$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE.cer File: 72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE.cer (raw, json) Hash identifier: aiSWp5JMem68yHoEuOxK/97/IuN6D/1r51FNZDmx4f4= Subject key identifier: 72:D6:6E:2B:CD:D4:F1:A7:CB:17:8E:05:0B:4C:A8:A9:DF:E3:1A:AE Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4DC255CC2B5425A6E1A3F2E0237EC79872DEDF18 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/2be29902-e0f4-429a-9a26-439b9bfee489/0/72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE.mft caRepository: rsync://repo-rpki.idnic.net/repo/2be29902-e0f4-429a-9a26-439b9bfee489/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sun 08 Mar 2026 13:27:01 +0000 Certificate not after: Sun 07 Mar 2027 13:32:01 +0000 Subordinate resources: IP: 2001:df6:ac40::/48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 09:37:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:c2:55:cc:2b:54:25:a6:e1:a3:f2:e0:23:7e:c7:98:72:de:df:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 8 13:27:01 2026 GMT Not After : Mar 7 13:32:01 2027 GMT Subject: CN=72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:dd:1e:29:e6:86:2f:c8:3a:1f:f0:66:bd:74: 10:7d:d9:3a:c2:5b:4f:3c:53:bd:3f:8c:12:9c:05: 79:d6:6e:62:88:73:7b:9c:53:47:dc:d8:a5:22:73: 71:59:f6:76:29:d3:13:04:e1:8f:3c:e8:05:70:f7: 6d:2a:96:b0:9e:ef:8c:b5:6a:35:59:5f:a0:11:8c: 4e:47:88:f4:a2:37:51:d9:d4:eb:e8:73:8c:c1:5c: 85:30:66:ab:4d:f5:05:e1:39:28:58:97:4a:b9:25: 71:d7:33:62:af:ca:b0:a6:bc:4f:ac:ac:37:54:f0: 7e:4d:af:01:29:41:65:e7:6e:0a:01:11:af:47:f5: f6:fd:2f:eb:05:89:a0:a4:e1:23:df:66:6b:d0:5f: 4c:f8:34:3a:b2:15:9b:4c:10:2f:1c:cb:23:91:2d: 72:9f:3c:37:2a:57:48:96:1d:53:46:50:c3:95:a9: 49:5f:55:65:15:4c:69:ba:ba:73:aa:20:07:e4:ee: 81:62:57:ed:6b:07:51:17:b9:f0:6e:5d:bf:88:ad: e1:b1:b7:3a:11:49:7c:42:3e:4a:5a:20:7e:fc:3b: 89:43:59:e5:b3:a1:47:ad:13:05:bf:bc:fb:9d:af: 26:0e:fe:88:20:9b:e6:d6:bb:48:37:98:f8:9c:fc: cb:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 72:D6:6E:2B:CD:D4:F1:A7:CB:17:8E:05:0B:4C:A8:A9:DF:E3:1A:AE X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/2be29902-e0f4-429a-9a26-439b9bfee489/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/2be29902-e0f4-429a-9a26-439b9bfee489/0/72D66E2BCDD4F1A7CB178E050B4CA8A9DFE31AAE.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df6:ac40::/48 Signature Algorithm: sha256WithRSAEncryption 2b:51:00:6a:96:74:3e:39:8a:5e:87:fa:6c:a8:09:f0:b1:23: 81:a3:36:ab:d8:2b:3d:f8:5c:c7:80:47:a5:a0:12:cf:3c:c3: 83:ea:5c:02:af:25:16:f6:39:26:39:f1:af:96:db:de:a5:a5: 63:2d:cc:74:88:70:30:e5:34:09:d5:99:8a:f0:9b:64:3a:6f: b7:c9:7b:d1:d8:ef:62:da:3e:6d:85:4e:52:9e:45:81:b6:0d: 0c:b5:32:cc:9d:46:db:69:72:9c:03:81:6b:1e:af:11:8b:17: a2:da:00:72:af:de:d2:75:59:2a:a5:46:8a:76:6c:d1:8f:78: a3:ba:d3:e0:4d:a9:95:4a:2a:2f:2e:1d:c9:f4:63:e6:84:ba: ea:06:43:96:d7:23:46:f5:80:5b:ce:45:d8:ba:3c:b8:54:8a: 2a:99:82:ab:49:1b:9e:c4:23:0d:80:d9:a9:65:14:f3:e3:07: 9a:b2:6f:92:87:1f:05:db:84:f1:4c:6a:3a:8d:e6:00:67:cb: 8e:29:fc:40:b5:56:16:fa:07:bf:c2:7b:d7:14:05:c3:87:61: 6d:f3:08:ee:b4:74:3a:a4:39:8f:ff:b4:e2:68:4d:42:80:5e: ae:ad:59:c9:d2:5a:f1:b0:76:85:33:47:9d:ae:ae:44:78:01: 73:50:1b:c1 -----BEGIN CERTIFICATE----- MIIFyDCCBLCgAwIBAgIUTcJVzCtUJabho/LgI37HmHLe3xgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDMwODEzMjcwMVoX DTI3MDMwNzEzMzIwMVowMzExMC8GA1UEAxMoNzJENjZFMkJDREQ0RjFBN0NCMTc4 RTA1MEI0Q0E4QTlERkUzMUFBRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMXdHinmhi/IOh/wZr10EH3ZOsJbTzxTvT+MEpwFedZuYohze5xTR9zYpSJz cVn2dinTEwThjzzoBXD3bSqWsJ7vjLVqNVlfoBGMTkeI9KI3UdnU6+hzjMFchTBm q031BeE5KFiXSrklcdczYq/KsKa8T6ysN1Twfk2vASlBZeduCgERr0f19v0v6wWJ oKThI99ma9BfTPg0OrIVm0wQLxzLI5Etcp88NypXSJYdU0ZQw5WpSV9VZRVMabq6 c6ogB+TugWJX7WsHURe58G5dv4it4bG3OhFJfEI+Slogfvw7iUNZ5bOhR60TBb+8 +52vJg7+iCCb5ta7SDeY+Jz8yzECAwEAAaOCArswggK3MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFHLWbivN1PGnyxeOBQtMqKnf4xquMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8yYmUyOTkwMi1lMGY0LTQyOWEtOWEyNi00MzliOWJmZWU0ODkvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJiZTI5OTAy LWUwZjQtNDI5YS05YTI2LTQzOWI5YmZlZTQ4OS8wLzcyRDY2RTJCQ0RENEYxQTdD QjE3OEUwNTBCNENBOEE5REZFMzFBQUUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD BwAgAQ32rEAwDQYJKoZIhvcNAQELBQADggEBACtRAGqWdD45il6H+myoCfCxI4Gj NqvYKz34XMeAR6WgEs88w4PqXAKvJRb2OSY58a+W296lpWMtzHSIcDDlNAnVmYrw m2Q6b7fJe9HY72LaPm2FTlKeRYG2DQy1MsydRttpcpwDgWserxGLF6LaAHKv3tJ1 WSqlRop2bNGPeKO60+BNqZVKKi8uHcn0Y+aEuuoGQ5bXI0b1gFvORdi6PLhUiiqZ gqtJG57EIw2A2allFPPjB5qyb5KHHwXbhPFMajqN5gBny44p/EC1Vhb6B7/Ce9cU BcOHYW3zCO60dDqkOY//tOJoTUKAXq6tWcnSWvGwdoUzR52urkR4AXNQG8E= -----END CERTIFICATE-----Generated at Thu Mar 19 08:08:18 2026 by rpki-client