$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.cer File: 5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.cer (raw, json) Hash identifier: VHv7eAwQU4kcqRaeQGco2vgFsOuqBdBfrXe0arm8gWQ= Subject key identifier: 5A:8D:4D:EC:5F:C2:9B:E6:E2:49:04:62:F5:80:90:3D:D4:A9:84:EB Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 0A02A8CF7AE40D12325AB73CC9F5665EB9B21CFB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.mft caRepository: rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 21 Mar 2026 05:13:13 +0000 Certificate not after: Sat 20 Mar 2027 05:18:13 +0000 Subordinate resources: IP: 157.66.122.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 14:23:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:02:a8:cf:7a:e4:0d:12:32:5a:b7:3c:c9:f5:66:5e:b9:b2:1c:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Mar 21 05:13:13 2026 GMT Not After : Mar 20 05:18:13 2027 GMT Subject: CN=5A8D4DEC5FC29BE6E2490462F580903DD4A984EB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:58:20:12:8c:b2:53:c6:6b:43:8f:0f:45:70: 7d:78:6c:ad:96:9a:3c:25:27:7f:40:a4:66:ed:a4: 58:42:fb:1e:7c:08:a2:d0:64:e1:d1:88:69:09:b0: 26:de:33:30:6a:84:ba:bd:dc:2b:12:09:e5:72:f0: a7:64:23:89:1d:f6:71:78:3e:ec:60:62:c8:c0:11: b5:de:9c:5b:1d:19:e9:63:59:96:50:09:e8:29:6b: 63:ba:b4:68:5b:9c:09:83:8f:76:a0:92:d3:02:8c: bd:78:40:d4:74:8b:e2:f3:6a:81:f9:d2:82:35:9a: d6:33:d7:ae:21:c0:67:49:f6:ed:a1:9e:fb:21:a6: 9c:01:b5:04:87:73:80:b8:9d:80:b8:cf:cd:b4:16: c2:da:c8:4c:b3:3b:3c:1f:f6:36:1f:d2:25:3a:b6: 33:7c:8b:e2:81:04:91:1a:ba:67:f5:a8:f9:21:c5: 22:e3:7f:96:e9:68:79:50:6a:6c:29:66:4a:d7:fb: de:08:6a:0b:bd:f7:7a:80:35:df:4e:ae:75:60:1b: a2:96:da:bb:25:c5:f3:25:1b:20:3a:20:8b:4c:77: 72:7a:af:4e:28:44:37:22:01:0f:36:d4:2e:26:8c: 71:89:92:a5:6c:5f:58:8b:aa:ed:3e:af:71:85:b1: dc:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 5A:8D:4D:EC:5F:C2:9B:E6:E2:49:04:62:F5:80:90:3D:D4:A9:84:EB X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/cecf5d94-7f1f-43bf-b7aa-220f0c156ec0/0/5A8D4DEC5FC29BE6E2490462F580903DD4A984EB.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.122.0/24 Signature Algorithm: sha256WithRSAEncryption 31:dd:ec:38:02:f4:d0:55:5b:70:2c:e1:e9:10:88:db:6e:70: 1d:8e:98:cd:8c:7d:f4:bf:28:56:fd:06:fa:04:14:54:8b:1b: 4a:9f:74:86:df:30:96:47:db:65:70:3e:af:ec:10:cc:d8:a6: cc:f8:65:ed:a4:99:08:1f:c7:d2:e2:69:f4:43:f3:b6:29:6c: 07:23:bc:02:c3:29:49:03:d9:2a:7b:11:eb:d2:c5:36:c3:bb: 2a:48:7e:3b:0d:d2:07:51:31:4b:14:f2:7e:f9:fc:37:51:72: f7:76:16:fb:0e:f9:b4:3b:af:03:91:2d:3d:34:e5:50:4a:ee: 5c:9d:51:3e:49:cf:22:26:08:d1:5e:f7:98:ba:ee:37:75:32: 2f:b6:01:fd:46:2e:97:11:e8:36:8d:a0:ed:68:54:de:ed:81: 56:0a:a6:c4:71:68:b8:c3:61:10:03:6d:4c:e1:8a:b2:c6:86: 2e:ef:6c:97:d1:c0:c8:b0:7a:ae:7d:b3:f7:5c:7e:e6:41:91: ed:84:69:10:a3:31:3b:fd:78:74:64:41:a8:54:c7:15:d9:b8: 71:02:e5:81:ff:49:13:81:e7:ed:0f:64:3b:c9:fa:2d:09:68: 17:6a:74:ed:cb:18:77:be:43:9b:ba:42:93:3e:a4:0a:4b:b8: 43:d7:a1:bd -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUCgKoz3rkDRIyWrc8yfVmXrmyHPswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDMyMTA1MTMxM1oX DTI3MDMyMDA1MTgxM1owMzExMC8GA1UEAxMoNUE4RDRERUM1RkMyOUJFNkUyNDkw NDYyRjU4MDkwM0RENEE5ODRFQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMNYIBKMslPGa0OPD0VwfXhsrZaaPCUnf0CkZu2kWEL7HnwIotBk4dGIaQmw Jt4zMGqEur3cKxIJ5XLwp2QjiR32cXg+7GBiyMARtd6cWx0Z6WNZllAJ6ClrY7q0 aFucCYOPdqCS0wKMvXhA1HSL4vNqgfnSgjWa1jPXriHAZ0n27aGe+yGmnAG1BIdz gLidgLjPzbQWwtrITLM7PB/2Nh/SJTq2M3yL4oEEkRq6Z/Wo+SHFIuN/luloeVBq bClmStf73ghqC733eoA1306udWAbopbauyXF8yUbIDogi0x3cnqvTihENyIBDzbU LiaMcYmSpWxfWIuq7T6vcYWx3LkCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFqNTexfwpvm4kkEYvWAkD3UqYTrMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9jZWNmNWQ5NC03ZjFmLTQzYmYtYjdhYS0yMjBmMGMxNTZlYzAvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2NlY2Y1ZDk0 LTdmMWYtNDNiZi1iN2FhLTIyMGYwYzE1NmVjMC8wLzVBOEQ0REVDNUZDMjlCRTZF MjQ5MDQ2MkY1ODA5MDNERDRBOTg0RUIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACdQnowDQYJKoZIhvcNAQELBQADggEBADHd7DgC9NBVW3As4ekQiNtucB2OmM2M ffS/KFb9BvoEFFSLG0qfdIbfMJZH22VwPq/sEMzYpsz4Ze2kmQgfx9LiafRD87Yp bAcjvALDKUkD2Sp7EevSxTbDuypIfjsN0gdRMUsU8n75/DdRcvd2FvsO+bQ7rwOR LT005VBK7lydUT5JzyImCNFe95i67jd1Mi+2Af1GLpcR6DaNoO1oVN7tgVYKpsRx aLjDYRADbUzhirLGhi7vbJfRwMiweq59s/dcfuZBke2EaRCjMTv9eHRkQahUxxXZ uHEC5YH/SROB5+0PZDvJ+i0JaBdqdO3LGHe+Q5u6QpM+pApLuEPXob0= -----END CERTIFICATE-----Generated at Thu Mar 26 16:52:27 2026 by rpki-client