$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AA42E2E4EE53543BA04EE4744C57336151FA4CE7.cer File: AA42E2E4EE53543BA04EE4744C57336151FA4CE7.cer (raw, json) Hash identifier: ubdQMka3lthyb+o+zQtNI8WHOOyWVgytXSLsS2aVwCc= Subject key identifier: AA:42:E2:E4:EE:53:54:3B:A0:4E:E4:74:4C:57:33:61:51:FA:4C:E7 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 1976BE0EEC3437BDCB56F293433D6D73654DB9B2 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/AA42E2E4EE53543BA04EE4744C57336151FA4CE7.mft caRepository: rsync://rpki-rsync.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:06:03 +0000 Certificate not after: Sun 02 May 2027 00:11:03 +0000 Subordinate resources: IP: 157.20.244.0/24 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:76:be:0e:ec:34:37:bd:cb:56:f2:93:43:3d:6d:73:65:4d:b9:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 00:06:03 2026 GMT Not After : May 2 00:11:03 2027 GMT Subject: CN=AA42E2E4EE53543BA04EE4744C57336151FA4CE7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:4d:1c:dc:29:ac:a9:6a:15:59:a7:5d:55:23: b7:8f:19:88:a7:03:16:8d:ce:ee:f7:ed:6e:d8:7b: 65:6b:4a:49:23:ba:40:42:04:9c:ee:78:28:f9:04: 59:0f:11:98:03:71:a1:5e:49:07:86:08:0a:a0:08: f9:d8:be:19:71:09:ca:7a:8a:ce:50:74:67:5e:6c: 75:71:ff:3e:2a:50:2d:02:b4:e4:d6:cf:c2:e1:dc: dd:4c:55:ae:a1:f2:52:ad:3b:04:28:a3:6c:e0:25: aa:d8:84:73:54:86:99:b6:38:73:cf:ae:89:9c:ce: 11:2d:ca:e4:e1:a6:91:7a:f3:99:21:26:5e:2f:92: 4e:35:1f:95:4c:82:a4:ca:29:3a:84:7f:5c:77:5d: 76:4c:43:0e:17:2c:65:c9:22:6b:d7:0c:e3:c5:73: 68:7b:f6:b2:06:eb:f4:1b:1d:db:cd:01:35:ce:4d: e0:3f:0b:c1:6d:39:59:69:f5:15:92:ac:92:21:fc: 79:1d:75:74:3c:6e:9a:fa:9e:a6:cf:bd:97:61:1e: 8f:fd:1a:ad:5b:a2:4f:a4:e5:44:fd:1d:81:36:c4: 8d:11:4f:24:1f:fa:2c:02:16:af:62:8a:20:cf:c0: 75:16:08:94:8f:f1:5f:36:6b:f5:d4:2c:c5:f1:04: fd:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AA:42:E2:E4:EE:53:54:3B:A0:4E:E4:74:4C:57:33:61:51:FA:4C:E7 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/2867a2ee-d411-4ff8-9f5c-35d034123f84/0/AA42E2E4EE53543BA04EE4744C57336151FA4CE7.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.244.0/24 Signature Algorithm: sha256WithRSAEncryption ac:47:23:0b:64:18:a4:10:02:45:24:b1:da:b2:bb:4d:07:cf: c9:ee:66:68:fe:1b:4f:83:00:ee:6b:d0:af:1b:02:0c:dd:58: 44:4b:57:13:29:39:3d:b8:08:28:2e:75:ab:70:32:77:8c:0b: d9:69:52:af:41:3a:03:c0:94:71:65:83:53:af:8e:c2:a6:e4: 98:d7:31:56:8c:a7:e0:c0:55:68:7c:42:77:43:35:30:50:50: 18:8a:96:94:43:1a:97:2b:69:99:56:9d:1e:96:d9:ff:ae:fb: ad:04:97:67:2a:6d:19:e3:2b:02:ed:cc:64:65:f9:b0:75:8e: e1:5c:76:30:79:4d:4f:a0:3f:6c:e4:7a:6f:bc:1e:79:c5:ff: f1:58:f2:1b:df:25:ea:f4:35:ad:cd:77:02:49:72:0b:22:43: 0b:35:4e:31:72:89:ae:36:bd:ae:58:7b:b1:43:18:4d:23:e9: 16:b6:ff:23:56:37:b1:eb:d4:a1:68:a3:50:3c:ac:6f:c5:a0: e0:cb:b9:cf:3d:ab:fd:3e:20:9c:53:ad:09:0c:49:c5:95:b5: b3:69:c0:07:de:94:f5:02:8d:67:e8:94:40:a7:ac:db:d3:95: bf:6f:f8:e4:42:22:59:b3:c9:1f:46:24:29:8b:0d:50:ad:b2: 46:ff:7f:59 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUGXa+Duw0N73LVvKTQz1tc2VNubIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAwMDYwM1oX DTI3MDUwMjAwMTEwM1owMzExMC8GA1UEAxMoQUE0MkUyRTRFRTUzNTQzQkEwNEVF NDc0NEM1NzMzNjE1MUZBNENFNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANlNHNwprKlqFVmnXVUjt48ZiKcDFo3O7vftbth7ZWtKSSO6QEIEnO54KPkE WQ8RmANxoV5JB4YICqAI+di+GXEJynqKzlB0Z15sdXH/PipQLQK05NbPwuHc3UxV rqHyUq07BCijbOAlqtiEc1SGmbY4c8+uiZzOES3K5OGmkXrzmSEmXi+STjUflUyC pMopOoR/XHdddkxDDhcsZckia9cM48VzaHv2sgbr9Bsd280BNc5N4D8LwW05WWn1 FZKskiH8eR11dDxumvqeps+9l2Eej/0arVuiT6TlRP0dgTbEjRFPJB/6LAIWr2KK IM/AdRYIlI/xXzZr9dQsxfEE/fcCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKpC4uTuU1Q7oE7kdExXM2FR+kznMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzI4NjdhMmVlLWQ0MTEtNGZmOC05ZjVjLTM1ZDAzNDEyM2Y4NC8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8yODY3YTJl ZS1kNDExLTRmZjgtOWY1Yy0zNWQwMzQxMjNmODQvMC9BQTQyRTJFNEVFNTM1NDNC QTA0RUU0NzQ0QzU3MzM2MTUxRkE0Q0U3Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAnRT0MA0GCSqGSIb3DQEBCwUAA4IBAQCsRyMLZBikEAJFJLHasrtNB8/J7mZo /htPgwDua9CvGwIM3VhES1cTKTk9uAgoLnWrcDJ3jAvZaVKvQToDwJRxZYNTr47C puSY1zFWjKfgwFVofEJ3QzUwUFAYipaUQxqXK2mZVp0eltn/rvutBJdnKm0Z4ysC 7cxkZfmwdY7hXHYweU1PoD9s5HpvvB55xf/xWPIb3yXq9DWtzXcCSXILIkMLNU4x comuNr2uWHuxQxhNI+kWtv8jVjex69ShaKNQPKxvxaDgy7nPPav9PiCcU60JDEnF lbWzacAH3pT1Ao1n6JRAp6zb05W/b/jkQiJZs8kfRiQpiw1QrbJG/39Z -----END CERTIFICATE-----Generated at Tue May 12 22:45:33 2026 by rpki-client