$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/4202428F6F3C953C642F298719C5C35E169724A2.cer File: 4202428F6F3C953C642F298719C5C35E169724A2.cer (raw, json) Hash identifier: GvYVDeGEXLXXzEeOyXcuLvp3x4dznNOERQIYFwMJZN4= Subject key identifier: 42:02:42:8F:6F:3C:95:3C:64:2F:29:87:19:C5:C3:5E:16:97:24:A2 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 11561D2B82E1F6B669FE5BEE4354B3810FD16F7F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/5fb808eb-c98e-4036-be9a-193bbcc64892/0/4202428F6F3C953C642F298719C5C35E169724A2.mft caRepository: rsync://rpki-rsync.idnic.net/repo/5fb808eb-c98e-4036-be9a-193bbcc64892/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:43:56 +0000 Certificate not after: Sun 02 May 2027 00:48:56 +0000 Subordinate resources: IP: 157.66.2.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:56:1d:2b:82:e1:f6:b6:69:fe:5b:ee:43:54:b3:81:0f:d1:6f:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 00:43:56 2026 GMT Not After : May 2 00:48:56 2027 GMT Subject: CN=4202428F6F3C953C642F298719C5C35E169724A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:60:1d:49:cc:57:58:30:b0:9e:cf:37:87:04: 57:f3:16:3e:d9:b8:20:2e:a0:d3:45:71:e6:e5:fe: 73:77:9b:69:c1:9a:81:33:ad:74:d8:56:5d:11:b9: 96:2e:b4:4c:1e:0a:d4:43:51:3b:5e:a9:df:00:e4: b7:d2:cd:8e:e9:99:80:88:7f:b6:b0:99:80:28:f0: 90:30:cc:fe:e8:14:ec:6f:f5:a0:16:7f:12:48:50: 77:d7:bd:ac:c3:ca:4e:a5:c9:c7:34:88:6a:a5:77: 27:b7:c0:97:31:75:5b:99:e5:de:bb:ea:17:fb:89: a9:0c:f5:be:d1:22:0d:dd:4c:d1:68:aa:80:ac:40: 7a:27:94:7d:81:6e:ca:5a:9f:37:40:35:63:aa:e7: 14:61:57:27:a0:44:99:77:fa:1e:81:67:cc:ce:e0: bd:e0:23:e3:10:a1:2e:17:73:6e:74:f5:4f:bf:d2: b9:ea:48:0b:98:b7:c0:92:4a:24:74:2e:26:7c:87: a5:ac:69:36:17:50:bd:10:35:37:ce:3f:1f:c6:8b: d4:b2:b7:5a:f0:1b:9e:d3:7e:f8:fc:ee:d0:ac:0e: 88:ef:e5:ad:ad:56:59:4c:21:e1:d8:c2:b7:31:7f: 2b:6d:a1:35:1e:b7:48:f5:e0:2b:6d:31:45:b1:bb: 58:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 42:02:42:8F:6F:3C:95:3C:64:2F:29:87:19:C5:C3:5E:16:97:24:A2 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/5fb808eb-c98e-4036-be9a-193bbcc64892/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/5fb808eb-c98e-4036-be9a-193bbcc64892/0/4202428F6F3C953C642F298719C5C35E169724A2.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.2.0/23 Signature Algorithm: sha256WithRSAEncryption 82:e6:d5:a3:e3:f0:65:99:a5:32:21:05:80:41:ff:c3:07:40: 65:6b:01:90:09:95:d8:97:5a:cb:45:66:af:a4:18:05:b0:7e: 37:d9:c5:19:28:8b:3b:3c:81:e2:26:08:3b:e2:dc:79:98:f9: fb:c2:ca:56:19:10:3d:30:0c:53:92:01:a4:68:8d:a5:14:7a: 72:14:39:e0:c8:2d:f3:dc:c5:fb:dd:cb:b2:94:8d:85:7c:6d: 47:4e:31:e3:33:21:9b:04:8e:ce:e9:e1:82:26:25:ea:b3:92: 0f:8b:c7:b7:e4:5b:08:55:64:ca:59:9a:dc:34:77:38:d1:38: 97:ee:50:c8:da:54:50:1e:ab:9c:48:e1:ce:a8:35:fc:55:11: 5e:8a:4b:05:b3:9e:c9:d1:0b:01:a8:ab:97:f5:1e:87:0a:20: f6:07:02:7d:e1:da:09:80:38:0d:68:ca:ef:3c:51:21:8b:6e: 87:9f:63:2d:00:1d:4e:43:d5:3b:98:71:23:d4:53:59:f0:14: 13:c6:45:53:74:08:60:8a:2a:04:e2:a6:0d:42:f3:0d:c8:47: ef:23:68:c2:13:29:08:63:47:3a:54:3f:24:05:c0:f5:88:ad: 3c:03:71:dd:bf:2d:44:bb:dc:42:1e:68:db:c9:cf:0c:9f:21: 5d:44:57:af -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUEVYdK4Lh9rZp/lvuQ1SzgQ/Rb38wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAwNDM1NloX DTI3MDUwMjAwNDg1NlowMzExMC8GA1UEAxMoNDIwMjQyOEY2RjNDOTUzQzY0MkYy OTg3MTlDNUMzNUUxNjk3MjRBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKpgHUnMV1gwsJ7PN4cEV/MWPtm4IC6g00Vx5uX+c3ebacGagTOtdNhWXRG5 li60TB4K1ENRO16p3wDkt9LNjumZgIh/trCZgCjwkDDM/ugU7G/1oBZ/EkhQd9e9 rMPKTqXJxzSIaqV3J7fAlzF1W5nl3rvqF/uJqQz1vtEiDd1M0WiqgKxAeieUfYFu ylqfN0A1Y6rnFGFXJ6BEmXf6HoFnzM7gveAj4xChLhdzbnT1T7/SuepIC5i3wJJK JHQuJnyHpaxpNhdQvRA1N84/H8aL1LK3WvAbntN++Pzu0KwOiO/lra1WWUwh4djC tzF/K22hNR63SPXgK20xRbG7WC8CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEICQo9vPJU8ZC8phxnFw14WlySiMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzVmYjgwOGViLWM5OGUtNDAzNi1iZTlhLTE5M2JiY2M2NDg5Mi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby81ZmI4MDhl Yi1jOThlLTQwMzYtYmU5YS0xOTNiYmNjNjQ4OTIvMC80MjAyNDI4RjZGM0M5NTND NjQyRjI5ODcxOUM1QzM1RTE2OTcyNEEyLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnUICMA0GCSqGSIb3DQEBCwUAA4IBAQCC5tWj4/BlmaUyIQWAQf/DB0BlawGQ CZXYl1rLRWavpBgFsH432cUZKIs7PIHiJgg74tx5mPn7wspWGRA9MAxTkgGkaI2l FHpyFDngyC3z3MX73cuylI2FfG1HTjHjMyGbBI7O6eGCJiXqs5IPi8e35FsIVWTK WZrcNHc40TiX7lDI2lRQHqucSOHOqDX8VRFeiksFs57J0QsBqKuX9R6HCiD2BwJ9 4doJgDgNaMrvPFEhi26Hn2MtAB1OQ9U7mHEj1FNZ8BQTxkVTdAhgiioE4qYNQvMN yEfvI2jCEykIY0c6VD8kBcD1iK08A3Hdvy1Eu9xCHmjbyc8MnyFdRFev -----END CERTIFICATE-----Generated at Tue May 12 22:03:43 2026 by rpki-client