$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/866375A97D591695797C70B6303365FDB8CBF531.cer File: 866375A97D591695797C70B6303365FDB8CBF531.cer (raw, json) Hash identifier: +jMHyb9bXUW3z60xC82DcvJHtkfFz2SIN5o/u61ljwA= Subject key identifier: 86:63:75:A9:7D:59:16:95:79:7C:70:B6:30:33:65:FD:B8:CB:F5:31 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 11E4752970AD104A22306910BE85CC4DB5F43379 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/866375A97D591695797C70B6303365FDB8CBF531.mft caRepository: rsync://rpki-rsync.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:11:50 +0000 Certificate not after: Sun 02 May 2027 00:16:50 +0000 Subordinate resources: IP: 160.22.128.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:e4:75:29:70:ad:10:4a:22:30:69:10:be:85:cc:4d:b5:f4:33:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 00:11:50 2026 GMT Not After : May 2 00:16:50 2027 GMT Subject: CN=866375A97D591695797C70B6303365FDB8CBF531 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:72:8d:8c:10:39:88:54:39:92:09:67:81:55: df:d5:e1:a1:64:64:23:95:85:58:a4:b3:b0:02:57: d1:b7:39:67:b6:41:3d:2a:22:74:7c:9f:a5:88:e7: c7:0d:87:d2:1b:44:c1:0b:da:eb:8b:21:cd:b6:a0: 13:42:6e:55:1b:f6:23:d4:24:cf:c4:17:65:25:c0: e1:eb:01:ef:15:a1:d0:04:c0:8a:e5:97:ac:c0:fc: 41:56:a6:fd:f0:f1:13:a2:b0:51:32:d2:6d:38:dc: 5c:60:82:a8:7f:b6:f3:b8:e1:fd:6e:bd:3a:9e:83: 58:8e:24:81:39:e7:6e:5b:6f:4a:08:ca:69:e1:5d: 5e:3d:b0:93:eb:4c:41:cd:8b:c2:5a:66:d2:ac:85: 83:e0:a5:df:a7:e9:e5:4f:b6:68:24:df:11:e7:b6: 84:53:a3:c2:9e:bf:7f:8e:7b:c0:90:bd:da:b7:65: eb:66:11:fb:34:e0:6d:80:cc:bb:cd:be:15:4d:6d: 03:47:fd:ba:7c:6a:a3:4c:9e:9e:8c:e9:05:51:70: fc:73:a2:ca:3a:5e:fd:32:5b:b2:ee:ae:1b:27:5d: 3f:03:54:5a:41:49:b3:d8:d2:da:30:74:10:5b:f7: ba:68:c9:42:42:03:44:88:8a:cc:1a:dd:ae:52:e0: 27:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 86:63:75:A9:7D:59:16:95:79:7C:70:B6:30:33:65:FD:B8:CB:F5:31 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/30fb78a9-cd68-44fd-85aa-6c6b08cb2346/0/866375A97D591695797C70B6303365FDB8CBF531.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.128.0/23 Signature Algorithm: sha256WithRSAEncryption 83:4c:4f:3c:56:76:f3:17:ea:76:d3:c4:c2:ac:86:e5:08:6d: 00:f8:be:b6:d8:6b:58:05:b1:63:b0:6b:8a:56:e1:db:6c:f5: a0:dc:a4:26:27:df:da:ec:f7:48:43:f2:91:8e:21:4a:88:d6: 31:8e:51:5f:0e:39:d8:b6:83:2e:1c:cf:5b:a5:b9:ab:f7:52: 2c:66:3e:74:bb:08:12:e4:4b:84:bd:f4:f2:b9:a1:3d:6d:02: 47:6e:79:61:b4:48:92:96:df:d5:0d:83:1c:e1:82:b8:51:3a: d9:e5:c3:47:5b:42:bf:2e:1a:80:cf:a9:52:1b:ba:d5:f3:d3: ac:88:ac:af:43:00:8c:43:40:f2:45:3d:81:22:46:84:73:b2: 27:d0:d8:3d:cb:24:c9:1b:12:cc:5a:c2:d2:89:4e:33:a3:b9: 32:29:16:ac:1b:4c:42:2d:16:6d:51:15:80:11:bd:44:83:7b: ce:1d:64:c4:23:02:48:a8:05:29:90:df:d4:68:c7:be:79:4d: 0b:08:70:5f:59:2e:7e:d6:3c:fe:02:c2:97:6c:a3:b2:84:df: 2b:f9:e8:8e:44:0e:1c:a4:a2:0c:61:0f:9a:c7:4d:77:b3:44: 49:85:a0:ef:19:e8:61:b3:d5:78:1a:cd:4b:ea:bb:05:56:c8: 24:fc:d9:0e -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUEeR1KXCtEEoiMGkQvoXMTbX0M3kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAwMTE1MFoX DTI3MDUwMjAwMTY1MFowMzExMC8GA1UEAxMoODY2Mzc1QTk3RDU5MTY5NTc5N0M3 MEI2MzAzMzY1RkRCOENCRjUzMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKJyjYwQOYhUOZIJZ4FV39XhoWRkI5WFWKSzsAJX0bc5Z7ZBPSoidHyfpYjn xw2H0htEwQva64shzbagE0JuVRv2I9Qkz8QXZSXA4esB7xWh0ATAiuWXrMD8QVam /fDxE6KwUTLSbTjcXGCCqH+287jh/W69Op6DWI4kgTnnbltvSgjKaeFdXj2wk+tM Qc2Lwlpm0qyFg+Cl36fp5U+2aCTfEee2hFOjwp6/f457wJC92rdl62YR+zTgbYDM u82+FU1tA0f9unxqo0yenozpBVFw/HOiyjpe/TJbsu6uGyddPwNUWkFJs9jS2jB0 EFv3umjJQkIDRIiKzBrdrlLgJxECAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFIZjdal9WRaVeXxwtjAzZf24y/UxMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzMwZmI3OGE5LWNkNjgtNDRmZC04NWFhLTZjNmIwOGNiMjM0Ni8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8zMGZiNzhh OS1jZDY4LTQ0ZmQtODVhYS02YzZiMDhjYjIzNDYvMC84NjYzNzVBOTdENTkxNjk1 Nzk3QzcwQjYzMDMzNjVGREI4Q0JGNTMxLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBoBaAMA0GCSqGSIb3DQEBCwUAA4IBAQCDTE88VnbzF+p208TCrIblCG0A+L62 2GtYBbFjsGuKVuHbbPWg3KQmJ9/a7PdIQ/KRjiFKiNYxjlFfDjnYtoMuHM9bpbmr 91IsZj50uwgS5EuEvfTyuaE9bQJHbnlhtEiSlt/VDYMc4YK4UTrZ5cNHW0K/LhqA z6lSG7rV89OsiKyvQwCMQ0DyRT2BIkaEc7In0Ng9yyTJGxLMWsLSiU4zo7kyKRas G0xCLRZtURWAEb1Eg3vOHWTEIwJIqAUpkN/UaMe+eU0LCHBfWS5+1jz+AsKXbKOy hN8r+eiORA4cpKIMYQ+ax013s0RJhaDvGehhs9V4Gs1L6rsFVsgk/NkO -----END CERTIFICATE-----Generated at Tue May 12 22:02:53 2026 by rpki-client