$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/2E1A4BECA1A3FEAEF0C7924EEEB4503F885A877C.cer File: 2E1A4BECA1A3FEAEF0C7924EEEB4503F885A877C.cer (raw, json) Hash identifier: 9lU07LkJ+4Ad3og9vx5GO9bYp1h3vaybP2pEpCo1d60= Subject key identifier: 2E:1A:4B:EC:A1:A3:FE:AE:F0:C7:92:4E:EE:B4:50:3F:88:5A:87:7C Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 3007CDA0EA49CCFEE49F4E90689CAA73491F2D87 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/01368ae3-dd12-4aa3-8948-546de04c51e4/0/2E1A4BECA1A3FEAEF0C7924EEEB4503F885A877C.mft caRepository: rsync://rpki-rsync.idnic.net/repo/01368ae3-dd12-4aa3-8948-546de04c51e4/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 22:51:11 +0000 Certificate not after: Sat 01 May 2027 22:56:11 +0000 Subordinate resources: IP: 157.20.188.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:07:cd:a0:ea:49:cc:fe:e4:9f:4e:90:68:9c:aa:73:49:1f:2d:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 22:51:11 2026 GMT Not After : May 1 22:56:11 2027 GMT Subject: CN=2E1A4BECA1A3FEAEF0C7924EEEB4503F885A877C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:ad:3f:8a:d9:9b:1b:b9:39:72:52:9c:4b:19: 1b:2c:d9:b8:eb:30:3d:4c:7d:f3:df:0f:ad:6b:e4: 2c:00:ca:d6:47:73:af:8e:21:c6:c9:25:a5:6b:71: 3c:70:9a:fb:39:84:ba:76:7c:85:b7:d4:db:7d:fb: d3:db:7e:87:af:2e:ff:72:c7:ef:77:c9:63:5f:d2: d9:73:36:b0:97:60:44:f8:d2:97:52:31:38:7e:c8: d2:a5:66:a5:30:de:92:13:f0:bf:89:e5:f4:bf:fa: 51:42:ae:37:db:20:f2:ee:2f:87:2b:3e:ec:27:1f: 72:14:b5:fb:53:55:82:17:63:96:55:6b:15:7b:f2: e4:66:df:ff:a2:3e:cc:32:49:14:30:72:5d:12:b3: ea:b4:db:8f:9c:79:8a:8b:45:5c:5c:49:69:db:6c: 15:7b:06:23:ee:11:10:11:b9:c9:37:1a:0d:c1:8a: 6f:b3:87:48:85:e7:15:67:ac:ec:4e:8b:68:46:cf: be:8a:88:36:51:40:a1:85:79:49:58:b4:39:5c:48: 3c:1c:1b:f5:25:b3:69:20:87:38:91:68:34:02:d6: d3:46:16:33:12:7a:43:9b:25:3c:30:5a:60:1e:51: 06:90:87:5c:9e:6b:09:2b:ea:ac:44:b8:a5:b7:41: 64:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2E:1A:4B:EC:A1:A3:FE:AE:F0:C7:92:4E:EE:B4:50:3F:88:5A:87:7C X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/01368ae3-dd12-4aa3-8948-546de04c51e4/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/01368ae3-dd12-4aa3-8948-546de04c51e4/0/2E1A4BECA1A3FEAEF0C7924EEEB4503F885A877C.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.188.0/23 Signature Algorithm: sha256WithRSAEncryption 47:c4:99:29:84:5c:31:e0:b7:86:7d:67:17:a1:95:7c:11:aa: 45:47:24:71:68:25:28:1e:40:1d:7c:ef:d3:5a:16:73:6b:88: b8:8a:35:6b:47:17:df:59:0e:fa:f3:22:ea:85:8d:cd:95:bf: 0d:84:d0:82:13:5d:0e:da:55:e5:03:fc:cd:1b:0e:35:a5:28: 68:bd:ce:86:e3:b9:fc:a4:5e:fc:cc:7d:47:9c:7e:1d:09:6d: be:93:10:1d:b3:8b:ae:ca:c8:34:10:be:f0:f2:49:88:8e:57: 91:1d:31:27:4a:3e:aa:a5:7a:55:86:22:ca:8f:a4:ef:6a:ad: 48:8b:4d:3d:ba:5a:f7:1c:29:5f:91:ee:78:c6:02:1d:43:8e: cf:25:b4:22:1e:e4:0a:a2:69:22:4c:75:5d:f4:f5:4c:bf:2b: 3a:ed:ce:7b:b8:75:3e:8e:01:4a:67:b6:26:cf:99:2c:cb:c6: f3:f9:0c:6c:94:9e:bd:1c:f3:72:0b:c4:6d:bd:70:54:1c:af: 5e:88:cf:2c:b9:83:da:e4:33:da:24:d6:d3:be:27:b0:c2:bc: 2a:68:01:97:14:3c:6a:43:e0:9b:da:58:72:ab:8f:7c:7e:1f: 39:73:95:77:da:e1:3c:e8:85:45:0f:f0:a1:1d:9b:07:16:73: 14:29:31:f3 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUMAfNoOpJzP7kn06QaJyqc0kfLYcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjIyNTExMVoX DTI3MDUwMTIyNTYxMVowMzExMC8GA1UEAxMoMkUxQTRCRUNBMUEzRkVBRUYwQzc5 MjRFRUVCNDUwM0Y4ODVBODc3QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK+tP4rZmxu5OXJSnEsZGyzZuOswPUx9898PrWvkLADK1kdzr44hxsklpWtx PHCa+zmEunZ8hbfU233709t+h68u/3LH73fJY1/S2XM2sJdgRPjSl1IxOH7I0qVm pTDekhPwv4nl9L/6UUKuN9sg8u4vhys+7CcfchS1+1NVghdjllVrFXvy5Gbf/6I+ zDJJFDByXRKz6rTbj5x5iotFXFxJadtsFXsGI+4REBG5yTcaDcGKb7OHSIXnFWes 7E6LaEbPvoqINlFAoYV5SVi0OVxIPBwb9SWzaSCHOJFoNALW00YWMxJ6Q5slPDBa YB5RBpCHXJ5rCSvqrES4pbdBZDUCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFC4aS+yho/6u8MeSTu60UD+IWod8MB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzAxMzY4YWUzLWRkMTItNGFhMy04OTQ4LTU0NmRlMDRjNTFlNC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8wMTM2OGFl My1kZDEyLTRhYTMtODk0OC01NDZkZTA0YzUxZTQvMC8yRTFBNEJFQ0ExQTNGRUFF RjBDNzkyNEVFRUI0NTAzRjg4NUE4NzdDLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnRS8MA0GCSqGSIb3DQEBCwUAA4IBAQBHxJkphFwx4LeGfWcXoZV8EapFRyRx aCUoHkAdfO/TWhZza4i4ijVrRxffWQ768yLqhY3Nlb8NhNCCE10O2lXlA/zNGw41 pShovc6G47n8pF78zH1HnH4dCW2+kxAds4uuysg0EL7w8kmIjleRHTEnSj6qpXpV hiLKj6Tvaq1Ii009ulr3HClfke54xgIdQ47PJbQiHuQKomkiTHVd9PVMvys67c57 uHU+jgFKZ7Ymz5ksy8bz+QxslJ69HPNyC8RtvXBUHK9eiM8suYPa5DPaJNbTview wrwqaAGXFDxqQ+Cb2lhyq498fh85c5V32uE86IVFD/ChHZsHFnMUKTHz -----END CERTIFICATE-----Generated at Tue May 12 22:45:59 2026 by rpki-client