$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/2D8147AB32AE34FE0599301C399BA431CBD96AE2.cer File: 2D8147AB32AE34FE0599301C399BA431CBD96AE2.cer (raw, json) Hash identifier: tk9BxGgvqyl8lgtefiSH3n3ZcJAThZy5eo2vLebBx/g= Subject key identifier: 2D:81:47:AB:32:AE:34:FE:05:99:30:1C:39:9B:A4:31:CB:D9:6A:E2 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 7B47D378D4EE8DF19F76C5BCEE0A9A345EE18CB7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/91da23e9-84be-4a54-bca0-e9a0cafd16fe/0/2D8147AB32AE34FE0599301C399BA431CBD96AE2.mft caRepository: rsync://rpki-rsync.idnic.net/repo/91da23e9-84be-4a54-bca0-e9a0cafd16fe/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:17:43 +0000 Certificate not after: Sun 02 May 2027 01:22:43 +0000 Subordinate resources: IP: 157.10.182.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:47:d3:78:d4:ee:8d:f1:9f:76:c5:bc:ee:0a:9a:34:5e:e1:8c:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 01:17:43 2026 GMT Not After : May 2 01:22:43 2027 GMT Subject: CN=2D8147AB32AE34FE0599301C399BA431CBD96AE2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:a9:29:1c:fa:1b:3e:f2:d1:32:cb:08:34:2a: f0:8a:44:84:ec:ac:f1:4d:52:cf:04:6e:a8:ef:6e: ad:4e:8d:a5:a7:2d:c5:f1:0f:cb:11:c2:ca:32:43: 92:5b:7c:75:f7:f1:bd:6b:58:cc:c0:e5:7c:09:d3: ca:7c:d2:bb:0f:68:3a:53:66:11:0a:d6:f1:1a:25: 8c:44:ca:b3:2f:0e:b2:07:84:a5:dc:b3:48:08:d3: bb:9d:af:04:f4:8c:97:3a:5f:b3:55:a5:dc:9c:a3: 95:6b:31:87:16:ee:50:b0:c4:29:1f:7c:87:ae:5b: ea:d0:52:19:ba:fb:7d:95:2e:bf:0d:e0:5a:9f:1b: 0b:d4:65:80:b0:1d:7e:c2:ba:13:87:7a:d4:ee:cb: 0b:45:a4:e3:31:7f:2c:c4:e4:de:fd:6b:e2:c1:aa: a5:c0:7d:97:a4:42:4d:4a:aa:9c:61:0c:ba:e6:73: 03:24:cf:b7:ac:b0:d2:91:c7:90:5a:0b:78:fc:a0: fd:2c:b7:55:28:68:ca:fb:f4:d6:ad:7c:d5:2d:d2: 95:33:be:58:2a:35:01:ac:20:e6:c6:a9:cf:f3:c5: f8:40:0c:a2:c4:22:57:23:1a:30:70:78:a1:fb:0b: 1c:06:b1:63:d6:08:3d:69:13:7c:ac:12:94:71:cc: 32:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2D:81:47:AB:32:AE:34:FE:05:99:30:1C:39:9B:A4:31:CB:D9:6A:E2 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/91da23e9-84be-4a54-bca0-e9a0cafd16fe/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/91da23e9-84be-4a54-bca0-e9a0cafd16fe/0/2D8147AB32AE34FE0599301C399BA431CBD96AE2.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.10.182.0/23 Signature Algorithm: sha256WithRSAEncryption 71:ec:71:2e:80:16:70:12:2f:45:92:0c:e7:de:99:74:dc:36: de:98:bc:38:ab:f6:75:ff:6f:03:75:a4:f5:ab:83:7a:ff:25: 30:ba:93:c3:48:76:ff:de:e0:d4:ea:5d:67:a4:9e:fc:10:69: 40:2f:54:71:9c:17:2a:a2:c7:dd:c2:f0:01:e5:dd:34:83:bd: b7:6f:09:b0:49:89:0b:89:41:1c:77:41:9a:dc:e8:4c:91:15: 78:ab:8e:20:96:9e:cf:15:64:b2:5b:32:49:41:f1:54:bb:23: bc:05:3b:3c:19:1f:a6:f7:98:a8:b3:49:ba:f8:b4:63:51:77: c2:22:2f:9d:9a:53:b8:df:a0:72:fe:59:73:14:ee:ad:0c:11: d9:8b:d4:2a:8b:af:8e:6e:e6:c7:96:30:95:05:c7:ee:d2:fc: 2b:8d:c8:bd:5a:91:4c:0a:63:c4:0d:c3:d5:47:0a:b1:2f:5b: 5d:91:5f:4c:7b:1f:d8:df:1c:33:ff:f5:8b:88:83:ec:07:70: 46:e7:33:85:c8:31:10:7b:70:53:b8:36:83:1e:b8:61:c8:24: 41:df:ab:1b:76:ba:72:fd:ee:5a:38:12:18:43:ec:88:d4:e2: c0:c7:59:1f:46:64:56:a7:30:42:7b:5c:43:e4:8c:8e:cf:7b: ad:98:fa:88 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUe0fTeNTujfGfdsW87gqaNF7hjLcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAxMTc0M1oX DTI3MDUwMjAxMjI0M1owMzExMC8GA1UEAxMoMkQ4MTQ3QUIzMkFFMzRGRTA1OTkz MDFDMzk5QkE0MzFDQkQ5NkFFMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALOpKRz6Gz7y0TLLCDQq8IpEhOys8U1SzwRuqO9urU6NpactxfEPyxHCyjJD klt8dffxvWtYzMDlfAnTynzSuw9oOlNmEQrW8RoljETKsy8OsgeEpdyzSAjTu52v BPSMlzpfs1Wl3JyjlWsxhxbuULDEKR98h65b6tBSGbr7fZUuvw3gWp8bC9RlgLAd fsK6E4d61O7LC0Wk4zF/LMTk3v1r4sGqpcB9l6RCTUqqnGEMuuZzAyTPt6yw0pHH kFoLePyg/Sy3VShoyvv01q181S3SlTO+WCo1Aawg5sapz/PF+EAMosQiVyMaMHB4 ofsLHAaxY9YIPWkTfKwSlHHMMjUCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFC2BR6syrjT+BZkwHDmbpDHL2WriMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzkxZGEyM2U5LTg0YmUtNGE1NC1iY2EwLWU5YTBjYWZkMTZmZS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby85MWRhMjNl OS04NGJlLTRhNTQtYmNhMC1lOWEwY2FmZDE2ZmUvMC8yRDgxNDdBQjMyQUUzNEZF MDU5OTMwMUMzOTlCQTQzMUNCRDk2QUUyLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnQq2MA0GCSqGSIb3DQEBCwUAA4IBAQBx7HEugBZwEi9Fkgzn3pl03DbemLw4 q/Z1/28DdaT1q4N6/yUwupPDSHb/3uDU6l1npJ78EGlAL1RxnBcqosfdwvAB5d00 g723bwmwSYkLiUEcd0Ga3OhMkRV4q44glp7PFWSyWzJJQfFUuyO8BTs8GR+m95io s0m6+LRjUXfCIi+dmlO436By/llzFO6tDBHZi9Qqi6+ObubHljCVBcfu0vwrjci9 WpFMCmPEDcPVRwqxL1tdkV9Mex/Y3xwz//WLiIPsB3BG5zOFyDEQe3BTuDaDHrhh yCRB36sbdrpy/e5aOBIYQ+yI1OLAx1kfRmRWpzBCe1xD5IyOz3utmPqI -----END CERTIFICATE-----Generated at Tue May 12 22:45:51 2026 by rpki-client