$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/67BF67CCD74BA06FEECE0BED6457876D494BC2F9.cer File: 67BF67CCD74BA06FEECE0BED6457876D494BC2F9.cer (raw, json) Hash identifier: gxLMFWUGXqhCOHCW46xCXOlB6lQlUoQL3hX9gVnJKgI= Subject key identifier: 67:BF:67:CC:D7:4B:A0:6F:EE:CE:0B:ED:64:57:87:6D:49:4B:C2:F9 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 158688E87384F60C7A94C84217760DCB9E349CEB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/14ed8d6c-f0fa-47cc-aeaa-b4e3ee116882/0/67BF67CCD74BA06FEECE0BED6457876D494BC2F9.mft caRepository: rsync://rpki-rsync.idnic.net/repo/14ed8d6c-f0fa-47cc-aeaa-b4e3ee116882/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:52:49 +0000 Certificate not after: Sat 01 May 2027 23:57:49 +0000 Subordinate resources: IP: 157.66.16.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:86:88:e8:73:84:f6:0c:7a:94:c8:42:17:76:0d:cb:9e:34:9c:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 23:52:49 2026 GMT Not After : May 1 23:57:49 2027 GMT Subject: CN=67BF67CCD74BA06FEECE0BED6457876D494BC2F9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:1a:a5:65:22:4f:31:86:3e:36:87:63:d3:a8: 94:dc:c1:9c:24:36:ff:e6:95:01:61:e7:62:be:ee: 6a:d1:ae:22:fc:35:22:9e:13:09:73:00:55:e3:32: 7e:0b:cf:e9:49:16:18:e6:a7:23:a1:38:2b:55:d7: b2:a9:9a:b6:fa:6f:e4:cb:62:14:88:4e:17:94:d7: 53:2a:6c:95:71:00:1b:12:21:ed:2d:18:06:f8:7a: 52:c3:f5:25:e2:14:18:31:2c:f2:06:0d:d5:60:8e: 31:40:2f:21:e2:eb:77:11:d9:63:84:7f:65:93:92: c0:e1:7b:da:3a:a6:22:72:e4:d2:bd:9f:ea:09:0c: b1:70:1f:a3:76:64:27:f4:1c:26:02:95:39:f9:4f: 5f:57:07:4d:93:2e:35:fc:e8:4f:0f:09:22:26:e3: a1:c6:76:6f:42:a3:09:00:26:97:6c:85:f7:0d:89: 57:b1:ff:3a:98:ab:98:f7:4b:d2:8c:18:a6:dc:e7: 88:a9:7b:0b:85:eb:95:96:0d:cd:50:84:56:e7:79: 41:54:8c:06:38:00:4f:51:a3:7e:67:3e:5e:42:9f: d5:a3:55:d7:da:5b:20:42:dd:1f:27:35:88:7a:7a: ff:62:25:b2:f2:27:42:27:99:cd:af:36:7e:a3:ec: f3:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 67:BF:67:CC:D7:4B:A0:6F:EE:CE:0B:ED:64:57:87:6D:49:4B:C2:F9 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/14ed8d6c-f0fa-47cc-aeaa-b4e3ee116882/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/14ed8d6c-f0fa-47cc-aeaa-b4e3ee116882/0/67BF67CCD74BA06FEECE0BED6457876D494BC2F9.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.16.0/23 Signature Algorithm: sha256WithRSAEncryption 89:6a:da:56:15:58:7f:13:93:f6:89:b4:72:e9:b0:4c:cb:0a: ff:e6:39:b3:43:2e:47:95:da:5d:0f:87:7c:00:21:79:ab:27: 94:cc:5d:9c:fc:9e:9a:45:7a:ab:2d:97:1e:0b:19:17:e3:0e: 8b:88:c8:98:c9:61:05:14:9c:24:70:0b:db:6d:d9:31:5f:d2: 11:c3:38:cd:ab:39:1a:9c:d6:64:b8:5d:ae:8a:e3:fc:d2:72: 57:42:c0:1a:42:cc:e5:73:14:73:02:2a:79:21:3a:e8:ee:88: 15:ef:41:68:f6:cd:86:54:d7:e6:e6:fc:32:85:88:40:72:50: e3:30:73:ac:37:35:56:9c:aa:fd:95:cc:24:86:cf:9d:2d:08: 5c:7e:e8:05:02:42:27:10:43:e1:56:23:c7:f2:be:e2:5b:f9: 3b:d9:76:06:67:15:24:e6:61:9a:4b:ac:cd:9e:e9:33:3a:82: 6d:55:94:5b:b2:6b:f3:28:37:28:9d:77:d9:41:01:ad:37:de: 88:11:38:8e:dd:0b:37:39:76:d0:db:f4:37:c7:5b:7b:80:b8: ae:d2:50:a3:29:bc:b8:4a:9b:70:20:ef:d3:09:17:e0:6a:f6: 28:85:37:fa:e5:f4:9e:98:4b:07:63:ac:8f:dc:c4:06:0f:d1: d2:83:dd:24 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUFYaI6HOE9gx6lMhCF3YNy540nOswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjIzNTI0OVoX DTI3MDUwMTIzNTc0OVowMzExMC8GA1UEAxMoNjdCRjY3Q0NENzRCQTA2RkVFQ0Uw QkVENjQ1Nzg3NkQ0OTRCQzJGOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKgapWUiTzGGPjaHY9OolNzBnCQ2/+aVAWHnYr7uatGuIvw1Ip4TCXMAVeMy fgvP6UkWGOanI6E4K1XXsqmatvpv5MtiFIhOF5TXUypslXEAGxIh7S0YBvh6UsP1 JeIUGDEs8gYN1WCOMUAvIeLrdxHZY4R/ZZOSwOF72jqmInLk0r2f6gkMsXAfo3Zk J/QcJgKVOflPX1cHTZMuNfzoTw8JIibjocZ2b0KjCQAml2yF9w2JV7H/OpirmPdL 0owYptzniKl7C4XrlZYNzVCEVud5QVSMBjgAT1Gjfmc+XkKf1aNV19pbIELdHyc1 iHp6/2IlsvInQieZza82fqPs80MCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFGe/Z8zXS6Bv7s4L7WRXh21JS8L5MB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzE0ZWQ4ZDZjLWYwZmEtNDdjYy1hZWFhLWI0ZTNlZTExNjg4Mi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8xNGVkOGQ2 Yy1mMGZhLTQ3Y2MtYWVhYS1iNGUzZWUxMTY4ODIvMC82N0JGNjdDQ0Q3NEJBMDZG RUVDRTBCRUQ2NDU3ODc2RDQ5NEJDMkY5Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnUIQMA0GCSqGSIb3DQEBCwUAA4IBAQCJatpWFVh/E5P2ibRy6bBMywr/5jmz Qy5HldpdD4d8ACF5qyeUzF2c/J6aRXqrLZceCxkX4w6LiMiYyWEFFJwkcAvbbdkx X9IRwzjNqzkanNZkuF2uiuP80nJXQsAaQszlcxRzAip5ITro7ogV70Fo9s2GVNfm 5vwyhYhAclDjMHOsNzVWnKr9lcwkhs+dLQhcfugFAkInEEPhViPH8r7iW/k72XYG ZxUk5mGaS6zNnukzOoJtVZRbsmvzKDconXfZQQGtN96IETiO3Qs3OXbQ2/Q3x1t7 gLiu0lCjKby4SptwIO/TCRfgavYohTf65fSemEsHY6yP3MQGD9HSg90k -----END CERTIFICATE-----Generated at Tue May 12 22:46:08 2026 by rpki-client