$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AFA7AE3D790A1F0C914B8399E4695F4D6342B4C3.cer File: AFA7AE3D790A1F0C914B8399E4695F4D6342B4C3.cer (raw, json) Hash identifier: PMWN1P04+E7yCXlRBIpDVuNUorXkilkVEEeGtbFuVek= Subject key identifier: AF:A7:AE:3D:79:0A:1F:0C:91:4B:83:99:E4:69:5F:4D:63:42:B4:C3 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 2237C779BD33246C641C629E3ED64173F5DFF8CC Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/b90d0265-2cc1-463d-948b-cded13a20295/0/AFA7AE3D790A1F0C914B8399E4695F4D6342B4C3.mft caRepository: rsync://repo-rpki.idnic.net/repo/b90d0265-2cc1-463d-948b-cded13a20295/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 06 Feb 2026 22:55:52 +0000 Certificate not after: Fri 05 Feb 2027 23:00:52 +0000 Subordinate resources: IP: 157.10.181.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 02:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:37:c7:79:bd:33:24:6c:64:1c:62:9e:3e:d6:41:73:f5:df:f8:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 6 22:55:52 2026 GMT Not After : Feb 5 23:00:52 2027 GMT Subject: CN=AFA7AE3D790A1F0C914B8399E4695F4D6342B4C3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fc:4f:33:a2:87:df:bd:99:fa:07:f8:f5:a7:64: 6e:90:9b:03:f6:94:e4:98:55:d3:ce:38:91:b4:11: 9a:0d:00:33:2e:11:4b:e4:d7:43:ce:3f:cd:b2:97: 12:2e:59:2c:3b:c1:62:72:e6:4e:05:a7:94:b8:3a: 68:32:e6:e5:18:2b:bd:14:0c:d7:a4:7d:ab:ef:da: e9:84:fc:dd:22:2a:d5:03:a3:8f:09:8e:7d:31:42: 42:9d:ad:96:87:f0:fe:a4:58:89:25:e9:c9:4c:ef: bb:8a:25:af:46:58:43:31:af:a6:a6:5f:4a:29:ab: a4:c5:34:3f:63:8f:23:63:e2:d7:97:f8:bf:17:e1: bb:ea:81:ec:0a:a8:11:60:28:72:12:71:aa:32:c8: 4e:ca:ad:94:3c:72:95:72:3e:a6:90:8d:55:e1:f9: ea:9b:08:f3:68:73:e6:27:4d:0d:65:83:c7:4b:99: 1b:d2:10:5a:82:f0:75:4c:29:0e:50:f7:db:a0:89: b7:f6:b8:ee:ce:bd:67:a5:92:f0:91:7d:7c:7d:42: 92:79:df:81:f2:36:69:4f:ac:d6:e1:b2:9b:5f:61: 29:2d:38:6b:c8:0a:87:97:8a:b9:bf:a7:4e:a2:ba: 2c:a1:34:5f:6f:2c:8e:7d:cb:ad:66:ae:34:19:d1: 71:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AF:A7:AE:3D:79:0A:1F:0C:91:4B:83:99:E4:69:5F:4D:63:42:B4:C3 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/b90d0265-2cc1-463d-948b-cded13a20295/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/b90d0265-2cc1-463d-948b-cded13a20295/0/AFA7AE3D790A1F0C914B8399E4695F4D6342B4C3.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.10.181.0/24 Signature Algorithm: sha256WithRSAEncryption 24:75:df:fb:7b:2b:af:de:65:7e:18:f3:09:b6:a2:83:a3:a1: 53:1c:1e:9c:7d:e7:d2:42:e3:63:6d:96:21:7e:58:67:67:11: 93:3d:28:60:02:7b:ae:71:aa:4f:09:95:05:a0:09:18:eb:58: 57:95:d8:1b:07:50:d1:01:b6:20:5b:fa:39:59:c5:ad:4f:bf: 15:00:76:db:56:fc:9d:a2:04:53:25:78:07:d1:87:f7:d0:e0: a2:fd:4e:1a:0e:48:2d:46:fc:d5:9b:1a:e2:20:eb:a8:b5:0d: 55:c6:15:e5:97:ce:38:ef:54:81:88:ec:6a:6f:bd:1a:23:6e: 55:4c:95:d2:89:d5:bb:75:81:74:16:2b:bf:35:b6:fa:ee:8c: 8b:d1:08:f4:ef:49:40:18:56:60:1e:09:c9:64:7b:e8:f2:a9: cf:54:35:26:3b:db:84:01:0e:a8:9d:8a:9b:2a:5a:6e:bd:ae: dc:f6:eb:d5:a6:cf:a5:a1:7c:7c:bd:5d:72:fb:34:68:75:c7: 2e:a9:a2:75:ec:ec:db:07:00:36:4f:52:a8:02:fc:8c:d2:cd: f9:8a:7a:94:5d:41:b0:76:c1:65:48:21:8c:1e:ae:bd:b5:bf: 93:26:8f:ca:f4:af:ff:f7:1d:bb:19:8f:6e:41:97:c1:13:75: ae:93:2c:cd -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUIjfHeb0zJGxkHGKePtZBc/Xf+MwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDIwNjIyNTU1MloX DTI3MDIwNTIzMDA1MlowMzExMC8GA1UEAxMoQUZBN0FFM0Q3OTBBMUYwQzkxNEI4 Mzk5RTQ2OTVGNEQ2MzQyQjRDMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPxPM6KH372Z+gf49adkbpCbA/aU5JhV0844kbQRmg0AMy4RS+TXQ84/zbKX Ei5ZLDvBYnLmTgWnlLg6aDLm5RgrvRQM16R9q+/a6YT83SIq1QOjjwmOfTFCQp2t lofw/qRYiSXpyUzvu4olr0ZYQzGvpqZfSimrpMU0P2OPI2Pi15f4vxfhu+qB7Aqo EWAochJxqjLITsqtlDxylXI+ppCNVeH56psI82hz5idNDWWDx0uZG9IQWoLwdUwp DlD326CJt/a47s69Z6WS8JF9fH1CknnfgfI2aU+s1uGym19hKS04a8gKh5eKub+n TqK6LKE0X28sjn3LrWauNBnRcWUCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFK+nrj15Ch8MkUuDmeRpX01jQrTDMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9iOTBkMDI2NS0yY2MxLTQ2M2QtOTQ4Yi1jZGVkMTNhMjAyOTUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2I5MGQwMjY1 LTJjYzEtNDYzZC05NDhiLWNkZWQxM2EyMDI5NS8wL0FGQTdBRTNENzkwQTFGMEM5 MTRCODM5OUU0Njk1RjRENjM0MkI0QzMubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACdCrUwDQYJKoZIhvcNAQELBQADggEBACR13/t7K6/eZX4Y8wm2ooOjoVMcHpx9 59JC42NtliF+WGdnEZM9KGACe65xqk8JlQWgCRjrWFeV2BsHUNEBtiBb+jlZxa1P vxUAdttW/J2iBFMleAfRh/fQ4KL9ThoOSC1G/NWbGuIg66i1DVXGFeWXzjjvVIGI 7GpvvRojblVMldKJ1bt1gXQWK781tvrujIvRCPTvSUAYVmAeCclke+jyqc9UNSY7 24QBDqidipsqWm69rtz269Wmz6WhfHy9XXL7NGh1xy6ponXs7NsHADZPUqgC/IzS zfmKepRdQbB2wWVIIYwerr21v5Mmj8r0r//3HbsZj25Bl8ETda6TLM0= -----END CERTIFICATE-----Generated at Mon Mar 2 10:02:22 2026 by rpki-client