$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/BA7A75433F2325B129ECDCF50EE73BB537AE5370.cer File: BA7A75433F2325B129ECDCF50EE73BB537AE5370.cer (raw, json) Hash identifier: U/0SPaoIZmkkFV2aE4Eh1x3qdrhhTv7EkRuYJ2CkD14= Subject key identifier: BA:7A:75:43:3F:23:25:B1:29:EC:DC:F5:0E:E7:3B:B5:37:AE:53:70 Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 770F717C2F3C9E136E9768FF39656B727B8C1D1A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/c0685307-84ea-4fe3-bb7c-fb2895378742/0/BA7A75433F2325B129ECDCF50EE73BB537AE5370.mft caRepository: rsync://rpki-rsync.idnic.net/repo/c0685307-84ea-4fe3-bb7c-fb2895378742/0/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 01:47:10 +0000 Certificate not after: Sun 02 May 2027 01:52:10 +0000 Subordinate resources: IP: 2001:df6:c3c0::/48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:0f:71:7c:2f:3c:9e:13:6e:97:68:ff:39:65:6b:72:7b:8c:1d:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 01:47:10 2026 GMT Not After : May 2 01:52:10 2027 GMT Subject: CN=BA7A75433F2325B129ECDCF50EE73BB537AE5370 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:47:45:c2:15:bf:e0:d6:be:0d:f6:96:51:0e: 9a:6a:eb:f8:8f:4e:cc:aa:7c:cd:73:a3:79:31:f7: d0:62:88:66:69:5b:74:75:e5:d9:91:be:c2:ad:7f: c2:49:96:a8:05:3d:a3:ca:25:4e:b4:2c:77:cd:de: 53:6a:ac:66:f5:a1:e8:61:3d:47:91:51:61:d3:20: 68:a1:18:f8:bc:77:09:1c:75:41:7b:76:e2:69:6d: 5a:e4:b0:9f:ae:7b:2a:a5:0d:a3:12:58:3b:e1:84: 02:36:1f:22:5b:32:12:e7:f5:83:e7:ad:8e:42:bc: 54:4d:18:90:41:a4:a7:d2:2a:91:64:c3:16:a5:b8: e2:e4:8f:82:fe:39:d0:9c:ee:2f:39:65:0f:2e:d3: 19:b6:8c:16:f8:75:5b:db:b0:57:30:8d:07:2f:12: 20:ce:6f:03:69:38:74:8c:8e:a6:a2:b6:71:b8:43: 80:db:6f:53:8a:1f:09:70:79:ee:f5:79:d7:79:16: 20:11:8a:16:96:27:ea:0b:fb:d1:6e:ab:85:2e:c0: ad:25:53:ba:bf:82:09:1d:13:f0:de:9f:80:0a:cf: 05:41:c6:c8:b3:9a:e0:aa:0b:66:04:bb:a3:71:b4: 33:6b:a2:a4:21:09:4a:12:22:05:c8:4b:b9:0d:83: 7d:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: BA:7A:75:43:3F:23:25:B1:29:EC:DC:F5:0E:E7:3B:B5:37:AE:53:70 X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/c0685307-84ea-4fe3-bb7c-fb2895378742/0/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/c0685307-84ea-4fe3-bb7c-fb2895378742/0/BA7A75433F2325B129ECDCF50EE73BB537AE5370.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df6:c3c0::/48 Signature Algorithm: sha256WithRSAEncryption 18:58:e9:c6:3e:1f:74:50:db:13:69:72:3a:d7:60:1a:07:41: e4:75:48:42:52:e5:4b:67:09:c2:d2:3b:7d:f3:7e:ff:47:14: 6e:34:53:df:c8:e1:23:00:8f:a6:5c:5d:4f:6d:bf:84:ac:88: 0a:07:d6:90:f2:8b:c8:f6:b8:fc:85:c5:85:00:bd:07:b8:a9: 13:ef:f5:6c:65:a3:25:19:8b:65:7f:c7:cf:53:73:2a:d5:9e: 5d:12:8e:f3:3b:61:0c:9a:09:c9:cb:73:d1:97:7e:19:64:fd: fa:88:41:97:a3:c0:20:41:ba:35:71:28:4e:53:a9:09:95:80: ee:54:9f:33:d5:90:f9:50:a4:4e:3d:a4:ff:d9:fa:2c:b7:74: ae:86:d2:d0:c9:d3:c2:0f:a7:98:30:82:7f:92:f6:8e:04:b8: a7:97:0f:3f:d2:32:76:49:4b:c2:3c:b6:9a:d1:7d:fa:9c:ad: 30:b4:4b:48:23:11:48:5e:a4:82:f2:35:9f:bd:11:d6:b9:83: 95:e0:47:3f:d0:15:66:5d:38:7b:fe:aa:f0:f1:e5:03:8e:25: ef:bc:65:e2:eb:6f:7f:97:fd:79:b7:d4:6e:5b:e5:62:76:be: 3a:bd:7f:d5:bd:83:6b:b5:e6:24:e8:25:9f:dd:4b:6a:0a:9d: 36:95:08:31 -----BEGIN CERTIFICATE----- MIIFyTCCBLGgAwIBAgIUdw9xfC88nhNul2j/OWVrcnuMHRowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAxNDcxMFoX DTI3MDUwMjAxNTIxMFowMzExMC8GA1UEAxMoQkE3QTc1NDMzRjIzMjVCMTI5RUNE Q0Y1MEVFNzNCQjUzN0FFNTM3MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAItHRcIVv+DWvg32llEOmmrr+I9OzKp8zXOjeTH30GKIZmlbdHXl2ZG+wq1/ wkmWqAU9o8olTrQsd83eU2qsZvWh6GE9R5FRYdMgaKEY+Lx3CRx1QXt24mltWuSw n657KqUNoxJYO+GEAjYfIlsyEuf1g+etjkK8VE0YkEGkp9IqkWTDFqW44uSPgv45 0JzuLzllDy7TGbaMFvh1W9uwVzCNBy8SIM5vA2k4dIyOpqK2cbhDgNtvU4ofCXB5 7vV513kWIBGKFpYn6gv70W6rhS7ArSVTur+CCR0T8N6fgArPBUHGyLOa4KoLZgS7 o3G0M2uipCEJShIiBchLuQ2DfZkCAwEAAaOCArwwggK4MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFLp6dUM/IyWxKezc9Q7nO7U3rlNwMB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2MwNjg1MzA3LTg0ZWEtNGZlMy1iYjdjLWZiMjg5NTM3ODc0Mi8wLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9jMDY4NTMw Ny04NGVhLTRmZTMtYmI3Yy1mYjI4OTUzNzg3NDIvMC9CQTdBNzU0MzNGMjMyNUIx MjlFQ0RDRjUwRUU3M0JCNTM3QUU1MzcwLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAIAEN9sPAMA0GCSqGSIb3DQEBCwUAA4IBAQAYWOnGPh90UNsTaXI612AaB0Hk dUhCUuVLZwnC0jt9837/RxRuNFPfyOEjAI+mXF1Pbb+ErIgKB9aQ8ovI9rj8hcWF AL0HuKkT7/VsZaMlGYtlf8fPU3Mq1Z5dEo7zO2EMmgnJy3PRl34ZZP36iEGXo8Ag Qbo1cShOU6kJlYDuVJ8z1ZD5UKROPaT/2fost3SuhtLQydPCD6eYMIJ/kvaOBLin lw8/0jJ2SUvCPLaa0X36nK0wtEtIIxFIXqSC8jWfvRHWuYOV4Ec/0BVmXTh7/qrw 8eUDjiXvvGXi629/l/15t9RuW+Vidr46vX/VvYNrteYk6CWf3UtqCp02lQgx -----END CERTIFICATE-----Generated at Tue May 12 22:10:00 2026 by rpki-client