$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/5297FC0B52CD4FC7F06C165310D113C81A16F8DF.cer File: 5297FC0B52CD4FC7F06C165310D113C81A16F8DF.cer (raw, json) Hash identifier: sneQkzY89SYu/vHezZcrb+bqmifM/nmt8Q/3yxsN5S8= Subject key identifier: 52:97:FC:0B:52:CD:4F:C7:F0:6C:16:53:10:D1:13:C8:1A:16:F8:DF Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 712A46695D17886FE4E3D7595A81DF014EC5A381 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/7ddbb79c-9ea2-47f0-b45f-1816650ba23f/0/5297FC0B52CD4FC7F06C165310D113C81A16F8DF.mft caRepository: rsync://rpki-rsync.idnic.net/repo/7ddbb79c-9ea2-47f0-b45f-1816650ba23f/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:04:05 +0000 Certificate not after: Sun 02 May 2027 01:09:05 +0000 Subordinate resources: IP: 157.66.62.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:2a:46:69:5d:17:88:6f:e4:e3:d7:59:5a:81:df:01:4e:c5:a3:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 01:04:05 2026 GMT Not After : May 2 01:09:05 2027 GMT Subject: CN=5297FC0B52CD4FC7F06C165310D113C81A16F8DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:e8:0b:a4:02:6c:e7:96:0f:cb:ad:03:23:d8: 1d:86:30:0f:f5:f0:e7:eb:09:86:5f:7e:94:bf:41: 8d:ab:ff:1d:64:2d:07:39:fd:d5:3c:1c:d7:43:26: 88:f8:87:f3:7f:6d:c9:7a:53:e7:09:95:ae:01:ba: 10:eb:6a:82:b1:54:4c:46:4b:69:78:21:30:1b:71: 7d:1e:fd:83:e6:73:21:3a:6f:c7:c5:93:87:6e:3a: 31:ce:90:13:68:5c:51:da:97:c1:75:40:f9:47:88: f5:47:73:0d:26:fa:63:2d:86:27:2d:b0:37:50:69: eb:a3:a0:ad:15:d1:76:8d:e3:e5:1a:c2:59:c9:47: ff:a8:36:04:a5:05:52:2d:a7:fa:db:2c:86:25:9c: 8f:d9:73:14:ef:01:ce:54:4f:c6:b1:83:a7:79:b3: e0:e6:a1:bc:7c:5c:a8:68:2a:c5:be:b7:5f:51:5d: 46:8b:67:11:8b:9e:94:ad:b6:50:b4:b5:3c:a6:c6: f8:60:b7:55:12:bc:7b:5a:f9:3b:9a:7b:68:cb:bd: b1:21:60:c9:51:7d:05:4f:c1:3f:9a:67:84:35:24: 43:d0:11:dc:28:3f:13:0f:87:be:ab:df:66:93:47: 30:ee:e1:69:96:bc:43:86:85:28:06:df:9a:b6:c1: 41:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 52:97:FC:0B:52:CD:4F:C7:F0:6C:16:53:10:D1:13:C8:1A:16:F8:DF X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/7ddbb79c-9ea2-47f0-b45f-1816650ba23f/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/7ddbb79c-9ea2-47f0-b45f-1816650ba23f/0/5297FC0B52CD4FC7F06C165310D113C81A16F8DF.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.62.0/23 Signature Algorithm: sha256WithRSAEncryption 55:4c:9a:e0:da:cb:de:1c:ff:36:15:b7:e1:2a:da:73:db:a8: 91:a4:88:af:e6:ba:f4:f4:e0:ef:e0:28:88:fc:b0:6a:c5:a3: fc:44:5e:29:34:d5:e6:57:2f:eb:07:42:fb:c9:dd:84:8e:c0: 85:09:97:e3:6c:e8:93:56:92:57:c0:67:bd:58:a0:44:16:8b: 2e:d7:1e:96:5e:a6:da:45:f9:75:4f:b1:5a:1d:b1:e9:b1:66: 85:3e:52:36:02:6c:72:01:42:a9:ee:62:ee:38:0a:f0:25:c8: a0:53:ad:52:d0:f8:23:03:9a:17:13:6b:c9:db:b8:2a:fd:d0: 47:2f:74:2d:cd:71:ab:d6:7b:2e:3f:ff:b6:a7:8c:8b:e6:49: d1:b1:40:cc:c4:d9:ec:e7:ba:68:fd:01:c7:3f:fd:21:7f:b7: 82:5d:1f:27:41:ed:da:c7:7b:d2:18:fb:81:2e:18:b2:fc:62: 17:3b:9d:c3:09:62:1a:63:65:e8:2d:27:fa:db:a6:2f:01:e9: 28:58:ed:f7:18:08:dd:64:c3:74:2a:76:87:0d:4d:90:c5:f5: 92:82:bb:11:40:aa:0b:6e:73:61:5a:a0:e2:1b:71:97:40:6c: 05:1f:e1:1b:6b:0a:05:45:17:78:3b:df:87:99:ed:08:35:e8: 96:0a:ee:01 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUcSpGaV0XiG/k49dZWoHfAU7Fo4EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAxMDQwNVoX DTI3MDUwMjAxMDkwNVowMzExMC8GA1UEAxMoNTI5N0ZDMEI1MkNENEZDN0YwNkMx NjUzMTBEMTEzQzgxQTE2RjhERjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKLoC6QCbOeWD8utAyPYHYYwD/Xw5+sJhl9+lL9Bjav/HWQtBzn91Twc10Mm iPiH839tyXpT5wmVrgG6EOtqgrFUTEZLaXghMBtxfR79g+ZzITpvx8WTh246Mc6Q E2hcUdqXwXVA+UeI9UdzDSb6Yy2GJy2wN1Bp66OgrRXRdo3j5RrCWclH/6g2BKUF Ui2n+tsshiWcj9lzFO8BzlRPxrGDp3mz4OahvHxcqGgqxb63X1FdRotnEYuelK22 ULS1PKbG+GC3VRK8e1r5O5p7aMu9sSFgyVF9BU/BP5pnhDUkQ9AR3Cg/Ew+Hvqvf ZpNHMO7haZa8Q4aFKAbfmrbBQQUCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFKX/AtSzU/H8GwWUxDRE8gaFvjfMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzdkZGJiNzljLTllYTItNDdmMC1iNDVmLTE4MTY2NTBiYTIzZi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby83ZGRiYjc5 Yy05ZWEyLTQ3ZjAtYjQ1Zi0xODE2NjUwYmEyM2YvMC81Mjk3RkMwQjUyQ0Q0RkM3 RjA2QzE2NTMxMEQxMTNDODFBMTZGOERGLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnUI+MA0GCSqGSIb3DQEBCwUAA4IBAQBVTJrg2sveHP82FbfhKtpz26iRpIiv 5rr09ODv4CiI/LBqxaP8RF4pNNXmVy/rB0L7yd2EjsCFCZfjbOiTVpJXwGe9WKBE Fosu1x6WXqbaRfl1T7FaHbHpsWaFPlI2AmxyAUKp7mLuOArwJcigU61S0PgjA5oX E2vJ27gq/dBHL3QtzXGr1nsuP/+2p4yL5knRsUDMxNns57po/QHHP/0hf7eCXR8n Qe3ax3vSGPuBLhiy/GIXO53DCWIaY2XoLSf626YvAekoWO33GAjdZMN0KnaHDU2Q xfWSgrsRQKoLbnNhWqDiG3GXQGwFH+EbawoFRRd4O9+Hme0INeiWCu4B -----END CERTIFICATE-----Generated at Tue May 12 22:10:11 2026 by rpki-client