$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/04D3D2E060243AD917D4F682922E4A805EDE3300.cer File: 04D3D2E060243AD917D4F682922E4A805EDE3300.cer (raw, json) Hash identifier: wl4vHycfHIbS+OnhQslfyrUyycU8RRsFiTi/5jhUiZ0= Subject key identifier: 04:D3:D2:E0:60:24:3A:D9:17:D4:F6:82:92:2E:4A:80:5E:DE:33:00 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 14419FB37F880C417E9A75E4B686B3A094599508 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/0e8d58a8-e197-4179-b73c-608e047d09a3/0/04D3D2E060243AD917D4F682922E4A805EDE3300.mft caRepository: rsync://repo-rpki.idnic.net/repo/0e8d58a8-e197-4179-b73c-608e047d09a3/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 03 Apr 2026 15:06:28 +0000 Certificate not after: Fri 02 Apr 2027 15:11:28 +0000 Subordinate resources: IP: 157.20.252.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 18:51:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:41:9f:b3:7f:88:0c:41:7e:9a:75:e4:b6:86:b3:a0:94:59:95:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Apr 3 15:06:28 2026 GMT Not After : Apr 2 15:11:28 2027 GMT Subject: CN=04D3D2E060243AD917D4F682922E4A805EDE3300 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:78:0d:52:40:53:e6:be:a1:d4:5d:1a:7a:ed: f5:4c:8e:89:9f:06:b8:a1:8a:82:98:8e:45:28:86: 28:ea:11:0c:f3:ed:93:ad:7f:b8:c1:0d:77:83:62: 58:0f:76:08:f3:70:fa:ca:f0:98:f7:ac:48:db:52: a7:a8:2a:69:34:47:77:83:1f:d5:97:f5:77:42:e0: b0:14:a5:66:80:24:8f:94:be:1b:55:d2:3d:06:f8: 13:ae:84:32:8f:40:0a:17:20:58:d2:af:82:54:86: 46:b9:c2:26:f7:a9:88:f3:0b:40:51:c8:3d:c0:d2: cd:86:81:a8:0f:05:3d:9c:ba:21:76:7d:33:a9:08: 04:69:d1:25:39:b5:0d:e2:16:79:ea:8a:c4:32:5d: 7e:b9:2e:82:c8:a5:a7:88:e5:74:c6:10:24:8f:35: 71:ed:b4:ca:ae:cc:4d:d2:88:72:19:26:14:ea:5d: e7:63:fa:43:10:dd:06:a4:8f:21:05:a6:17:7f:ea: c1:74:5f:09:43:a1:77:be:79:3d:d2:1e:c9:7d:82: 67:4b:a3:f4:29:01:eb:3c:4c:a9:47:7d:bc:7a:8d: 7a:3e:04:ed:9f:25:d9:2e:ce:f2:1f:5f:0d:86:7f: 0d:c0:97:d5:96:4a:95:72:0e:2f:79:6b:17:fe:97: c3:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 04:D3:D2:E0:60:24:3A:D9:17:D4:F6:82:92:2E:4A:80:5E:DE:33:00 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/0e8d58a8-e197-4179-b73c-608e047d09a3/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/0e8d58a8-e197-4179-b73c-608e047d09a3/0/04D3D2E060243AD917D4F682922E4A805EDE3300.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.252.0/23 Signature Algorithm: sha256WithRSAEncryption 19:bd:03:18:1b:58:63:66:b9:0a:52:8d:8e:57:c3:0d:e7:06: fc:e8:2b:c0:95:1c:a6:cc:a3:ae:a2:51:6c:88:29:ea:06:41: de:f1:59:12:4a:ec:83:38:6e:5c:dd:e0:2a:71:28:5e:a6:84: 94:1c:62:04:2e:f2:de:cf:81:7d:f1:84:62:d9:62:a2:93:1d: 59:46:6c:23:37:f1:5b:ca:e5:11:50:2e:0c:d5:72:8a:df:d2: 5f:08:e4:14:46:f4:1f:b7:79:96:cd:da:77:9d:59:8e:58:0c: 19:63:17:ba:5b:c8:4f:ad:1e:0a:f4:4c:81:18:7b:00:c1:4e: 3e:6c:2a:c4:aa:c9:40:74:54:7e:39:87:ce:81:4e:c3:64:9d: 18:31:1e:7a:d5:7c:da:f0:a2:a8:23:32:40:70:a5:09:50:2d: 62:aa:56:ad:32:06:50:ce:47:b5:95:ed:2a:bd:77:3e:e4:59: 41:ea:35:ea:3e:24:34:8e:a6:61:ec:49:ad:eb:33:f0:da:ed: 80:81:74:db:f3:87:6d:8a:f5:b9:d7:30:77:35:13:f1:0f:a0: 1a:44:13:61:9e:fd:26:57:09:17:55:64:d8:c8:0b:68:05:bd: 36:c1:f5:66:27:fd:c6:33:b2:69:ba:b5:d7:1a:7e:8b:f0:c9: 85:4a:9c:0f -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUFEGfs3+IDEF+mnXktoazoJRZlQgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDQwMzE1MDYyOFoX DTI3MDQwMjE1MTEyOFowMzExMC8GA1UEAxMoMDREM0QyRTA2MDI0M0FEOTE3RDRG NjgyOTIyRTRBODA1RURFMzMwMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKB4DVJAU+a+odRdGnrt9UyOiZ8GuKGKgpiORSiGKOoRDPPtk61/uMENd4Ni WA92CPNw+srwmPesSNtSp6gqaTRHd4Mf1Zf1d0LgsBSlZoAkj5S+G1XSPQb4E66E Mo9AChcgWNKvglSGRrnCJvepiPMLQFHIPcDSzYaBqA8FPZy6IXZ9M6kIBGnRJTm1 DeIWeeqKxDJdfrkugsilp4jldMYQJI81ce20yq7MTdKIchkmFOpd52P6QxDdBqSP IQWmF3/qwXRfCUOhd755PdIeyX2CZ0uj9CkB6zxMqUd9vHqNej4E7Z8l2S7O8h9f DYZ/DcCX1ZZKlXIOL3lrF/6Xw9cCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFATT0uBgJDrZF9T2gpIuSoBe3jMAMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8wZThkNThhOC1lMTk3LTQxNzktYjczYy02MDhlMDQ3ZDA5YTMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBlOGQ1OGE4 LWUxOTctNDE3OS1iNzNjLTYwOGUwNDdkMDlhMy8wLzA0RDNEMkUwNjAyNDNBRDkx N0Q0RjY4MjkyMkU0QTgwNUVERTMzMDAubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGdFPwwDQYJKoZIhvcNAQELBQADggEBABm9AxgbWGNmuQpSjY5Xww3nBvzoK8CV HKbMo66iUWyIKeoGQd7xWRJK7IM4blzd4CpxKF6mhJQcYgQu8t7PgX3xhGLZYqKT HVlGbCM38VvK5RFQLgzVcorf0l8I5BRG9B+3eZbN2nedWY5YDBljF7pbyE+tHgr0 TIEYewDBTj5sKsSqyUB0VH45h86BTsNknRgxHnrVfNrwoqgjMkBwpQlQLWKqVq0y BlDOR7WV7Sq9dz7kWUHqNeo+JDSOpmHsSa3rM/Da7YCBdNvzh22K9bnXMHc1E/EP oBpEE2Ge/SZXCRdVZNjIC2gFvTbB9WYn/cYzsmm6tdcafovwyYVKnA8= -----END CERTIFICATE-----Generated at Fri Apr 17 13:54:47 2026 by rpki-client