$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/A3ECF91698ACD25C4EFB56C39B77F8F514511335.cer File: A3ECF91698ACD25C4EFB56C39B77F8F514511335.cer (raw, json) Hash identifier: CzbswPLkfvrviXPxK1LhPHgapep0lfxvbi2mdF+AtC4= Subject key identifier: A3:EC:F9:16:98:AC:D2:5C:4E:FB:56:C3:9B:77:F8:F5:14:51:13:35 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 7154EE76AB14136D7F0A1E1B1AFFCACF4EBAA812 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/0e8d58a8-e197-4179-b73c-608e047d09a3/0/A3ECF91698ACD25C4EFB56C39B77F8F514511335.mft caRepository: rsync://rpki-rsync.idnic.net/repo/0e8d58a8-e197-4179-b73c-608e047d09a3/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:48:41 +0000 Certificate not after: Sat 01 May 2027 23:53:41 +0000 Subordinate resources: IP: 157.20.252.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:54:ee:76:ab:14:13:6d:7f:0a:1e:1b:1a:ff:ca:cf:4e:ba:a8:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 2 23:48:41 2026 GMT Not After : May 1 23:53:41 2027 GMT Subject: CN=A3ECF91698ACD25C4EFB56C39B77F8F514511335 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:53:d3:58:79:3a:7e:0a:46:de:38:8d:61:02: 81:36:d6:1b:d1:95:db:0f:63:52:7b:61:96:da:d1: 8c:2b:a2:0c:bf:4c:eb:46:47:fc:76:ee:83:07:8f: 96:bb:68:d2:44:0a:94:19:45:8c:73:91:a5:08:c6: a2:c8:39:e8:77:b0:bb:d7:a0:e3:28:12:33:43:c8: 68:66:81:41:17:77:7e:79:ba:08:64:2c:dc:d0:07: 9b:63:b1:ff:25:64:12:e5:23:a6:31:36:d5:ca:8a: bc:51:51:00:b8:4f:fb:07:1c:85:6f:75:b3:7c:eb: bc:0d:b5:ee:29:c9:b8:47:56:34:5e:27:38:1d:93: 89:be:10:3a:5a:4d:72:8d:30:8e:8b:8a:e2:08:39: f5:dd:2c:89:94:cb:0e:5d:47:db:58:21:a5:40:8b: f6:a3:8f:d3:db:69:33:b3:7e:61:5a:99:b4:1d:e5: 02:8f:aa:7d:c7:71:fb:d3:92:94:fe:a6:25:d8:7e: 26:2d:b0:60:bb:86:e5:84:44:bf:9d:09:84:bd:ce: 9d:9d:e8:10:5d:85:6a:8b:ec:e6:0e:79:7b:ba:56: eb:d1:48:f6:37:f6:97:95:bc:55:9e:7f:1b:98:12: 0c:95:a3:b4:88:5c:5d:9a:56:c8:8f:a8:2d:4d:fb: 66:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: A3:EC:F9:16:98:AC:D2:5C:4E:FB:56:C3:9B:77:F8:F5:14:51:13:35 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/0e8d58a8-e197-4179-b73c-608e047d09a3/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/0e8d58a8-e197-4179-b73c-608e047d09a3/0/A3ECF91698ACD25C4EFB56C39B77F8F514511335.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.252.0/23 Signature Algorithm: sha256WithRSAEncryption 95:75:bd:91:55:dc:df:72:44:e8:7c:d2:77:84:9f:a8:ed:e1: f5:6c:c7:7e:a0:2e:9b:8b:65:92:bc:83:25:03:e1:cd:f8:10: c4:09:d5:8f:32:b1:a3:33:08:80:35:16:e8:c2:4a:6a:ce:8a: 94:04:04:44:f4:6b:0f:a5:85:9d:c2:19:29:65:1d:ff:4d:18: e2:2b:e0:c7:ff:67:22:89:6b:c4:bd:6f:e5:31:df:fa:66:59: 5e:36:e9:7a:9c:b9:b2:65:90:af:d0:2b:d9:a4:12:d4:71:22: 19:6d:62:a9:31:d6:88:8b:c0:6c:0c:ff:33:e0:2e:70:73:25: 6d:fe:88:ce:8b:9c:3d:9b:f5:4b:0b:45:f0:ec:6c:40:99:dc: 4a:1e:88:67:a3:31:f2:31:c5:00:bd:bb:9e:62:8d:c2:66:59: 51:50:d9:93:9a:48:43:a3:76:8f:2c:06:29:c0:76:ef:e4:39: 77:2d:34:c9:ac:75:6b:59:f1:0d:5f:44:f8:7e:e9:f0:ca:97: 64:55:35:35:80:6e:66:5b:10:d6:27:ae:7f:54:7f:5e:54:f5: 4b:02:20:fb:c3:5d:9c:e8:f0:99:51:d5:85:d6:3d:5d:10:50: 5e:4c:ad:db:71:13:f5:15:e9:72:85:e8:a9:31:ba:11:c6:63: c6:53:c1:f9 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUcVTudqsUE21/Ch4bGv/Kz066qBIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMjIzNDg0MVoX DTI3MDUwMTIzNTM0MVowMzExMC8GA1UEAxMoQTNFQ0Y5MTY5OEFDRDI1QzRFRkI1 NkMzOUI3N0Y4RjUxNDUxMTMzNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ1T01h5On4KRt44jWECgTbWG9GV2w9jUnthltrRjCuiDL9M60ZH/HbugweP lrto0kQKlBlFjHORpQjGosg56Hewu9eg4ygSM0PIaGaBQRd3fnm6CGQs3NAHm2Ox /yVkEuUjpjE21cqKvFFRALhP+wcchW91s3zrvA217inJuEdWNF4nOB2Tib4QOlpN co0wjouK4gg59d0siZTLDl1H21ghpUCL9qOP09tpM7N+YVqZtB3lAo+qfcdx+9OS lP6mJdh+Ji2wYLuG5YREv50JhL3OnZ3oEF2Faovs5g55e7pW69FI9jf2l5W8VZ5/ G5gSDJWjtIhcXZpWyI+oLU37Zh0CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKPs+RaYrNJcTvtWw5t3+PUUURM1MB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzBlOGQ1OGE4LWUxOTctNDE3OS1iNzNjLTYwOGUwNDdkMDlhMy8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8wZThkNThh OC1lMTk3LTQxNzktYjczYy02MDhlMDQ3ZDA5YTMvMC9BM0VDRjkxNjk4QUNEMjVD NEVGQjU2QzM5Qjc3RjhGNTE0NTExMzM1Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnRT8MA0GCSqGSIb3DQEBCwUAA4IBAQCVdb2RVdzfckTofNJ3hJ+o7eH1bMd+ oC6bi2WSvIMlA+HN+BDECdWPMrGjMwiANRbowkpqzoqUBARE9GsPpYWdwhkpZR3/ TRjiK+DH/2ciiWvEvW/lMd/6ZlleNul6nLmyZZCv0CvZpBLUcSIZbWKpMdaIi8Bs DP8z4C5wcyVt/ojOi5w9m/VLC0Xw7GxAmdxKHohnozHyMcUAvbueYo3CZllRUNmT mkhDo3aPLAYpwHbv5Dl3LTTJrHVrWfENX0T4funwypdkVTU1gG5mWxDWJ65/VH9e VPVLAiD7w12c6PCZUdWF1j1dEFBeTK3bcRP1FelyheipMboRxmPGU8H5 -----END CERTIFICATE-----Generated at Tue May 12 22:11:16 2026 by rpki-client