$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/647AC2310971579801DD46D3B271B994E9E436B8.cer File: 647AC2310971579801DD46D3B271B994E9E436B8.cer (raw, json) Hash identifier: eOgnb/AekpDB8gGDzJAed8vMpGF7Yow5AiefeIrDDig= Subject key identifier: 64:7A:C2:31:09:71:57:98:01:DD:46:D3:B2:71:B9:94:E9:E4:36:B8 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 3AA8FFDA1C60ED416F04280F21977D007E6E295E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/2d78b50b-449c-454b-850d-f20803789b58/0/647AC2310971579801DD46D3B271B994E9E436B8.mft caRepository: rsync://rpki-rsync.idnic.net/repo/2d78b50b-449c-454b-850d-f20803789b58/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:09:41 +0000 Certificate not after: Sun 02 May 2027 00:14:41 +0000 Subordinate resources: IP: 138.252.139.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:a8:ff:da:1c:60:ed:41:6f:04:28:0f:21:97:7d:00:7e:6e:29:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 00:09:41 2026 GMT Not After : May 2 00:14:41 2027 GMT Subject: CN=647AC2310971579801DD46D3B271B994E9E436B8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:2d:e2:f3:50:c2:78:1c:cf:3d:c1:f5:bf:ca: ea:15:8b:b8:56:f2:df:72:8e:f9:a6:84:46:d9:b9: 46:c4:d8:0e:09:81:3d:f8:79:c1:07:82:e8:78:2f: c9:9a:9f:bc:37:0c:ed:ab:92:8c:9d:5a:36:a2:ad: 6f:d0:21:b9:a9:fd:03:1e:b7:04:4d:a8:31:e6:03: 19:fd:5b:bc:03:56:e5:3b:01:c1:1d:a1:90:c0:01: db:53:f9:eb:89:85:7a:04:f4:14:93:c6:65:16:12: 5a:72:fa:c8:d4:04:bb:50:c6:a7:51:ca:e7:97:ac: 0f:d7:c2:7f:f3:17:36:33:12:e1:c4:12:66:af:49: 26:a8:1a:6e:81:46:2b:98:37:08:21:4b:ce:2e:7f: 5c:d4:0e:5a:2d:d2:3b:a9:7b:19:55:1c:45:ab:f1: 81:58:f9:1e:72:73:6b:ae:1d:90:c8:8f:ec:be:59: ce:a2:ed:cf:8d:a3:48:73:13:5f:50:35:50:3a:9e: 01:1e:33:7d:b6:e7:7e:7f:d3:23:91:9e:96:85:4a: 6e:80:63:e3:ae:e7:b9:a5:6c:57:8b:a6:86:23:ff: 2a:fa:77:f0:e0:74:f1:97:b8:ca:21:7e:7d:28:40: 11:c7:37:f4:5a:97:7c:1e:26:be:64:03:b1:ad:37: 5e:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 64:7A:C2:31:09:71:57:98:01:DD:46:D3:B2:71:B9:94:E9:E4:36:B8 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/2d78b50b-449c-454b-850d-f20803789b58/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/2d78b50b-449c-454b-850d-f20803789b58/0/647AC2310971579801DD46D3B271B994E9E436B8.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.252.139.0/24 Signature Algorithm: sha256WithRSAEncryption 81:90:bb:78:1b:f6:ec:19:fb:47:fe:1c:1d:1b:cb:f2:6c:f5: 12:6e:fc:cb:9d:1b:31:8b:c5:d5:69:11:8e:f4:a3:5e:a4:52: aa:2a:b9:83:1d:9e:41:86:16:8d:f3:f1:94:cb:9c:07:0e:5f: 16:41:43:2a:af:12:4d:37:53:1b:96:15:43:2a:81:52:eb:80: 51:f4:e7:ca:ce:c7:9a:aa:bf:21:ac:76:08:c3:69:08:f4:26: c6:e0:57:bf:67:45:96:5f:25:34:cd:60:a9:dc:b9:95:66:0c: f5:30:98:c9:40:b3:f6:56:c4:59:ac:0b:63:73:34:09:b0:f9: 08:00:11:08:03:f7:76:fe:d6:a2:5a:35:e0:39:b4:fe:fe:9c: 02:16:92:f1:8e:3c:eb:28:fe:a7:1d:75:f4:95:17:c7:7b:26: 1d:20:b9:56:0c:98:a8:e5:14:0e:e3:92:7e:47:3e:f4:90:0b: 6d:d7:34:99:4f:0c:c6:39:6a:03:28:ed:e2:26:91:dc:d3:17: 28:cc:17:e1:b6:48:75:6e:4a:40:26:6b:aa:6f:93:04:5c:4f: 5a:18:07:42:b7:5b:3c:4a:37:a8:49:77:17:33:00:54:d9:ef: 7f:57:63:f9:2e:8c:df:93:d8:c3:68:a4:a2:45:8c:8a:ab:24: d4:1b:c7:eb -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUOqj/2hxg7UFvBCgPIZd9AH5uKV4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAwMDk0MVoX DTI3MDUwMjAwMTQ0MVowMzExMC8GA1UEAxMoNjQ3QUMyMzEwOTcxNTc5ODAxREQ0 NkQzQjI3MUI5OTRFOUU0MzZCODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL4t4vNQwngczz3B9b/K6hWLuFby33KO+aaERtm5RsTYDgmBPfh5wQeC6Hgv yZqfvDcM7auSjJ1aNqKtb9Ahuan9Ax63BE2oMeYDGf1bvANW5TsBwR2hkMAB21P5 64mFegT0FJPGZRYSWnL6yNQEu1DGp1HK55esD9fCf/MXNjMS4cQSZq9JJqgaboFG K5g3CCFLzi5/XNQOWi3SO6l7GVUcRavxgVj5HnJza64dkMiP7L5ZzqLtz42jSHMT X1A1UDqeAR4zfbbnfn/TI5GeloVKboBj467nuaVsV4umhiP/Kvp38OB08Ze4yiF+ fShAEcc39FqXfB4mvmQDsa03XjsCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFGR6wjEJcVeYAd1G07JxuZTp5Da4MB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzJkNzhiNTBiLTQ0OWMtNDU0Yi04NTBkLWYyMDgwMzc4OWI1OC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8yZDc4YjUw Yi00NDljLTQ1NGItODUwZC1mMjA4MDM3ODliNTgvMC82NDdBQzIzMTA5NzE1Nzk4 MDFERDQ2RDNCMjcxQjk5NEU5RTQzNkI4Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAivyLMA0GCSqGSIb3DQEBCwUAA4IBAQCBkLt4G/bsGftH/hwdG8vybPUSbvzL nRsxi8XVaRGO9KNepFKqKrmDHZ5BhhaN8/GUy5wHDl8WQUMqrxJNN1MblhVDKoFS 64BR9OfKzseaqr8hrHYIw2kI9CbG4Fe/Z0WWXyU0zWCp3LmVZgz1MJjJQLP2VsRZ rAtjczQJsPkIABEIA/d2/taiWjXgObT+/pwCFpLxjjzrKP6nHXX0lRfHeyYdILlW DJio5RQO45J+Rz70kAtt1zSZTwzGOWoDKO3iJpHc0xcozBfhtkh1bkpAJmuqb5ME XE9aGAdCt1s8SjeoSXcXMwBU2e9/V2P5Lozfk9jDaKSiRYyKqyTUG8fr -----END CERTIFICATE-----Generated at Tue May 12 22:32:08 2026 by rpki-client