$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/0A9E60F4AC7AC71E2468935BCA5D0D970AACE8F6.cer File: 0A9E60F4AC7AC71E2468935BCA5D0D970AACE8F6.cer (raw, json) Hash identifier: KmUAHH4/UgZinilTUp6ZZr2VHnogo7dEcutKIC0hpM4= Subject key identifier: 0A:9E:60:F4:AC:7A:C7:1E:24:68:93:5B:CA:5D:0D:97:0A:AC:E8:F6 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: C60AE81C82E282DA35B93067DAE10F4EA75191 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/ea4f7934-cdc7-4082-83fb-df7d4f8219af/0/0A9E60F4AC7AC71E2468935BCA5D0D970AACE8F6.mft caRepository: rsync://rpki-rsync.idnic.net/repo/ea4f7934-cdc7-4082-83fb-df7d4f8219af/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:21:52 +0000 Certificate not after: Sun 02 May 2027 02:26:52 +0000 Subordinate resources: IP: 157.20.145.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: c6:0a:e8:1c:82:e2:82:da:35:b9:30:67:da:e1:0f:4e:a7:51:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 02:21:52 2026 GMT Not After : May 2 02:26:52 2027 GMT Subject: CN=0A9E60F4AC7AC71E2468935BCA5D0D970AACE8F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:c2:d1:cf:ba:af:8b:ad:29:3a:09:8e:54:52: 58:98:87:fd:93:cd:ae:0c:42:21:38:dd:e8:54:43: 46:49:18:a7:4d:57:74:0e:0d:2b:57:37:9f:ae:5c: ec:0e:e8:e8:52:23:66:67:db:05:d7:5e:c5:95:b5: 37:b5:9e:da:4b:02:bb:eb:2a:26:59:04:7e:97:db: a0:51:22:ba:f1:e7:3f:c2:40:95:0b:0d:f2:17:5b: 7d:ed:40:18:e4:ad:db:03:cd:15:9a:0d:57:49:9b: 40:33:51:83:93:e6:d9:c5:04:44:c8:4e:28:d1:38: e8:c8:42:ab:ae:c5:e6:55:57:cf:ed:7c:50:80:d0: 52:e3:b6:ee:f7:2c:65:03:5f:6d:06:d0:2b:13:1c: 79:56:90:fc:5d:a6:55:3a:7d:b3:b8:04:bb:81:c6: e0:33:55:1e:8f:0a:aa:a2:b8:97:20:e1:17:90:04: 3b:91:c3:37:d7:81:78:39:77:a4:b6:87:c5:76:f8: ec:40:4b:9d:4b:1f:d3:d5:82:51:f7:89:63:fd:0f: 40:e6:df:bc:85:8f:12:e2:c3:a4:f6:46:44:61:03: 28:5b:2a:6b:df:3b:f0:aa:68:74:db:6f:c0:90:4b: 7f:a8:46:87:d2:94:9b:66:0d:c5:7a:b8:06:ca:6a: 1d:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 0A:9E:60:F4:AC:7A:C7:1E:24:68:93:5B:CA:5D:0D:97:0A:AC:E8:F6 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/ea4f7934-cdc7-4082-83fb-df7d4f8219af/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/ea4f7934-cdc7-4082-83fb-df7d4f8219af/0/0A9E60F4AC7AC71E2468935BCA5D0D970AACE8F6.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.145.0/24 Signature Algorithm: sha256WithRSAEncryption 59:0f:e3:97:0f:a7:94:b9:3e:cb:44:36:78:b5:ac:40:07:26: a3:af:7d:40:57:37:73:78:2d:5d:98:22:28:2b:bc:5c:f3:8b: ba:d2:67:30:3c:68:78:95:46:13:6d:6b:1c:65:a8:6a:fc:28: 5e:20:fb:09:38:df:b4:86:72:fc:81:3c:c9:64:76:86:6c:36: ce:51:0c:cf:8d:f9:7a:ee:76:60:0c:ad:ba:75:45:1b:02:92: 39:ad:c0:39:7c:26:f5:d9:78:41:9b:e7:59:0d:e4:67:6a:b4: 40:6f:17:d3:f0:bc:2f:d7:5f:78:30:51:4c:c8:d7:67:7a:9c: 95:bf:52:a0:81:51:91:a7:ca:a1:9d:22:bf:17:dc:e0:85:43: fc:7b:a8:65:cf:ba:3c:98:ca:2e:3c:a6:47:8a:f0:ba:ac:33: 7d:6c:d6:1c:d2:bd:42:14:08:ac:fb:a0:0a:5c:31:19:c7:68: a1:8f:a1:46:18:80:4a:61:c2:00:b6:b1:8b:5d:7a:5b:e0:1d: fd:02:ae:90:a3:ea:d3:aa:f1:17:14:73:99:0a:4e:f4:21:e0: 21:dd:ba:4a:b5:44:5a:82:05:30:53:c8:93:b2:e1:1f:87:80: 11:a9:b1:4b:e7:46:2d:b6:fa:09:2b:1f:20:9c:9f:f7:62:f2: 62:5e:9e:14 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUAMYK6ByC4oLaNbkwZ9rhD06nUZEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAyMjE1MloX DTI3MDUwMjAyMjY1MlowMzExMC8GA1UEAxMoMEE5RTYwRjRBQzdBQzcxRTI0Njg5 MzVCQ0E1RDBEOTcwQUFDRThGNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALzC0c+6r4utKToJjlRSWJiH/ZPNrgxCITjd6FRDRkkYp01XdA4NK1c3n65c 7A7o6FIjZmfbBddexZW1N7We2ksCu+sqJlkEfpfboFEiuvHnP8JAlQsN8hdbfe1A GOSt2wPNFZoNV0mbQDNRg5Pm2cUERMhOKNE46MhCq67F5lVXz+18UIDQUuO27vcs ZQNfbQbQKxMceVaQ/F2mVTp9s7gEu4HG4DNVHo8KqqK4lyDhF5AEO5HDN9eBeDl3 pLaHxXb47EBLnUsf09WCUfeJY/0PQObfvIWPEuLDpPZGRGEDKFsqa9878KpodNtv wJBLf6hGh9KUm2YNxXq4BspqHWMCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFAqeYPSsesceJGiTW8pdDZcKrOj2MB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2VhNGY3OTM0LWNkYzctNDA4Mi04M2ZiLWRmN2Q0ZjgyMTlhZi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9lYTRmNzkz NC1jZGM3LTQwODItODNmYi1kZjdkNGY4MjE5YWYvMC8wQTlFNjBGNEFDN0FDNzFF MjQ2ODkzNUJDQTVEMEQ5NzBBQUNFOEY2Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAnRSRMA0GCSqGSIb3DQEBCwUAA4IBAQBZD+OXD6eUuT7LRDZ4taxAByajr31A VzdzeC1dmCIoK7xc84u60mcwPGh4lUYTbWscZahq/CheIPsJON+0hnL8gTzJZHaG bDbOUQzPjfl67nZgDK26dUUbApI5rcA5fCb12XhBm+dZDeRnarRAbxfT8Lwv1194 MFFMyNdnepyVv1KggVGRp8qhnSK/F9zghUP8e6hlz7o8mMouPKZHivC6rDN9bNYc 0r1CFAis+6AKXDEZx2ihj6FGGIBKYcIAtrGLXXpb4B39Aq6Qo+rTqvEXFHOZCk70 IeAh3bpKtURaggUwU8iTsuEfh4ARqbFL50YttvoJKx8gnJ/3YvJiXp4U -----END CERTIFICATE-----Generated at Tue May 12 22:52:42 2026 by rpki-client