$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/0560E2FD01C6E7DD03E4D7FFB30B7EF7C2F49DAF.cer File: 0560E2FD01C6E7DD03E4D7FFB30B7EF7C2F49DAF.cer (raw, json) Hash identifier: xqNsWLqP8Sz6gF5aWAa1X6FGH7xyKAjOCWAJhu0yqVY= Subject key identifier: 05:60:E2:FD:01:C6:E7:DD:03:E4:D7:FF:B3:0B:7E:F7:C2:F4:9D:AF Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 4166671D8D377B81CFF845A02BDA42C79868DC6A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/032f98a0-0947-4f7a-bee7-ffc3d05b940e/0/0560E2FD01C6E7DD03E4D7FFB30B7EF7C2F49DAF.mft caRepository: rsync://rpki-rsync.idnic.net/repo/032f98a0-0947-4f7a-bee7-ffc3d05b940e/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:41:49 +0000 Certificate not after: Sat 01 May 2027 23:46:49 +0000 Subordinate resources: IP: 157.66.172.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:66:67:1d:8d:37:7b:81:cf:f8:45:a0:2b:da:42:c7:98:68:dc:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 23:41:49 2026 GMT Not After : May 1 23:46:49 2027 GMT Subject: CN=0560E2FD01C6E7DD03E4D7FFB30B7EF7C2F49DAF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:2e:48:f7:15:6a:95:bf:72:c6:ef:95:1e:be: 36:f4:30:23:a1:b2:24:a8:19:98:21:0e:0d:87:87: f6:35:13:e6:2c:f7:2e:1f:8e:d5:7b:f9:f7:cb:21: 0c:b7:9e:c4:61:a2:76:23:82:f5:18:22:9b:81:32: cc:03:10:d3:1b:81:7d:34:dd:39:f5:25:54:47:f1: 41:b8:63:b8:73:b4:b2:ff:4c:5a:24:9d:36:d1:e3: 5b:08:4a:78:75:54:2e:e4:38:56:0f:c5:d7:bb:74: 24:5c:40:12:be:69:e7:d2:ab:c9:2c:2a:0c:e8:0e: 5a:8c:25:c6:b9:59:42:05:ea:f7:8a:d9:ab:cc:67: 41:6a:8c:4f:50:62:90:ab:b9:e6:3c:15:3c:43:55: 21:c6:58:24:32:52:d0:2b:78:43:96:52:02:13:03: 37:8a:a5:d3:c5:7b:cf:8b:a7:fe:8a:d6:2c:cd:b9: 4e:f5:16:89:62:ab:1a:75:f8:37:ac:40:da:f8:0b: 17:10:e7:1e:d9:74:52:93:4b:a2:49:db:4e:61:e1: 61:a9:36:5f:9e:a2:22:8a:42:21:b3:7b:1d:6e:64: 5f:7e:f1:21:b5:97:c7:7b:de:ff:31:a3:d6:5a:92: 07:69:c2:63:61:d0:a9:6c:fd:5c:23:82:0f:c6:31: 93:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 05:60:E2:FD:01:C6:E7:DD:03:E4:D7:FF:B3:0B:7E:F7:C2:F4:9D:AF X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/032f98a0-0947-4f7a-bee7-ffc3d05b940e/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/032f98a0-0947-4f7a-bee7-ffc3d05b940e/0/0560E2FD01C6E7DD03E4D7FFB30B7EF7C2F49DAF.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.172.0/23 Signature Algorithm: sha256WithRSAEncryption 8f:41:42:3c:8e:8c:07:1d:75:eb:3c:d7:16:bc:c9:80:15:fb: c3:1d:86:c4:07:cf:9d:b5:88:ab:c9:30:7d:f2:4b:c2:ae:f6: 40:31:40:75:f0:8b:82:d3:16:16:60:90:71:4e:6e:97:8a:20: a6:c2:3c:6c:7a:91:87:d2:57:25:cd:b7:3c:55:f8:0b:c5:99: d6:ed:91:8a:42:d3:8c:e8:6c:b9:1b:99:bb:e4:6f:13:38:9e: 0b:ab:f8:86:98:5f:58:cc:27:6f:ae:63:0a:35:74:df:ff:bd: f8:7f:ec:4f:7d:91:46:c8:f0:0e:e8:33:40:b1:e5:7e:91:ff: bb:41:50:0a:0d:3c:6e:e2:0b:92:07:39:a9:bd:5d:ac:49:3d: b0:5e:03:bd:81:74:9a:54:12:ec:26:07:f8:96:d3:76:36:7a: 46:94:4e:0d:2b:11:b6:c7:86:c7:4c:45:b0:3c:f9:d1:41:89: 4e:e7:1d:13:e3:f8:1a:3b:6b:92:c9:49:81:07:c3:78:12:5f: 74:76:08:c6:e4:93:8b:0b:91:fd:b0:ff:a3:75:c7:19:d4:b3: a4:92:1a:2d:57:26:87:29:2c:6e:a5:90:b3:db:b4:e7:fd:87: ee:0e:40:ea:2e:d0:35:9a:e3:a8:d1:3b:ab:ee:d7:dd:a8:1b: 58:47:04:09 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUQWZnHY03e4HP+EWgK9pCx5ho3GowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjIzNDE0OVoX DTI3MDUwMTIzNDY0OVowMzExMC8GA1UEAxMoMDU2MEUyRkQwMUM2RTdERDAzRTRE N0ZGQjMwQjdFRjdDMkY0OURBRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJQuSPcVapW/csbvlR6+NvQwI6GyJKgZmCEODYeH9jUT5iz3Lh+O1Xv598sh DLeexGGidiOC9Rgim4EyzAMQ0xuBfTTdOfUlVEfxQbhjuHO0sv9MWiSdNtHjWwhK eHVULuQ4Vg/F17t0JFxAEr5p59KrySwqDOgOWowlxrlZQgXq94rZq8xnQWqMT1Bi kKu55jwVPENVIcZYJDJS0Ct4Q5ZSAhMDN4ql08V7z4un/orWLM25TvUWiWKrGnX4 N6xA2vgLFxDnHtl0UpNLoknbTmHhYak2X56iIopCIbN7HW5kX37xIbWXx3ve/zGj 1lqSB2nCY2HQqWz9XCOCD8Yxk1UCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFAVg4v0BxufdA+TX/7MLfvfC9J2vMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzAzMmY5OGEwLTA5NDctNGY3YS1iZWU3LWZmYzNkMDViOTQwZS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8wMzJmOThh MC0wOTQ3LTRmN2EtYmVlNy1mZmMzZDA1Yjk0MGUvMC8wNTYwRTJGRDAxQzZFN0RE MDNFNEQ3RkZCMzBCN0VGN0MyRjQ5REFGLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnUKsMA0GCSqGSIb3DQEBCwUAA4IBAQCPQUI8jowHHXXrPNcWvMmAFfvDHYbE B8+dtYiryTB98kvCrvZAMUB18IuC0xYWYJBxTm6XiiCmwjxsepGH0lclzbc8VfgL xZnW7ZGKQtOM6Gy5G5m75G8TOJ4Lq/iGmF9YzCdvrmMKNXTf/734f+xPfZFGyPAO 6DNAseV+kf+7QVAKDTxu4guSBzmpvV2sST2wXgO9gXSaVBLsJgf4ltN2NnpGlE4N KxG2x4bHTEWwPPnRQYlO5x0T4/gaO2uSyUmBB8N4El90dgjG5JOLC5H9sP+jdccZ 1LOkkhotVyaHKSxupZCz27Tn/YfuDkDqLtA1muOo0Tur7tfdqBtYRwQJ -----END CERTIFICATE-----Generated at Tue May 12 22:10:07 2026 by rpki-client