$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/68B5035322FFDB9C8D6EEC10B5D2F1A77DFF70CF.cer File: 68B5035322FFDB9C8D6EEC10B5D2F1A77DFF70CF.cer (raw, json) Hash identifier: Z0VW6PIWixdwNom9k8zedY7jgzMcCunsQ6+Z96kcB4I= Subject key identifier: 68:B5:03:53:22:FF:DB:9C:8D:6E:EC:10:B5:D2:F1:A7:7D:FF:70:CF Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 63A774BCA3419DC034267C16D4DB298496CA361E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/fd3a2fdf-bcba-4757-b366-e1a0ad2d374a/0/68B5035322FFDB9C8D6EEC10B5D2F1A77DFF70CF.mft caRepository: rsync://rpki-rsync.idnic.net/repo/fd3a2fdf-bcba-4757-b366-e1a0ad2d374a/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:47:04 +0000 Certificate not after: Sun 02 May 2027 02:52:04 +0000 Subordinate resources: IP: 157.10.63.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:a7:74:bc:a3:41:9d:c0:34:26:7c:16:d4:db:29:84:96:ca:36:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 02:47:04 2026 GMT Not After : May 2 02:52:04 2027 GMT Subject: CN=68B5035322FFDB9C8D6EEC10B5D2F1A77DFF70CF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:84:10:dd:57:aa:b2:43:b9:4f:3a:78:4d:79: a8:13:2e:ac:63:33:ce:a3:02:e6:84:ac:4d:96:2f: 3a:f9:29:35:54:01:e0:b2:f7:3e:c3:55:f0:57:7e: 5d:b1:89:aa:93:f1:6d:6a:64:9c:a9:e3:f3:ca:de: b8:6a:de:12:fd:b3:1d:46:f8:46:f1:40:1c:fa:8e: 8d:74:ff:0f:9d:08:a0:b1:84:44:e8:94:4d:14:fa: 43:fb:e8:cc:45:3b:57:9d:e7:27:1b:94:82:7e:0c: 4e:ab:67:eb:ca:8a:84:b1:2b:6d:9e:19:09:a9:d9: c1:a8:06:fc:6c:35:bb:c3:be:1f:53:57:26:9d:30: 7e:71:e3:d1:ee:2d:fb:bf:37:df:c7:a5:6d:14:f3: bc:75:9a:53:ea:94:1e:11:fb:b4:b1:59:9b:e3:88: f3:57:92:60:bf:5c:4b:aa:f4:3f:42:97:c6:14:cc: 64:12:f1:18:b1:8f:66:c3:93:f7:66:16:e7:ae:98: c8:94:76:31:b9:c4:e3:1a:59:1b:b5:22:ef:14:de: 98:1e:0a:85:fa:35:40:13:b3:66:cd:77:df:30:fb: 8f:b1:81:9b:2e:a6:b0:da:3d:fb:63:ad:eb:68:e4: 5e:c1:43:56:27:02:fb:ae:63:ee:40:f3:c6:a6:a4: d6:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 68:B5:03:53:22:FF:DB:9C:8D:6E:EC:10:B5:D2:F1:A7:7D:FF:70:CF X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/fd3a2fdf-bcba-4757-b366-e1a0ad2d374a/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/fd3a2fdf-bcba-4757-b366-e1a0ad2d374a/0/68B5035322FFDB9C8D6EEC10B5D2F1A77DFF70CF.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.10.63.0/24 Signature Algorithm: sha256WithRSAEncryption ad:f7:b9:01:18:19:86:71:84:d4:4a:ef:2c:14:45:1e:a0:e8: fb:05:80:cd:8a:ec:95:84:39:98:68:6e:e9:39:44:8f:af:95: d3:63:42:20:57:44:fe:cc:8c:1c:86:d6:87:35:08:a8:75:4b: 60:9b:ac:08:27:5f:ee:11:ae:b6:70:4f:3a:f5:78:ed:8a:d7: 70:75:b4:28:8f:27:51:19:f6:e2:f6:ed:ac:75:3a:90:a4:1a: 97:59:18:de:13:dd:41:45:1b:f0:59:f1:12:ec:66:88:aa:59: bb:ec:02:d5:cf:07:3c:79:82:7a:c1:93:6b:80:2f:6b:f7:66: 45:c6:94:78:d8:06:1e:a6:3f:ed:23:dc:15:9c:39:6a:06:d6: 44:7a:db:3f:09:b6:7a:4d:8e:d7:d0:75:cf:51:7a:31:59:3d: a6:cc:93:9b:30:27:20:84:e8:dc:ca:1e:bb:74:f8:ef:a1:72: ad:5b:87:19:03:be:7c:fd:59:45:60:00:8a:ef:55:8e:cb:a1: 08:ad:59:39:30:58:5d:0b:7a:1f:c8:01:a8:ad:01:8a:0f:4c: 82:5f:13:ce:b1:27:d9:bf:4c:4a:8d:2d:fb:bf:76:b5:9e:2c: e9:d0:ec:bf:94:34:fc:64:37:45:9d:db:08:ec:20:fe:48:f6: c2:22:7b:8e -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUY6d0vKNBncA0JnwW1NsphJbKNh4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAyNDcwNFoX DTI3MDUwMjAyNTIwNFowMzExMC8GA1UEAxMoNjhCNTAzNTMyMkZGREI5QzhENkVF QzEwQjVEMkYxQTc3REZGNzBDRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALGEEN1XqrJDuU86eE15qBMurGMzzqMC5oSsTZYvOvkpNVQB4LL3PsNV8Fd+ XbGJqpPxbWpknKnj88reuGreEv2zHUb4RvFAHPqOjXT/D50IoLGEROiUTRT6Q/vo zEU7V53nJxuUgn4MTqtn68qKhLErbZ4ZCanZwagG/Gw1u8O+H1NXJp0wfnHj0e4t +78338elbRTzvHWaU+qUHhH7tLFZm+OI81eSYL9cS6r0P0KXxhTMZBLxGLGPZsOT 92YW566YyJR2MbnE4xpZG7Ui7xTemB4Khfo1QBOzZs133zD7j7GBmy6msNo9+2Ot 62jkXsFDVicC+65j7kDzxqak1rMCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFGi1A1Mi/9ucjW7sELXS8ad9/3DPMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2ZkM2EyZmRmLWJjYmEtNDc1Ny1iMzY2LWUxYTBhZDJkMzc0YS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9mZDNhMmZk Zi1iY2JhLTQ3NTctYjM2Ni1lMWEwYWQyZDM3NGEvMC82OEI1MDM1MzIyRkZEQjlD OEQ2RUVDMTBCNUQyRjFBNzdERkY3MENGLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAnQo/MA0GCSqGSIb3DQEBCwUAA4IBAQCt97kBGBmGcYTUSu8sFEUeoOj7BYDN iuyVhDmYaG7pOUSPr5XTY0IgV0T+zIwchtaHNQiodUtgm6wIJ1/uEa62cE869Xjt itdwdbQojydRGfbi9u2sdTqQpBqXWRjeE91BRRvwWfES7GaIqlm77ALVzwc8eYJ6 wZNrgC9r92ZFxpR42AYepj/tI9wVnDlqBtZEets/CbZ6TY7X0HXPUXoxWT2mzJOb MCcghOjcyh67dPjvoXKtW4cZA758/VlFYACK71WOy6EIrVk5MFhdC3ofyAGorQGK D0yCXxPOsSfZv0xKjS37v3a1nizp0Oy/lDT8ZDdFndsI7CD+SPbCInuO -----END CERTIFICATE-----Generated at Tue May 12 22:52:54 2026 by rpki-client