$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/219A09E5E307286A0EACA587C1B82AD67AAA76E3.cer File: 219A09E5E307286A0EACA587C1B82AD67AAA76E3.cer (raw, json) Hash identifier: kSzkXxKh+Bj3HTZVYsDvWpiLptCWiEH5/hD3ZdUGspw= Subject key identifier: 21:9A:09:E5:E3:07:28:6A:0E:AC:A5:87:C1:B8:2A:D6:7A:AA:76:E3 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 79E693E25B3EB934B976D93FE06587CE9B422C7E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/994d1f62-8488-4086-8d4c-f2de5c76da3d/0/219A09E5E307286A0EACA587C1B82AD67AAA76E3.mft caRepository: rsync://rpki-rsync.idnic.net/repo/994d1f62-8488-4086-8d4c-f2de5c76da3d/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:22:36 +0000 Certificate not after: Sun 02 May 2027 01:27:36 +0000 Subordinate resources: IP: 157.10.0.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:e6:93:e2:5b:3e:b9:34:b9:76:d9:3f:e0:65:87:ce:9b:42:2c:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 01:22:36 2026 GMT Not After : May 2 01:27:36 2027 GMT Subject: CN=219A09E5E307286A0EACA587C1B82AD67AAA76E3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:dd:13:b0:fa:c3:0f:04:41:76:8d:6f:1b:bc: 14:57:76:e5:a9:b2:3d:46:76:05:06:07:23:6e:57: d7:31:5a:3d:81:88:2f:03:81:71:91:d0:33:26:5b: c2:e9:de:90:bf:0a:3b:d9:8b:70:a4:59:e4:88:46: e9:04:8f:80:d2:b8:8a:78:e6:b5:39:ba:82:6f:23: c3:7f:ce:16:7f:a3:f7:d1:58:b6:b8:72:73:17:47: f2:6c:43:8a:b8:44:a5:e4:1b:3f:eb:f9:3d:03:d3: 02:9e:f6:02:06:94:f1:c7:bf:b3:7a:4d:06:35:00: 25:03:04:f1:b7:34:0d:41:86:59:e6:be:1f:6a:9a: 63:2a:22:02:1d:05:ed:74:d0:51:78:04:83:1b:03: 27:99:5e:93:70:77:97:81:ea:4e:7a:e7:8c:0e:24: 8c:3c:d4:b3:0e:5c:f8:c4:ba:9b:12:29:e5:26:8d: f7:0c:a6:2b:38:0d:cd:9e:cd:9e:e6:f3:d1:ef:31: 22:09:da:08:f1:5b:9c:66:09:9a:94:4f:07:61:c3: 96:cb:79:b6:bf:e1:d2:47:a4:6a:e0:14:b7:6a:ea: c0:70:fb:cb:81:bf:3a:1e:e5:83:27:26:4e:0b:ec: cf:ae:0b:67:14:b5:d2:2a:2f:cc:2b:6f:2c:a6:f1: 86:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 21:9A:09:E5:E3:07:28:6A:0E:AC:A5:87:C1:B8:2A:D6:7A:AA:76:E3 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/994d1f62-8488-4086-8d4c-f2de5c76da3d/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/994d1f62-8488-4086-8d4c-f2de5c76da3d/0/219A09E5E307286A0EACA587C1B82AD67AAA76E3.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.10.0.0/23 Signature Algorithm: sha256WithRSAEncryption 06:07:26:be:49:cc:b8:21:92:95:84:37:29:de:3c:cf:d6:a8: a3:05:c8:a5:11:60:1a:d1:a3:4e:e3:b9:65:1b:0d:bd:eb:ee: af:64:66:8a:ba:da:1a:da:b4:36:32:26:9f:7f:b1:bd:8c:80: 00:bd:d4:21:82:82:70:1d:b5:b9:52:6d:ec:52:c1:9c:09:3e: 95:46:d3:8b:c3:87:14:79:b9:f3:40:9f:e7:c4:00:5c:68:5b: f6:10:c9:66:be:79:6c:c8:38:62:c8:01:c5:cf:f7:86:a0:af: fa:b0:a2:4a:04:3b:4c:aa:c1:e0:15:b5:d7:2d:8f:4c:1b:98: 0b:8f:ca:6f:db:09:be:cd:5f:9d:38:66:b3:10:9c:7c:a0:5b: cc:f8:4d:e0:99:bd:e7:da:65:ed:7c:83:1f:53:9d:59:b1:0a: c7:ef:2b:8a:eb:dd:97:78:77:6e:df:df:fa:29:99:75:fd:a0: 20:fe:4f:b4:a4:50:f0:af:c6:26:c1:0b:fe:e9:c0:02:b4:e4: 73:11:0d:77:ef:61:39:aa:de:8c:96:43:a3:e6:ef:19:d3:b8: bd:e2:d7:e9:dd:c6:e9:d3:4a:9b:8a:a0:95:ca:9c:37:39:90: 3d:64:f0:41:f7:ed:3e:9b:24:6e:34:4e:9f:26:27:44:df:0f: 09:b9:a3:c7 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUeeaT4ls+uTS5dtk/4GWHzptCLH4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAxMjIzNloX DTI3MDUwMjAxMjczNlowMzExMC8GA1UEAxMoMjE5QTA5RTVFMzA3Mjg2QTBFQUNB NTg3QzFCODJBRDY3QUFBNzZFMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAIvdE7D6ww8EQXaNbxu8FFd25amyPUZ2BQYHI25X1zFaPYGILwOBcZHQMyZb wunekL8KO9mLcKRZ5IhG6QSPgNK4injmtTm6gm8jw3/OFn+j99FYtrhycxdH8mxD irhEpeQbP+v5PQPTAp72AgaU8ce/s3pNBjUAJQME8bc0DUGGWea+H2qaYyoiAh0F 7XTQUXgEgxsDJ5lek3B3l4HqTnrnjA4kjDzUsw5c+MS6mxIp5SaN9wymKzgNzZ7N nubz0e8xIgnaCPFbnGYJmpRPB2HDlst5tr/h0kekauAUt2rqwHD7y4G/Oh7lgycm Tgvsz64LZxS10iovzCtvLKbxhmkCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCGaCeXjByhqDqylh8G4KtZ6qnbjMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv Lzk5NGQxZjYyLTg0ODgtNDA4Ni04ZDRjLWYyZGU1Yzc2ZGEzZC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby85OTRkMWY2 Mi04NDg4LTQwODYtOGQ0Yy1mMmRlNWM3NmRhM2QvMC8yMTlBMDlFNUUzMDcyODZB MEVBQ0E1ODdDMUI4MkFENjdBQUE3NkUzLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnQoAMA0GCSqGSIb3DQEBCwUAA4IBAQAGBya+Scy4IZKVhDcp3jzP1qijBcil EWAa0aNO47llGw296+6vZGaKutoa2rQ2Miaff7G9jIAAvdQhgoJwHbW5Um3sUsGc CT6VRtOLw4cUebnzQJ/nxABcaFv2EMlmvnlsyDhiyAHFz/eGoK/6sKJKBDtMqsHg FbXXLY9MG5gLj8pv2wm+zV+dOGazEJx8oFvM+E3gmb3n2mXtfIMfU51ZsQrH7yuK 692XeHdu39/6KZl1/aAg/k+0pFDwr8YmwQv+6cACtORzEQ1372E5qt6MlkOj5u8Z 07i94tfp3cbp00qbiqCVypw3OZA9ZPBB9+0+myRuNE6fJidE3w8JuaPH -----END CERTIFICATE-----Generated at Tue May 12 22:03:29 2026 by rpki-client