$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/3028A8BB1ECF7550222580449D4FA78158DBF42A.cer File: 3028A8BB1ECF7550222580449D4FA78158DBF42A.cer (raw, json) Hash identifier: avs/7P33unckpOZOzq+Oe9OYxUS+GlrJkMapRhm2y1I= Subject key identifier: 30:28:A8:BB:1E:CF:75:50:22:25:80:44:9D:4F:A7:81:58:DB:F4:2A Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 5743E860C02884415026C0052073CD57A3085F60 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/3028A8BB1ECF7550222580449D4FA78158DBF42A.mft caRepository: rsync://rpki-rsync.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:34:37 +0000 Certificate not after: Sun 02 May 2027 01:39:37 +0000 Subordinate resources: IP: 160.25.156.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:43:e8:60:c0:28:84:41:50:26:c0:05:20:73:cd:57:a3:08:5f:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 01:34:37 2026 GMT Not After : May 2 01:39:37 2027 GMT Subject: CN=3028A8BB1ECF7550222580449D4FA78158DBF42A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:3b:3f:01:05:a0:a4:28:a3:ef:b2:c5:0a:48: ea:cd:c0:f3:a5:5f:89:57:42:4f:cb:c7:13:60:04: be:94:d6:5b:cb:db:11:c3:d6:3e:52:b2:ea:4d:6b: 60:3e:ec:8f:49:0b:d1:4a:cc:c6:06:83:f5:a4:6a: f6:c8:b0:9d:c9:59:d8:ec:3f:a1:66:24:88:51:23: b5:38:75:12:e6:ff:ba:21:36:a0:68:58:0b:0b:b0: 8c:dd:5f:4f:45:83:55:93:77:59:8d:7f:82:81:03: f3:47:e2:3e:4e:3d:f4:43:9f:b3:0f:20:f3:c5:91: 8e:27:90:5d:cb:62:6d:55:7a:56:ba:9e:b1:9a:05: bd:ce:3c:61:16:76:5f:22:96:8e:3f:ec:73:ac:96: 64:96:94:bf:24:1a:8a:46:cd:e4:4b:20:54:e4:06: 71:ba:d0:7c:8f:b3:e2:82:71:a6:71:47:35:67:5e: 1f:39:51:41:fb:3f:86:4b:e4:d9:84:62:e3:58:98: ab:cd:50:2d:41:f2:bb:94:da:09:ed:07:51:24:53: 65:f3:1a:cf:76:e4:7e:84:56:d8:06:3d:a2:4b:9b: c4:d6:4d:f5:21:37:aa:d3:81:c5:f7:df:5f:92:77: 34:08:e3:86:cc:c2:f6:30:2f:7e:b7:3f:42:22:61: 6c:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 30:28:A8:BB:1E:CF:75:50:22:25:80:44:9D:4F:A7:81:58:DB:F4:2A X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/aafdd6f9-b799-4a96-9e2a-1fef69bfa597/0/3028A8BB1ECF7550222580449D4FA78158DBF42A.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.156.0/24 Signature Algorithm: sha256WithRSAEncryption 1e:77:b7:c2:22:65:b6:58:c7:8c:fe:f3:6d:7b:6e:fe:22:fc: 0e:cc:e3:6f:7f:c2:28:bd:31:b8:3c:d8:da:dd:75:3b:76:df: 52:55:bd:d3:00:d4:5a:64:30:03:4b:7c:4d:cc:b4:c6:67:66: 1c:32:6d:9b:cd:a8:d0:95:75:89:f3:04:6b:c9:43:3d:83:74: 97:19:6b:39:ef:ac:d1:76:6e:26:79:00:d0:e4:2d:be:3d:57: 18:68:4e:b9:3a:72:d7:cd:d3:9f:ec:e7:fe:fd:38:a1:53:96: eb:7e:fd:47:2d:ff:2c:dc:d6:8d:9c:0a:8c:57:2e:28:9f:b5: 9a:ed:85:3f:fa:b7:19:e2:f5:2b:19:ed:af:6d:44:19:5d:7a: 79:52:61:52:81:9e:78:e4:c1:78:f7:9c:e3:bb:02:61:44:42: 0f:88:41:8c:31:92:00:e5:52:0b:e7:65:c5:a0:d6:63:3f:77: 00:7a:3c:1e:03:e4:93:69:90:e7:72:b9:aa:30:b6:76:e9:68: 07:5d:2a:d8:bc:f9:2c:4b:4d:53:f2:5d:c0:04:23:cb:ef:d3: 04:f6:58:c3:a2:43:39:92:02:60:93:d9:4e:c8:50:4b:91:16: 6e:85:11:b5:97:08:44:35:25:6b:f3:00:c2:30:2f:46:84:d4: 84:05:2a:75 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUV0PoYMAohEFQJsAFIHPNV6MIX2AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAxMzQzN1oX DTI3MDUwMjAxMzkzN1owMzExMC8GA1UEAxMoMzAyOEE4QkIxRUNGNzU1MDIyMjU4 MDQ0OUQ0RkE3ODE1OERCRjQyQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMM7PwEFoKQoo++yxQpI6s3A86VfiVdCT8vHE2AEvpTWW8vbEcPWPlKy6k1r YD7sj0kL0UrMxgaD9aRq9siwnclZ2Ow/oWYkiFEjtTh1Eub/uiE2oGhYCwuwjN1f T0WDVZN3WY1/goED80fiPk499EOfsw8g88WRjieQXctibVV6VrqesZoFvc48YRZ2 XyKWjj/sc6yWZJaUvyQaikbN5EsgVOQGcbrQfI+z4oJxpnFHNWdeHzlRQfs/hkvk 2YRi41iYq81QLUHyu5TaCe0HUSRTZfMaz3bkfoRW2AY9okubxNZN9SE3qtOBxfff X5J3NAjjhszC9jAvfrc/QiJhbLsCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDAoqLsez3VQIiWARJ1Pp4FY2/QqMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2FhZmRkNmY5LWI3OTktNGE5Ni05ZTJhLTFmZWY2OWJmYTU5Ny8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9hYWZkZDZm OS1iNzk5LTRhOTYtOWUyYS0xZmVmNjliZmE1OTcvMC8zMDI4QThCQjFFQ0Y3NTUw MjIyNTgwNDQ5RDRGQTc4MTU4REJGNDJBLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAoBmcMA0GCSqGSIb3DQEBCwUAA4IBAQAed7fCImW2WMeM/vNte27+IvwOzONv f8IovTG4PNja3XU7dt9SVb3TANRaZDADS3xNzLTGZ2YcMm2bzajQlXWJ8wRryUM9 g3SXGWs576zRdm4meQDQ5C2+PVcYaE65OnLXzdOf7Of+/TihU5brfv1HLf8s3NaN nAqMVy4on7Wa7YU/+rcZ4vUrGe2vbUQZXXp5UmFSgZ545MF495zjuwJhREIPiEGM MZIA5VIL52XFoNZjP3cAejweA+STaZDncrmqMLZ26WgHXSrYvPksS01T8l3ABCPL 79ME9ljDokM5kgJgk9lOyFBLkRZuhRG1lwhENSVr8wDCMC9GhNSEBSp1 -----END CERTIFICATE-----Generated at Tue May 12 22:03:54 2026 by rpki-client