$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/7CFF61C86A6732527928FA8A4E5D49F74E9C397C.cer File: 7CFF61C86A6732527928FA8A4E5D49F74E9C397C.cer (raw, json) Hash identifier: nmY7CqMWVhlJm6DfWpTRERkYo5ikePsE/qfkL0epd3k= Subject key identifier: 7C:FF:61:C8:6A:67:32:52:79:28:FA:8A:4E:5D:49:F7:4E:9C:39:7C Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 48E96DAA848A360439CB1395A584A8C6DC6CC1D5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/b238e56e-eda5-405a-abbf-42fe27b5ba00/1/7CFF61C86A6732527928FA8A4E5D49F74E9C397C.mft caRepository: rsync://repo-rpki.idnic.net/repo/b238e56e-eda5-405a-abbf-42fe27b5ba00/1/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 20 Apr 2026 08:03:27 +0000 Certificate not after: Mon 19 Apr 2027 08:08:27 +0000 Subordinate resources: IP: 192.135.98.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 13:19:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:e9:6d:aa:84:8a:36:04:39:cb:13:95:a5:84:a8:c6:dc:6c:c1:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Apr 20 08:03:27 2026 GMT Not After : Apr 19 08:08:27 2027 GMT Subject: CN=7CFF61C86A6732527928FA8A4E5D49F74E9C397C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:3a:56:d7:38:cf:48:f2:cf:9f:d4:44:12:e6: 19:95:c3:4b:19:5a:b0:9b:9f:a7:55:de:c5:8c:59: 81:d1:8d:2f:d1:2e:4a:74:4d:b6:46:ba:8d:ab:0d: 63:25:d5:a8:03:80:48:6b:87:a5:cb:0f:49:ce:ae: 4d:b5:51:53:1e:15:a3:b2:52:6c:1b:5f:2c:15:ad: 74:ea:7c:ba:ed:83:14:68:19:40:3b:2e:2e:c2:54: 1a:cd:ed:ec:0a:7b:11:6f:a1:d3:93:72:12:b7:14: d1:25:6c:d1:a7:d1:48:68:19:f9:5f:d9:a0:8d:67: a5:a2:b6:b6:47:be:0d:81:af:dd:2d:97:a5:52:6b: ce:09:bf:13:4f:89:bb:d1:66:e2:1b:e3:67:a7:1d: fa:e2:33:05:95:b1:f4:8e:22:d5:da:77:20:ff:13: 86:7c:2a:53:32:39:27:dc:44:be:42:bd:66:de:67: e0:9b:f7:5c:64:76:1a:4e:f2:53:f2:13:1f:c2:5c: 64:83:b4:e3:4f:f9:52:28:95:e9:f0:ce:20:b7:0a: 6c:84:f2:ed:26:08:e4:93:c0:0b:43:67:69:b3:3e: 13:ff:f7:84:cd:3a:bb:6a:48:c2:fa:a0:20:9f:ba: 12:e3:e9:14:76:db:2c:5e:e3:6e:ac:83:a4:5e:4c: 03:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 7C:FF:61:C8:6A:67:32:52:79:28:FA:8A:4E:5D:49:F7:4E:9C:39:7C X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/b238e56e-eda5-405a-abbf-42fe27b5ba00/1 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/b238e56e-eda5-405a-abbf-42fe27b5ba00/1/7CFF61C86A6732527928FA8A4E5D49F74E9C397C.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.135.98.0/24 Signature Algorithm: sha256WithRSAEncryption 9a:13:d4:73:d0:25:a1:b9:de:ff:bd:3a:7e:98:47:e9:9c:d1: 7a:85:5a:f3:01:83:ce:83:66:2c:c8:3b:c5:13:0e:d6:e4:1d: 13:74:9d:90:d6:85:4e:bd:eb:9a:8f:25:06:f7:12:1b:c5:68: 93:8d:cb:4f:79:84:23:c5:e7:97:c3:cb:ab:e5:e3:59:18:7a: 76:ed:ad:90:4d:0c:5c:b4:52:6d:d8:b2:84:80:b8:e6:be:2f: 04:2e:d2:28:c6:09:6f:fa:68:a5:5b:81:17:99:14:65:ff:2c: 76:43:e7:b5:02:2c:cb:78:68:6e:a2:74:c5:ed:f9:6d:11:d1: ef:3e:6a:44:04:7c:4c:e8:f3:f1:82:02:87:8e:a6:58:2e:88: 4c:80:c6:8f:4d:02:e6:dc:4b:e8:d1:f6:af:08:8d:4c:8a:0b: b0:34:c6:05:f0:0e:58:44:98:24:73:07:ff:39:76:b7:4c:0e: 67:a7:77:f7:04:7e:49:43:1c:c0:41:08:31:a8:17:ac:6b:bd: cc:76:14:5a:cd:6e:00:92:75:6a:da:1a:37:38:1d:91:a2:0d: ea:66:3d:00:ab:de:e5:2c:b2:02:8f:3d:c2:2e:85:e1:58:a4: e7:c2:61:b6:11:da:97:ca:09:e1:95:eb:c8:fd:82:d8:d7:3e: cd:2c:46:3f -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUSOltqoSKNgQ5yxOVpYSoxtxswdUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDQyMDA4MDMyN1oX DTI3MDQxOTA4MDgyN1owMzExMC8GA1UEAxMoN0NGRjYxQzg2QTY3MzI1Mjc5MjhG QThBNEU1RDQ5Rjc0RTlDMzk3QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALU6Vtc4z0jyz5/URBLmGZXDSxlasJufp1XexYxZgdGNL9EuSnRNtka6jasN YyXVqAOASGuHpcsPSc6uTbVRUx4Vo7JSbBtfLBWtdOp8uu2DFGgZQDsuLsJUGs3t 7Ap7EW+h05NyErcU0SVs0afRSGgZ+V/ZoI1npaK2tke+DYGv3S2XpVJrzgm/E0+J u9Fm4hvjZ6cd+uIzBZWx9I4i1dp3IP8ThnwqUzI5J9xEvkK9Zt5n4Jv3XGR2Gk7y U/ITH8JcZIO040/5UiiV6fDOILcKbITy7SYI5JPAC0NnabM+E//3hM06u2pIwvqg IJ+6EuPpFHbbLF7jbqyDpF5MA6kCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFHz/YchqZzJSeSj6ik5dSfdOnDl8MB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9iMjM4ZTU2ZS1lZGE1LTQwNWEtYWJiZi00MmZlMjdiNWJhMDAvMTCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2IyMzhlNTZl LWVkYTUtNDA1YS1hYmJmLTQyZmUyN2I1YmEwMC8xLzdDRkY2MUM4NkE2NzMyNTI3 OTI4RkE4QTRFNUQ0OUY3NEU5QzM5N0MubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BADAh2IwDQYJKoZIhvcNAQELBQADggEBAJoT1HPQJaG53v+9On6YR+mc0XqFWvMB g86DZizIO8UTDtbkHRN0nZDWhU6965qPJQb3EhvFaJONy095hCPF55fDy6vl41kY enbtrZBNDFy0Um3YsoSAuOa+LwQu0ijGCW/6aKVbgReZFGX/LHZD57UCLMt4aG6i dMXt+W0R0e8+akQEfEzo8/GCAoeOplguiEyAxo9NAubcS+jR9q8IjUyKC7A0xgXw DlhEmCRzB/85drdMDmend/cEfklDHMBBCDGoF6xrvcx2FFrNbgCSdWraGjc4HZGi DepmPQCr3uUssgKPPcIuheFYpOfCYbYR2pfKCeGV68j9gtjXPs0sRj8= -----END CERTIFICATE-----Generated at Wed Apr 22 03:30:09 2026 by rpki-client