$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/23778D1963851C4054ABA68BB8F80E5E45A7A7F1.cer File: 23778D1963851C4054ABA68BB8F80E5E45A7A7F1.cer (raw, json) Hash identifier: 3tFS3vtbIoWLa4+Nw3a5IixnnoRxtfUbatjgjPgr13I= Subject key identifier: 23:77:8D:19:63:85:1C:40:54:AB:A6:8B:B8:F8:0E:5E:45:A7:A7:F1 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 58AACC3CFD8AAC25546B41A000E8C07FDEEEEE8E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/8d22f649-9968-495d-bdf1-7d76256daad5/1/23778D1963851C4054ABA68BB8F80E5E45A7A7F1.mft caRepository: rsync://rpki-rsync.idnic.net/repo/8d22f649-9968-495d-bdf1-7d76256daad5/1/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:15:04 +0000 Certificate not after: Sun 02 May 2027 01:20:04 +0000 Subordinate resources: IP: 2001:df4:5540::/48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:aa:cc:3c:fd:8a:ac:25:54:6b:41:a0:00:e8:c0:7f:de:ee:ee:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:15:04 2026 GMT Not After : May 2 01:20:04 2027 GMT Subject: CN=23778D1963851C4054ABA68BB8F80E5E45A7A7F1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:c7:50:46:88:10:e5:97:db:a0:4b:9b:6a:2a: b1:7d:67:00:31:9f:cf:3e:f5:db:f9:00:85:04:dc: 33:61:9a:79:10:41:be:6f:ed:ba:5a:11:4b:1b:f3: 09:5d:d1:03:f9:be:53:c0:17:bc:76:f3:7f:61:cc: 95:48:49:0b:39:8e:63:58:3a:45:ba:9f:25:21:08: f0:89:28:df:d8:3e:72:55:0e:16:3e:28:7e:da:01: c7:71:83:f9:ea:07:e9:25:e4:79:9f:55:97:9b:ed: 0e:57:e8:72:ab:3c:e4:27:54:8d:0b:90:4b:34:28: d6:8c:69:84:24:a0:6b:f3:ed:71:39:70:d1:43:fa: 29:b1:19:f6:2e:d4:b2:93:85:5a:0b:59:f7:e8:22: 63:a3:00:1b:24:86:c7:70:3e:1b:18:ae:5d:e9:51: 13:44:5b:fa:aa:34:da:70:fb:ce:08:29:fd:e4:a1: 9b:90:07:92:2e:a9:e7:b5:7c:d0:3f:03:8b:da:9b: d6:61:7d:cb:f5:b6:69:9c:f4:55:23:94:bc:7b:6d: 61:39:67:96:3e:f0:24:e9:e9:df:5d:ce:32:56:ea: 30:88:87:a4:7f:b5:0b:06:48:19:21:4e:ac:0e:d7: 6b:f1:ed:0f:bc:a6:18:01:82:4c:ce:7b:c6:af:11: d2:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 23:77:8D:19:63:85:1C:40:54:AB:A6:8B:B8:F8:0E:5E:45:A7:A7:F1 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/8d22f649-9968-495d-bdf1-7d76256daad5/1/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/8d22f649-9968-495d-bdf1-7d76256daad5/1/23778D1963851C4054ABA68BB8F80E5E45A7A7F1.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df4:5540::/48 Signature Algorithm: sha256WithRSAEncryption 1a:46:89:99:15:de:60:cc:dc:00:23:fc:1a:ad:68:f1:9b:75: b8:ca:60:60:53:84:74:ce:34:89:e6:87:1a:13:96:8e:9c:64: 4c:21:c2:f7:27:93:2c:44:f8:b9:83:b2:a0:41:1d:39:be:ea: 45:e2:87:54:20:63:ca:3b:74:80:a5:16:66:8a:f4:9f:bd:7d: 97:d1:0d:24:d4:ee:ff:d3:94:e2:64:45:06:fd:21:19:06:2e: 6b:35:e5:01:96:fd:13:0e:84:04:bf:ee:8b:bc:f2:2d:d0:c3: 55:2f:5b:c3:ce:0c:44:44:96:d6:dd:43:ae:0e:f4:8d:65:62: 67:02:43:1c:c6:36:2a:9d:9a:17:e0:de:19:3d:01:07:a8:ed: 15:d4:fd:cd:fe:df:2f:a9:12:20:31:42:f1:9a:c5:e7:73:68: 2b:3d:d0:4d:1b:15:7b:6c:42:16:10:02:be:8d:fd:24:d9:a3: 4f:97:68:f7:a7:0e:ba:f4:67:97:b6:e4:ca:d4:40:76:63:43: 0f:4b:1c:6a:ea:47:89:a7:d5:eb:7a:65:29:37:91:9f:02:d8: 80:78:ad:d0:3d:0a:52:d8:31:41:35:cd:a8:4c:08:12:8d:78: ca:07:6c:d0:63:af:c8:20:55:84:37:7d:4c:68:7f:bf:2c:ab: be:99:c5:46 -----BEGIN CERTIFICATE----- MIIFyTCCBLGgAwIBAgIUWKrMPP2KrCVUa0GgAOjAf97u7o4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxMTUwNFoX DTI3MDUwMjAxMjAwNFowMzExMC8GA1UEAxMoMjM3NzhEMTk2Mzg1MUM0MDU0QUJB NjhCQjhGODBFNUU0NUE3QTdGMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ7HUEaIEOWX26BLm2oqsX1nADGfzz712/kAhQTcM2GaeRBBvm/tuloRSxvz CV3RA/m+U8AXvHbzf2HMlUhJCzmOY1g6RbqfJSEI8Iko39g+clUOFj4oftoBx3GD +eoH6SXkeZ9Vl5vtDlfocqs85CdUjQuQSzQo1oxphCSga/PtcTlw0UP6KbEZ9i7U spOFWgtZ9+giY6MAGySGx3A+GxiuXelRE0Rb+qo02nD7zggp/eShm5AHki6p57V8 0D8Di9qb1mF9y/W2aZz0VSOUvHttYTlnlj7wJOnp313OMlbqMIiHpH+1CwZIGSFO rA7Xa/HtD7ymGAGCTM57xq8R0kECAwEAAaOCArwwggK4MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCN3jRljhRxAVKumi7j4Dl5Fp6fxMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzhkMjJmNjQ5LTk5NjgtNDk1ZC1iZGYxLTdkNzYyNTZkYWFkNS8xLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby84ZDIyZjY0 OS05OTY4LTQ5NWQtYmRmMS03ZDc2MjU2ZGFhZDUvMS8yMzc3OEQxOTYzODUxQzQw NTRBQkE2OEJCOEY4MEU1RTQ1QTdBN0YxLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAIAEN9FVAMA0GCSqGSIb3DQEBCwUAA4IBAQAaRomZFd5gzNwAI/warWjxm3W4 ymBgU4R0zjSJ5ocaE5aOnGRMIcL3J5MsRPi5g7KgQR05vupF4odUIGPKO3SApRZm ivSfvX2X0Q0k1O7/05TiZEUG/SEZBi5rNeUBlv0TDoQEv+6LvPIt0MNVL1vDzgxE RJbW3UOuDvSNZWJnAkMcxjYqnZoX4N4ZPQEHqO0V1P3N/t8vqRIgMULxmsXnc2gr PdBNGxV7bEIWEAK+jf0k2aNPl2j3pw669GeXtuTK1EB2Y0MPSxxq6keJp9XremUp N5GfAtiAeK3QPQpS2DFBNc2oTAgSjXjKB2zQY6/IIFWEN31MaH+/LKu+mcVG -----END CERTIFICATE-----Generated at Tue May 12 22:16:10 2026 by rpki-client