$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/3B53322385FC84075D5F59542B2C6639361DE40C.cer File: 3B53322385FC84075D5F59542B2C6639361DE40C.cer (raw, json) Hash identifier: qZKRZvgkxTASXa2N/o5gEb0+vLQe34OXDipagDoDaZI= Subject key identifier: 3B:53:32:23:85:FC:84:07:5D:5F:59:54:2B:2C:66:39:36:1D:E4:0C Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 3DC4B8E6641F1C580D28AD29955A97DD5F05B91F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/83cbd67b-d190-4a4c-83b6-11887d7c2e99/0/3B53322385FC84075D5F59542B2C6639361DE40C.mft caRepository: rsync://rpki-rsync.idnic.net/repo/83cbd67b-d190-4a4c-83b6-11887d7c2e99/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:08:51 +0000 Certificate not after: Sun 02 May 2027 01:13:51 +0000 Subordinate resources: IP: 160.22.96.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:c4:b8:e6:64:1f:1c:58:0d:28:ad:29:95:5a:97:dd:5f:05:b9:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 01:08:51 2026 GMT Not After : May 2 01:13:51 2027 GMT Subject: CN=3B53322385FC84075D5F59542B2C6639361DE40C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:9d:cc:ba:51:aa:6c:e5:77:a0:71:0a:4a:c2: 27:0e:ec:15:fd:c0:25:d5:2e:31:84:c8:ca:6c:64: b7:f1:e8:1d:d2:3c:0d:7f:2a:69:64:c1:90:0e:b8: cf:9d:15:1a:8e:fc:aa:70:5d:c1:31:aa:89:bd:fa: 07:92:e6:dd:8d:4d:cb:d0:1b:57:b0:f8:83:22:9b: dc:e6:bb:50:b8:25:0b:24:3c:2a:cf:ee:01:7c:16: 4d:0e:e3:04:db:55:91:98:a8:de:9d:5a:16:9d:68: fa:fd:3f:eb:5c:d9:32:f1:c3:ab:15:54:0e:a0:55: c7:d3:1e:7e:36:37:b9:1d:e8:d3:f9:c5:0b:1f:f1: eb:a2:db:69:dc:20:c3:fd:75:d8:6a:68:56:89:68: 52:fc:26:19:3b:03:a2:c0:ac:c6:ba:86:a4:fa:ed: bb:05:c1:63:c1:87:98:61:8d:7f:7f:2d:27:b5:0c: 71:8b:1b:14:9b:73:64:e3:cd:4a:90:32:12:d5:9b: b9:06:5d:cf:f4:82:56:98:23:57:34:eb:1e:3a:97: d7:95:83:f0:34:5c:89:9c:d1:17:79:e4:da:16:5a: c8:d4:b3:57:61:0d:93:95:03:a5:dd:6a:30:6d:c5: 3d:83:36:37:64:c3:1f:ad:49:74:ce:23:ab:8c:bf: 30:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3B:53:32:23:85:FC:84:07:5D:5F:59:54:2B:2C:66:39:36:1D:E4:0C X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/83cbd67b-d190-4a4c-83b6-11887d7c2e99/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/83cbd67b-d190-4a4c-83b6-11887d7c2e99/0/3B53322385FC84075D5F59542B2C6639361DE40C.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.96.0/23 Signature Algorithm: sha256WithRSAEncryption a9:86:52:9e:c8:5e:b1:1a:6a:28:0e:f7:a6:a1:4f:ab:2b:63: 92:63:58:12:38:cc:92:89:02:7b:e2:91:da:0b:95:d4:a6:12: 5b:1d:3a:e1:cc:28:31:23:36:94:2e:46:e3:d5:d2:bd:71:d3: 94:07:ce:14:5c:22:26:ab:94:67:34:66:67:b7:92:67:7c:2b: 06:63:0a:c7:13:64:3a:19:e1:16:5e:97:28:cf:ba:06:4b:26: 20:5e:8d:f1:56:c5:a7:a6:dc:ae:c4:42:dc:82:90:35:d5:a9: 36:4f:18:35:8b:af:7f:9c:6f:83:20:4f:4a:2a:6d:6e:80:48: 67:16:89:b4:b6:79:62:e1:85:89:a8:af:18:dd:32:b5:d5:83: d5:25:b5:7a:c4:9d:1a:50:44:0a:c5:51:00:3a:a3:10:7a:da: 7d:55:0a:44:42:92:6c:3c:8d:f7:10:d6:9d:72:0f:d4:e3:61: 96:fc:e1:98:1e:93:6d:a6:e3:e5:d3:d1:73:ff:6e:2c:14:b0: 5f:7b:b1:01:a2:54:3c:bd:d9:12:18:0c:0b:cc:d6:a7:5c:a3: 71:90:c5:bc:22:4f:c0:23:bd:8a:9a:36:f3:75:06:1b:22:6b: d8:cd:86:4e:b4:6d:10:75:68:0b:0d:0c:f0:c9:66:7b:1e:25: 35:49:0e:0b -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUPcS45mQfHFgNKK0plVqX3V8FuR8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAxMDg1MVoX DTI3MDUwMjAxMTM1MVowMzExMC8GA1UEAxMoM0I1MzMyMjM4NUZDODQwNzVENUY1 OTU0MkIyQzY2MzkzNjFERTQwQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMidzLpRqmzld6BxCkrCJw7sFf3AJdUuMYTIymxkt/HoHdI8DX8qaWTBkA64 z50VGo78qnBdwTGqib36B5Lm3Y1Ny9AbV7D4gyKb3Oa7ULglCyQ8Ks/uAXwWTQ7j BNtVkZio3p1aFp1o+v0/61zZMvHDqxVUDqBVx9MefjY3uR3o0/nFCx/x66Lbadwg w/112GpoVoloUvwmGTsDosCsxrqGpPrtuwXBY8GHmGGNf38tJ7UMcYsbFJtzZOPN SpAyEtWbuQZdz/SCVpgjVzTrHjqX15WD8DRciZzRF3nk2hZayNSzV2ENk5UDpd1q MG3FPYM2N2TDH61JdM4jq4y/MMUCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDtTMiOF/IQHXV9ZVCssZjk2HeQMMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzgzY2JkNjdiLWQxOTAtNGE0Yy04M2I2LTExODg3ZDdjMmU5OS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby84M2NiZDY3 Yi1kMTkwLTRhNGMtODNiNi0xMTg4N2Q3YzJlOTkvMC8zQjUzMzIyMzg1RkM4NDA3 NUQ1RjU5NTQyQjJDNjYzOTM2MURFNDBDLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBoBZgMA0GCSqGSIb3DQEBCwUAA4IBAQCphlKeyF6xGmooDvemoU+rK2OSY1gS OMySiQJ74pHaC5XUphJbHTrhzCgxIzaULkbj1dK9cdOUB84UXCImq5RnNGZnt5Jn fCsGYwrHE2Q6GeEWXpcoz7oGSyYgXo3xVsWnptyuxELcgpA11ak2Txg1i69/nG+D IE9KKm1ugEhnFom0tnli4YWJqK8Y3TK11YPVJbV6xJ0aUEQKxVEAOqMQetp9VQpE QpJsPI33ENadcg/U42GW/OGYHpNtpuPl09Fz/24sFLBfe7EBolQ8vdkSGAwLzNan XKNxkMW8Ik/AI72KmjbzdQYbImvYzYZOtG0QdWgLDQzwyWZ7HiU1SQ4L -----END CERTIFICATE-----Generated at Tue May 12 22:49:54 2026 by rpki-client