$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/AF3D1EB6F3B74B12606797C31C2353B780FDFDFD.cer File: AF3D1EB6F3B74B12606797C31C2353B780FDFDFD.cer (raw, json) Hash identifier: s6tt5kiTvDYlenNk0oFjE8KaiER3ireo2jJX2tQF1oE= Subject key identifier: AF:3D:1E:B6:F3:B7:4B:12:60:67:97:C3:1C:23:53:B7:80:FD:FD:FD Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 0807BCA9F19C696427C73F74D649B3CA42575F97 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/AF3D1EB6F3B74B12606797C31C2353B780FDFDFD.mft caRepository: rsync://rpki-rsync.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:51:14 +0000 Certificate not after: Sun 02 May 2027 01:56:14 +0000 Subordinate resources: IP: 160.25.114.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:07:bc:a9:f1:9c:69:64:27:c7:3f:74:d6:49:b3:ca:42:57:5f:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 01:51:14 2026 GMT Not After : May 2 01:56:14 2027 GMT Subject: CN=AF3D1EB6F3B74B12606797C31C2353B780FDFDFD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:c5:b9:f3:f4:e1:46:7a:89:ca:98:b3:fa:19: 03:b8:6f:07:cd:04:0e:55:c4:5b:77:b9:5f:a2:dc: e3:08:60:48:5d:f7:bc:bf:05:9b:d5:e4:25:7c:53: c1:57:26:5f:8b:10:b3:c4:df:b5:13:49:3c:25:30: eb:52:be:38:13:6e:78:26:77:68:da:22:0a:4e:fd: 41:e8:19:ee:54:9a:d8:c2:19:b0:c8:dd:78:f3:cc: e6:52:ae:4f:aa:e2:63:bc:31:2e:97:28:1d:42:2e: 1e:7c:48:bb:64:da:b7:fd:98:25:43:57:75:0e:05: e3:4d:7d:8d:01:29:b3:f4:66:6a:fc:77:8b:88:49: b5:80:99:5a:62:36:5f:89:f0:89:ca:99:4c:f9:4f: be:8c:95:7f:4f:ba:7c:df:3a:02:08:b0:67:39:a3: 20:79:79:7e:28:a9:94:b9:fc:41:b3:73:10:33:94: fc:a6:8e:89:9a:1b:72:12:cc:68:11:e6:6c:cd:68: 5e:95:1f:fd:24:34:68:5a:e0:36:f2:2f:63:06:e7: a3:0c:5e:e9:4a:d5:80:ce:78:42:e5:c9:0a:f7:c7: 08:4a:0a:90:18:57:0f:94:40:1f:38:9d:2f:3a:99: 41:6d:42:b3:97:c8:41:40:55:9a:ac:97:05:1e:10: 0d:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AF:3D:1E:B6:F3:B7:4B:12:60:67:97:C3:1C:23:53:B7:80:FD:FD:FD X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/c67860e3-6ad8-47a5-94c0-93ffd2472865/0/AF3D1EB6F3B74B12606797C31C2353B780FDFDFD.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.114.0/23 Signature Algorithm: sha256WithRSAEncryption 65:e3:e6:48:0a:cd:4f:99:a6:94:21:31:3d:c3:58:df:5a:57: d5:21:1a:cb:10:bc:ef:38:cf:5e:a5:c7:eb:da:8f:7d:c6:5f: 01:f4:75:39:87:04:ce:78:e3:3f:b5:70:37:cc:77:be:76:6a: 98:8a:98:6b:6b:e1:c3:76:23:9f:23:41:bd:67:de:db:b9:1d: 06:f2:2a:67:85:cb:cc:98:e4:95:e4:db:08:ca:38:0d:83:04: 0c:5b:26:71:3f:42:02:8a:e5:bc:b0:73:b6:27:df:11:6d:3e: f6:83:86:f8:4e:cd:e7:47:f4:d8:e0:e6:4e:e0:29:0d:f1:ba: 4c:fb:02:36:6c:b8:37:4e:3d:a9:ed:98:08:fc:85:2a:e7:91: c2:a2:d1:b1:e1:b3:ee:cc:e4:3b:09:d1:b9:c4:33:0a:c6:bc: 91:1e:0b:b1:1a:d7:19:6d:29:50:3f:29:55:f8:88:03:66:bf: c2:a3:6f:fe:2e:83:41:2c:de:d5:f5:fa:02:76:f7:49:20:6b: b5:52:a6:e9:e9:de:a7:d1:01:1c:16:b2:41:37:f9:50:f6:ff: 32:ce:4c:fd:87:f0:3e:07:c9:6f:12:54:bc:13:fd:36:60:c2: b1:b9:f6:7e:ee:0e:e6:08:e1:f2:1a:10:9f:22:83:cf:13:76: f7:30:2b:0a -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUCAe8qfGcaWQnxz901kmzykJXX5cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAxNTExNFoX DTI3MDUwMjAxNTYxNFowMzExMC8GA1UEAxMoQUYzRDFFQjZGM0I3NEIxMjYwNjc5 N0MzMUMyMzUzQjc4MEZERkRGRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALzFufP04UZ6icqYs/oZA7hvB80EDlXEW3e5X6Lc4whgSF33vL8Fm9XkJXxT wVcmX4sQs8TftRNJPCUw61K+OBNueCZ3aNoiCk79QegZ7lSa2MIZsMjdePPM5lKu T6riY7wxLpcoHUIuHnxIu2Tat/2YJUNXdQ4F4019jQEps/Rmavx3i4hJtYCZWmI2 X4nwicqZTPlPvoyVf0+6fN86AgiwZzmjIHl5fiiplLn8QbNzEDOU/KaOiZobchLM aBHmbM1oXpUf/SQ0aFrgNvIvYwbnowxe6UrVgM54QuXJCvfHCEoKkBhXD5RAHzid LzqZQW1Cs5fIQUBVmqyXBR4QDb0CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFK89Hrbzt0sSYGeXwxwjU7eA/f39MB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2M2Nzg2MGUzLTZhZDgtNDdhNS05NGMwLTkzZmZkMjQ3Mjg2NS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9jNjc4NjBl My02YWQ4LTQ3YTUtOTRjMC05M2ZmZDI0NzI4NjUvMC9BRjNEMUVCNkYzQjc0QjEy NjA2Nzk3QzMxQzIzNTNCNzgwRkRGREZELm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBoBlyMA0GCSqGSIb3DQEBCwUAA4IBAQBl4+ZICs1PmaaUITE9w1jfWlfVIRrL ELzvOM9epcfr2o99xl8B9HU5hwTOeOM/tXA3zHe+dmqYiphra+HDdiOfI0G9Z97b uR0G8ipnhcvMmOSV5NsIyjgNgwQMWyZxP0ICiuW8sHO2J98RbT72g4b4Ts3nR/TY 4OZO4CkN8bpM+wI2bLg3Tj2p7ZgI/IUq55HCotGx4bPuzOQ7CdG5xDMKxryRHgux GtcZbSlQPylV+IgDZr/Co2/+LoNBLN7V9foCdvdJIGu1Uqbp6d6n0QEcFrJBN/lQ 9v8yzkz9h/A+B8lvElS8E/02YMKxufZ+7g7mCOHyGhCfIoPPE3b3MCsK -----END CERTIFICATE-----Generated at Tue May 12 22:10:29 2026 by rpki-client