$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/A950C0F5B830659E499444729038D5D2047859FB.cer File: A950C0F5B830659E499444729038D5D2047859FB.cer (raw, json) Hash identifier: 1PW4Cj27IVHXeV9KjmrQopCdE2Ev2VD+uMNcrVHDKK8= Subject key identifier: A9:50:C0:F5:B8:30:65:9E:49:94:44:72:90:38:D5:D2:04:78:59:FB Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 08FA9E6641F16D7906F9267FDC41952EBF701615 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/8f582f2b-8625-4f38-b26e-42fbd3c21cf0/0/A950C0F5B830659E499444729038D5D2047859FB.mft caRepository: rsync://repo-rpki.idnic.net/repo/8f582f2b-8625-4f38-b26e-42fbd3c21cf0/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 14 Apr 2026 13:21:31 +0000 Certificate not after: Tue 13 Apr 2027 13:26:31 +0000 Subordinate resources: IP: 160.22.36.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 18:51:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:fa:9e:66:41:f1:6d:79:06:f9:26:7f:dc:41:95:2e:bf:70:16:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Apr 14 13:21:31 2026 GMT Not After : Apr 13 13:26:31 2027 GMT Subject: CN=A950C0F5B830659E499444729038D5D2047859FB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:77:3f:6e:ca:82:60:80:00:53:0c:96:37:da: e5:01:7a:19:de:64:b6:04:4f:fb:68:20:e7:8a:ab: cb:ee:92:37:84:af:7d:9e:18:f1:de:ee:0d:2e:92: cd:0e:be:b9:3c:03:49:59:51:41:c4:99:53:dd:99: 4e:65:d9:dd:06:7f:57:66:4d:b3:a5:d5:98:9a:e1: 23:70:32:27:0f:82:c6:4a:25:8f:0b:e5:44:84:81: 6f:8d:24:2b:49:11:18:22:7b:05:94:b9:1f:17:90: 49:53:52:48:d9:eb:f9:9c:ab:50:ce:d1:92:60:df: 6e:3d:b6:84:1d:8e:e4:b3:d6:fc:ea:6a:28:47:e3: 00:26:f9:26:cc:2d:2c:09:d4:45:b8:11:76:60:0f: f5:0b:1c:ee:b3:65:9f:2f:ad:4b:87:2f:88:c9:36: d0:e8:03:6b:44:5e:7a:67:a5:09:1b:97:5c:70:ab: 93:cc:c3:96:22:3c:1d:1a:c1:99:eb:ee:a2:78:8c: b8:c4:b4:ef:cf:c5:95:25:1d:d7:c3:10:fe:9a:2f: c5:d3:15:95:0f:81:46:67:2b:62:96:e1:22:d6:15: b4:d5:f8:12:fe:58:8f:9e:48:ae:57:46:93:60:52: b4:fb:3f:11:7a:e6:28:67:c1:b4:cc:0f:e2:2c:03: 4f:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: A9:50:C0:F5:B8:30:65:9E:49:94:44:72:90:38:D5:D2:04:78:59:FB X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/8f582f2b-8625-4f38-b26e-42fbd3c21cf0/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/8f582f2b-8625-4f38-b26e-42fbd3c21cf0/0/A950C0F5B830659E499444729038D5D2047859FB.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.36.0/23 Signature Algorithm: sha256WithRSAEncryption 21:fb:e0:7f:51:67:11:af:f6:05:3a:a6:43:a9:f3:e4:d6:ee: 76:a4:0e:59:1f:dc:f4:b0:ce:9e:79:3b:3c:35:42:93:98:88: c5:f2:99:c1:8e:95:26:40:d0:47:d3:93:c3:5d:fa:55:cf:45: 78:5a:6e:b9:12:ab:b0:72:c2:a9:75:74:02:8d:49:3e:84:a6: 97:11:c5:df:61:45:f1:ff:25:b8:be:34:54:f0:92:64:35:30: 67:43:61:fb:96:8a:f5:6c:cc:15:31:fd:24:46:01:e4:06:2a: e2:52:00:67:e0:18:c9:5e:9d:05:3e:3e:81:ab:c9:44:99:ce: f2:bc:9f:0a:0c:d0:cc:de:81:49:dc:3b:54:99:00:04:fc:42: d1:d6:b8:9f:dd:a7:c1:ae:09:57:d9:77:f9:6b:1c:04:e1:dc: 10:0f:b6:f3:1e:a9:57:04:0a:23:89:06:98:83:62:25:ca:af: e3:a2:73:4b:86:8e:79:14:31:62:3e:43:75:81:12:41:b8:d6: 82:97:34:d8:a6:78:6c:8e:70:6f:7b:91:0c:bb:23:32:06:2f: cb:72:02:06:fa:33:de:c1:87:e4:0a:60:c3:a0:eb:ad:ae:32: 9e:d6:f0:c6:94:70:24:ea:c5:df:36:75:a6:6d:7d:8d:f2:59: 29:23:20:6b -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUCPqeZkHxbXkG+SZ/3EGVLr9wFhUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDQxNDEzMjEzMVoX DTI3MDQxMzEzMjYzMVowMzExMC8GA1UEAxMoQTk1MEMwRjVCODMwNjU5RTQ5OTQ0 NDcyOTAzOEQ1RDIwNDc4NTlGQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMZ3P27KgmCAAFMMljfa5QF6Gd5ktgRP+2gg54qry+6SN4SvfZ4Y8d7uDS6S zQ6+uTwDSVlRQcSZU92ZTmXZ3QZ/V2ZNs6XVmJrhI3AyJw+CxkoljwvlRISBb40k K0kRGCJ7BZS5HxeQSVNSSNnr+ZyrUM7RkmDfbj22hB2O5LPW/OpqKEfjACb5Jswt LAnURbgRdmAP9Qsc7rNlny+tS4cviMk20OgDa0ReemelCRuXXHCrk8zDliI8HRrB mevuoniMuMS078/FlSUd18MQ/povxdMVlQ+BRmcrYpbhItYVtNX4Ev5Yj55IrldG k2BStPs/EXrmKGfBtMwP4iwDT6MCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKlQwPW4MGWeSZREcpA41dIEeFn7MB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by84ZjU4MmYyYi04NjI1LTRmMzgtYjI2ZS00MmZiZDNjMjFjZjAvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhmNTgyZjJi LTg2MjUtNGYzOC1iMjZlLTQyZmJkM2MyMWNmMC8wL0E5NTBDMEY1QjgzMDY1OUU0 OTk0NDQ3MjkwMzhENUQyMDQ3ODU5RkIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgFiQwDQYJKoZIhvcNAQELBQADggEBACH74H9RZxGv9gU6pkOp8+TW7nakDlkf 3PSwzp55Ozw1QpOYiMXymcGOlSZA0EfTk8Nd+lXPRXhabrkSq7Bywql1dAKNST6E ppcRxd9hRfH/Jbi+NFTwkmQ1MGdDYfuWivVszBUx/SRGAeQGKuJSAGfgGMlenQU+ PoGryUSZzvK8nwoM0MzegUncO1SZAAT8QtHWuJ/dp8GuCVfZd/lrHATh3BAPtvMe qVcECiOJBpiDYiXKr+Oic0uGjnkUMWI+Q3WBEkG41oKXNNimeGyOcG97kQy7IzIG L8tyAgb6M97Bh+QKYMOg662uMp7W8MaUcCTqxd82daZtfY3yWSkjIGs= -----END CERTIFICATE-----Generated at Fri Apr 17 15:43:53 2026 by rpki-client