$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AF2070B1260531FBF069F7AE728D1824E0197266.cer File: AF2070B1260531FBF069F7AE728D1824E0197266.cer (raw, json) Hash identifier: +8eyiqCgTSYp6ooNwnCpr5L2xiBKil8YHbOAZwUYwos= Subject key identifier: AF:20:70:B1:26:05:31:FB:F0:69:F7:AE:72:8D:18:24:E0:19:72:66 Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 5BE4CFE79B9140E821541D39292E9D62129E23B0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/a1f15a1d-5dac-4cc9-811a-e49cb4e7bce1/0/AF2070B1260531FBF069F7AE728D1824E0197266.mft caRepository: rsync://rpki-rsync.idnic.net/repo/a1f15a1d-5dac-4cc9-811a-e49cb4e7bce1/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:28:12 +0000 Certificate not after: Sun 02 May 2027 01:33:12 +0000 Subordinate resources: IP: 157.20.222.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:e4:cf:e7:9b:91:40:e8:21:54:1d:39:29:2e:9d:62:12:9e:23:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 01:28:12 2026 GMT Not After : May 2 01:33:12 2027 GMT Subject: CN=AF2070B1260531FBF069F7AE728D1824E0197266 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:ac:81:f4:b1:f5:93:ec:25:b5:30:4d:52:57: 1b:6a:2a:41:1e:e0:64:89:2c:69:01:74:af:5b:ce: 7d:87:5c:10:61:4e:8e:a2:45:60:a6:22:b9:e8:45: a0:dd:0d:65:07:1d:56:41:e6:96:fa:2f:ad:1f:3b: d6:c7:31:31:c6:07:e6:c6:fc:e2:9a:3b:98:e0:51: 6e:22:8b:39:81:40:71:7a:38:d9:b7:25:92:cd:64: 10:d0:3b:f0:03:79:49:b8:7c:99:a6:c6:34:23:78: 13:ab:78:c7:06:84:35:fd:75:80:79:0c:d7:33:2a: 82:90:36:cb:42:fe:c1:61:9a:ce:14:43:f3:1e:c4: af:87:2f:e0:1f:98:ee:41:94:80:28:ae:f8:e6:4b: cd:4a:03:7d:34:02:38:61:3f:b4:b7:50:00:b1:84: 2b:30:d7:de:1d:5d:5f:94:39:81:ff:d9:c5:3a:2d: 8d:98:9f:4a:e3:00:44:fe:f2:05:16:09:a8:df:6e: 52:8f:0e:05:36:76:49:e2:3e:9e:bf:43:eb:c5:8f: 3b:35:c1:4f:e6:5f:e8:af:07:62:e5:da:41:23:ba: 8a:d4:68:5d:d5:1f:32:75:f5:aa:02:80:86:9c:0a: 61:16:1a:da:a8:4f:89:34:52:41:81:65:4c:6f:41: 37:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AF:20:70:B1:26:05:31:FB:F0:69:F7:AE:72:8D:18:24:E0:19:72:66 X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/a1f15a1d-5dac-4cc9-811a-e49cb4e7bce1/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/a1f15a1d-5dac-4cc9-811a-e49cb4e7bce1/0/AF2070B1260531FBF069F7AE728D1824E0197266.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.222.0/23 Signature Algorithm: sha256WithRSAEncryption 72:3b:2d:07:bf:ef:08:f8:6f:97:b2:f2:f7:d1:cd:83:c4:eb: d7:f3:4f:82:74:c5:9e:52:e2:c2:36:74:8f:af:7a:23:26:99: 24:03:d5:a8:fc:0d:8b:f4:67:c2:6c:67:16:22:15:73:5c:04: 1e:4a:29:3e:f4:04:88:d5:8e:b9:c3:25:07:e7:1e:68:21:61: 00:18:8d:71:ab:6e:ec:1a:16:e3:06:61:da:5c:3b:26:54:de: 8e:cd:5f:7a:1c:6b:b7:f6:27:72:9f:b7:b0:7d:83:5f:4f:d1: 10:02:ac:e9:c6:04:c4:8b:50:fd:69:7c:24:2e:df:43:11:58: 1b:18:41:af:28:59:3f:42:0b:ed:18:d4:eb:d9:78:77:e0:7c: 2f:9f:e2:b9:9e:45:bd:51:ca:59:7d:cb:be:3b:23:36:40:6d: c5:3e:82:22:bd:7a:3a:25:9e:b9:88:15:7e:ce:31:96:07:01: 66:6b:e3:81:9b:b2:dc:82:7c:3e:9b:8e:c4:0e:37:07:2b:c4: 80:45:cd:2f:8b:b3:b6:61:15:f1:6f:75:98:09:0a:8e:5d:52: 0d:12:33:16:e2:5a:cd:a3:9d:a9:3d:d1:68:0a:17:4e:7c:1b: f9:da:54:93:c2:57:71:60:f1:40:ff:0d:be:35:2d:3d:b2:fd: 90:98:29:9e -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUW+TP55uRQOghVB05KS6dYhKeI7AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAxMjgxMloX DTI3MDUwMjAxMzMxMlowMzExMC8GA1UEAxMoQUYyMDcwQjEyNjA1MzFGQkYwNjlG N0FFNzI4RDE4MjRFMDE5NzI2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO+sgfSx9ZPsJbUwTVJXG2oqQR7gZIksaQF0r1vOfYdcEGFOjqJFYKYiuehF oN0NZQcdVkHmlvovrR871scxMcYH5sb84po7mOBRbiKLOYFAcXo42bclks1kENA7 8AN5Sbh8mabGNCN4E6t4xwaENf11gHkM1zMqgpA2y0L+wWGazhRD8x7Er4cv4B+Y 7kGUgCiu+OZLzUoDfTQCOGE/tLdQALGEKzDX3h1dX5Q5gf/ZxTotjZifSuMARP7y BRYJqN9uUo8OBTZ2SeI+nr9D68WPOzXBT+Zf6K8HYuXaQSO6itRoXdUfMnX1qgKA hpwKYRYa2qhPiTRSQYFlTG9BN5UCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFK8gcLEmBTH78Gn3rnKNGCTgGXJmMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2ExZjE1YTFkLTVkYWMtNGNjOS04MTFhLWU0OWNiNGU3YmNlMS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9hMWYxNWEx ZC01ZGFjLTRjYzktODExYS1lNDljYjRlN2JjZTEvMC9BRjIwNzBCMTI2MDUzMUZC RjA2OUY3QUU3MjhEMTgyNEUwMTk3MjY2Lm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnRTeMA0GCSqGSIb3DQEBCwUAA4IBAQByOy0Hv+8I+G+XsvL30c2DxOvX80+C dMWeUuLCNnSPr3ojJpkkA9Wo/A2L9GfCbGcWIhVzXAQeSik+9ASI1Y65wyUH5x5o IWEAGI1xq27sGhbjBmHaXDsmVN6OzV96HGu39idyn7ewfYNfT9EQAqzpxgTEi1D9 aXwkLt9DEVgbGEGvKFk/QgvtGNTr2Xh34Hwvn+K5nkW9UcpZfcu+OyM2QG3FPoIi vXo6JZ65iBV+zjGWBwFma+OBm7Lcgnw+m47EDjcHK8SARc0vi7O2YRXxb3WYCQqO XVINEjMW4lrNo52pPdFoChdOfBv52lSTwldxYPFA/w2+NS09sv2QmCme -----END CERTIFICATE-----Generated at Tue May 12 22:16:51 2026 by rpki-client