$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/7521EB714EF9A5F0A697E8574714A86DCF234610.cer File: 7521EB714EF9A5F0A697E8574714A86DCF234610.cer (raw, json) Hash identifier: 2lmVuuAHBAdb+q4zcB6JF52jik9FeZ1V3ekl/ff5E04= Subject key identifier: 75:21:EB:71:4E:F9:A5:F0:A6:97:E8:57:47:14:A8:6D:CF:23:46:10 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 3A18B20A78C695A06AB2E7D7B23F7C0194A54CF8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/7521EB714EF9A5F0A697E8574714A86DCF234610.mft caRepository: rsync://rpki-rsync.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 00:12:09 +0000 Certificate not after: Sun 02 May 2027 00:17:09 +0000 Subordinate resources: IP: 27.124.80.0/20 IP: 103.25.108.0/22 IP: 119.47.88.0/22 IP: 119.47.95.0/24 IP: 124.109.20.0/22 IP: 2402:d680::/32 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:18:b2:0a:78:c6:95:a0:6a:b2:e7:d7:b2:3f:7c:01:94:a5:4c:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 00:12:09 2026 GMT Not After : May 2 00:17:09 2027 GMT Subject: CN=7521EB714EF9A5F0A697E8574714A86DCF234610 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:f1:2e:c4:0c:5e:5b:86:c2:e6:1d:da:e9:15: 9d:a1:dd:6f:92:fd:db:08:25:b4:c0:39:bd:a6:b9: 97:2e:72:a2:6a:9e:c0:cd:05:41:74:af:20:06:87: cc:ff:49:92:94:df:e2:1c:24:b3:b4:e8:25:40:f5: 7a:4c:d2:98:6e:fd:d7:f8:ba:05:f8:65:ee:4b:f4: 75:b0:6a:93:2d:c6:03:01:40:24:3f:0e:80:31:75: 1b:97:be:73:ab:11:96:e1:6a:21:7d:92:73:e0:fa: da:58:7e:0a:e2:d1:c9:bc:46:a0:b3:7e:5d:b3:5d: 7c:2f:c0:b0:39:85:9c:7b:ac:18:d4:9b:db:63:7c: 70:4d:4d:14:ca:f8:35:05:12:2a:62:75:0c:9f:35: 95:3b:77:51:b8:33:49:13:da:59:a8:0a:fc:01:e1: 6b:d8:59:44:af:5e:08:a9:34:26:79:94:dd:84:9d: bd:f2:b6:2e:78:bf:92:6d:ec:74:a3:88:9a:b2:dd: dd:0b:64:ea:33:d8:cd:3b:84:e6:0d:70:14:29:87: f2:c8:27:21:6d:c3:5e:cf:48:8a:df:e9:56:6c:df: a5:82:9b:7b:a2:22:40:cd:27:ed:ee:e4:8b:1d:ad: 0b:2c:47:fb:2e:43:3e:0c:db:c4:e9:b6:55:50:a3: 0c:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 75:21:EB:71:4E:F9:A5:F0:A6:97:E8:57:47:14:A8:6D:CF:23:46:10 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/7521EB714EF9A5F0A697E8574714A86DCF234610.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 27.124.80.0/20 103.25.108.0/22 119.47.88.0/22 119.47.95.0/24 124.109.20.0/22 IPv6: 2402:d680::/32 Signature Algorithm: sha256WithRSAEncryption 5b:75:51:ec:6d:3a:2d:86:df:5a:45:b4:6c:b7:3d:f4:72:06: 70:07:6e:96:11:c4:93:08:d5:60:97:e2:2a:57:fa:97:e6:db: 61:ec:47:fc:b7:03:3f:be:7b:f9:4d:8d:4b:7f:5d:1a:21:ad: 24:1b:c7:d9:2c:0b:63:48:21:21:7e:24:8d:dc:64:48:a5:cd: f2:69:ff:44:ca:aa:a6:be:58:f5:5a:d2:ed:7c:cf:d1:5c:1d: fc:1f:9d:ca:c9:c0:47:c0:61:e5:97:99:6a:0c:41:53:85:4c: 22:a9:a8:82:c8:41:f9:b6:f2:dd:9a:21:0f:80:ad:a1:a9:fe: 53:ec:3f:03:06:c6:69:40:3d:2b:72:d2:3b:da:ab:f2:50:05: 59:e4:b9:0f:18:9c:39:41:22:ff:79:65:c6:6a:0b:6d:d3:fd: d9:a8:cd:70:c6:aa:e6:b8:2b:c9:df:23:d2:b5:bc:9e:67:93: 97:05:44:23:3a:09:0c:84:2e:ac:ec:a3:48:3e:21:60:40:23: fe:d3:50:2c:67:03:81:ea:81:c5:7a:9e:d5:1f:2a:f3:e5:5f: b4:a0:b1:6d:36:6e:6b:32:d8:ba:a1:aa:d9:e8:6d:51:5a:75: 50:a6:c8:3e:5c:e0:04:ca:7e:f0:19:32:42:bf:66:7f:db:ec: 9a:14:f7:08 -----BEGIN CERTIFICATE----- MIIF7TCCBNWgAwIBAgIUOhiyCnjGlaBqsufXsj98AZSlTPgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAwMTIwOVoX DTI3MDUwMjAwMTcwOVowMzExMC8GA1UEAxMoNzUyMUVCNzE0RUY5QTVGMEE2OTdF ODU3NDcxNEE4NkRDRjIzNDYxMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKLxLsQMXluGwuYd2ukVnaHdb5L92wgltMA5vaa5ly5yomqewM0FQXSvIAaH zP9JkpTf4hwks7ToJUD1ekzSmG791/i6Bfhl7kv0dbBqky3GAwFAJD8OgDF1G5e+ c6sRluFqIX2Sc+D62lh+CuLRybxGoLN+XbNdfC/AsDmFnHusGNSb22N8cE1NFMr4 NQUSKmJ1DJ81lTt3UbgzSRPaWagK/AHha9hZRK9eCKk0JnmU3YSdvfK2Lni/km3s dKOImrLd3Qtk6jPYzTuE5g1wFCmH8sgnIW3DXs9Iit/pVmzfpYKbe6IiQM0n7e7k ix2tCyxH+y5DPgzbxOm2VVCjDLMCAwEAAaOCAuAwggLcMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFHUh63FO+aXwppfoV0cUqG3PI0YQMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv LzMxN2VmZDJhLTAyYWItNDIwMi05NzBmLWY2OTlkZmY5N2RlNS8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby8zMTdlZmQy YS0wMmFiLTQyMDItOTcwZi1mNjk5ZGZmOTdkZTUvMC83NTIxRUI3MTRFRjlBNUYw QTY5N0U4NTc0NzE0QTg2RENGMjM0NjEwLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAe AwQEG3xQAwQCZxlsAwQCdy9YAwQAdy9fAwQCfG0UMA0EAgACMAcDBQAkAtaAMA0G CSqGSIb3DQEBCwUAA4IBAQBbdVHsbTotht9aRbRstz30cgZwB26WEcSTCNVgl+Iq V/qX5tth7Ef8twM/vnv5TY1Lf10aIa0kG8fZLAtjSCEhfiSN3GRIpc3yaf9Eyqqm vlj1WtLtfM/RXB38H53KycBHwGHll5lqDEFThUwiqaiCyEH5tvLdmiEPgK2hqf5T 7D8DBsZpQD0rctI72qvyUAVZ5LkPGJw5QSL/eWXGagtt0/3ZqM1wxqrmuCvJ3yPS tbyeZ5OXBUQjOgkMhC6s7KNIPiFgQCP+01AsZwOB6oHFep7VHyrz5V+0oLFtNm5r Mti6oarZ6G1RWnVQpsg+XOAEyn7wGTJCv2Z/2+yaFPcI -----END CERTIFICATE-----Generated at Tue May 12 22:03:31 2026 by rpki-client