$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/02421F1D8F0911482A3B964167D5292F7B46D2A0.cer File: 02421F1D8F0911482A3B964167D5292F7B46D2A0.cer (raw, json) Hash identifier: nLuLD+VcZ/gfl5GVs3n66dvXb9Ph4DcxfGtwq7R+iX4= Subject key identifier: 02:42:1F:1D:8F:09:11:48:2A:3B:96:41:67:D5:29:2F:7B:46:D2:A0 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 2C970E5EB8B945847D3C576D32EC900F59D2C6D0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/02421F1D8F0911482A3B964167D5292F7B46D2A0.mft caRepository: rsync://rpki-rsync.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:26:25 +0000 Certificate not after: Sun 02 May 2027 00:31:25 +0000 Subordinate resources: IP: 157.20.120.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:97:0e:5e:b8:b9:45:84:7d:3c:57:6d:32:ec:90:0f:59:d2:c6:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 00:26:25 2026 GMT Not After : May 2 00:31:25 2027 GMT Subject: CN=02421F1D8F0911482A3B964167D5292F7B46D2A0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:b0:0d:13:a9:fa:73:d2:9c:7e:8c:f1:71:d4: b8:db:a3:39:33:9c:4f:99:9d:50:01:30:c2:8b:c7: 73:63:e4:05:eb:a6:57:b2:5c:20:68:ea:aa:95:c2: 01:e6:04:ce:0e:dd:b1:b4:b3:fa:5c:cd:bf:58:21: f7:48:ad:e7:11:0d:4e:29:b5:49:09:4c:75:34:6a: f0:46:0a:1e:43:21:ac:c3:3f:f4:16:58:e8:6d:10: 6e:3a:3c:56:69:f3:39:94:b5:15:95:51:8f:73:81: e3:93:67:9c:d7:e1:77:cc:bc:75:57:d0:1e:bd:92: 41:cc:56:21:81:4b:17:ea:7f:ee:95:4b:da:39:5c: a4:05:d1:c8:c0:10:5e:ab:24:f2:44:43:56:2b:f0: 28:c9:0e:ba:ad:40:e2:47:a3:17:49:6f:a1:eb:31: f5:0d:79:33:eb:9c:69:2d:ab:21:59:ba:66:4f:3e: 0d:51:f1:7c:e6:5b:ff:70:f4:2f:5b:60:f5:7c:4b: e1:2a:a3:7c:12:c2:a4:ba:2f:cf:bd:45:38:30:14: 10:58:2e:58:c6:83:70:e6:0d:82:74:6f:d8:1a:92: 78:39:ed:3d:40:68:11:92:d2:c7:5c:be:e3:54:8b: f8:da:f2:b0:7f:44:85:b2:a6:24:2e:2d:24:a8:39: 30:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 02:42:1F:1D:8F:09:11:48:2A:3B:96:41:67:D5:29:2F:7B:46:D2:A0 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/4644263a-8ee2-4eec-a810-5733ccaf51e3/0/02421F1D8F0911482A3B964167D5292F7B46D2A0.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.120.0/23 Signature Algorithm: sha256WithRSAEncryption 34:53:e1:a3:c9:24:94:4f:72:0b:be:87:e3:47:80:76:5b:20: d4:4c:a1:ec:20:12:c0:aa:15:94:f1:7a:37:3e:ef:2e:7f:6f: 84:9d:6d:02:48:b0:47:4c:c6:3c:fc:8d:49:17:d7:2d:d3:48: e4:c7:72:92:58:59:f2:1c:45:3d:3e:bf:b0:a4:8e:78:0f:d3: 32:8b:f6:8b:75:3b:04:c0:fb:86:ee:0b:cb:2e:05:36:dc:13: de:5c:aa:4c:52:fb:ec:a5:72:66:83:92:5f:3f:48:11:17:a6: de:46:eb:4e:82:ac:04:ce:87:52:73:6f:0f:f7:87:4b:cc:2b: 40:db:32:23:9a:c9:2b:24:24:01:4b:10:a3:09:18:16:50:78: 1c:2f:34:01:10:9f:b8:16:44:23:c1:e7:27:00:3a:de:c0:41: 07:cf:f2:91:96:d0:ee:c4:5f:2c:36:d3:4d:9b:8e:7d:2c:f5: fb:c7:1e:61:60:69:22:dc:5e:ba:a8:7f:bc:40:79:36:b1:e7: a9:77:e6:70:e3:76:f6:29:37:9c:8a:2a:7f:eb:a0:67:63:82: 19:9c:06:66:1a:06:a0:88:21:a4:bb:ef:05:3a:92:1c:5d:ea: a6:36:cc:a6:d9:cc:c9:e0:7f:3e:9a:be:b3:b1:9f:64:37:31: c6:35:4b:13 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIULJcOXri5RYR9PFdtMuyQD1nSxtAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAwMjYyNVoX DTI3MDUwMjAwMzEyNVowMzExMC8GA1UEAxMoMDI0MjFGMUQ4RjA5MTE0ODJBM0I5 NjQxNjdENTI5MkY3QjQ2RDJBMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOywDROp+nPSnH6M8XHUuNujOTOcT5mdUAEwwovHc2PkBeumV7JcIGjqqpXC AeYEzg7dsbSz+lzNv1gh90it5xENTim1SQlMdTRq8EYKHkMhrMM/9BZY6G0Qbjo8 VmnzOZS1FZVRj3OB45NnnNfhd8y8dVfQHr2SQcxWIYFLF+p/7pVL2jlcpAXRyMAQ Xqsk8kRDVivwKMkOuq1A4kejF0lvoesx9Q15M+ucaS2rIVm6Zk8+DVHxfOZb/3D0 L1tg9XxL4SqjfBLCpLovz71FODAUEFguWMaDcOYNgnRv2BqSeDntPUBoEZLSx1y+ 41SL+NrysH9EhbKmJC4tJKg5MOsCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFAJCHx2PCRFIKjuWQWfVKS97RtKgMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzQ2NDQyNjNhLThlZTItNGVlYy1hODEwLTU3MzNjY2FmNTFlMy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby80NjQ0MjYz YS04ZWUyLTRlZWMtYTgxMC01NzMzY2NhZjUxZTMvMC8wMjQyMUYxRDhGMDkxMTQ4 MkEzQjk2NDE2N0Q1MjkyRjdCNDZEMkEwLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnRR4MA0GCSqGSIb3DQEBCwUAA4IBAQA0U+GjySSUT3ILvofjR4B2WyDUTKHs IBLAqhWU8Xo3Pu8uf2+EnW0CSLBHTMY8/I1JF9ct00jkx3KSWFnyHEU9Pr+wpI54 D9Myi/aLdTsEwPuG7gvLLgU23BPeXKpMUvvspXJmg5JfP0gRF6beRutOgqwEzodS c28P94dLzCtA2zIjmskrJCQBSxCjCRgWUHgcLzQBEJ+4FkQjwecnADrewEEHz/KR ltDuxF8sNtNNm459LPX7xx5hYGki3F66qH+8QHk2seepd+Zw43b2KTeciip/66Bn Y4IZnAZmGgagiCGku+8FOpIcXeqmNsym2czJ4H8+mr6zsZ9kNzHGNUsT -----END CERTIFICATE-----Generated at Tue May 12 22:03:30 2026 by rpki-client