$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/A65F65BF2DB9317754BA910F052FC09429259CBC.cer File: A65F65BF2DB9317754BA910F052FC09429259CBC.cer (raw, json) Hash identifier: nmK+zSNIAs/9Zw8Es53RbgGOETAVOGzoTVetnLgjvdU= Subject key identifier: A6:5F:65:BF:2D:B9:31:77:54:BA:91:0F:05:2F:C0:94:29:25:9C:BC Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 374ADE533FB3D81888E887054EB882C8920B0A88 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/dc4094d2-e18d-4840-84fa-c5757af580f1/0/A65F65BF2DB9317754BA910F052FC09429259CBC.mft caRepository: rsync://rpki-rsync.idnic.net/repo/dc4094d2-e18d-4840-84fa-c5757af580f1/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:04:11 +0000 Certificate not after: Sun 02 May 2027 02:09:11 +0000 Subordinate resources: IP: 157.20.208.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:4a:de:53:3f:b3:d8:18:88:e8:87:05:4e:b8:82:c8:92:0b:0a:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 02:04:11 2026 GMT Not After : May 2 02:09:11 2027 GMT Subject: CN=A65F65BF2DB9317754BA910F052FC09429259CBC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:15:37:93:32:79:7c:38:a7:3a:ea:be:06:95: 58:c3:0e:e3:a6:cf:14:23:72:a7:b7:da:63:4e:8a: c5:01:ff:0c:bf:f0:19:8c:ea:49:83:c1:1b:22:c8: 0a:bb:11:a1:36:99:5c:7e:d5:af:ef:0b:dd:8a:ba: 36:64:81:8b:22:44:9a:57:05:8a:be:ee:31:86:ca: df:21:9d:e2:54:9e:5d:fd:29:ba:78:eb:6e:e7:10: 2a:d9:b4:9c:ac:d4:23:9e:c2:14:c6:c4:38:29:96: f1:13:e3:af:e3:67:d0:9e:44:6c:b1:e1:f3:3f:b6: 18:a4:8a:ee:e2:36:d4:78:4c:98:8a:7e:1d:ef:60: bb:e2:5d:6f:8a:46:9a:7c:70:b2:3d:4f:d3:99:c4: 8d:84:f1:7d:ff:93:4e:fc:9f:d2:64:c2:8a:85:1a: 29:ae:37:c6:5b:a1:8d:d0:b1:94:cf:7f:95:ca:68: d9:93:1b:26:1e:a7:42:49:ec:32:3b:8b:d9:bb:da: 81:ad:71:13:45:eb:92:1e:52:8e:c3:88:78:09:fb: ad:96:c2:6c:e2:ac:6c:3f:a4:f3:1d:51:06:26:29: 7e:92:69:ee:b3:dc:ce:68:69:7a:cd:86:4e:84:73: bc:2d:13:9b:17:f6:e5:da:a3:25:32:24:a5:35:c3: dd:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: A6:5F:65:BF:2D:B9:31:77:54:BA:91:0F:05:2F:C0:94:29:25:9C:BC X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/dc4094d2-e18d-4840-84fa-c5757af580f1/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/dc4094d2-e18d-4840-84fa-c5757af580f1/0/A65F65BF2DB9317754BA910F052FC09429259CBC.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.208.0/23 Signature Algorithm: sha256WithRSAEncryption 49:f7:e3:07:7b:a6:2f:35:ee:06:ca:fa:73:29:e6:ee:7c:41: 53:34:f1:7a:26:4f:6a:9f:0d:bb:bd:b2:b0:f5:1c:f0:da:bb: 4c:db:42:2b:b2:8e:24:8b:69:00:29:0b:43:dd:8a:28:4a:27: bb:a7:d7:1d:a9:aa:21:80:e6:fe:b1:a3:2a:a4:68:2c:3b:6b: f4:a3:26:a2:06:72:be:66:f3:31:6a:20:26:af:71:b6:e6:71: 69:58:69:e5:ac:b1:99:7c:33:1c:f2:f3:19:2b:60:e5:7d:46: ae:5e:6d:3a:90:f6:5d:6a:31:98:76:c6:5d:d8:94:dc:9b:0e: 1a:8e:1d:b8:44:c7:4a:6d:95:89:dc:c9:21:de:f0:bc:69:5d: f6:60:89:b1:bf:b3:bf:12:fa:8b:88:69:f0:17:f9:ad:db:61: 5b:f1:eb:a9:a8:07:92:b4:3a:8a:4e:d9:ce:30:09:5a:6a:ad: 89:5f:2b:41:e2:7c:85:83:14:b3:8a:19:f4:06:09:26:44:5f: 39:e7:b4:ed:bd:7d:df:9f:f1:33:1e:97:78:fb:90:7a:26:47: 3c:7c:dd:99:b1:f9:ca:2d:08:23:29:b2:0c:24:cb:da:75:2a: c2:07:12:61:08:84:fe:6a:49:5d:1f:7f:04:24:2a:3e:6d:a5: 47:a2:ec:17 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUN0reUz+z2BiI6IcFTriCyJILCogwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAyMDQxMVoX DTI3MDUwMjAyMDkxMVowMzExMC8GA1UEAxMoQTY1RjY1QkYyREI5MzE3NzU0QkE5 MTBGMDUyRkMwOTQyOTI1OUNCQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK8VN5MyeXw4pzrqvgaVWMMO46bPFCNyp7faY06KxQH/DL/wGYzqSYPBGyLI CrsRoTaZXH7Vr+8L3Yq6NmSBiyJEmlcFir7uMYbK3yGd4lSeXf0punjrbucQKtm0 nKzUI57CFMbEOCmW8RPjr+Nn0J5EbLHh8z+2GKSK7uI21HhMmIp+He9gu+Jdb4pG mnxwsj1P05nEjYTxff+TTvyf0mTCioUaKa43xluhjdCxlM9/lcpo2ZMbJh6nQkns MjuL2bvaga1xE0Xrkh5SjsOIeAn7rZbCbOKsbD+k8x1RBiYpfpJp7rPczmhpes2G ToRzvC0Tmxf25dqjJTIkpTXD3V0CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKZfZb8tuTF3VLqRDwUvwJQpJZy8MB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2RjNDA5NGQyLWUxOGQtNDg0MC04NGZhLWM1NzU3YWY1ODBmMS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9kYzQwOTRk Mi1lMThkLTQ4NDAtODRmYS1jNTc1N2FmNTgwZjEvMC9BNjVGNjVCRjJEQjkzMTc3 NTRCQTkxMEYwNTJGQzA5NDI5MjU5Q0JDLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnRTQMA0GCSqGSIb3DQEBCwUAA4IBAQBJ9+MHe6YvNe4GyvpzKebufEFTNPF6 Jk9qnw27vbKw9Rzw2rtM20Irso4ki2kAKQtD3YooSie7p9cdqaohgOb+saMqpGgs O2v0oyaiBnK+ZvMxaiAmr3G25nFpWGnlrLGZfDMc8vMZK2DlfUauXm06kPZdajGY dsZd2JTcmw4ajh24RMdKbZWJ3Mkh3vC8aV32YImxv7O/EvqLiGnwF/mt22Fb8eup qAeStDqKTtnOMAlaaq2JXytB4nyFgxSzihn0BgkmRF8557TtvX3fn/EzHpd4+5B6 Jkc8fN2ZsfnKLQgjKbIMJMvadSrCBxJhCIT+akldH38EJCo+baVHouwX -----END CERTIFICATE-----Generated at Tue May 12 22:10:35 2026 by rpki-client