$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/24D75498B485AA5962AD8C3A00548ECA63BC6B48.cer File: 24D75498B485AA5962AD8C3A00548ECA63BC6B48.cer (raw, json) Hash identifier: qham9M6MYshIGeB2mNKJybLl+c+MCj0GBvpuvPHWV0c= Subject key identifier: 24:D7:54:98:B4:85:AA:59:62:AD:8C:3A:00:54:8E:CA:63:BC:6B:48 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 2E51B88068014D5B559C279372C7D0DEBB1559F8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/7b411b05-c58a-4206-b7ab-c250c1465550/0/24D75498B485AA5962AD8C3A00548ECA63BC6B48.mft caRepository: rsync://rpki-rsync.idnic.net/repo/7b411b05-c58a-4206-b7ab-c250c1465550/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:01:56 +0000 Certificate not after: Sun 02 May 2027 01:06:56 +0000 Subordinate resources: IP: 160.25.153.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:51:b8:80:68:01:4d:5b:55:9c:27:93:72:c7:d0:de:bb:15:59:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 01:01:56 2026 GMT Not After : May 2 01:06:56 2027 GMT Subject: CN=24D75498B485AA5962AD8C3A00548ECA63BC6B48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:3d:4b:b6:40:4e:34:4a:91:de:b7:35:57:20: 38:5d:55:cf:4f:bc:dc:8e:48:98:a9:f1:28:cf:23: 8c:b2:7d:c5:e6:76:0f:f8:92:d8:ae:d0:69:c9:9e: 1c:3b:5e:51:20:78:3a:d9:55:dc:3b:b4:dc:49:b0: fd:77:85:2f:d6:43:50:ec:11:92:bb:34:05:f9:be: 15:a9:83:29:8b:4c:4c:60:a9:a4:41:b5:85:11:71: f8:47:cd:e6:41:74:06:f6:ee:57:1c:d4:f4:c2:64: ee:bf:21:a8:14:8d:a5:d0:2b:82:68:69:42:1d:af: db:d1:ee:31:c3:1a:44:30:07:ee:ed:19:58:12:26: c8:68:58:1a:3d:00:39:c5:8d:9a:2e:7c:60:f9:c0: 17:78:1e:68:50:eb:dc:c5:3a:71:72:81:b0:b8:b3: 8c:f7:c6:45:be:f7:a8:3f:d1:d1:0d:76:4c:8d:a6: 03:a7:2c:35:09:04:19:91:30:92:af:78:d1:36:dc: 55:03:24:12:26:82:d4:74:24:95:0e:a2:14:c1:7b: cc:84:49:94:2c:28:4b:ae:3a:14:0f:f5:57:08:72: 56:6f:cb:06:2e:8e:b8:fb:77:ea:fe:09:ac:59:95: 39:24:97:6d:82:6f:cd:75:a5:81:49:82:d0:18:95: 45:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 24:D7:54:98:B4:85:AA:59:62:AD:8C:3A:00:54:8E:CA:63:BC:6B:48 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/7b411b05-c58a-4206-b7ab-c250c1465550/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/7b411b05-c58a-4206-b7ab-c250c1465550/0/24D75498B485AA5962AD8C3A00548ECA63BC6B48.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.153.0/24 Signature Algorithm: sha256WithRSAEncryption 7e:03:7d:ef:33:b4:9d:a2:df:51:34:b0:ea:52:ca:39:5f:df: 82:48:2d:e7:6c:9f:29:5f:4c:29:a7:8a:ed:87:5e:73:f8:65: 2a:76:9e:4d:56:90:40:2b:4c:c6:4c:f0:a2:6f:43:34:dc:76: 36:55:f2:43:f0:ee:4b:33:38:95:b2:66:66:4e:36:5d:4b:4b: c8:9f:24:f9:af:df:c6:26:0a:ce:fb:45:a8:5c:f2:cf:b1:22: 2e:7b:b7:f8:af:7c:90:8c:04:0d:28:cf:ad:92:89:22:db:2d: 75:d0:a1:c3:a1:cb:8c:f1:e8:27:b4:1b:99:d5:8b:22:7c:8d: fe:14:a1:a6:c3:f8:cb:1b:c5:a6:27:e5:de:e5:11:40:a6:b2: 59:92:60:85:62:5f:c3:09:68:5c:2e:b4:5d:cc:15:b3:14:5d: e5:63:60:48:cf:7e:c4:24:d5:1d:7b:02:1b:97:c3:2f:49:c0: 3c:be:a8:82:85:c6:77:be:15:23:09:f1:bd:ed:a2:86:6e:cf: 19:02:02:91:8c:ee:57:68:e5:b0:73:94:42:8d:8c:54:71:3d: bb:51:dc:e3:82:2b:f2:11:e9:c8:94:72:4d:77:78:ff:53:5c: f0:9f:cd:0d:1a:68:53:03:47:67:03:d8:e4:02:36:8e:2d:d1: 80:31:4f:3e -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIULlG4gGgBTVtVnCeTcsfQ3rsVWfgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAxMDE1NloX DTI3MDUwMjAxMDY1NlowMzExMC8GA1UEAxMoMjRENzU0OThCNDg1QUE1OTYyQUQ4 QzNBMDA1NDhFQ0E2M0JDNkI0ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL09S7ZATjRKkd63NVcgOF1Vz0+83I5ImKnxKM8jjLJ9xeZ2D/iS2K7Qacme HDteUSB4OtlV3Du03Emw/XeFL9ZDUOwRkrs0Bfm+FamDKYtMTGCppEG1hRFx+EfN 5kF0BvbuVxzU9MJk7r8hqBSNpdArgmhpQh2v29HuMcMaRDAH7u0ZWBImyGhYGj0A OcWNmi58YPnAF3geaFDr3MU6cXKBsLizjPfGRb73qD/R0Q12TI2mA6csNQkEGZEw kq940TbcVQMkEiaC1HQklQ6iFMF7zIRJlCwoS646FA/1VwhyVm/LBi6OuPt36v4J rFmVOSSXbYJvzXWlgUmC0BiVRecCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCTXVJi0hapZYq2MOgBUjspjvGtIMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzdiNDExYjA1LWM1OGEtNDIwNi1iN2FiLWMyNTBjMTQ2NTU1MC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby83YjQxMWIw NS1jNThhLTQyMDYtYjdhYi1jMjUwYzE0NjU1NTAvMC8yNEQ3NTQ5OEI0ODVBQTU5 NjJBRDhDM0EwMDU0OEVDQTYzQkM2QjQ4Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAoBmZMA0GCSqGSIb3DQEBCwUAA4IBAQB+A33vM7Sdot9RNLDqUso5X9+CSC3n bJ8pX0wpp4rth15z+GUqdp5NVpBAK0zGTPCib0M03HY2VfJD8O5LMziVsmZmTjZd S0vInyT5r9/GJgrO+0WoXPLPsSIue7f4r3yQjAQNKM+tkoki2y110KHDocuM8egn tBuZ1YsifI3+FKGmw/jLG8WmJ+Xe5RFAprJZkmCFYl/DCWhcLrRdzBWzFF3lY2BI z37EJNUdewIbl8MvScA8vqiChcZ3vhUjCfG97aKGbs8ZAgKRjO5XaOWwc5RCjYxU cT27UdzjgivyEenIlHJNd3j/U1zwn80NGmhTA0dnA9jkAjaOLdGAMU8+ -----END CERTIFICATE-----Generated at Tue May 12 22:04:06 2026 by rpki-client