$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/2A62B964EC86447DC22DDE70DC3517F0CF7C9ACD.cer File: 2A62B964EC86447DC22DDE70DC3517F0CF7C9ACD.cer (raw, json) Hash identifier: aTes26h38uK89gjoPZP2UfrsUw3TfR9ghIno89YSbpw= Subject key identifier: 2A:62:B9:64:EC:86:44:7D:C2:2D:DE:70:DC:35:17:F0:CF:7C:9A:CD Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 4A23583D1EE613EEF34423D20907FB84C0CF70BB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/c1b08845-df82-44c2-976d-6d74b81166f4/0/2A62B964EC86447DC22DDE70DC3517F0CF7C9ACD.mft caRepository: rsync://repo-rpki.idnic.net/repo/c1b08845-df82-44c2-976d-6d74b81166f4/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 17 Apr 2026 14:22:12 +0000 Certificate not after: Fri 16 Apr 2027 14:27:12 +0000 Subordinate resources: IP: 157.66.123.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 13:19:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:23:58:3d:1e:e6:13:ee:f3:44:23:d2:09:07:fb:84:c0:cf:70:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Apr 17 14:22:12 2026 GMT Not After : Apr 16 14:27:12 2027 GMT Subject: CN=2A62B964EC86447DC22DDE70DC3517F0CF7C9ACD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:fe:75:41:58:70:47:36:a8:d1:06:0d:c4:62: a1:c6:d8:5f:da:6a:cf:66:e2:fe:6b:9d:83:d7:51: b0:84:ec:63:52:0b:7c:8b:fb:c2:d5:6d:60:78:26: d7:9a:a0:cb:fe:2f:7d:f4:3f:04:4e:9d:5e:64:3d: 85:50:38:45:bd:96:21:08:59:00:24:79:e8:2c:38: e7:3e:7f:a8:7a:b3:08:1c:18:9b:7e:14:10:24:42: 03:da:a0:8a:b8:ab:a5:4e:ab:7b:51:ab:67:f0:3b: 10:34:f0:42:8a:5d:01:59:87:ea:ad:ba:9f:f5:49: a4:94:cb:c0:b9:95:b1:0b:c9:cf:25:5a:3f:da:ad: 87:e5:3c:60:c1:d5:3f:0c:51:7f:c9:51:18:4a:28: 35:d3:30:8f:fe:b0:44:20:eb:28:bd:68:ee:aa:e7: 3c:dd:b2:31:b7:e1:a6:2a:bd:42:89:0b:2c:d4:2d: 8c:51:47:16:b6:96:07:c7:35:bc:5f:9d:e5:7b:2f: 29:0b:ca:6f:e4:04:5d:d9:8e:03:51:47:02:ee:eb: fa:78:1d:39:27:cc:bf:02:5a:ba:4e:c4:16:b4:ae: 88:11:bb:f7:fe:0d:1b:fe:ce:2d:bb:fa:0c:21:66: d6:df:08:a5:3d:b7:40:86:04:a3:96:85:b9:44:27: d1:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2A:62:B9:64:EC:86:44:7D:C2:2D:DE:70:DC:35:17:F0:CF:7C:9A:CD X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/c1b08845-df82-44c2-976d-6d74b81166f4/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/c1b08845-df82-44c2-976d-6d74b81166f4/0/2A62B964EC86447DC22DDE70DC3517F0CF7C9ACD.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.123.0/24 Signature Algorithm: sha256WithRSAEncryption 3e:ec:f5:dd:13:7e:56:30:dc:71:95:71:67:50:3f:d2:be:0a: 33:45:bb:4d:9c:7f:96:98:79:16:e1:d9:8c:2b:3b:aa:12:76: cf:a3:3a:74:ac:af:be:e9:fd:ae:03:df:99:26:eb:4f:83:b6: 9b:81:e8:07:7e:20:18:7e:bc:41:07:06:25:ce:8f:79:bf:2c: 04:fd:b8:30:4b:bd:a8:7c:33:52:3e:82:ab:c7:8f:ec:63:05: 27:17:67:f0:4a:82:6a:84:ae:ee:89:35:a0:37:18:5e:0d:6f: 1e:73:9c:80:63:b9:c2:52:dc:87:5d:e4:48:c5:f1:07:20:68: f9:5e:6d:b9:8e:c4:2f:12:88:d6:b4:b7:a0:fb:42:32:53:34: 82:25:e8:72:67:34:ed:69:f5:9f:40:c1:fd:ca:c3:b6:5b:9c: e5:7c:c4:cb:77:58:58:c7:0a:db:d3:37:7a:1f:2a:6f:45:78: 94:5f:48:60:b5:1a:2e:8c:ff:6b:22:f0:d0:bd:5a:0e:d1:9d: 01:e3:1e:74:81:21:79:d8:73:b5:fe:38:89:97:74:71:0f:74: 6a:cf:5d:21:45:9e:04:33:67:86:05:5b:87:e9:f2:4c:24:8c: a6:54:e4:53:23:ef:ed:6e:3c:7b:9c:c0:d5:88:a8:3a:a8:b5: e7:68:ac:83 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUSiNYPR7mE+7zRCPSCQf7hMDPcLswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDQxNzE0MjIxMloX DTI3MDQxNjE0MjcxMlowMzExMC8GA1UEAxMoMkE2MkI5NjRFQzg2NDQ3REMyMkRE RTcwREMzNTE3RjBDRjdDOUFDRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALb+dUFYcEc2qNEGDcRiocbYX9pqz2bi/mudg9dRsITsY1ILfIv7wtVtYHgm 15qgy/4vffQ/BE6dXmQ9hVA4Rb2WIQhZACR56Cw45z5/qHqzCBwYm34UECRCA9qg irirpU6re1GrZ/A7EDTwQopdAVmH6q26n/VJpJTLwLmVsQvJzyVaP9qth+U8YMHV PwxRf8lRGEooNdMwj/6wRCDrKL1o7qrnPN2yMbfhpiq9QokLLNQtjFFHFraWB8c1 vF+d5XsvKQvKb+QEXdmOA1FHAu7r+ngdOSfMvwJauk7EFrSuiBG79/4NG/7OLbv6 DCFm1t8IpT23QIYEo5aFuUQn0csCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCpiuWTshkR9wi3ecNw1F/DPfJrNMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9jMWIwODg0NS1kZjgyLTQ0YzItOTc2ZC02ZDc0YjgxMTY2ZjQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2MxYjA4ODQ1 LWRmODItNDRjMi05NzZkLTZkNzRiODExNjZmNC8wLzJBNjJCOTY0RUM4NjQ0N0RD MjJEREU3MERDMzUxN0YwQ0Y3QzlBQ0QubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACdQnswDQYJKoZIhvcNAQELBQADggEBAD7s9d0TflYw3HGVcWdQP9K+CjNFu02c f5aYeRbh2YwrO6oSds+jOnSsr77p/a4D35km60+DtpuB6Ad+IBh+vEEHBiXOj3m/ LAT9uDBLvah8M1I+gqvHj+xjBScXZ/BKgmqEru6JNaA3GF4Nbx5znIBjucJS3Idd 5EjF8QcgaPlebbmOxC8SiNa0t6D7QjJTNIIl6HJnNO1p9Z9Awf3Kw7ZbnOV8xMt3 WFjHCtvTN3ofKm9FeJRfSGC1Gi6M/2si8NC9Wg7RnQHjHnSBIXnYc7X+OImXdHEP dGrPXSFFngQzZ4YFW4fp8kwkjKZU5FMj7+1uPHucwNWIqDqotedorIM= -----END CERTIFICATE-----Generated at Wed Apr 22 03:34:05 2026 by rpki-client