$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/BDFBC7A3A82ADE064A7D3157A49E83CFB76B9CCD.cer File: BDFBC7A3A82ADE064A7D3157A49E83CFB76B9CCD.cer (raw, json) Hash identifier: Q0f+d6p3JiXQ2h9oiu1q4YbMLMSDyqmEXffzlHrqW/U= Subject key identifier: BD:FB:C7:A3:A8:2A:DE:06:4A:7D:31:57:A4:9E:83:CF:B7:6B:9C:CD Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 2295A8615883D2F4E1F23151C51D5662A0D5A642 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/c82b8f56-8e82-4644-b049-2c5c2ffb4d99/0/BDFBC7A3A82ADE064A7D3157A49E83CFB76B9CCD.mft caRepository: rsync://rpki-rsync.idnic.net/repo/c82b8f56-8e82-4644-b049-2c5c2ffb4d99/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:52:23 +0000 Certificate not after: Sun 02 May 2027 01:57:23 +0000 Subordinate resources: IP: 157.20.46.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:95:a8:61:58:83:d2:f4:e1:f2:31:51:c5:1d:56:62:a0:d5:a6:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 01:52:23 2026 GMT Not After : May 2 01:57:23 2027 GMT Subject: CN=BDFBC7A3A82ADE064A7D3157A49E83CFB76B9CCD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:86:b6:51:63:76:65:40:65:25:1d:21:f7:6c: 22:fd:8c:c4:3b:20:0f:86:f3:69:8a:28:ed:15:00: 71:55:d5:7d:81:45:2c:45:10:fc:b7:73:8a:8a:5d: be:b0:dd:e7:f8:69:44:e8:d9:22:a1:c8:1b:20:5a: 95:0e:84:56:bf:5b:b8:dc:de:31:66:72:ec:47:7a: df:dd:c4:92:fa:c3:d7:cd:94:40:1a:07:1a:77:b0: 27:0c:df:c1:07:3a:ac:d2:5a:96:52:58:65:01:57: 57:6c:a4:ac:d1:a4:1c:12:07:fc:9d:91:10:e0:ef: 3c:e5:a6:2c:6d:4f:87:a7:a6:9c:77:48:b8:0f:d2: c0:44:ba:4c:21:b2:1a:92:45:d6:79:01:c5:63:a1: 94:ed:7d:01:2d:b0:2c:c3:f4:4b:7a:03:ad:29:a0: 97:6c:f7:0f:69:f5:8d:e1:b8:9a:0d:fa:71:47:e5: 70:cb:c5:d8:85:f8:a8:af:83:9b:18:2f:cf:80:29: 37:ef:72:27:08:7a:83:cb:78:e0:99:17:66:6c:e2: 8c:41:73:c8:0b:f1:2f:cc:67:d9:12:e4:80:4f:8a: f5:69:42:15:ae:bb:bf:da:c5:eb:00:bf:c8:bd:96: 66:38:45:d6:bd:61:37:74:1a:22:95:d7:89:d2:bc: 3e:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: BD:FB:C7:A3:A8:2A:DE:06:4A:7D:31:57:A4:9E:83:CF:B7:6B:9C:CD X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/c82b8f56-8e82-4644-b049-2c5c2ffb4d99/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/c82b8f56-8e82-4644-b049-2c5c2ffb4d99/0/BDFBC7A3A82ADE064A7D3157A49E83CFB76B9CCD.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.46.0/23 Signature Algorithm: sha256WithRSAEncryption 3c:4d:8b:ba:15:9b:26:b2:93:ac:86:06:73:c1:55:80:15:ae: 15:38:95:4c:44:79:8d:59:ca:12:ad:c8:0a:8d:99:5b:c7:11: dc:50:d7:fd:35:9e:b5:d7:49:ef:9c:70:9c:4e:45:c6:ee:b4: 9c:b4:7a:5e:9d:d9:03:f2:14:f6:c4:9f:0b:d1:df:e9:a8:e0: 67:9c:4e:4f:08:ae:25:29:05:17:0e:1b:9e:e5:c3:01:fa:62: b2:45:7c:dd:a4:a9:bb:6b:bb:d4:30:62:52:d6:8d:05:f6:8b: 51:1f:11:a0:ec:cc:73:ec:d1:03:09:69:04:41:5c:30:0e:fe: 26:70:e9:d7:c8:f9:1c:f3:c5:ac:16:5b:f8:1a:f8:04:53:da: 43:25:e8:5f:a7:82:32:37:5d:80:13:e1:5e:c1:61:c1:cf:a4: ff:ec:b0:fb:f3:4d:71:28:e8:72:79:3a:4a:f9:c7:d1:7f:75: 9d:5d:8d:e3:e6:05:89:e1:4e:dd:50:d6:95:53:42:c1:36:43: 3e:b4:9a:d4:f2:e4:a7:70:7e:b0:a8:ee:93:4f:92:12:12:38: 63:62:80:a9:23:0f:b5:21:7b:cd:b9:bc:14:2e:9e:80:9c:8c: 34:0e:dc:23:9f:ae:cc:52:39:43:6b:97:2c:71:ad:26:0d:ad: c1:45:78:ea -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUIpWoYViD0vTh8jFRxR1WYqDVpkIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAxNTIyM1oX DTI3MDUwMjAxNTcyM1owMzExMC8GA1UEAxMoQkRGQkM3QTNBODJBREUwNjRBN0Qz MTU3QTQ5RTgzQ0ZCNzZCOUNDRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM6GtlFjdmVAZSUdIfdsIv2MxDsgD4bzaYoo7RUAcVXVfYFFLEUQ/Ldziopd vrDd5/hpROjZIqHIGyBalQ6EVr9buNzeMWZy7Ed6393EkvrD182UQBoHGnewJwzf wQc6rNJallJYZQFXV2ykrNGkHBIH/J2REODvPOWmLG1Ph6emnHdIuA/SwES6TCGy GpJF1nkBxWOhlO19AS2wLMP0S3oDrSmgl2z3D2n1jeG4mg36cUflcMvF2IX4qK+D mxgvz4ApN+9yJwh6g8t44JkXZmzijEFzyAvxL8xn2RLkgE+K9WlCFa67v9rF6wC/ yL2WZjhF1r1hN3QaIpXXidK8Po0CAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFL37x6OoKt4GSn0xV6Seg8+3a5zNMB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2M4MmI4ZjU2LThlODItNDY0NC1iMDQ5LTJjNWMyZmZiNGQ5OS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9jODJiOGY1 Ni04ZTgyLTQ2NDQtYjA0OS0yYzVjMmZmYjRkOTkvMC9CREZCQzdBM0E4MkFERTA2 NEE3RDMxNTdBNDlFODNDRkI3NkI5Q0NELm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnRQuMA0GCSqGSIb3DQEBCwUAA4IBAQA8TYu6FZsmspOshgZzwVWAFa4VOJVM RHmNWcoSrcgKjZlbxxHcUNf9NZ6110nvnHCcTkXG7rSctHpendkD8hT2xJ8L0d/p qOBnnE5PCK4lKQUXDhue5cMB+mKyRXzdpKm7a7vUMGJS1o0F9otRHxGg7Mxz7NED CWkEQVwwDv4mcOnXyPkc88WsFlv4GvgEU9pDJehfp4IyN12AE+FewWHBz6T/7LD7 801xKOhyeTpK+cfRf3WdXY3j5gWJ4U7dUNaVU0LBNkM+tJrU8uSncH6wqO6TT5IS EjhjYoCpIw+1IXvNubwULp6AnIw0Dtwjn67MUjlDa5csca0mDa3BRXjq -----END CERTIFICATE-----Generated at Tue May 12 22:10:22 2026 by rpki-client