$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/EFAF3DBC84578E586EA4A04FC35E6A46FA0E28EA.cer File: EFAF3DBC84578E586EA4A04FC35E6A46FA0E28EA.cer (raw, json) Hash identifier: kALzQ6Rjw0Jtc926YPl85XgZKE7j1nkDO6OggxdzctI= Subject key identifier: EF:AF:3D:BC:84:57:8E:58:6E:A4:A0:4F:C3:5E:6A:46:FA:0E:28:EA Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 59B47E96BAD38D5D3C958AB66C50F4622FAA180D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/5f9e1a8a-39f1-4fe2-832a-bb2f2092fbf6/0/EFAF3DBC84578E586EA4A04FC35E6A46FA0E28EA.mft caRepository: rsync://repo-rpki.idnic.net/repo/5f9e1a8a-39f1-4fe2-832a-bb2f2092fbf6/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 18 Mar 2026 02:07:48 +0000 Certificate not after: Wed 17 Mar 2027 02:12:48 +0000 Subordinate resources: IP: 157.66.36.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 14:23:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:b4:7e:96:ba:d3:8d:5d:3c:95:8a:b6:6c:50:f4:62:2f:aa:18:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Mar 18 02:07:48 2026 GMT Not After : Mar 17 02:12:48 2027 GMT Subject: CN=EFAF3DBC84578E586EA4A04FC35E6A46FA0E28EA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:46:5f:c7:b8:b0:6a:28:63:08:0d:5c:03:e9: aa:53:fb:a1:d6:14:c3:aa:15:73:cc:01:16:ba:e1: 37:c6:c3:bd:c3:fc:4a:77:14:f6:4c:1d:c4:5a:bd: 15:46:a1:26:85:4f:fa:cf:2d:f8:e0:09:94:29:9f: 57:53:c0:36:0d:63:2d:57:4e:26:79:13:64:cf:fd: f4:fd:a2:44:5f:6c:88:97:68:07:46:03:36:5c:ea: a8:cf:5c:15:5f:0d:b9:1a:04:29:45:86:0e:93:a0: d2:38:51:7c:7d:95:59:2e:1d:da:44:eb:eb:74:43: 4e:10:2a:c0:6a:b1:ce:97:f7:53:b4:4c:c7:ef:cf: b3:f2:11:50:89:22:bc:0f:d5:cf:ae:ad:3b:6f:63: 7f:b6:6b:b8:f2:4c:b5:27:80:be:11:b5:6e:cf:cc: 19:a5:b0:69:85:fc:85:6c:80:0f:ec:b5:c6:e9:83: cf:c7:7c:0b:5c:71:f3:03:5c:5c:d4:72:e9:67:82: 31:f0:ed:68:15:87:fa:2c:20:1c:0d:17:f6:9d:7d: 6f:d4:8e:c4:41:e6:0d:84:8d:ac:0f:0b:54:22:1c: c7:35:84:c5:b6:cb:22:1e:72:4b:66:3a:dd:21:f6: 85:4b:01:a7:25:50:dd:e5:17:09:b8:48:db:cf:06: bf:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: EF:AF:3D:BC:84:57:8E:58:6E:A4:A0:4F:C3:5E:6A:46:FA:0E:28:EA X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/5f9e1a8a-39f1-4fe2-832a-bb2f2092fbf6/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/5f9e1a8a-39f1-4fe2-832a-bb2f2092fbf6/0/EFAF3DBC84578E586EA4A04FC35E6A46FA0E28EA.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.36.0/24 Signature Algorithm: sha256WithRSAEncryption 87:e7:08:0e:f1:79:9c:d4:6d:31:fc:5f:71:8c:0c:27:e5:77: 54:41:34:c2:8e:14:ca:41:ca:e2:27:9b:66:cd:dd:7e:ac:91: 17:54:e2:b7:1b:c5:6c:f9:94:80:46:e9:80:f7:c0:9d:31:1a: 3a:b8:fa:13:b6:19:cd:cf:1f:25:50:0e:d4:0e:a2:85:65:0f: dd:60:25:a2:30:83:03:42:44:9f:6b:e4:a3:1a:57:30:a1:3d: b2:17:50:5e:31:0b:ec:14:e8:16:d3:60:33:5b:f2:b4:77:dc: 63:a8:29:12:4c:ce:e0:fb:1b:85:59:0e:63:4c:ab:54:39:33: d8:8d:f7:98:69:a2:4b:45:a7:42:26:d9:eb:b1:79:e3:de:be: 70:32:0f:38:e3:14:9b:b0:1d:d5:72:2b:35:46:7a:0b:dc:40: 16:c0:40:2d:f7:92:ab:c2:13:cd:da:47:8a:a3:41:93:8b:07: c5:52:2c:cc:4f:db:d0:35:42:bc:1a:0e:9a:0b:ef:52:34:2f: 98:7d:36:41:51:79:c9:4c:b8:db:8d:94:a8:a1:90:f6:38:ce: 95:06:8b:94:08:7d:b1:17:9a:03:d7:fc:6e:06:b4:9e:5e:71: bd:10:c7:75:51:10:24:c3:3e:34:94:db:93:e3:a6:91:a5:ab: d4:76:b7:2c -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUWbR+lrrTjV08lYq2bFD0Yi+qGA0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDMxODAyMDc0OFoX DTI3MDMxNzAyMTI0OFowMzExMC8GA1UEAxMoRUZBRjNEQkM4NDU3OEU1ODZFQTRB MDRGQzM1RTZBNDZGQTBFMjhFQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAORGX8e4sGooYwgNXAPpqlP7odYUw6oVc8wBFrrhN8bDvcP8SncU9kwdxFq9 FUahJoVP+s8t+OAJlCmfV1PANg1jLVdOJnkTZM/99P2iRF9siJdoB0YDNlzqqM9c FV8NuRoEKUWGDpOg0jhRfH2VWS4d2kTr63RDThAqwGqxzpf3U7RMx+/Ps/IRUIki vA/Vz66tO29jf7ZruPJMtSeAvhG1bs/MGaWwaYX8hWyAD+y1xumDz8d8C1xx8wNc XNRy6WeCMfDtaBWH+iwgHA0X9p19b9SOxEHmDYSNrA8LVCIcxzWExbbLIh5yS2Y6 3SH2hUsBpyVQ3eUXCbhI288Gv9MCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFO+vPbyEV45YbqSgT8Neakb6DijqMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by81ZjllMWE4YS0zOWYxLTRmZTItODMyYS1iYjJmMjA5MmZiZjYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVmOWUxYThh LTM5ZjEtNGZlMi04MzJhLWJiMmYyMDkyZmJmNi8wL0VGQUYzREJDODQ1NzhFNTg2 RUE0QTA0RkMzNUU2QTQ2RkEwRTI4RUEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACdQiQwDQYJKoZIhvcNAQELBQADggEBAIfnCA7xeZzUbTH8X3GMDCfld1RBNMKO FMpByuInm2bN3X6skRdU4rcbxWz5lIBG6YD3wJ0xGjq4+hO2Gc3PHyVQDtQOooVl D91gJaIwgwNCRJ9r5KMaVzChPbIXUF4xC+wU6BbTYDNb8rR33GOoKRJMzuD7G4VZ DmNMq1Q5M9iN95hpoktFp0Im2euxeePevnAyDzjjFJuwHdVyKzVGegvcQBbAQC33 kqvCE83aR4qjQZOLB8VSLMxP29A1QrwaDpoL71I0L5h9NkFReclMuNuNlKihkPY4 zpUGi5QIfbEXmgPX/G4GtJ5ecb0Qx3VRECTDPjSU25PjppGlq9R2tyw= -----END CERTIFICATE-----Generated at Thu Mar 26 12:23:54 2026 by rpki-client