$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/BAA973B32B2177C10441FFA1198AD30A3ACABB9C.cer File: BAA973B32B2177C10441FFA1198AD30A3ACABB9C.cer (raw, json) Hash identifier: JIHgjB9tOVIjU/8gc4F+nsZyWyEUREg+lZz1ZUhI9Ro= Subject key identifier: BA:A9:73:B3:2B:21:77:C1:04:41:FF:A1:19:8A:D3:0A:3A:CA:BB:9C Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 24CF2C0AA1B1FC63DD08C8AA7619F39F83232322 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/87c432e0-dc3e-42cc-bcc0-629b16206c9a/0/BAA973B32B2177C10441FFA1198AD30A3ACABB9C.mft caRepository: rsync://rpki-rsync.idnic.net/repo/87c432e0-dc3e-42cc-bcc0-629b16206c9a/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:11:11 +0000 Certificate not after: Sun 02 May 2027 01:16:11 +0000 Subordinate resources: IP: 160.25.178.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:cf:2c:0a:a1:b1:fc:63:dd:08:c8:aa:76:19:f3:9f:83:23:23:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 01:11:11 2026 GMT Not After : May 2 01:16:11 2027 GMT Subject: CN=BAA973B32B2177C10441FFA1198AD30A3ACABB9C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:f8:02:b4:4c:fa:97:98:73:c9:c4:73:1d:a8: 18:07:d8:44:f0:a2:cb:4a:86:65:75:4a:19:ce:e2: 2f:b9:da:6f:e9:24:af:15:e5:61:88:16:ae:21:ac: 51:35:e4:1b:83:ec:87:2a:b8:1b:e6:a6:3d:78:4a: 2c:b1:e6:c4:b2:08:f2:ef:6f:5c:8c:cc:14:5a:78: ee:36:0f:4c:1a:da:59:88:00:6f:d5:43:e8:a3:af: 35:2a:54:5f:b4:4c:ed:76:ae:d8:72:72:3e:3a:c3: b1:e8:c9:2b:13:76:12:15:65:fa:ad:3a:7d:0e:7a: b2:55:e3:18:90:d8:7f:f4:fd:bf:4b:a4:e1:6c:3c: 57:a2:bd:a8:af:e5:a9:da:3c:bb:37:5b:fc:91:87: 02:7d:93:03:a3:89:94:5b:d4:4d:a3:bd:91:c4:f8: 9b:e1:da:bd:45:b3:cc:e2:73:49:bc:e8:24:0e:ec: 53:be:a5:fe:d3:8b:60:4b:26:12:7a:b9:71:07:b6: 87:f3:4f:82:c0:68:29:74:8e:ae:02:d9:c9:0e:9a: ec:58:25:b9:17:3c:19:e2:67:8e:37:f1:70:c1:13: 7e:d0:d1:cb:aa:aa:34:95:c1:fa:a3:84:9b:75:a1: d5:a2:cd:c8:ff:5c:b9:23:b8:f7:c1:f9:87:88:12: 15:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: BA:A9:73:B3:2B:21:77:C1:04:41:FF:A1:19:8A:D3:0A:3A:CA:BB:9C X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/87c432e0-dc3e-42cc-bcc0-629b16206c9a/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/87c432e0-dc3e-42cc-bcc0-629b16206c9a/0/BAA973B32B2177C10441FFA1198AD30A3ACABB9C.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.178.0/23 Signature Algorithm: sha256WithRSAEncryption 3d:8b:36:6f:e7:78:1f:53:64:01:90:fc:02:88:18:27:a2:61: b8:a9:cc:2c:a4:26:08:2b:58:3e:78:8b:08:7f:3f:9d:c0:e5: 24:11:a8:43:af:03:d9:40:17:88:4d:78:6b:52:16:32:8a:b0: 29:57:d7:96:ed:5c:2c:d2:be:6e:ca:66:99:9b:dd:7e:ae:26: 01:b3:73:92:de:77:0b:35:4f:11:79:b9:69:65:09:76:79:b7: 24:b1:a4:41:a0:d8:f4:91:cc:a0:49:d5:62:c6:02:9f:0e:3e: 20:8e:26:f1:38:fa:9d:f3:69:af:51:28:66:56:02:ef:64:26: 99:b6:bb:3c:27:99:3a:5f:51:9d:12:55:94:80:79:7f:d1:7f: 75:58:66:65:db:47:fa:51:6a:4d:c8:c6:40:40:40:21:1a:4f: 68:7a:ff:71:6d:3c:f2:de:79:4b:b8:07:cb:18:e1:83:f2:16: 9a:89:f1:89:ee:f0:1e:d4:ea:ef:e2:ae:f4:25:72:de:a6:25: 3b:ba:bf:6f:72:0a:be:a4:00:60:d4:e4:07:34:40:e9:60:e5: 41:3f:73:00:30:c6:5f:b5:83:b4:0a:0f:9e:4d:62:c0:e8:67: b9:dd:dc:9c:b6:16:b5:e3:b9:82:73:aa:da:11:f0:be:c5:9f: f4:e7:da:2e -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUJM8sCqGx/GPdCMiqdhnzn4MjIyIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAxMTExMVoX DTI3MDUwMjAxMTYxMVowMzExMC8GA1UEAxMoQkFBOTczQjMyQjIxNzdDMTA0NDFG RkExMTk4QUQzMEEzQUNBQkI5QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAML4ArRM+peYc8nEcx2oGAfYRPCiy0qGZXVKGc7iL7nab+kkrxXlYYgWriGs UTXkG4Pshyq4G+amPXhKLLHmxLII8u9vXIzMFFp47jYPTBraWYgAb9VD6KOvNSpU X7RM7Xau2HJyPjrDsejJKxN2EhVl+q06fQ56slXjGJDYf/T9v0uk4Ww8V6K9qK/l qdo8uzdb/JGHAn2TA6OJlFvUTaO9kcT4m+HavUWzzOJzSbzoJA7sU76l/tOLYEsm Enq5cQe2h/NPgsBoKXSOrgLZyQ6a7FgluRc8GeJnjjfxcMETftDRy6qqNJXB+qOE m3Wh1aLNyP9cuSO498H5h4gSFWsCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFLqpc7MrIXfBBEH/oRmK0wo6yrucMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv Lzg3YzQzMmUwLWRjM2UtNDJjYy1iY2MwLTYyOWIxNjIwNmM5YS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby84N2M0MzJl MC1kYzNlLTQyY2MtYmNjMC02MjliMTYyMDZjOWEvMC9CQUE5NzNCMzJCMjE3N0Mx MDQ0MUZGQTExOThBRDMwQTNBQ0FCQjlDLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBoBmyMA0GCSqGSIb3DQEBCwUAA4IBAQA9izZv53gfU2QBkPwCiBgnomG4qcws pCYIK1g+eIsIfz+dwOUkEahDrwPZQBeITXhrUhYyirApV9eW7Vws0r5uymaZm91+ riYBs3OS3ncLNU8ReblpZQl2ebcksaRBoNj0kcygSdVixgKfDj4gjibxOPqd82mv UShmVgLvZCaZtrs8J5k6X1GdElWUgHl/0X91WGZl20f6UWpNyMZAQEAhGk9oev9x bTzy3nlLuAfLGOGD8haaifGJ7vAe1Orv4q70JXLepiU7ur9vcgq+pABg1OQHNEDp YOVBP3MAMMZftYO0Cg+eTWLA6Ge53dyctha147mCc6raEfC+xZ/059ou -----END CERTIFICATE-----Generated at Tue May 12 22:03:41 2026 by rpki-client