$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer File: 2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.cer (raw, json) Hash identifier: JGJIgDBcu/DCobVlLnvRjGmRbSL9h7LpT1OimXWNu2A= Subject key identifier: 2D:8F:FF:DB:D1:AF:90:7A:3E:7B:0E:82:19:A3:73:19:BB:11:27:F7 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 3ADD00225225940B0F80D82BEBA9C92445F467F1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft caRepository: rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 27 Feb 2026 13:31:37 +0000 Certificate not after: Fri 26 Feb 2027 13:36:37 +0000 Subordinate resources: IP: 192.203.193.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:dd:00:22:52:25:94:0b:0f:80:d8:2b:eb:a9:c9:24:45:f4:67:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 27 13:31:37 2026 GMT Not After : Feb 26 13:36:37 2027 GMT Subject: CN=2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:f0:b3:1b:a2:3a:18:da:ea:f4:71:5b:83:f7: d5:15:18:68:93:95:b6:cd:5c:81:26:eb:31:5e:59: 4e:c0:25:53:9f:fa:11:8e:12:db:22:c5:97:70:a4: 67:55:e8:2e:ac:30:40:39:4b:ca:63:28:7f:e4:5e: 90:32:4f:d3:07:cc:12:f2:4b:42:95:8f:18:ab:18: af:1c:aa:9c:28:2f:10:3a:ce:d8:ae:f7:d0:80:0b: c3:df:46:2f:d9:0c:f5:23:2e:87:e3:e6:f5:a1:70: 99:39:7e:19:f0:10:13:af:fc:9e:a1:92:92:a5:11: fd:0f:c1:96:68:a1:67:ff:26:fc:db:67:de:19:ce: 89:8a:e2:e5:d7:f7:ea:50:57:0a:51:a8:c1:6a:a4: a0:d4:48:bc:df:42:e0:41:dd:bb:02:7d:77:3f:a4: 2f:52:8d:52:44:a6:5a:97:eb:27:1a:d9:5e:73:94: ed:46:d4:f6:8f:fc:c4:a2:a4:48:ad:3e:24:bc:c5: 58:95:04:a5:8b:51:03:d6:6e:ac:d9:6c:0f:80:37: 0e:0c:c1:41:a4:3f:1b:92:61:58:7a:fc:f9:79:54: 5a:dd:a2:35:af:b9:dd:35:e0:30:56:dc:5a:2a:fb: 26:df:dc:4c:6d:08:ba:97:87:0f:8a:88:52:47:60: 19:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2D:8F:FF:DB:D1:AF:90:7A:3E:7B:0E:82:19:A3:73:19:BB:11:27:F7 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/cbde3a42-6272-4b6c-ad81-cccfbe9488c0/1/2D8FFFDBD1AF907A3E7B0E8219A37319BB1127F7.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.203.193.0/24 Signature Algorithm: sha256WithRSAEncryption 92:76:a0:f2:91:d5:0a:9d:ab:d9:34:4f:53:20:63:4b:ab:82: d0:31:55:80:2d:d7:20:01:70:f8:65:2a:0c:18:a2:f9:f0:1c: 34:c3:70:4b:68:8f:5a:d1:ac:9e:a1:4a:eb:ec:ca:e0:8f:50: 38:73:c1:31:0f:c6:ee:86:56:77:5b:2d:de:06:eb:9b:93:a8: 1c:2c:75:a8:99:52:39:3e:83:f3:c1:fc:87:c5:18:72:fd:04: 77:35:33:48:9a:1b:a3:d3:2b:f0:5b:db:4c:52:48:61:db:61: 55:1f:f3:ff:8a:28:5b:92:ab:6a:9e:ac:99:b4:ef:93:6a:c4: c6:56:36:c7:56:a6:06:59:24:cd:71:5e:b4:68:87:63:ac:1a: 66:2d:d8:09:34:8e:6c:ea:39:08:61:9e:9e:91:df:16:43:00: 65:fc:6f:da:3a:56:7a:51:14:d0:b8:1a:87:20:41:cc:22:46: ca:59:a0:eb:0d:00:05:a2:30:c6:9c:79:85:db:b6:88:fc:43: 22:d7:e0:bc:01:98:fc:02:28:0a:80:8b:1a:b3:1e:23:26:45: fe:f1:df:5e:cd:dd:93:38:89:7d:de:fd:a2:da:bd:aa:72:f0: ad:1b:85:ed:41:db:c5:f2:65:c1:6f:85:65:60:25:c7:5c:fc: bb:e4:1f:d5 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUOt0AIlIllAsPgNgr66nJJEX0Z/EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDIyNzEzMzEzN1oX DTI3MDIyNjEzMzYzN1owMzExMC8GA1UEAxMoMkQ4RkZGREJEMUFGOTA3QTNFN0Iw RTgyMTlBMzczMTlCQjExMjdGNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALbwsxuiOhja6vRxW4P31RUYaJOVts1cgSbrMV5ZTsAlU5/6EY4S2yLFl3Ck Z1XoLqwwQDlLymMof+RekDJP0wfMEvJLQpWPGKsYrxyqnCgvEDrO2K730IALw99G L9kM9SMuh+Pm9aFwmTl+GfAQE6/8nqGSkqUR/Q/BlmihZ/8m/Ntn3hnOiYri5df3 6lBXClGowWqkoNRIvN9C4EHduwJ9dz+kL1KNUkSmWpfrJxrZXnOU7UbU9o/8xKKk SK0+JLzFWJUEpYtRA9ZurNlsD4A3DgzBQaQ/G5JhWHr8+XlUWt2iNa+53TXgMFbc Wir7Jt/cTG0IupeHD4qIUkdgGRsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFC2P/9vRr5B6PnsOghmjcxm7ESf3MB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9jYmRlM2E0Mi02MjcyLTRiNmMtYWQ4MS1jY2NmYmU5NDg4YzAvMTCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2NiZGUzYTQy LTYyNzItNGI2Yy1hZDgxLWNjY2ZiZTk0ODhjMC8xLzJEOEZGRkRCRDFBRjkwN0Ez RTdCMEU4MjE5QTM3MzE5QkIxMTI3RjcubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADAy8EwDQYJKoZIhvcNAQELBQADggEBAJJ2oPKR1Qqdq9k0T1MgY0urgtAxVYAt 1yABcPhlKgwYovnwHDTDcEtoj1rRrJ6hSuvsyuCPUDhzwTEPxu6GVndbLd4G65uT qBwsdaiZUjk+g/PB/IfFGHL9BHc1M0iaG6PTK/Bb20xSSGHbYVUf8/+KKFuSq2qe rJm075NqxMZWNsdWpgZZJM1xXrRoh2OsGmYt2Ak0jmzqOQhhnp6R3xZDAGX8b9o6 VnpRFNC4GocgQcwiRspZoOsNAAWiMMaceYXbtoj8QyLX4LwBmPwCKAqAixqzHiMm Rf7x317N3ZM4iX3e/aLavapy8K0bhe1B28XyZcFvhWVgJcdc/LvkH9U= -----END CERTIFICATE-----Generated at Mon Mar 2 12:53:19 2026 by rpki-client