3:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:31:47 2026 GMT Not After : May 2 00:36:47 2027 GMT Subject: CN=DDAF8D6528C42D5B4531ACE77D6A1CBE1F046641 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:73:39:85:e1:6c:86:62:0e:b7:39:fe:79:29: 55:e2:bc:73:4e:df:af:b0:c1:bb:c7:26:3c:94:52: 0a:d3:42:08:d4:6d:7d:85:e4:71:54:3c:b8:77:20: 39:8b:ee:b2:29:3b:21:12:64:4b:5f:31:3c:da:cb: 02:59:af:60:53:4f:99:f0:5b:c1:50:fe:4f:db:2f: 19:c1:6b:4c:1b:85:88:68:7c:80:ff:68:53:c8:47: da:04:bf:9d:a7:2e:53:3b:84:3f:db:36:3e:02:3a: 19:2e:93:62:27:c5:2d:db:44:9f:82:36:a0:36:de: b1:b4:32:9b:77:ce:08:f2:c9:7b:94:6a:9a:8c:7c: 3e:b0:76:36:87:66:99:8f:05:87:d9:ab:d6:46:c7: 75:ea:0b:75:87:86:07:7c:72:d5:02:9a:3c:4c:d4: 04:86:b1:d8:f2:9c:33:e1:65:ae:53:3c:e8:e0:4c: a4:88:26:48:2d:2d:5a:07:b3:d1:5a:96:28:14:2a: 81:26:a0:05:66:dc:84:70:f6:75:10:6f:b4:b9:4e: 37:9f:18:bd:d7:17:5d:37:43:9d:43:be:2e:2d:99: 8c:ac:bb:ea:e9:4a:d4:f8:03:83:21:3c:1b:a9:c3: d2:c5:9e:36:cd:19:f8:dd:4d:fb:cf:63:bd:59:19: 32:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: DD:AF:8D:65:28:C4:2D:5B:45:31:AC:E7:7D:6A:1C:BE:1F:04:66:41 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/4f6aa31a-dd0d-4c10-b5dd-b1a83fa57763/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/4f6aa31a-dd0d-4c10-b5dd-b1a83fa57763/0/DDAF8D6528C42D5B4531ACE77D6A1CBE1F046641.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.31.109.0/24 Signature Algorithm: sha256WithRSAEncryption 28:20:7b:ee:cc:6e:7c:78:ab:44:d7:53:cf:07:35:b6:e4:3a: 35:b8:ec:ab:4d:13:83:fa:9e:71:4f:79:52:25:cb:10:78:e6: a9:81:2e:75:b9:b2:97:a6:75:e4:ff:c8:e7:eb:c2:00:30:ea: 4b:a6:7c:b1:7e:e0:44:26:76:4c:77:0b:dc:a7:28:7e:2d:48: 56:59:96:51:d8:95:b2:5a:16:ac:b9:98:92:f7:06:c8:d2:ff: 1c:3e:00:d3:4c:c1:8c:28:09:eb:eb:3d:0f:b0:fb:16:a9:8f: 86:ec:34:d8:1a:b7:e7:c8:41:b3:d3:01:53:b4:17:90:0d:d8: 15:de:54:48:d1:5a:fa:78:fe:3a:68:a5:66:29:48:cf:c2:15: 73:ce:11:44:b1:41:bf:7c:97:7b:0f:c1:02:66:95:02:82:32: d8:28:a6:a7:1a:14:c1:4a:b1:ef:77:b6:d0:e4:ed:78:01:8b: dc:57:15:e3:a5:2e:e3:31:49:7e:ce:9d:f5:fd:74:a0:30:71: 2c:96:a8:3c:b2:18:a3:07:4d:26:f8:5a:b4:c7:35:83:1c:05: 91:f2:b6:38:1a:1d:aa:e8:bf:17:17:10:f8:32:ce:e7:88:1c: 15:97:82:d1:73:c6:6e:3d:5d:fa:c3:c1:a5:1e:13:b0:af:95: 19:bf:d7:d0 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUYAC4EOJJsRwd9eF7R16VND4Jo+QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMzE0N1oX DTI3MDUwMjAwMzY0N1owMzExMC8GA1UEAxMoRERBRjhENjUyOEM0MkQ1QjQ1MzFB Q0U3N0Q2QTFDQkUxRjA0NjY0MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMpzOYXhbIZiDrc5/nkpVeK8c07fr7DBu8cmPJRSCtNCCNRtfYXkcVQ8uHcg OYvusik7IRJkS18xPNrLAlmvYFNPmfBbwVD+T9svGcFrTBuFiGh8gP9oU8hH2gS/ nacuUzuEP9s2PgI6GS6TYifFLdtEn4I2oDbesbQym3fOCPLJe5Rqmox8PrB2Nodm mY8Fh9mr1kbHdeoLdYeGB3xy1QKaPEzUBIax2PKcM+FlrlM86OBMpIgmSC0tWgez 0VqWKBQqgSagBWbchHD2dRBvtLlON58YvdcXXTdDnUO+Li2ZjKy76ulK1PgDgyE8 G6nD0sWeNs0Z+N1N+89jvVkZMvUCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFN2vjWUoxC1bRTGs531qHL4fBGZBMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzRmNmFhMzFhLWRkMGQtNGMxMC1iNWRkLWIxYTgzZmE1Nzc2My8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby80ZjZhYTMx YS1kZDBkLTRjMTAtYjVkZC1iMWE4M2ZhNTc3NjMvMC9EREFGOEQ2NTI4QzQyRDVC NDUzMUFDRTc3RDZBMUNCRTFGMDQ2NjQxLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAZx9tMA0GCSqGSIb3DQEBCwUAA4IBAQAoIHvuzG58eKtE11PPBzW25Do1uOyr TROD+p5xT3lSJcsQeOapgS51ubKXpnXk/8jn68IAMOpLpnyxfuBEJnZMdwvcpyh+ LUhWWZZR2JWyWhasuZiS9wbI0v8cPgDTTMGMKAnr6z0PsPsWqY+G7DTYGrfnyEGz 0wFTtBeQDdgV3lRI0Vr6eP46aKVmKUjPwhVzzhFEsUG/fJd7D8ECZpUCgjLYKKan GhTBSrHvd7bQ5O14AYvcVxXjpS7jMUl+zp31/XSgMHEslqg8shijB00m+Fq0xzWD HAWR8rY4Gh2q6L8XFxD4Ms7niBwVl4LRc8ZuPV36w8GlHhOwr5UZv9fQ -----END CERTIFICATE-----Generated at Tue May 12 22:52:33 2026 by rpki-client