$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/DF5DD0708B81D15CF9DEA48BE54AC03E1EC3E53E.cer File: DF5DD0708B81D15CF9DEA48BE54AC03E1EC3E53E.cer (raw, json) Hash identifier: hKcT26wazrKEBx2Y12orDKC7VDY+1WIrwcQyGdwLXsk= Subject key identifier: DF:5D:D0:70:8B:81:D1:5C:F9:DE:A4:8B:E5:4A:C0:3E:1E:C3:E5:3E Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 614136FDDDA69F0AE981C99F020989FA1B1DCA78 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/DF5DD0708B81D15CF9DEA48BE54AC03E1EC3E53E.mft caRepository: rsync://rpki-rsync.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:45:55 +0000 Certificate not after: Sat 01 May 2027 23:50:55 +0000 Subordinate resources: AS: 24213 AS: 38752 IP: 103.6.200.0/22 IP: 103.12.12.0/22 IP: 103.16.188.0/22 IP: 103.16.232.0/22 IP: 119.82.224.0/20 IP: 202.65.224.0/20 IP: 202.182.56.0/21 IP: 2402:680::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:41:36:fd:dd:a6:9f:0a:e9:81:c9:9f:02:09:89:fa:1b:1d:ca:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:45:55 2026 GMT Not After : May 1 23:50:55 2027 GMT Subject: CN=DF5DD0708B81D15CF9DEA48BE54AC03E1EC3E53E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:ba:38:02:04:06:4b:8d:8e:d3:a7:24:6e:eb: 0f:b5:b0:ce:81:e6:1f:b2:9b:40:6a:8a:22:7c:5a: af:2b:23:4f:0d:c2:bb:1b:db:79:02:d7:68:f8:07: b6:ac:e2:f3:83:ab:60:44:ad:c0:8c:9d:ef:6b:41: 23:7c:68:42:c9:d2:17:48:8f:b1:22:c7:18:75:55: 13:b0:1b:cf:04:26:dc:8b:33:8b:97:b8:b4:2a:d9: bb:ec:90:45:ea:c5:82:16:e2:08:50:c9:ee:86:e9: 54:8f:3c:aa:a5:bc:89:74:ff:37:fb:4b:8f:57:a7: fa:6a:d0:84:77:1e:7b:f0:61:21:bb:a0:11:0e:6e: b7:c2:7a:4c:32:db:12:c4:53:ee:e2:b0:8b:8c:11: f2:63:65:38:89:d7:2f:14:44:bc:1b:87:d4:54:b5: a2:c8:0e:f9:00:94:f8:c5:eb:a0:e0:68:62:af:87: 1e:ab:f8:8c:81:f3:1e:99:fc:19:4b:fd:f5:7e:85: d6:6f:84:3c:21:0b:dd:8c:95:9b:ac:ff:90:95:0e: 5e:9a:09:54:17:d0:dc:5b:df:6a:9d:fa:8b:89:4c: 37:9b:8a:01:97:27:8b:da:38:93:b7:b9:15:3b:f5: 2a:ec:2d:27:6f:b0:77:33:d8:46:e2:e4:04:82:c4: a6:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: DF:5D:D0:70:8B:81:D1:5C:F9:DE:A4:8B:E5:4A:C0:3E:1E:C3:E5:3E X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/08b8c1b5-3be8-4aa7-a4c6-21bcc8f3fa40/0/DF5DD0708B81D15CF9DEA48BE54AC03E1EC3E53E.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.6.200.0/22 103.12.12.0/22 103.16.188.0/22 103.16.232.0/22 119.82.224.0/20 202.65.224.0/20 202.182.56.0/21 IPv6: 2402:680::/32 sbgp-autonomousSysNum: critical Autonomous System Numbers: 24213 38752 Signature Algorithm: sha256WithRSAEncryption a8:57:fb:bf:23:15:5c:9c:a9:00:79:70:78:a8:cd:de:40:1f: 41:3b:ba:3b:d9:4c:3f:9a:fd:c7:87:12:a3:d5:43:97:64:d8: 19:07:23:1c:67:36:9e:dd:a2:12:ae:3a:38:b5:5a:a1:59:66: 04:18:b1:d9:63:89:65:7c:ba:55:65:4b:7e:84:9a:d5:52:ed: 0d:fb:12:2c:e0:ca:18:2e:9f:c2:48:90:94:79:48:c9:02:b1: 63:ca:26:89:6c:27:dd:d6:34:78:d9:88:48:1d:46:9f:4c:3f: 4c:5e:b1:62:d0:8b:4c:cf:1e:14:22:04:ab:e7:be:24:df:45: 49:ee:b6:7d:5a:94:13:c7:7f:40:22:05:68:2a:81:a6:d2:77: 8a:dc:d2:be:db:14:d0:92:5e:2d:e5:4b:e2:61:09:c9:e4:89: 2f:89:01:59:72:f3:d1:d5:0c:bc:3b:79:17:e3:8c:be:ed:43: b6:73:7c:7a:90:80:73:ab:e5:27:85:c3:c3:34:c0:f2:56:72: 96:5e:63:60:fd:cf:9a:9d:b9:8c:fe:15:ef:fc:ff:e0:6d:08: e3:4b:60:55:77:f8:f8:ea:10:ac:c4:21:7d:ca:06:1c:5f:2c: 83:13:72:d0:b0:fd:70:11:70:ad:f7:86:8b:c5:79:2b:7e:53: 1a:e1:b0:49 -----BEGIN CERTIFICATE----- MIIGGTCCBQGgAwIBAgIUYUE2/d2mnwrpgcmfAgmJ+hsdyngwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNDU1NVoX DTI3MDUwMTIzNTA1NVowMzExMC8GA1UEAxMoREY1REQwNzA4QjgxRDE1Q0Y5REVB NDhCRTU0QUMwM0UxRUMzRTUzRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOO6OAIEBkuNjtOnJG7rD7WwzoHmH7KbQGqKInxarysjTw3CuxvbeQLXaPgH tqzi84OrYEStwIyd72tBI3xoQsnSF0iPsSLHGHVVE7AbzwQm3Iszi5e4tCrZu+yQ RerFghbiCFDJ7obpVI88qqW8iXT/N/tLj1en+mrQhHcee/BhIbugEQ5ut8J6TDLb EsRT7uKwi4wR8mNlOInXLxREvBuH1FS1osgO+QCU+MXroOBoYq+HHqv4jIHzHpn8 GUv99X6F1m+EPCEL3YyVm6z/kJUOXpoJVBfQ3Fvfap36i4lMN5uKAZcni9o4k7e5 FTv1KuwtJ2+wdzPYRuLkBILEpicCAwEAAaOCAwwwggMIMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFN9d0HCLgdFc+d6ki+VKwD4ew+U+MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzA4YjhjMWI1LTNiZTgtNGFhNy1hNGM2LTIxYmNjOGYzZmE0MC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8wOGI4YzFi NS0zYmU4LTRhYTctYTRjNi0yMWJjYzhmM2ZhNDAvMC9ERjVERDA3MDhCODFEMTVD RjlERUE0OEJFNTRBQzAzRTFFQzNFNTNFLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAq AwQCZwbIAwQCZwwMAwQCZxC8AwQCZxDoAwQEd1LgAwQEykHgAwQDyrY4MA0EAgAC MAcDBQAkAgaAMB4GCCsGAQUFBwEIAQH/BA8wDaALMAkCAl6VAgMAl2AwDQYJKoZI hvcNAQELBQADggEBAKhX+78jFVycqQB5cHiozd5AH0E7ujvZTD+a/ceHEqPVQ5dk 2BkHIxxnNp7dohKuOji1WqFZZgQYsdljiWV8ulVlS36EmtVS7Q37Eizgyhgun8JI kJR5SMkCsWPKJolsJ93WNHjZiEgdRp9MP0xesWLQi0zPHhQiBKvnviTfRUnutn1a lBPHf0AiBWgqgabSd4rc0r7bFNCSXi3lS+JhCcnkiS+JAVly89HVDLw7eRfjjL7t Q7ZzfHqQgHOr5SeFw8M0wPJWcpZeY2D9z5qduYz+Fe/8/+BtCONLYFV3+PjqEKzE IX3KBhxfLIMTctCw/XARcK33hovFeSt+UxrhsEk= -----END CERTIFICATE-----Generated at Tue May 12 22:03:23 2026 by rpki-client