$ rpki-client -vvf rpki-rsync.idnic.net/repo/IDNIC/1/D2861B66142D51B5DE4E39CDC5E1644159BC7BBC.cer File: D2861B66142D51B5DE4E39CDC5E1644159BC7BBC.cer (raw, json) Hash identifier: sdFqzJk6x/dDLAjPzYdPJPTwLUbqXOQ/3cykbSFNdSs= Subject key identifier: D2:86:1B:66:14:2D:51:B5:DE:4E:39:CD:C5:E1:64:41:59:BC:7B:BC Authority key identifier: 41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E Certificate issuer: /CN=A91862140000/serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Certificate serial: 032029F7E84B86B9FE78C5E9AE4B445F5D72933E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Manifest: rsync://rpki-rsync.idnic.net/repo/d7dd2519-3078-47d3-9e86-48fd3bde76c8/1/D2861B66142D51B5DE4E39CDC5E1644159BC7BBC.mft caRepository: rsync://rpki-rsync.idnic.net/repo/d7dd2519-3078-47d3-9e86-48fd3bde76c8/1/ Notify URL: https://rpki-rrdp.idnic.net/rrdp/notification.xml Certificate not before: Sun 03 May 2026 02:01:32 +0000 Certificate not after: Sun 02 May 2027 02:06:32 +0000 Subordinate resources: IP: 2001:df3:d1c0::/48 Validation: OK Signature path: rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 13 May 2026 09:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:20:29:f7:e8:4b:86:b9:fe:78:c5:e9:ae:4b:44:5f:5d:72:93:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=419A85CDF8A430516946869D1C492037D6BC6E9E Validity Not Before: May 3 02:01:32 2026 GMT Not After : May 2 02:06:32 2027 GMT Subject: CN=D2861B66142D51B5DE4E39CDC5E1644159BC7BBC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:51:41:0b:9e:bf:41:1d:40:d2:b8:3f:fe:d8: d9:55:f5:be:4a:2e:44:6c:0d:e0:32:b4:3b:45:60: 16:e5:71:4f:07:73:a6:0d:76:5b:8a:45:6f:c0:34: bc:e3:90:17:3b:f8:53:bc:64:ce:e0:45:70:43:03: 4c:24:60:a1:b3:d2:e5:75:21:da:8b:44:51:8a:e9: 14:70:54:5a:23:d8:fd:1b:ec:ff:0d:4d:10:89:99: 7d:a4:ea:ae:f4:a2:bc:a2:a6:24:4f:0d:53:9a:4b: eb:b5:3a:cf:58:01:13:5a:b1:42:fa:42:38:57:0b: 13:c0:4e:47:87:e5:7e:96:0c:1e:cd:b9:43:33:df: e0:ea:ca:d0:5a:01:fd:8b:6e:3e:5c:1e:69:a4:6e: 04:a2:d8:c9:83:44:dc:72:c6:28:c4:4a:d8:c9:be: 3f:41:13:60:f0:bf:a9:f4:b5:88:e9:8d:78:90:4b: e5:27:ac:d2:f0:c1:9e:ac:71:05:69:a0:c5:a2:30: 89:de:e0:46:6b:e9:50:39:8f:56:0a:da:c8:5b:1f: 7b:e1:8c:69:49:f8:4e:1f:d3:a0:49:f7:47:17:db: a4:c4:29:02:04:8b:a7:42:47:cd:b0:bd:55:8e:a6: 03:f9:41:42:33:44:94:a1:92:4b:c2:7d:cb:ce:9a: b5:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D2:86:1B:66:14:2D:51:B5:DE:4E:39:CD:C5:E1:64:41:59:BC:7B:BC X509v3 Authority Key Identifier: keyid:41:9A:85:CD:F8:A4:30:51:69:46:86:9D:1C:49:20:37:D6:BC:6E:9E X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.idnic.net/repo/IDNIC/1/419A85CDF8A430516946869D1C492037D6BC6E9E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QZqFzfikMFFpRoadHEkgN9a8bp4.cer Subject Information Access: CA Repository - URI:rsync://rpki-rsync.idnic.net/repo/d7dd2519-3078-47d3-9e86-48fd3bde76c8/1/ RPKI Manifest - URI:rsync://rpki-rsync.idnic.net/repo/d7dd2519-3078-47d3-9e86-48fd3bde76c8/1/D2861B66142D51B5DE4E39CDC5E1644159BC7BBC.mft RPKI Notify - URI:https://rpki-rrdp.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:d1c0::/48 Signature Algorithm: sha256WithRSAEncryption 0f:05:d8:5d:2a:08:9b:8a:af:ad:f2:03:1c:4b:e1:2f:6a:1f: 23:28:cc:5d:d5:cb:ef:9f:a3:70:67:de:3e:7b:65:6a:50:af: 2e:21:e8:2d:ed:9e:73:35:4e:cb:f8:12:55:bf:ce:54:5a:12: 44:62:30:5b:99:8b:b9:10:dd:ae:a9:bd:06:df:32:cd:4b:bc: 43:bf:df:00:50:13:15:06:7c:1f:ec:e9:1b:14:98:e9:d1:c1: a0:35:33:a9:0c:88:4c:19:4a:77:5d:8b:04:e7:98:07:f7:02: d5:08:a6:3f:f7:ed:1f:f0:99:37:57:bd:21:b3:f0:e0:d7:33: bb:2c:b6:fa:6d:a5:5c:51:3b:45:78:a9:50:83:de:d6:5c:7c: 6b:7d:22:f9:de:57:9b:74:08:6f:41:c0:42:c2:0d:aa:61:c8: dd:cf:ad:b0:d9:c9:0f:f8:6b:ef:50:aa:07:78:17:99:18:f7: f5:af:d6:3e:da:f4:42:1c:9a:90:92:b7:46:25:6f:21:e7:1f: d2:6b:85:68:90:cc:31:c7:fc:b2:06:25:de:be:05:7f:71:27: 74:8f:00:8c:65:c0:9a:4b:8f:98:22:f1:fb:92:26:ff:84:ba: 43:3f:ab:57:f4:31:8c:cf:8b:3a:bc:be:b4:5a:b8:61:52:38: ab:40:61:7e -----BEGIN CERTIFICATE----- MIIFyTCCBLGgAwIBAgIUAyAp9+hLhrn+eMXprktEX11ykz4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg0MTlBODVDREY4 QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFMB4XDTI2MDUwMzAyMDEzMloX DTI3MDUwMjAyMDYzMlowMzExMC8GA1UEAxMoRDI4NjFCNjYxNDJENTFCNURFNEUz OUNEQzVFMTY0NDE1OUJDN0JCQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAO9RQQuev0EdQNK4P/7Y2VX1vkouRGwN4DK0O0VgFuVxTwdzpg12W4pFb8A0 vOOQFzv4U7xkzuBFcEMDTCRgobPS5XUh2otEUYrpFHBUWiPY/Rvs/w1NEImZfaTq rvSivKKmJE8NU5pL67U6z1gBE1qxQvpCOFcLE8BOR4flfpYMHs25QzPf4OrK0FoB /YtuPlweaaRuBKLYyYNE3HLGKMRK2Mm+P0ETYPC/qfS1iOmNeJBL5Ses0vDBnqxx BWmgxaIwid7gRmvpUDmPVgrayFsfe+GMaUn4Th/ToEn3RxfbpMQpAgSLp0JHzbC9 VY6mA/lBQjNElKGSS8J9y86atckCAwEAAaOCArwwggK4MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNKGG2YULVG13k45zcXhZEFZvHu8MB8GA1UdIwQYMBaAFEGa hc34pDBRaUaGnRxJIDfWvG6eMA4GA1UdDwEB/wQEAwIBBjBnBgNVHR8EYDBeMFyg WqBYhlZyc3luYzovL3Jwa2ktcnN5bmMuaWRuaWMubmV0L3JlcG8vSUROSUMvMS80 MTlBODVDREY4QTQzMDUxNjk0Njg2OUQxQzQ5MjAzN0Q2QkM2RTlFLmNybDB+Bggr BgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQv cmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RWnFG emZpa01GRnBSb2FkSEVrZ045YThicDQuY2VyMIIBLAYIKwYBBQUHAQsEggEeMIIB GjBVBggrBgEFBQcwBYZJcnN5bmM6Ly9ycGtpLXJzeW5jLmlkbmljLm5ldC9yZXBv L2Q3ZGQyNTE5LTMwNzgtNDdkMy05ZTg2LTQ4ZmQzYmRlNzZjOC8xLzCBgQYIKwYB BQUHMAqGdXJzeW5jOi8vcnBraS1yc3luYy5pZG5pYy5uZXQvcmVwby9kN2RkMjUx OS0zMDc4LTQ3ZDMtOWU4Ni00OGZkM2JkZTc2YzgvMS9EMjg2MUI2NjE0MkQ1MUI1 REU0RTM5Q0RDNUUxNjQ0MTU5QkM3QkJDLm1mdDA9BggrBgEFBQcwDYYxaHR0cHM6 Ly9ycGtpLXJyZHAuaWRuaWMubmV0L3JyZHAvbm90aWZpY2F0aW9uLnhtbDAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJ AwcAIAEN89HAMA0GCSqGSIb3DQEBCwUAA4IBAQAPBdhdKgibiq+t8gMcS+Evah8j KMxd1cvvn6NwZ94+e2VqUK8uIegt7Z5zNU7L+BJVv85UWhJEYjBbmYu5EN2uqb0G 3zLNS7xDv98AUBMVBnwf7OkbFJjp0cGgNTOpDIhMGUp3XYsE55gH9wLVCKY/9+0f 8Jk3V70hs/Dg1zO7LLb6baVcUTtFeKlQg97WXHxrfSL53lebdAhvQcBCwg2qYcjd z62w2ckP+GvvUKoHeBeZGPf1r9Y+2vRCHJqQkrdGJW8h5x/Sa4VokMwxx/yyBiXe vgV/cSd0jwCMZcCaS4+YIvH7kib/hLpDP6tX9DGMz4s6vL60WrhhUjirQGF+ -----END CERTIFICATE-----Generated at Tue May 12 22:16:45 2026 by rpki-client