$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/2CF0624C97052A188B12C2D8DFD69256BEAEA0A3.cer File: 2CF0624C97052A188B12C2D8DFD69256BEAEA0A3.cer (raw, json) Hash identifier: xFGHRZaTZoqE2PcOkodR4KfJMgonDYi1rfYAKJ6kZ2o= Subject key identifier: 2C:F0:62:4C:97:05:2A:18:8B:12:C2:D8:DF:D6:92:56:BE:AE:A0:A3 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 7B04CB00C64D4A430AC5AC1E4F69940A90211C17 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/153b067c-ecc9-4dca-987d-b9576815f855/0/2CF0624C97052A188B12C2D8DFD69256BEAEA0A3.mft caRepository: rsync://rpki-rsync.idnic.net/repo/153b067c-ecc9-4dca-987d-b9576815f855/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sat 02 May 2026 23:53:10 +0000 Certificate not after: Sat 01 May 2027 23:58:10 +0000 Subordinate resources: IP: 117.121.200.0/21 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:04:cb:00:c6:4d:4a:43:0a:c5:ac:1e:4f:69:94:0a:90:21:1c:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 2 23:53:10 2026 GMT Not After : May 1 23:58:10 2027 GMT Subject: CN=2CF0624C97052A188B12C2D8DFD69256BEAEA0A3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:1d:c7:10:99:4f:45:eb:15:11:64:17:23:a9: fd:65:3b:b1:3d:d7:d4:4d:b6:18:18:af:79:aa:53: 74:ce:4d:25:1f:1d:35:4d:76:83:37:64:88:3c:54: 97:98:52:28:ad:21:0d:b5:11:50:f6:47:70:f9:9e: 85:7e:5d:4b:12:11:47:a8:af:3a:89:e8:4e:3c:f4: f8:2e:6c:cc:cd:ce:09:14:f5:3b:a5:87:3f:a5:25: 19:e6:46:4a:e7:c4:f7:40:44:bf:d6:b4:23:1e:93: 48:cc:30:bd:d5:39:1a:b7:40:35:dc:57:8b:70:25: 74:6c:62:8f:aa:8d:3d:82:ec:2d:5f:40:83:f9:11: 31:5b:3b:ac:bb:0c:59:8e:3e:71:cd:58:b5:fc:dc: f9:49:4b:1c:10:a5:ae:f1:2e:7c:0f:9a:40:07:fb: ae:b4:a9:0e:90:ba:4f:03:8c:04:aa:2d:84:dd:ed: df:bc:84:ad:e0:ff:67:7d:36:2f:c1:b0:74:ec:1b: af:02:c5:ed:6d:b0:d4:44:db:c5:f5:d2:31:18:8d: ef:c6:4f:02:ee:93:11:a5:e0:f1:9b:30:46:61:a4: f4:2e:a6:72:df:b7:7e:a9:d2:f5:73:08:96:12:e5: 49:aa:a6:09:51:6f:5e:c4:ea:01:24:86:75:40:02: a2:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2C:F0:62:4C:97:05:2A:18:8B:12:C2:D8:DF:D6:92:56:BE:AE:A0:A3 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/153b067c-ecc9-4dca-987d-b9576815f855/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/153b067c-ecc9-4dca-987d-b9576815f855/0/2CF0624C97052A188B12C2D8DFD69256BEAEA0A3.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 117.121.200.0/21 Signature Algorithm: sha256WithRSAEncryption 44:f8:95:73:6b:f4:fb:3e:25:ca:e6:21:71:d3:17:e6:3b:02: a2:6c:11:e7:e4:96:59:eb:a3:f0:1d:25:ba:ae:0f:fb:2f:98: f9:8f:42:29:d7:5d:26:3d:c0:94:fa:ad:29:b5:e7:8a:4a:71: 75:7d:6c:35:28:4c:5f:ea:83:71:34:3e:5f:0d:3b:54:d2:17: 29:c2:c4:53:52:ac:ea:45:21:5c:53:64:19:72:25:97:0a:ba: 98:bc:74:4a:2b:0e:97:ec:0b:72:be:36:0b:92:8f:da:12:05: cb:b3:97:d5:66:bf:9c:97:2d:60:5b:ba:73:08:10:40:a6:71: 3d:2f:6d:b0:d9:86:a1:a8:a1:e7:09:6d:8b:14:ea:a7:bb:29: 9f:08:61:a6:a1:93:9b:be:c4:ab:35:ef:8b:57:92:69:63:b4: 5d:64:21:77:f2:83:8b:99:b8:d8:01:56:bf:4f:ce:5f:bb:12: ec:84:b9:3e:60:fc:f1:c1:09:cf:6d:45:d4:1d:b3:3e:51:b9: 22:fa:34:aa:44:f9:4a:81:fd:39:f1:e8:71:d3:ef:9f:b3:80: 58:ec:b7:63:e4:0d:65:f8:18:10:1e:9d:03:f6:bd:99:33:9f: 39:ef:31:96:05:0c:e9:1a:3a:f5:b2:1f:c0:1f:f9:21:3a:e7: 54:8b:75:e2 -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgIUewTLAMZNSkMKxaweT2mUCpAhHBcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMjIzNTMxMFoX DTI3MDUwMTIzNTgxMFowMzExMC8GA1UEAxMoMkNGMDYyNEM5NzA1MkExODhCMTJD MkQ4REZENjkyNTZCRUFFQTBBMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMQdxxCZT0XrFRFkFyOp/WU7sT3X1E22GBiveapTdM5NJR8dNU12gzdkiDxU l5hSKK0hDbURUPZHcPmehX5dSxIRR6ivOonoTjz0+C5szM3OCRT1O6WHP6UlGeZG SufE90BEv9a0Ix6TSMwwvdU5GrdANdxXi3AldGxij6qNPYLsLV9Ag/kRMVs7rLsM WY4+cc1Ytfzc+UlLHBClrvEufA+aQAf7rrSpDpC6TwOMBKothN3t37yEreD/Z302 L8GwdOwbrwLF7W2w1ETbxfXSMRiN78ZPAu6TEaXg8ZswRmGk9C6mct+3fqnS9XMI lhLlSaqmCVFvXsTqASSGdUACouECAwEAAaOCArkwggK1MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCzwYkyXBSoYixLC2N/Wkla+rqCjMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzE1M2IwNjdjLWVjYzktNGRjYS05ODdkLWI5NTc2ODE1Zjg1NS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8xNTNiMDY3 Yy1lY2M5LTRkY2EtOTg3ZC1iOTU3NjgxNWY4NTUvMC8yQ0YwNjI0Qzk3MDUyQTE4 OEIxMkMyRDhERkQ2OTI1NkJFQUVBMEEzLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQDdXnIMA0GCSqGSIb3DQEBCwUAA4IBAQBE+JVza/T7PiXK5iFx0xfmOwKibBHn 5JZZ66PwHSW6rg/7L5j5j0Ip110mPcCU+q0pteeKSnF1fWw1KExf6oNxND5fDTtU 0hcpwsRTUqzqRSFcU2QZciWXCrqYvHRKKw6X7AtyvjYLko/aEgXLs5fVZr+cly1g W7pzCBBApnE9L22w2YahqKHnCW2LFOqnuymfCGGmoZObvsSrNe+LV5JpY7RdZCF3 8oOLmbjYAVa/T85fuxLshLk+YPzxwQnPbUXUHbM+Ubki+jSqRPlKgf058ehx0++f s4BY7Ldj5A1l+BgQHp0D9r2ZM5857zGWBQzpGjr1sh/AH/khOudUi3Xi -----END CERTIFICATE-----Generated at Wed May 13 01:07:17 2026 by rpki-client