$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/29D0D4588D8D3233F60F0F4E2EC1A05082F889BA.cer File: 29D0D4588D8D3233F60F0F4E2EC1A05082F889BA.cer (raw, json) Hash identifier: x8QRChyzGNtN/tGL8pLwqF630cXhrtaBvk6vc6CW0b0= Subject key identifier: 29:D0:D4:58:8D:8D:32:33:F6:0F:0F:4E:2E:C1:A0:50:82:F8:89:BA Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 2D12CA838E3A1F93B5BA2B9CAABF79904C376915 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/81a4b782-c37f-4379-a8a6-4da5d82b239f/0/29D0D4588D8D3233F60F0F4E2EC1A05082F889BA.mft caRepository: rsync://rpki-rsync.idnic.net/repo/81a4b782-c37f-4379-a8a6-4da5d82b239f/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:07:07 +0000 Certificate not after: Sun 02 May 2027 01:12:07 +0000 Subordinate resources: IP: 157.66.132.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:12:ca:83:8e:3a:1f:93:b5:ba:2b:9c:aa:bf:79:90:4c:37:69:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 01:07:07 2026 GMT Not After : May 2 01:12:07 2027 GMT Subject: CN=29D0D4588D8D3233F60F0F4E2EC1A05082F889BA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:ef:92:87:81:d5:d1:6f:55:dd:ab:2b:49:33: 00:b4:bf:10:e8:43:b5:d3:b2:63:9f:cf:64:15:34: 6a:de:c7:2b:a8:3d:37:9a:a9:1e:18:2c:1c:ee:e9: e6:56:dc:c1:fb:ef:71:17:eb:3a:37:ee:9a:15:ef: 2c:6e:b4:b9:b4:93:d6:c0:43:77:5b:fd:b2:df:0d: aa:36:cc:f4:c4:f9:a0:a3:5c:83:01:1e:e8:db:34: f3:d8:8e:cf:18:79:f9:57:c2:e4:2d:a1:52:de:d5: 4d:bd:66:bd:a0:ff:ee:c1:29:ec:c4:cc:94:3e:f3: fa:9e:fb:db:23:4e:17:b8:37:16:e2:24:90:38:30: 61:a4:bc:58:2e:6f:43:51:0b:63:7b:04:f1:55:6f: fa:59:e9:bb:38:65:5f:45:8e:be:16:f2:8c:2f:f3: 06:35:19:b4:13:86:57:91:1c:42:92:02:b5:bc:40: 51:77:d3:2b:35:0f:e4:04:c8:7f:82:fb:18:54:ed: 22:5e:89:5b:b1:78:14:76:5d:bd:35:fb:54:26:5b: d2:7a:fa:d8:6d:66:5f:d0:a3:e0:82:c4:c9:60:b7: 99:ea:2a:c1:bc:70:e8:5e:af:ab:75:fd:e1:b2:a1: 26:77:20:0b:30:f8:b7:a2:a5:50:9d:20:a8:84:57: 38:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 29:D0:D4:58:8D:8D:32:33:F6:0F:0F:4E:2E:C1:A0:50:82:F8:89:BA X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/81a4b782-c37f-4379-a8a6-4da5d82b239f/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/81a4b782-c37f-4379-a8a6-4da5d82b239f/0/29D0D4588D8D3233F60F0F4E2EC1A05082F889BA.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.132.0/23 Signature Algorithm: sha256WithRSAEncryption a7:9b:83:96:95:1b:9c:6d:8c:5d:02:80:2f:af:61:fa:a2:d8: 0b:30:54:d3:26:03:c5:d0:70:92:58:6e:af:4b:88:5c:3a:73: 23:d4:02:ac:ea:cd:9d:bd:03:a1:b1:39:41:70:39:83:e2:4f: f0:de:40:35:85:46:38:20:8d:6f:45:23:0e:ec:9e:63:c3:2c: 8c:35:8b:ec:22:26:9e:c7:78:65:d1:71:0d:5a:95:01:bf:66: a1:9b:ca:3f:cf:44:1e:2b:a0:7c:25:26:99:33:94:c3:d9:86: 9b:ee:8c:74:d8:47:bf:a9:d8:f8:08:1b:06:71:1f:84:dd:94: df:e0:98:b3:0e:88:18:4e:ac:11:e0:f3:bb:38:75:70:de:eb: 5e:55:54:63:8b:0d:84:06:dd:34:3e:aa:ff:e2:0a:ad:68:77: 0c:51:9a:f9:9a:33:20:8e:6a:fb:93:a4:95:ad:84:0e:e7:87: 6b:eb:48:5f:47:86:21:28:90:f3:22:b9:b7:17:c4:b8:f9:2c: 46:dd:5b:72:ef:2c:62:4b:b3:fd:ac:38:07:ec:87:6c:a6:8d: e9:fd:a0:0d:bf:47:dd:dd:2b:49:fe:f4:6b:10:97:57:1d:a5: 00:21:e1:91:b8:f1:ce:0b:6b:00:03:8f:35:38:5d:44:34:ab: d1:6f:5a:f8 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIULRLKg446H5O1uiucqr95kEw3aRUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAxMDcwN1oX DTI3MDUwMjAxMTIwN1owMzExMC8GA1UEAxMoMjlEMEQ0NTg4RDhEMzIzM0Y2MEYw RjRFMkVDMUEwNTA4MkY4ODlCQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAITvkoeB1dFvVd2rK0kzALS/EOhDtdOyY5/PZBU0at7HK6g9N5qpHhgsHO7p 5lbcwfvvcRfrOjfumhXvLG60ubST1sBDd1v9st8NqjbM9MT5oKNcgwEe6Ns089iO zxh5+VfC5C2hUt7VTb1mvaD/7sEp7MTMlD7z+p772yNOF7g3FuIkkDgwYaS8WC5v Q1ELY3sE8VVv+lnpuzhlX0WOvhbyjC/zBjUZtBOGV5EcQpICtbxAUXfTKzUP5ATI f4L7GFTtIl6JW7F4FHZdvTX7VCZb0nr62G1mX9Cj4ILEyWC3meoqwbxw6F6vq3X9 4bKhJncgCzD4t6KlUJ0gqIRXOLECAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCnQ1FiNjTIz9g8PTi7BoFCC+Im6MB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzgxYTRiNzgyLWMzN2YtNDM3OS1hOGE2LTRkYTVkODJiMjM5Zi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby84MWE0Yjc4 Mi1jMzdmLTQzNzktYThhNi00ZGE1ZDgyYjIzOWYvMC8yOUQwRDQ1ODhEOEQzMjMz RjYwRjBGNEUyRUMxQTA1MDgyRjg4OUJBLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnUKEMA0GCSqGSIb3DQEBCwUAA4IBAQCnm4OWlRucbYxdAoAvr2H6otgLMFTT JgPF0HCSWG6vS4hcOnMj1AKs6s2dvQOhsTlBcDmD4k/w3kA1hUY4II1vRSMO7J5j wyyMNYvsIiaex3hl0XENWpUBv2ahm8o/z0QeK6B8JSaZM5TD2Yab7ox02Ee/qdj4 CBsGcR+E3ZTf4JizDogYTqwR4PO7OHVw3uteVVRjiw2EBt00Pqr/4gqtaHcMUZr5 mjMgjmr7k6SVrYQO54dr60hfR4YhKJDzIrm3F8S4+SxG3Vty7yxiS7P9rDgH7Ids po3p/aANv0fd3StJ/vRrEJdXHaUAIeGRuPHOC2sAA481OF1ENKvRb1r4 -----END CERTIFICATE-----Generated at Tue May 12 22:10:23 2026 by rpki-client