$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer File: 2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer (raw, json) Hash identifier: X32VyHSAw/JP9iDXl0Or+R7G0fQyYRQ6sM1Rx5zvf2s= Subject key identifier: 25:15:D4:BF:9E:F7:AA:E5:AE:BC:22:F5:2C:17:FF:17:DC:D6:FD:C2 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 51B24885E7A293B1FD2C72B9792BB45E4DFBFB5B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft caRepository: rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 21 Mar 2026 02:48:21 +0000 Certificate not after: Sat 20 Mar 2027 02:53:21 +0000 Subordinate resources: IP: 160.19.84.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 14:23:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:b2:48:85:e7:a2:93:b1:fd:2c:72:b9:79:2b:b4:5e:4d:fb:fb:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Mar 21 02:48:21 2026 GMT Not After : Mar 20 02:53:21 2027 GMT Subject: CN=2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:20:34:b4:71:c9:71:fe:2d:92:ce:1a:ee:56: 0c:90:f2:4f:2b:c0:2d:03:a4:22:c0:32:da:85:bb: 9e:c1:b2:2a:3b:cd:f5:4d:6f:3c:ab:ca:15:59:79: cb:86:62:be:6b:1b:fe:16:3a:87:97:9b:bb:8d:10: 85:cf:d3:20:a6:50:9c:b4:c2:07:38:07:82:20:87: 01:3b:59:4e:cd:d8:d9:10:17:cd:0a:30:7b:d0:36: dc:01:74:bd:c9:76:fe:8a:46:bb:b2:b2:48:5f:7f: e5:d4:a4:00:b3:7d:bb:62:af:f1:b4:e3:58:4d:27: 93:8c:66:17:73:48:9c:3e:15:31:0d:bb:90:e9:9d: 2a:26:34:f7:bf:34:4f:76:62:bd:bd:38:2b:79:f6: f7:18:45:a9:f4:24:6e:68:ec:d5:66:d2:71:a1:69: e2:a4:b4:f7:53:bd:4b:5f:a4:36:f5:90:26:1d:f1: f8:eb:b8:f9:6c:88:af:8e:f0:fe:b0:b2:ab:50:a9: fd:bb:55:ee:e1:aa:a3:b1:be:34:5a:b1:a3:d4:25: f9:aa:ed:67:45:4f:e3:40:f4:56:2c:58:a5:a8:97: eb:05:15:b2:51:f1:79:8e:ae:b9:4b:8e:f6:34:8c: a8:0a:50:54:81:39:f1:bc:44:6f:74:ee:ed:c4:e9: df:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 25:15:D4:BF:9E:F7:AA:E5:AE:BC:22:F5:2C:17:FF:17:DC:D6:FD:C2 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.19.84.0/23 Signature Algorithm: sha256WithRSAEncryption 19:55:3f:7c:9d:46:7c:50:3b:0d:87:7a:82:7c:39:3d:f1:c1: 19:ff:6a:df:01:df:a6:e9:04:d2:2f:61:dd:85:a0:5a:fd:6f: 6c:13:7e:6a:a6:89:42:7e:e3:1e:5c:c3:28:8a:a8:a7:82:f6: 6e:0d:25:b4:fb:85:1b:fa:73:64:60:44:c6:56:14:a1:ec:f1: af:30:e1:44:db:28:d6:d8:dc:7b:8d:63:59:f7:52:79:f4:b4: 05:bd:ba:28:7a:77:a3:fc:ed:de:4e:7c:73:33:36:6c:fa:0d: 58:ab:d3:72:66:22:ec:88:6e:9e:4b:23:33:26:8b:af:45:95: 99:31:c4:18:96:5c:fb:12:4d:cc:3e:28:21:f7:b5:1a:0d:23: 80:86:87:68:55:05:1b:61:82:c3:c5:6c:10:14:dd:a5:77:4a: a5:42:57:73:47:b1:b7:e7:06:92:fc:63:b1:da:4d:80:68:fb: f3:91:03:17:7c:3f:7c:94:cd:89:d9:95:24:23:6f:93:57:87: 68:0e:e8:55:12:d7:3e:86:12:f1:31:38:c5:c5:1f:6f:4f:29: 9e:f8:ce:1f:15:32:f2:a8:83:46:b5:81:05:4a:c9:7b:c6:9a: 7b:4f:26:bb:94:6b:c6:4c:4b:93:79:aa:41:9d:69:d5:e2:61: 80:30:6e:b9 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUUbJIheeik7H9LHK5eSu0Xk37+1swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDMyMTAyNDgyMVoX DTI3MDMyMDAyNTMyMVowMzExMC8GA1UEAxMoMjUxNUQ0QkY5RUY3QUFFNUFFQkMy MkY1MkMxN0ZGMTdEQ0Q2RkRDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANAgNLRxyXH+LZLOGu5WDJDyTyvALQOkIsAy2oW7nsGyKjvN9U1vPKvKFVl5 y4Zivmsb/hY6h5ebu40Qhc/TIKZQnLTCBzgHgiCHATtZTs3Y2RAXzQowe9A23AF0 vcl2/opGu7KySF9/5dSkALN9u2Kv8bTjWE0nk4xmF3NInD4VMQ27kOmdKiY09780 T3Zivb04K3n29xhFqfQkbmjs1WbScaFp4qS091O9S1+kNvWQJh3x+Ou4+WyIr47w /rCyq1Cp/btV7uGqo7G+NFqxo9Ql+artZ0VP40D0VixYpaiX6wUVslHxeY6uuUuO 9jSMqApQVIE58bxEb3Tu7cTp30kCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCUV1L+e96rlrrwi9SwX/xfc1v3CMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9iYTA5OGYwMC1hMGEwLTRiNWMtOWU4My02MDY3MzcxMjhjYjEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JhMDk4ZjAw LWEwYTAtNGI1Yy05ZTgzLTYwNjczNzEyOGNiMS8wLzI1MTVENEJGOUVGN0FBRTVB RUJDMjJGNTJDMTdGRjE3RENENkZEQzIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgE1QwDQYJKoZIhvcNAQELBQADggEBABlVP3ydRnxQOw2HeoJ8OT3xwRn/at8B 36bpBNIvYd2FoFr9b2wTfmqmiUJ+4x5cwyiKqKeC9m4NJbT7hRv6c2RgRMZWFKHs 8a8w4UTbKNbY3HuNY1n3Unn0tAW9uih6d6P87d5OfHMzNmz6DVir03JmIuyIbp5L IzMmi69FlZkxxBiWXPsSTcw+KCH3tRoNI4CGh2hVBRthgsPFbBAU3aV3SqVCV3NH sbfnBpL8Y7HaTYBo+/ORAxd8P3yUzYnZlSQjb5NXh2gO6FUS1z6GEvExOMXFH29P KZ74zh8VMvKog0a1gQVKyXvGmntPJruUa8ZMS5N5qkGdadXiYYAwbrk= -----END CERTIFICATE-----Generated at Thu Mar 26 12:17:41 2026 by rpki-client