$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/38C858950BCB54DEAE9489EE3C053B5A8FCAF110.cer File: 38C858950BCB54DEAE9489EE3C053B5A8FCAF110.cer (raw, json) Hash identifier: NuNC2G5j+eUcOKdAasHDqMjxJDPhJA2EpWLykwkP6Ag= Subject key identifier: 38:C8:58:95:0B:CB:54:DE:AE:94:89:EE:3C:05:3B:5A:8F:CA:F1:10 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 523479C8F1565C67378E2B544FACC0C955BCA32A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/f1b267a4-5030-4a4f-bb86-71fd230f53d1/0/38C858950BCB54DEAE9489EE3C053B5A8FCAF110.mft caRepository: rsync://rpki-rsync.idnic.net/repo/f1b267a4-5030-4a4f-bb86-71fd230f53d1/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:30:10 +0000 Certificate not after: Sun 02 May 2027 02:35:10 +0000 Subordinate resources: IP: 157.66.38.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:34:79:c8:f1:56:5c:67:37:8e:2b:54:4f:ac:c0:c9:55:bc:a3:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 02:30:10 2026 GMT Not After : May 2 02:35:10 2027 GMT Subject: CN=38C858950BCB54DEAE9489EE3C053B5A8FCAF110 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:91:94:f9:73:a5:19:a6:7f:68:ba:65:d6:b3: e6:fc:2d:04:85:37:5f:b5:49:68:b1:15:ce:04:07: 96:bd:35:7c:f5:2b:c7:3c:95:0a:75:4e:50:43:b4: 41:f7:31:fa:30:85:bc:91:9c:92:d1:5c:a8:ca:2e: b1:12:c0:00:11:95:a7:4b:73:65:6e:7d:83:35:60: 73:1c:2f:a5:a4:49:fe:09:90:e4:49:97:a7:ff:ba: aa:b2:f1:9f:9a:d3:3c:af:7a:12:d3:c3:fd:5a:85: ef:c5:d4:c9:61:b9:c4:50:27:3d:2c:0a:7d:74:16: 2d:16:12:55:64:15:35:7c:36:29:62:96:a5:b4:1e: 06:cb:2e:8b:32:b0:01:5b:74:b0:27:d6:eb:1c:14: 05:0f:fe:ef:26:92:2b:fd:e6:ed:fb:69:b5:77:17: b9:45:63:f7:be:a2:d5:e4:29:84:b1:47:fb:41:27: 47:d3:22:46:90:87:14:50:9d:6a:3a:67:b0:61:ea: c6:7a:f6:ed:a6:39:9b:5b:77:15:79:eb:c2:e8:38: dd:58:1b:bc:63:56:bc:ca:0b:e8:e7:06:19:eb:84: 91:88:dd:6b:cf:45:0e:94:50:43:05:75:7d:02:f2: 1f:64:d4:00:c1:fa:cb:a8:6a:36:33:8f:3a:0f:86: f8:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 38:C8:58:95:0B:CB:54:DE:AE:94:89:EE:3C:05:3B:5A:8F:CA:F1:10 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/f1b267a4-5030-4a4f-bb86-71fd230f53d1/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/f1b267a4-5030-4a4f-bb86-71fd230f53d1/0/38C858950BCB54DEAE9489EE3C053B5A8FCAF110.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.38.0/23 Signature Algorithm: sha256WithRSAEncryption 6c:1c:e8:a5:80:a6:2f:05:32:e8:39:35:b1:04:89:bc:8f:a5: df:c7:4d:b8:b1:f7:b8:39:55:38:8f:71:0d:e8:3b:56:63:a1: 49:22:72:f8:f2:dc:7f:56:b7:93:51:ba:d6:19:df:2f:05:2b: 43:0c:0b:d0:bc:48:a0:8f:36:51:0a:52:bb:3a:82:24:26:be: 2b:2c:66:ca:81:57:54:96:f7:a0:f6:ca:3a:b0:85:c9:d4:cc: 96:a2:8a:99:b4:2a:71:66:89:2e:44:45:a9:da:4b:11:ca:c1: 47:59:cd:4f:85:2f:4e:1a:86:35:4c:6c:c0:d3:40:12:68:d1: 0d:8b:eb:17:96:7e:09:7f:0a:f2:25:7a:7c:ef:cf:a7:47:ca: 22:bc:5f:31:fd:21:72:60:5e:33:a6:a2:07:95:ed:b2:56:f4: 55:ab:65:ac:b6:4e:4f:ee:4b:b0:52:6c:45:cf:17:61:57:35: 04:8d:33:fa:ad:b6:13:97:47:a0:60:db:47:82:74:f3:16:04: 9b:55:99:ac:b0:76:ef:8c:dc:04:a6:72:ca:1c:ff:c6:47:7f: 1c:90:c6:a3:8b:64:3f:80:74:13:80:a2:50:72:49:af:95:71: f6:e7:ad:b0:db:6d:2f:a4:eb:8e:5b:f2:b8:1f:e7:b4:cc:b7: 45:e9:51:1a -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUUjR5yPFWXGc3jitUT6zAyVW8oyowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAyMzAxMFoX DTI3MDUwMjAyMzUxMFowMzExMC8GA1UEAxMoMzhDODU4OTUwQkNCNTRERUFFOTQ4 OUVFM0MwNTNCNUE4RkNBRjExMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL6RlPlzpRmmf2i6Zdaz5vwtBIU3X7VJaLEVzgQHlr01fPUrxzyVCnVOUEO0 Qfcx+jCFvJGcktFcqMousRLAABGVp0tzZW59gzVgcxwvpaRJ/gmQ5EmXp/+6qrLx n5rTPK96EtPD/VqF78XUyWG5xFAnPSwKfXQWLRYSVWQVNXw2KWKWpbQeBssuizKw AVt0sCfW6xwUBQ/+7yaSK/3m7ftptXcXuUVj976i1eQphLFH+0EnR9MiRpCHFFCd ajpnsGHqxnr27aY5m1t3FXnrwug43VgbvGNWvMoL6OcGGeuEkYjda89FDpRQQwV1 fQLyH2TUAMH6y6hqNjOPOg+G+O0CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDjIWJULy1TerpSJ7jwFO1qPyvEQMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2YxYjI2N2E0LTUwMzAtNGE0Zi1iYjg2LTcxZmQyMzBmNTNkMS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9mMWIyNjdh NC01MDMwLTRhNGYtYmI4Ni03MWZkMjMwZjUzZDEvMC8zOEM4NTg5NTBCQ0I1NERF QUU5NDg5RUUzQzA1M0I1QThGQ0FGMTEwLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnUImMA0GCSqGSIb3DQEBCwUAA4IBAQBsHOilgKYvBTLoOTWxBIm8j6Xfx024 sfe4OVU4j3EN6DtWY6FJInL48tx/VreTUbrWGd8vBStDDAvQvEigjzZRClK7OoIk Jr4rLGbKgVdUlveg9so6sIXJ1MyWooqZtCpxZokuREWp2ksRysFHWc1PhS9OGoY1 TGzA00ASaNENi+sXln4JfwryJXp878+nR8oivF8x/SFyYF4zpqIHle2yVvRVq2Ws tk5P7kuwUmxFzxdhVzUEjTP6rbYTl0egYNtHgnTzFgSbVZmssHbvjNwEpnLKHP/G R38ckMaji2Q/gHQTgKJQckmvlXH2562w220vpOuOW/K4H+e0zLdF6VEa -----END CERTIFICATE-----Generated at Tue May 12 22:03:17 2026 by rpki-client