$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/DDBE589E6A02B72D83086B3F5697DAB689A83BF0.cer File: DDBE589E6A02B72D83086B3F5697DAB689A83BF0.cer (raw, json) Hash identifier: evu1FbnrJa1lyFPavxJHsqDREg0e3be1Aq5RhReCA5k= Subject key identifier: DD:BE:58:9E:6A:02:B7:2D:83:08:6B:3F:56:97:DA:B6:89:A8:3B:F0 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 4C415C86D95D701FC0C2EADE50A8D22179ACE641 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/DDBE589E6A02B72D83086B3F5697DAB689A83BF0.mft caRepository: rsync://rpki-rsync.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:07:36 +0000 Certificate not after: Sun 02 May 2027 00:12:36 +0000 Subordinate resources: IP: 103.254.168.0/22 IP: 2400:f580::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:41:5c:86:d9:5d:70:1f:c0:c2:ea:de:50:a8:d2:21:79:ac:e6:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:07:36 2026 GMT Not After : May 2 00:12:36 2027 GMT Subject: CN=DDBE589E6A02B72D83086B3F5697DAB689A83BF0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:d9:88:d7:a8:f0:31:7c:f6:4a:a4:9f:b4:bd: a3:6f:5f:aa:5a:e1:42:09:7a:36:a9:7c:50:49:5e: 33:bd:5d:7f:4f:ed:20:64:bb:1e:3c:94:f3:73:ef: e2:53:94:e0:e3:e9:a9:bb:90:80:b4:13:40:a9:5b: ec:6a:e2:4e:e0:e1:05:cd:50:7d:48:11:fa:00:66: 0d:bf:59:4c:2b:30:56:5c:a4:86:37:5e:75:24:7b: 03:1c:71:1c:82:9c:c6:69:e0:61:85:70:44:ee:c8: bb:59:3d:76:f7:fe:96:ac:1f:3d:88:72:5d:ce:8b: b3:3f:b3:ea:c8:1e:7d:6a:f9:8c:54:a7:a6:28:1a: cf:b3:25:9d:ed:d0:58:b3:2b:44:96:fb:9e:99:c5: 56:45:3d:15:29:e5:ad:18:3b:d4:ec:c8:ff:df:f5: e2:28:d4:d5:68:0c:a8:6f:1e:39:d8:b6:da:98:bc: 0b:b2:13:dd:b1:55:30:9c:8e:15:97:da:62:24:a1: 30:54:87:0a:7b:4f:34:f2:ea:02:bd:07:ed:14:5f: ba:9a:31:5f:61:5c:2c:87:27:19:6b:3c:ad:74:b0: eb:1a:7e:8a:10:ed:78:aa:c2:4d:30:9d:96:d1:fe: b7:af:a0:e3:37:7b:7b:03:60:6a:44:1e:a8:14:ef: 7f:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: DD:BE:58:9E:6A:02:B7:2D:83:08:6B:3F:56:97:DA:B6:89:A8:3B:F0 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/DDBE589E6A02B72D83086B3F5697DAB689A83BF0.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.254.168.0/22 IPv6: 2400:f580::/32 Signature Algorithm: sha256WithRSAEncryption 9d:9f:ca:0b:b7:b5:9a:76:ab:ef:53:59:4c:5c:03:c5:a4:2d: 4d:63:a7:d8:39:3a:93:59:04:d4:19:15:0f:45:0f:8d:8a:69: f9:2d:c7:66:f7:57:c6:1e:83:d5:98:5a:48:c0:c0:3f:58:8b: 94:98:39:b1:fb:0f:42:64:1c:a3:7e:c6:82:3c:8c:74:21:7c: 66:a7:b7:c5:64:13:76:ce:4a:6f:a7:b3:b4:2f:f1:02:8a:65: de:b7:00:e5:be:89:26:fc:e5:ee:a2:b1:0d:0e:54:07:5a:8a: f8:31:10:5a:10:48:7a:22:b4:c6:92:23:de:00:01:33:14:f1: 3c:65:86:09:8e:1f:aa:a8:33:23:29:fb:e1:ab:cf:a9:51:bc: 3d:a3:27:81:e3:8c:c5:f1:8a:74:e8:da:7c:cf:16:bb:1a:f5: ca:bb:58:4f:0f:01:f8:42:7b:3a:5e:9c:d6:f3:54:a3:f2:f2: 97:81:a6:c5:0a:56:8b:8d:82:9f:2d:39:07:60:8c:37:ba:28: 6d:96:e1:39:43:f2:9b:84:5f:a2:88:ff:49:04:ee:13:ec:c9: 1b:dc:f0:ac:5c:73:12:6a:a5:84:e0:6f:3b:0b:76:25:19:c1: ed:91:6f:93:34:03:84:c6:4f:0b:34:65:b1:06:71:4a:c0:1e: 2f:68:a5:d0 -----BEGIN CERTIFICATE----- MIIF1TCCBL2gAwIBAgIUTEFchtldcB/AwureUKjSIXms5kEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMDczNloX DTI3MDUwMjAwMTIzNlowMzExMC8GA1UEAxMoRERCRTU4OUU2QTAyQjcyRDgzMDg2 QjNGNTY5N0RBQjY4OUE4M0JGMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJjZiNeo8DF89kqkn7S9o29fqlrhQgl6Nql8UEleM71df0/tIGS7HjyU83Pv 4lOU4OPpqbuQgLQTQKlb7GriTuDhBc1QfUgR+gBmDb9ZTCswVlykhjdedSR7Axxx HIKcxmngYYVwRO7Iu1k9dvf+lqwfPYhyXc6Lsz+z6sgefWr5jFSnpigaz7Mlne3Q WLMrRJb7npnFVkU9FSnlrRg71OzI/9/14ijU1WgMqG8eOdi22pi8C7IT3bFVMJyO FZfaYiShMFSHCntPNPLqAr0H7RRfupoxX2FcLIcnGWs8rXSw6xp+ihDteKrCTTCd ltH+t6+g4zd7ewNgakQeqBTvfzMCAwEAAaOCAsgwggLEMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFN2+WJ5qArctgwhrP1aX2raJqDvwMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzJhZTdkNDYxLTBlMzItNGU2NS1iYjg4LWQ3MjQwNWIyNDQ1MS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8yYWU3ZDQ2 MS0wZTMyLTRlNjUtYmI4OC1kNzI0MDViMjQ0NTEvMC9EREJFNTg5RTZBMDJCNzJE ODMwODZCM0Y1Njk3REFCNjg5QTgzQkYwLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAG AwQCZ/6oMA0EAgACMAcDBQAkAPWAMA0GCSqGSIb3DQEBCwUAA4IBAQCdn8oLt7Wa dqvvU1lMXAPFpC1NY6fYOTqTWQTUGRUPRQ+Nimn5Lcdm91fGHoPVmFpIwMA/WIuU mDmx+w9CZByjfsaCPIx0IXxmp7fFZBN2zkpvp7O0L/ECimXetwDlvokm/OXuorEN DlQHWor4MRBaEEh6IrTGkiPeAAEzFPE8ZYYJjh+qqDMjKfvhq8+pUbw9oyeB44zF 8Yp06Np8zxa7GvXKu1hPDwH4Qns6XpzW81Sj8vKXgabFClaLjYKfLTkHYIw3uiht luE5Q/KbhF+iiP9JBO4T7Mkb3PCsXHMSaqWE4G87C3YlGcHtkW+TNAOExk8LNGWx BnFKwB4vaKXQ -----END CERTIFICATE-----Generated at Tue May 12 22:47:30 2026 by rpki-client