$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/6B995520DD42E2AA6306A898618C472D1D5E4417.cer File: 6B995520DD42E2AA6306A898618C472D1D5E4417.cer (raw, json) Hash identifier: 9CVlTEdh+nlsvvMjpspI9gz45uWhvE5qkDtKILdbcY0= Subject key identifier: 6B:99:55:20:DD:42:E2:AA:63:06:A8:98:61:8C:47:2D:1D:5E:44:17 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 49B37CCEC4C6BA3F4C3E612C8DF3EC37E5DA5FF8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/6B995520DD42E2AA6306A898618C472D1D5E4417.mft caRepository: rsync://rpki-rsync.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:48:59 +0000 Certificate not after: Sat 01 May 2027 23:53:59 +0000 Subordinate resources: IP: 157.20.220.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:b3:7c:ce:c4:c6:ba:3f:4c:3e:61:2c:8d:f3:ec:37:e5:da:5f:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 23:48:59 2026 GMT Not After : May 1 23:53:59 2027 GMT Subject: CN=6B995520DD42E2AA6306A898618C472D1D5E4417 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:b4:25:b6:ec:68:3e:26:28:78:7d:77:49:ef: cc:e4:e6:aa:52:0c:64:f1:43:43:c4:93:5e:86:1e: d3:2d:da:8a:5c:ec:20:62:9f:f4:c9:39:ae:2f:0a: ce:47:78:df:dc:2c:e5:56:96:06:3c:67:ab:ba:5b: ff:21:a1:d1:d7:81:9d:48:4e:09:07:f8:9d:cb:42: 91:20:eb:95:73:18:bb:a6:6d:d7:22:d0:3e:5e:30: 91:bf:13:91:a5:ee:b7:25:ba:ee:f9:8f:e0:70:5a: 24:f3:1d:73:1e:65:2b:a8:79:3b:fc:69:59:01:3b: 4c:f7:01:cd:23:02:c0:7d:52:9a:4d:2b:2b:9d:42: 9f:3b:33:60:13:46:db:1d:61:fc:12:34:fb:99:2c: 48:d6:8f:1e:ae:73:79:b0:15:fd:89:ed:19:07:e7: af:13:65:ac:95:a3:04:79:ff:dc:3d:d8:12:24:a5: a7:14:ce:ae:63:9e:0a:e5:9e:bc:21:54:f6:16:82: a5:4f:cd:ca:74:90:2a:d0:c3:93:2b:04:8c:51:19: d4:69:74:37:65:b5:cb:80:9c:a3:34:d7:0f:f5:ef: 95:a3:78:9a:7c:c3:3f:fb:07:49:20:1c:96:6f:f3: 76:a3:c2:8a:fa:5a:a4:ee:8d:f8:7f:45:27:25:cb: a8:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 6B:99:55:20:DD:42:E2:AA:63:06:A8:98:61:8C:47:2D:1D:5E:44:17 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/0edd4ccb-42e3-4b72-9193-e918e7b3067d/0/6B995520DD42E2AA6306A898618C472D1D5E4417.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.220.0/23 Signature Algorithm: sha256WithRSAEncryption 02:dc:9d:82:8d:f0:25:05:0f:a9:28:06:76:7f:f4:de:10:ab: d9:0b:69:b2:22:c4:8f:a6:a2:e1:47:6b:eb:d3:44:94:a6:92: 3a:5d:47:b3:c3:8b:cf:c1:1d:cb:0c:d8:70:69:cb:8b:69:72: e7:67:7b:ff:65:c7:b9:91:9c:0c:93:86:46:21:24:4a:3b:40: d1:e4:03:73:5f:a2:60:8a:e2:93:dc:ae:be:78:30:3a:90:a6: 73:cb:a0:0c:8c:2e:24:b6:61:a2:be:86:6c:48:7e:46:09:f1: e6:c1:c9:47:08:fd:51:0d:a0:53:dc:18:5d:21:ed:35:fc:7d: 09:8e:24:8b:fc:23:9e:42:be:7c:0f:83:7f:b0:26:22:f1:93: f8:90:9b:dc:ab:3a:c0:ea:c5:4a:90:a6:39:22:33:8e:6f:60: 05:72:60:1e:24:9a:b4:be:8a:24:bc:8a:15:19:ad:fc:98:45: f4:c3:27:94:ed:f4:0e:db:c8:fe:34:8c:13:67:a9:33:e7:1d: 30:f9:b7:71:40:37:d8:f3:21:d0:ab:80:53:a5:c5:92:95:56: f3:92:3b:6b:d0:4a:10:a8:6a:b8:b3:43:be:80:0f:71:b6:2c: 06:fb:83:c4:cf:61:34:5f:5b:3a:81:62:dc:48:ed:43:e1:22: 65:72:50:63 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUSbN8zsTGuj9MPmEsjfPsN+XaX/gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjIzNDg1OVoX DTI3MDUwMTIzNTM1OVowMzExMC8GA1UEAxMoNkI5OTU1MjBERDQyRTJBQTYzMDZB ODk4NjE4QzQ3MkQxRDVFNDQxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM20JbbsaD4mKHh9d0nvzOTmqlIMZPFDQ8STXoYe0y3ailzsIGKf9Mk5ri8K zkd439ws5VaWBjxnq7pb/yGh0deBnUhOCQf4nctCkSDrlXMYu6Zt1yLQPl4wkb8T kaXutyW67vmP4HBaJPMdcx5lK6h5O/xpWQE7TPcBzSMCwH1Smk0rK51CnzszYBNG 2x1h/BI0+5ksSNaPHq5zebAV/YntGQfnrxNlrJWjBHn/3D3YEiSlpxTOrmOeCuWe vCFU9haCpU/NynSQKtDDkysEjFEZ1Gl0N2W1y4CcozTXD/XvlaN4mnzDP/sHSSAc lm/zdqPCivpapO6N+H9FJyXLqGkCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFGuZVSDdQuKqYwaomGGMRy0dXkQXMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzBlZGQ0Y2NiLTQyZTMtNGI3Mi05MTkzLWU5MThlN2IzMDY3ZC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8wZWRkNGNj Yi00MmUzLTRiNzItOTE5My1lOTE4ZTdiMzA2N2QvMC82Qjk5NTUyMERENDJFMkFB NjMwNkE4OTg2MThDNDcyRDFENUU0NDE3Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnRTcMA0GCSqGSIb3DQEBCwUAA4IBAQAC3J2CjfAlBQ+pKAZ2f/TeEKvZC2my IsSPpqLhR2vr00SUppI6XUezw4vPwR3LDNhwacuLaXLnZ3v/Zce5kZwMk4ZGISRK O0DR5ANzX6JgiuKT3K6+eDA6kKZzy6AMjC4ktmGivoZsSH5GCfHmwclHCP1RDaBT 3BhdIe01/H0JjiSL/COeQr58D4N/sCYi8ZP4kJvcqzrA6sVKkKY5IjOOb2AFcmAe JJq0vookvIoVGa38mEX0wyeU7fQO28j+NIwTZ6kz5x0w+bdxQDfY8yHQq4BTpcWS lVbzkjtr0EoQqGq4s0O+gA9xtiwG+4PEz2E0X1s6gWLcSO1D4SJlclBj -----END CERTIFICATE-----Generated at Tue May 12 22:33:13 2026 by rpki-client