$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/FF3F066A5E9AB8F988B8E17C7A56DD2E00A66AD8.cer File: FF3F066A5E9AB8F988B8E17C7A56DD2E00A66AD8.cer (raw, json) Hash identifier: lSg6g5LTfmeeEZQCYNg2uuZrQrVL5cwjElX5tGucgHE= Subject key identifier: FF:3F:06:6A:5E:9A:B8:F9:88:B8:E1:7C:7A:56:DD:2E:00:A6:6A:D8 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 7F078D163A4FEC3D961A819D73CFA77AB23506FB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/1d011a1c-a0ad-4d93-86af-3f0aadd9684f/0/FF3F066A5E9AB8F988B8E17C7A56DD2E00A66AD8.mft caRepository: rsync://repo-rpki.idnic.net/repo/1d011a1c-a0ad-4d93-86af-3f0aadd9684f/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 03 Apr 2026 00:03:18 +0000 Certificate not after: Fri 02 Apr 2027 00:08:18 +0000 Subordinate resources: IP: 157.15.82.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 Apr 2026 20:15:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:07:8d:16:3a:4f:ec:3d:96:1a:81:9d:73:cf:a7:7a:b2:35:06:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Apr 3 00:03:18 2026 GMT Not After : Apr 2 00:08:18 2027 GMT Subject: CN=FF3F066A5E9AB8F988B8E17C7A56DD2E00A66AD8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:0e:48:c8:ac:e6:07:dc:34:b1:72:b5:ae:c1: 2c:4e:0c:7e:51:fc:63:53:42:bc:71:96:74:ce:71: 94:97:36:70:ab:96:93:06:d6:a9:fa:70:15:ed:45: bf:a6:ec:df:ef:de:2e:90:c9:6d:af:37:1c:60:df: 17:0f:67:cb:fb:d3:b5:b4:81:eb:d5:fe:d1:84:19: ec:fa:fc:83:d7:66:99:2e:3b:e5:74:7e:7a:9f:05: e2:6f:0e:19:72:17:e7:ac:b8:aa:82:74:69:1a:66: 1e:90:f7:64:1a:84:a4:04:46:2d:33:a0:be:3a:86: 86:dc:16:56:04:04:eb:c0:26:59:02:8e:f1:c0:db: c5:c8:a7:e5:d7:91:8c:39:ef:5f:dc:a5:3b:1c:06: d5:40:13:a5:1b:5c:c2:a9:d6:0a:9d:ec:44:66:9c: d4:be:27:04:82:62:45:60:fe:03:04:33:41:ad:f2: 55:2d:9b:4e:27:fd:17:3a:cc:68:13:9e:80:2a:85: cb:af:13:bb:7e:a3:2e:ab:17:f1:6a:4f:a9:f4:f0: f1:54:4d:b4:5e:cb:cd:b1:4a:82:1c:99:5c:64:b6: a5:5b:14:ad:21:75:38:ce:60:9f:bc:48:71:c0:71: de:32:e8:89:a4:e8:e6:b7:93:e7:80:55:f7:3c:9d: a6:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: FF:3F:06:6A:5E:9A:B8:F9:88:B8:E1:7C:7A:56:DD:2E:00:A6:6A:D8 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/1d011a1c-a0ad-4d93-86af-3f0aadd9684f/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/1d011a1c-a0ad-4d93-86af-3f0aadd9684f/0/FF3F066A5E9AB8F988B8E17C7A56DD2E00A66AD8.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.82.0/23 Signature Algorithm: sha256WithRSAEncryption 77:de:1e:a5:ed:e6:f9:13:b9:57:e2:1d:af:37:f1:ab:e2:a1: c6:7e:c9:41:22:4a:3f:94:2b:bf:a0:0e:f1:6f:37:3b:b5:0d: ce:36:84:72:55:29:e0:4d:07:57:29:0c:41:24:05:c6:dd:71: 4d:24:43:50:df:96:2b:a2:a7:d7:84:2a:42:76:18:75:e0:c6: 40:19:d4:c6:32:b6:5b:d4:c3:ff:59:fa:99:c1:6d:1d:39:7f: 55:30:de:67:e5:90:02:90:35:bd:00:1d:64:3d:a5:33:e0:8d: bc:35:f6:82:fa:94:67:eb:e9:f2:53:57:d7:61:c9:85:97:69: 2b:06:5f:85:83:d3:4f:4b:01:d3:a4:b6:51:ed:d7:1b:7e:39: f1:7f:0f:92:9f:e1:dd:9b:e5:ef:26:cd:63:a1:ab:ba:ab:b2: ad:9d:df:55:f3:f0:ab:3a:52:54:a7:b5:6f:67:64:3c:e2:c4: 28:21:fb:5c:bf:79:d8:c0:a8:67:a1:3b:7d:39:37:77:b6:e3: bc:08:5a:95:3a:59:8b:3d:cd:75:80:9e:87:b1:19:8d:04:a4: 22:2a:6f:a1:cb:3f:e7:26:1d:39:a7:ae:5e:a3:4c:0c:21:fa: 8d:b3:75:71:07:5a:86:6f:1c:50:30:0f:37:53:fb:69:ec:fc: 4a:f3:86:10 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUfweNFjpP7D2WGoGdc8+nerI1BvswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDQwMzAwMDMxOFoX DTI3MDQwMjAwMDgxOFowMzExMC8GA1UEAxMoRkYzRjA2NkE1RTlBQjhGOTg4QjhF MTdDN0E1NkREMkUwMEE2NkFEODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL4OSMis5gfcNLFyta7BLE4MflH8Y1NCvHGWdM5xlJc2cKuWkwbWqfpwFe1F v6bs3+/eLpDJba83HGDfFw9ny/vTtbSB69X+0YQZ7Pr8g9dmmS475XR+ep8F4m8O GXIX56y4qoJ0aRpmHpD3ZBqEpARGLTOgvjqGhtwWVgQE68AmWQKO8cDbxcin5deR jDnvX9ylOxwG1UATpRtcwqnWCp3sRGac1L4nBIJiRWD+AwQzQa3yVS2bTif9FzrM aBOegCqFy68Tu36jLqsX8WpPqfTw8VRNtF7LzbFKghyZXGS2pVsUrSF1OM5gn7xI ccBx3jLoiaTo5reT54BV9zydpmsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFP8/Bmpemrj5iLjhfHpW3S4ApmrYMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8xZDAxMWExYy1hMGFkLTRkOTMtODZhZi0zZjBhYWRkOTY4NGYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFkMDExYTFj LWEwYWQtNGQ5My04NmFmLTNmMGFhZGQ5Njg0Zi8wL0ZGM0YwNjZBNUU5QUI4Rjk4 OEI4RTE3QzdBNTZERDJFMDBBNjZBRDgubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGdD1IwDQYJKoZIhvcNAQELBQADggEBAHfeHqXt5vkTuVfiHa838aviocZ+yUEi Sj+UK7+gDvFvNzu1Dc42hHJVKeBNB1cpDEEkBcbdcU0kQ1Dfliuip9eEKkJ2GHXg xkAZ1MYytlvUw/9Z+pnBbR05f1Uw3mflkAKQNb0AHWQ9pTPgjbw19oL6lGfr6fJT V9dhyYWXaSsGX4WD009LAdOktlHt1xt+OfF/D5Kf4d2b5e8mzWOhq7qrsq2d31Xz 8Ks6UlSntW9nZDzixCgh+1y/edjAqGehO305N3e247wIWpU6WYs9zXWAnoexGY0E pCIqb6HLP+cmHTmnrl6jTAwh+o2zdXEHWoZvHFAwDzdT+2ns/ErzhhA= -----END CERTIFICATE-----Generated at Fri Apr 17 10:14:13 2026 by rpki-client