$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/2DFC13D85715AA04782C2A3D86F83844385F896D.cer File: 2DFC13D85715AA04782C2A3D86F83844385F896D.cer (raw, json) Hash identifier: 8Cs0Jul5W91eqF8ieeu98YhxHLI/VvnGliXCmCs2jxA= Subject key identifier: 2D:FC:13:D8:57:15:AA:04:78:2C:2A:3D:86:F8:38:44:38:5F:89:6D Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 3880982121343057E2EDE3C73C0B4C4ACE054F7E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/59b07a9e-62df-4808-9d2a-a6e6884bcbbb/0/2DFC13D85715AA04782C2A3D86F83844385F896D.mft caRepository: rsync://rpki-rsync.idnic.net/repo/59b07a9e-62df-4808-9d2a-a6e6884bcbbb/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:39:06 +0000 Certificate not after: Sun 02 May 2027 00:44:06 +0000 Subordinate resources: IP: 160.187.55.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:80:98:21:21:34:30:57:e2:ed:e3:c7:3c:0b:4c:4a:ce:05:4f:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 00:39:06 2026 GMT Not After : May 2 00:44:06 2027 GMT Subject: CN=2DFC13D85715AA04782C2A3D86F83844385F896D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:83:8b:96:f4:05:22:6d:7c:76:e6:a3:41:12: ec:da:31:2e:71:ab:25:ba:71:61:49:e5:6f:00:84: 91:7c:b8:3b:c5:db:8f:13:5b:b5:e8:08:2c:81:21: 83:87:63:22:54:38:4b:bb:12:69:54:5a:f6:da:4c: c7:c5:bd:57:0d:e8:96:4f:e9:a4:2d:0a:5a:c3:9d: 08:2d:8a:a8:9e:df:50:c0:4a:25:e5:f0:76:e6:d7: 50:b6:af:3e:32:58:37:cc:86:54:96:af:66:49:f0: dc:88:27:55:2b:c5:ed:50:38:cf:91:2a:69:af:a8: 8d:fd:4d:ca:98:67:ac:0c:ee:a1:36:b2:db:4d:26: ec:0c:98:64:87:04:89:19:e7:65:24:ae:25:0a:3d: 30:f1:c8:68:58:21:58:66:58:f3:bd:c2:5c:32:63: 9e:f0:95:e0:6b:ac:89:ab:e8:a4:99:52:1a:eb:c6: 6e:61:b2:79:61:5d:1a:7b:98:d2:24:f1:d4:ad:11: 72:cf:ac:b2:ac:94:b9:2d:0d:f7:86:d4:29:4a:6e: a2:e0:f2:c1:65:4a:0d:d0:c4:76:fc:79:8c:25:c4: 6a:8a:2c:b4:23:69:44:f3:ab:b9:9f:2f:fd:86:58: bd:61:84:0d:1b:34:eb:48:de:78:8d:32:83:fa:04: b3:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2D:FC:13:D8:57:15:AA:04:78:2C:2A:3D:86:F8:38:44:38:5F:89:6D X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/59b07a9e-62df-4808-9d2a-a6e6884bcbbb/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/59b07a9e-62df-4808-9d2a-a6e6884bcbbb/0/2DFC13D85715AA04782C2A3D86F83844385F896D.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.187.55.0/24 Signature Algorithm: sha256WithRSAEncryption 19:03:35:cc:29:d3:3e:90:17:e3:02:75:e9:e0:87:9d:b0:5e: bc:41:f9:06:73:7c:76:f3:f9:44:4c:05:bf:be:1c:51:f8:55: 08:08:a3:e3:0b:05:b4:70:67:f0:1f:7d:32:22:89:b2:ef:66: 0a:1d:9f:f6:8f:7f:33:3a:9b:cf:23:7c:0a:16:04:91:b5:b7: cd:d7:81:bb:a6:1d:90:47:13:5c:d6:e2:10:a9:44:cf:fd:d0: 0d:79:c8:18:c2:e7:51:6d:76:56:8d:9b:42:f2:50:72:10:38: e7:8a:3c:5b:02:7d:9f:71:ea:86:fa:cb:94:d2:fd:d4:b9:23: 0c:86:b1:03:1b:50:06:d3:2a:81:3b:61:fe:89:3b:17:f8:dc: 1c:36:9e:59:f0:3c:49:12:31:14:b0:c6:88:61:62:07:a7:55: 0f:51:11:c8:ae:6f:39:5d:5d:aa:a1:60:c5:bd:3d:6b:10:43: fe:c7:d9:83:54:3b:68:82:42:2f:8d:f3:06:18:5d:96:5f:24: cc:84:f8:4c:ec:43:07:e6:4a:71:97:63:36:19:e0:4c:81:95: 90:96:1f:a4:e6:2c:34:bc:c4:7c:11:a2:97:19:1a:52:3c:9f: 49:5a:76:82:7c:95:f5:7c:c5:80:d9:9f:7b:7d:60:80:77:bd: 18:08:0c:06 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUOICYISE0MFfi7ePHPAtMSs4FT34wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAwMzkwNloX DTI3MDUwMjAwNDQwNlowMzExMC8GA1UEAxMoMkRGQzEzRDg1NzE1QUEwNDc4MkMy QTNEODZGODM4NDQzODVGODk2RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANKDi5b0BSJtfHbmo0ES7NoxLnGrJbpxYUnlbwCEkXy4O8XbjxNbtegILIEh g4djIlQ4S7sSaVRa9tpMx8W9Vw3olk/ppC0KWsOdCC2KqJ7fUMBKJeXwdubXULav PjJYN8yGVJavZknw3IgnVSvF7VA4z5Eqaa+ojf1NyphnrAzuoTay200m7AyYZIcE iRnnZSSuJQo9MPHIaFghWGZY873CXDJjnvCV4GusiavopJlSGuvGbmGyeWFdGnuY 0iTx1K0Rcs+ssqyUuS0N94bUKUpuouDywWVKDdDEdvx5jCXEaoostCNpRPOruZ8v /YZYvWGEDRs060jeeI0yg/oEs8ECAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFC38E9hXFaoEeCwqPYb4OEQ4X4ltMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzU5YjA3YTllLTYyZGYtNDgwOC05ZDJhLWE2ZTY4ODRiY2JiYi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby81OWIwN2E5 ZS02MmRmLTQ4MDgtOWQyYS1hNmU2ODg0YmNiYmIvMC8yREZDMTNEODU3MTVBQTA0 NzgyQzJBM0Q4NkY4Mzg0NDM4NUY4OTZELm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAoLs3MA0GCSqGSIb3DQEBCwUAA4IBAQAZAzXMKdM+kBfjAnXp4IedsF68QfkG c3x28/lETAW/vhxR+FUICKPjCwW0cGfwH30yIomy72YKHZ/2j38zOpvPI3wKFgSR tbfN14G7ph2QRxNc1uIQqUTP/dANecgYwudRbXZWjZtC8lByEDjnijxbAn2fceqG +suU0v3UuSMMhrEDG1AG0yqBO2H+iTsX+NwcNp5Z8DxJEjEUsMaIYWIHp1UPURHI rm85XV2qoWDFvT1rEEP+x9mDVDtogkIvjfMGGF2WXyTMhPhM7EMH5kpxl2M2GeBM gZWQlh+k5iw0vMR8EaKXGRpSPJ9JWnaCfJX1fMWA2Z97fWCAd70YCAwG -----END CERTIFICATE-----Generated at Tue May 12 22:52:52 2026 by rpki-client