$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/2CE9A084598867F6677FDE09C272DA8D05C480FC.cer File: 2CE9A084598867F6677FDE09C272DA8D05C480FC.cer (raw, json) Hash identifier: YbeMROEHQ38cMJW9LshZxG9ytYO7HW2Hej4Rb2raKoY= Subject key identifier: 2C:E9:A0:84:59:88:67:F6:67:7F:DE:09:C2:72:DA:8D:05:C4:80:FC Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 0A365CFD9D464E8FD30D79608F7041C8DAB865D4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/a9b8152e-aa86-4d8a-81da-e71086b2956c/0/2CE9A084598867F6677FDE09C272DA8D05C480FC.mft caRepository: rsync://rpki-rsync.idnic.net/repo/a9b8152e-aa86-4d8a-81da-e71086b2956c/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:33:45 +0000 Certificate not after: Sun 02 May 2027 01:38:45 +0000 Subordinate resources: IP: 138.252.176.0/24 IP: 160.20.244.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:36:5c:fd:9d:46:4e:8f:d3:0d:79:60:8f:70:41:c8:da:b8:65:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 01:33:45 2026 GMT Not After : May 2 01:38:45 2027 GMT Subject: CN=2CE9A084598867F6677FDE09C272DA8D05C480FC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:06:44:d0:c3:68:34:74:03:0b:6d:c3:fa:c6: 88:a2:6f:8a:ed:ca:4d:2b:1c:d6:2e:c5:22:b3:80: 70:12:ea:43:ac:67:6f:78:10:bc:9e:41:4f:f7:5a: 36:b9:a4:24:3a:e0:8b:08:98:9b:ff:17:22:58:2b: 51:c9:f2:96:ad:70:0d:a1:0b:19:e9:2c:53:d8:60: 6b:c8:ac:f6:f1:a7:08:0f:1c:c8:a6:02:06:3a:be: 66:5a:f9:7f:ea:39:4e:ca:ab:b4:31:57:a6:1e:fd: 60:79:9f:95:f2:0c:20:cb:55:86:6b:52:2c:7c:4f: 3b:6c:c5:ce:b1:fe:4a:32:b7:ac:43:e1:73:50:04: 50:e0:52:47:22:a8:ff:a3:ae:7b:18:c3:69:f5:0d: 8a:69:10:75:48:d3:83:7a:cc:a7:fb:3e:a9:d2:ed: 47:48:02:27:aa:d0:4c:17:90:2e:5c:91:e6:0c:6a: da:6b:c5:9d:1b:c7:ca:78:08:ee:f7:94:30:06:48: fd:8b:c2:29:66:3a:fa:a1:61:ef:8c:88:df:c8:71: ef:de:ea:19:aa:cf:e4:7c:71:c4:5c:6d:ab:44:0e: bb:aa:06:b0:3b:9a:0a:b3:41:c6:4b:fe:21:fb:5b: ab:97:79:88:74:3e:cd:26:be:9c:b1:12:98:87:81: ed:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2C:E9:A0:84:59:88:67:F6:67:7F:DE:09:C2:72:DA:8D:05:C4:80:FC X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/a9b8152e-aa86-4d8a-81da-e71086b2956c/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/a9b8152e-aa86-4d8a-81da-e71086b2956c/0/2CE9A084598867F6677FDE09C272DA8D05C480FC.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.252.176.0/24 160.20.244.0/24 Signature Algorithm: sha256WithRSAEncryption 39:54:0b:1b:80:9f:34:a4:90:c4:16:87:ea:ae:dc:6b:44:30: fd:eb:d7:88:25:0c:8f:ed:bb:84:3d:d2:a0:1c:73:cf:4d:64: 3e:e3:61:d6:99:7e:71:4f:69:0d:41:33:4f:a1:56:00:4d:51: 36:08:46:e4:d3:e3:1c:65:6c:f7:63:a0:31:3a:09:d4:eb:d2: 61:e6:89:85:99:43:fc:03:42:95:e9:db:07:3f:b3:9b:08:8c: 31:85:39:ed:f8:fd:c5:3d:2c:19:cb:21:75:0f:84:75:79:03: b5:a0:c8:e1:ed:0c:94:e0:9d:1f:0f:88:1c:3b:7c:f7:30:fe: 8c:9d:75:53:62:a4:be:6f:ba:28:bb:95:ab:81:4d:00:72:1c: b0:ba:cc:aa:08:e0:fd:68:5d:d4:03:f2:8c:ca:2b:f7:f0:2a: 74:11:e5:d1:d2:f1:7e:52:ae:3d:5e:db:a6:e8:67:32:ef:e9: 76:3e:59:c8:94:c0:08:e3:cc:8e:b2:93:fe:53:5a:28:93:4b: ac:4b:23:18:8f:a0:93:c0:5e:4b:cd:c9:3a:7b:14:6d:f3:32: fa:16:2c:22:31:11:9a:d3:2d:88:cc:85:9e:91:e4:4b:d8:08: 4c:2b:aa:c8:5c:10:33:c5:1e:2c:5f:4a:64:7e:df:f9:79:af: cc:d2:b2:24 -----BEGIN CERTIFICATE----- MIIFzDCCBLSgAwIBAgIUCjZc/Z1GTo/TDXlgj3BByNq4ZdQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAxMzM0NVoX DTI3MDUwMjAxMzg0NVowMzExMC8GA1UEAxMoMkNFOUEwODQ1OTg4NjdGNjY3N0ZE RTA5QzI3MkRBOEQwNUM0ODBGQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJwGRNDDaDR0Awttw/rGiKJviu3KTSsc1i7FIrOAcBLqQ6xnb3gQvJ5BT/da NrmkJDrgiwiYm/8XIlgrUcnylq1wDaELGeksU9hga8is9vGnCA8cyKYCBjq+Zlr5 f+o5TsqrtDFXph79YHmflfIMIMtVhmtSLHxPO2zFzrH+SjK3rEPhc1AEUOBSRyKo /6OuexjDafUNimkQdUjTg3rMp/s+qdLtR0gCJ6rQTBeQLlyR5gxq2mvFnRvHyngI 7veUMAZI/YvCKWY6+qFh74yI38hx797qGarP5HxxxFxtq0QOu6oGsDuaCrNBxkv+ Iftbq5d5iHQ+zSa+nLESmIeB7Y0CAwEAAaOCAr8wggK7MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCzpoIRZiGf2Z3/eCcJy2o0FxID8MB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2E5YjgxNTJlLWFhODYtNGQ4YS04MWRhLWU3MTA4NmIyOTU2Yy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9hOWI4MTUy ZS1hYTg2LTRkOGEtODFkYS1lNzEwODZiMjk1NmMvMC8yQ0U5QTA4NDU5ODg2N0Y2 Njc3RkRFMDlDMjcyREE4RDA1QzQ4MEZDLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAM AwQAivywAwQAoBT0MA0GCSqGSIb3DQEBCwUAA4IBAQA5VAsbgJ80pJDEFofqrtxr RDD969eIJQyP7buEPdKgHHPPTWQ+42HWmX5xT2kNQTNPoVYATVE2CEbk0+McZWz3 Y6AxOgnU69Jh5omFmUP8A0KV6dsHP7ObCIwxhTnt+P3FPSwZyyF1D4R1eQO1oMjh 7QyU4J0fD4gcO3z3MP6MnXVTYqS+b7oou5WrgU0AchywusyqCOD9aF3UA/KMyiv3 8Cp0EeXR0vF+Uq49Xtum6Gcy7+l2PlnIlMAI48yOspP+U1ook0usSyMYj6CTwF5L zck6exRt8zL6FiwiMRGa0y2IzIWekeRL2AhMK6rIXBAzxR4sX0pkft/5ea/M0rIk -----END CERTIFICATE-----Generated at Tue May 12 22:52:45 2026 by rpki-client