$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/3D8B1B0FFC7864B1A0E99A09EBF5A76C96C827DE.cer File: 3D8B1B0FFC7864B1A0E99A09EBF5A76C96C827DE.cer (raw, json) Hash identifier: KQLQNtTRHrJFfautGkH68XdRR9FjNnJs5iGTKUwRRm4= Subject key identifier: 3D:8B:1B:0F:FC:78:64:B1:A0:E9:9A:09:EB:F5:A7:6C:96:C8:27:DE Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 3510CCA0D3BC0AB64FF8049FF0FCD407530FD8A0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/ea077386-301b-4ff1-871b-6232b5f3be09/0/3D8B1B0FFC7864B1A0E99A09EBF5A76C96C827DE.mft caRepository: rsync://rpki-rsync.idnic.net/repo/ea077386-301b-4ff1-871b-6232b5f3be09/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:21:09 +0000 Certificate not after: Sun 02 May 2027 02:26:09 +0000 Subordinate resources: IP: 160.22.94.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:10:cc:a0:d3:bc:0a:b6:4f:f8:04:9f:f0:fc:d4:07:53:0f:d8:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 02:21:09 2026 GMT Not After : May 2 02:26:09 2027 GMT Subject: CN=3D8B1B0FFC7864B1A0E99A09EBF5A76C96C827DE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:8f:9f:02:f1:5f:8f:84:e1:ce:39:ed:5d:84: 7b:1b:63:d8:ed:88:6f:57:56:dc:a3:e2:55:8a:e3: 82:a4:b5:ad:78:f6:5e:38:4f:3e:6f:86:41:a2:30: fa:ae:47:5c:ac:60:3d:8b:e3:df:be:cc:19:f0:07: 0c:5f:c5:82:5c:5e:30:0b:d2:d7:f2:8c:42:37:7a: 6a:01:9b:d8:dd:d9:c1:5f:26:a1:d5:32:f3:79:7f: b4:f9:7d:92:23:69:c5:bd:e8:59:72:46:9c:44:30: 57:12:21:97:8c:ef:59:70:36:4e:59:e1:a8:d3:d7: 2d:9f:ae:5a:1d:66:0c:00:3d:e2:cd:f3:eb:f9:4d: 37:c5:f4:c3:87:e4:1c:ee:c1:97:ec:3e:8a:5a:9c: 97:73:10:2e:60:25:c7:3e:1d:23:c8:7d:8f:36:4f: ac:30:29:ac:bc:fa:7e:5e:56:27:e4:d8:20:6a:98: 33:91:ec:74:6a:2a:93:f9:03:c3:cd:07:ca:28:fe: f3:a6:5e:9f:a8:33:85:1c:d3:fa:54:76:15:4d:26: f7:79:d8:f5:d9:7e:f2:f8:79:c7:a1:62:c9:20:8b: aa:45:f8:97:e0:42:ff:1d:d7:e6:5e:33:e2:28:3f: 44:68:c7:f1:e9:97:81:cc:46:cb:21:ff:a4:91:1f: a0:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3D:8B:1B:0F:FC:78:64:B1:A0:E9:9A:09:EB:F5:A7:6C:96:C8:27:DE X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/ea077386-301b-4ff1-871b-6232b5f3be09/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/ea077386-301b-4ff1-871b-6232b5f3be09/0/3D8B1B0FFC7864B1A0E99A09EBF5A76C96C827DE.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.94.0/23 Signature Algorithm: sha256WithRSAEncryption 70:e3:98:6d:f4:35:75:9a:f6:8c:e7:31:1f:5e:b1:2f:61:4f: 46:5d:a1:95:17:00:04:7b:c8:4c:7a:0d:fd:b4:2c:ea:d3:b5: c1:7b:79:6b:a9:8f:84:cb:a8:8f:6f:79:70:1e:89:f6:9a:ff: 09:c0:70:04:ee:f7:73:2e:5c:30:d5:7e:bc:93:4f:97:88:06: d8:11:9a:23:eb:ea:e5:ec:61:91:13:83:74:d4:2d:84:ba:d6: 26:60:f7:96:8a:97:86:cd:a5:22:56:c7:35:70:b1:86:00:dd: ab:8f:24:c8:fc:1e:ad:0d:d9:65:e3:05:82:c8:ca:68:71:d6: 36:71:d0:b9:bd:43:ce:b0:7b:00:65:2e:93:35:1e:77:b0:ff: be:21:1e:d4:1e:24:d6:af:1b:b3:af:c5:bd:47:9d:6b:f2:90: 7e:02:47:50:e3:23:bc:b5:1a:f0:73:61:0c:3b:d0:4d:19:75: 43:89:74:be:d1:a2:d8:45:57:2b:85:45:33:17:d1:6e:1d:b2: d2:70:86:65:a7:e4:ec:70:27:a2:c7:5c:87:ae:71:7e:ad:30: c1:c8:1d:5a:22:69:58:fa:23:e2:8a:84:a7:86:fd:e4:50:b2: ae:6d:0e:47:90:88:28:24:e3:af:5c:60:8b:74:ae:6c:e0:81: 33:80:b6:a3 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUNRDMoNO8CrZP+ASf8PzUB1MP2KAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAyMjEwOVoX DTI3MDUwMjAyMjYwOVowMzExMC8GA1UEAxMoM0Q4QjFCMEZGQzc4NjRCMUEwRTk5 QTA5RUJGNUE3NkM5NkM4MjdERTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALaPnwLxX4+E4c457V2Eextj2O2Ib1dW3KPiVYrjgqS1rXj2XjhPPm+GQaIw +q5HXKxgPYvj377MGfAHDF/FglxeMAvS1/KMQjd6agGb2N3ZwV8modUy83l/tPl9 kiNpxb3oWXJGnEQwVxIhl4zvWXA2TlnhqNPXLZ+uWh1mDAA94s3z6/lNN8X0w4fk HO7Bl+w+ilqcl3MQLmAlxz4dI8h9jzZPrDAprLz6fl5WJ+TYIGqYM5HsdGoqk/kD w80Hyij+86Zen6gzhRzT+lR2FU0m93nY9dl+8vh5x6FiySCLqkX4l+BC/x3X5l4z 4ig/RGjH8emXgcxGyyH/pJEfoAkCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFD2LGw/8eGSxoOmaCev1p2yWyCfeMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2VhMDc3Mzg2LTMwMWItNGZmMS04NzFiLTYyMzJiNWYzYmUwOS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9lYTA3NzM4 Ni0zMDFiLTRmZjEtODcxYi02MjMyYjVmM2JlMDkvMC8zRDhCMUIwRkZDNzg2NEIx QTBFOTlBMDlFQkY1QTc2Qzk2QzgyN0RFLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBoBZeMA0GCSqGSIb3DQEBCwUAA4IBAQBw45ht9DV1mvaM5zEfXrEvYU9GXaGV FwAEe8hMeg39tCzq07XBe3lrqY+Ey6iPb3lwHon2mv8JwHAE7vdzLlww1X68k0+X iAbYEZoj6+rl7GGRE4N01C2EutYmYPeWipeGzaUiVsc1cLGGAN2rjyTI/B6tDdll 4wWCyMpocdY2cdC5vUPOsHsAZS6TNR53sP++IR7UHiTWrxuzr8W9R51r8pB+AkdQ 4yO8tRrwc2EMO9BNGXVDiXS+0aLYRVcrhUUzF9FuHbLScIZlp+TscCeix1yHrnF+ rTDByB1aImlY+iPiioSnhv3kULKubQ5HkIgoJOOvXGCLdK5s4IEzgLaj -----END CERTIFICATE-----Generated at Tue May 12 22:15:45 2026 by rpki-client