$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/0/D60FBD2B1B5151C3F40734AE4A95277FC9BD8CBF.cer File: D60FBD2B1B5151C3F40734AE4A95277FC9BD8CBF.cer (raw, json) Hash identifier: CG52y8lnibVrx76ofl7zBYaabVPoaH89HIkDvHhmXIA= Subject key identifier: D6:0F:BD:2B:1B:51:51:C3:F4:07:34:AE:4A:95:27:7F:C9:BD:8C:BF Authority key identifier: 7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 Certificate issuer: /CN=A91862140000/serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Certificate serial: 6333A39CFB10C27513AB4F51366A3D37AE706BB4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Manifest: rsync://rpki-rsync.idnic.net/repo/f5f5ef18-6ffa-4d69-8c0c-3518cfa8758e/0/D60FBD2B1B5151C3F40734AE4A95277FC9BD8CBF.mft caRepository: rsync://rpki-rsync.idnic.net/repo/f5f5ef18-6ffa-4d69-8c0c-3518cfa8758e/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:37:32 +0000 Certificate not after: Sun 02 May 2027 02:42:32 +0000 Subordinate resources: IP: 157.66.20.0/23 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 07:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:33:a3:9c:fb:10:c2:75:13:ab:4f:51:36:6a:3d:37:ae:70:6b:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=7DF4349534441AF11A65DDD3588F74DC59C2D362 Validity Not Before: May 3 02:37:32 2026 GMT Not After : May 2 02:42:32 2027 GMT Subject: CN=D60FBD2B1B5151C3F40734AE4A95277FC9BD8CBF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:3f:5f:37:5d:39:a0:58:57:ff:3f:e2:b0:5b: 42:85:ef:9c:2c:04:0c:40:7e:64:b7:14:03:68:ee: 9d:b4:25:ea:de:38:90:14:85:62:09:2d:84:fc:16: 28:76:bb:a8:f8:ff:52:97:02:6b:b5:71:be:a0:ad: 3b:54:7c:83:df:24:d3:3f:db:51:9c:4e:eb:93:c1: 15:77:96:d8:20:ea:97:e4:aa:9b:b3:ca:89:fb:7c: 29:85:1e:60:f5:80:38:f8:fc:60:5b:ce:a5:73:00: 8c:89:9d:e4:5a:09:0c:48:bc:90:51:c9:e6:b6:60: 8b:32:01:8c:6e:a9:a5:47:6f:83:85:b8:a5:e7:e4: a2:f2:8e:6d:f4:6d:26:5b:69:80:d1:88:3f:9f:94: a4:65:26:db:7b:bd:d9:c7:af:ce:db:bd:be:9d:bc: 48:79:82:ef:93:07:05:b0:5c:5f:f1:ec:3a:cc:3b: 3d:80:1c:1f:dd:9f:a2:8d:64:fd:71:e0:b3:cd:5b: 7d:ba:f9:60:21:ed:d2:79:be:18:87:f7:6b:3a:a9: d0:5d:c5:f7:10:1f:9a:c2:f6:8d:e6:55:fe:65:23: df:b2:2a:64:29:73:df:e2:21:bc:cd:39:de:4a:e6: 0a:fe:26:89:62:1c:aa:75:91:e5:72:3e:47:1a:ec: 6c:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D6:0F:BD:2B:1B:51:51:C3:F4:07:34:AE:4A:95:27:7F:C9:BD:8C:BF X509v3 Authority Key Identifier: keyid:7D:F4:34:95:34:44:1A:F1:1A:65:DD:D3:58:8F:74:DC:59:C2:D3:62 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/0/7DF4349534441AF11A65DDD3588F74DC59C2D362.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ffQ0lTREGvEaZd3TWI903FnC02I.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/f5f5ef18-6ffa-4d69-8c0c-3518cfa8758e/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/f5f5ef18-6ffa-4d69-8c0c-3518cfa8758e/0/D60FBD2B1B5151C3F40734AE4A95277FC9BD8CBF.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.20.0/23 Signature Algorithm: sha256WithRSAEncryption 4e:f8:0b:59:01:80:a0:fe:12:23:01:39:23:68:b8:48:47:f9: 8b:74:04:39:3c:d5:f8:44:e6:b6:d5:1b:65:8d:89:bd:b3:37: 41:0d:b9:01:a4:3a:34:49:50:ca:93:04:b0:95:4c:2c:c5:57: 29:8a:4c:70:ac:f0:e0:25:e8:f3:41:51:99:5e:d0:34:c3:43: 1c:f9:9d:1e:c6:22:18:3a:a1:9b:65:43:9d:42:19:fd:e0:8d: 6c:48:ad:69:26:1c:0d:81:b4:37:13:a7:21:13:d6:0d:bb:4b: e3:f6:98:df:a2:91:12:a0:b9:c5:14:ab:6f:ec:71:0a:57:ec: 04:cb:26:4c:c6:e2:10:8b:f6:60:70:7b:5b:73:ba:c6:f0:8c: a7:cc:33:ad:be:82:be:46:af:5e:6d:60:ed:c4:8f:9a:9f:98: 84:30:ef:29:01:0f:05:52:47:72:c9:cf:05:91:86:46:b9:67: 67:67:48:cd:8f:49:a4:dc:f4:a9:92:dd:4a:12:10:ab:23:c7: 7a:96:06:65:21:c8:20:c5:7b:e2:53:1e:90:01:97:ec:4e:14: 0c:e8:23:a4:b9:52:6d:81:8e:1e:0b:75:33:f2:d0:79:6d:38: 8e:0c:30:60:d5:10:c9:29:70:8f:31:35:65:a2:ba:f7:dd:12: ed:f7:49:7d -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUYzOjnPsQwnUTq09RNmo9N65wa7QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg3REY0MzQ5NTM0 NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyMB4XDTI2MDUwMzAyMzczMloX DTI3MDUwMjAyNDIzMlowMzExMC8GA1UEAxMoRDYwRkJEMkIxQjUxNTFDM0Y0MDcz NEFFNEE5NTI3N0ZDOUJEOENCRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOg/XzddOaBYV/8/4rBbQoXvnCwEDEB+ZLcUA2junbQl6t44kBSFYgkthPwW KHa7qPj/UpcCa7VxvqCtO1R8g98k0z/bUZxO65PBFXeW2CDql+Sqm7PKift8KYUe YPWAOPj8YFvOpXMAjImd5FoJDEi8kFHJ5rZgizIBjG6ppUdvg4W4pefkovKObfRt JltpgNGIP5+UpGUm23u92cevztu9vp28SHmC75MHBbBcX/HsOsw7PYAcH92foo1k /XHgs81bfbr5YCHt0nm+GIf3azqp0F3F9xAfmsL2jeZV/mUj37IqZClz3+IhvM05 3krmCv4miWIcqnWR5XI+RxrsbDMCAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNYPvSsbUVHD9Ac0rkqVJ3/JvYy/MB8GA1UdIwQYMBaAFH30 NJU0RBrxGmXd01iPdNxZwtNiMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMC83 REY0MzQ5NTM0NDQxQUYxMUE2NURERDM1ODhGNzREQzU5QzJEMzYyLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9mZlEw bFRSRUd2RWFaZDNUV0k5MDNGbkMwMkkuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2Y1ZjVlZjE4LTZmZmEtNGQ2OS04YzBjLTM1MThjZmE4NzU4ZS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9mNWY1ZWYx OC02ZmZhLTRkNjktOGMwYy0zNTE4Y2ZhODc1OGUvMC9ENjBGQkQyQjFCNTE1MUMz RjQwNzM0QUU0QTk1Mjc3RkM5QkQ4Q0JGLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQBnUIUMA0GCSqGSIb3DQEBCwUAA4IBAQBO+AtZAYCg/hIjATkjaLhIR/mLdAQ5 PNX4ROa21RtljYm9szdBDbkBpDo0SVDKkwSwlUwsxVcpikxwrPDgJejzQVGZXtA0 w0Mc+Z0exiIYOqGbZUOdQhn94I1sSK1pJhwNgbQ3E6chE9YNu0vj9pjfopESoLnF FKtv7HEKV+wEyyZMxuIQi/ZgcHtbc7rG8IynzDOtvoK+Rq9ebWDtxI+an5iEMO8p AQ8FUkdyyc8FkYZGuWdnZ0jNj0mk3PSpkt1KEhCrI8d6lgZlIcggxXviUx6QAZfs ThQM6COkuVJtgY4eC3Uz8tB5bTiODDBg1RDJKXCPMTVlorr33RLt90l9 -----END CERTIFICATE-----Generated at Tue May 12 22:03:44 2026 by rpki-client