$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.cer File: BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.cer (raw, json) Hash identifier: BIL89XPP6Vht6ZOxJss9g9sB0SQifscyKw0gpEyiTvY= Subject key identifier: BC:A0:C1:EF:5A:4A:B3:AE:F4:25:E1:5A:B8:9A:19:CD:E5:68:82:44 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 29581979A655CC9B83B573A8B85246D5ECE744E9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.mft caRepository: rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 18 Apr 2026 23:59:28 +0000 Certificate not after: Sun 18 Apr 2027 00:04:28 +0000 Subordinate resources: IP: 160.20.38.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Apr 2026 13:19:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:58:19:79:a6:55:cc:9b:83:b5:73:a8:b8:52:46:d5:ec:e7:44:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Apr 18 23:59:28 2026 GMT Not After : Apr 18 00:04:28 2027 GMT Subject: CN=BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:48:33:40:e6:e8:c6:82:4e:0f:38:42:6b:53: de:8d:66:5f:51:da:ac:a6:34:5d:d6:a9:49:db:9b: 23:67:1f:97:02:03:5c:c2:19:75:ca:05:99:a0:4b: 74:d2:f7:4a:65:ba:de:c0:49:33:51:7c:4a:7d:ec: 91:bd:b3:6f:93:b1:8d:97:65:84:13:40:0a:53:e1: 85:4f:33:07:59:c2:2b:8a:43:39:9e:12:4b:57:2d: 83:2b:32:ab:11:4f:5b:e7:44:15:35:ea:b4:5a:c3: ca:7f:0b:e3:c9:ba:35:d3:22:41:ca:36:c9:89:f3: 49:89:43:de:0c:3a:67:d1:8a:f3:b4:65:2e:5c:86: ab:07:79:7d:e2:e3:a5:fe:e6:fc:a5:36:6b:7c:81: e8:cd:45:88:75:de:af:f1:78:1f:3d:31:76:15:93: e4:90:ec:50:15:d8:df:06:d8:6b:20:20:9a:8b:5b: 57:50:db:08:eb:9b:6a:8d:a0:fd:cb:fc:98:a7:71: e7:b8:f7:3b:c8:b5:5d:c9:b3:e8:e1:34:ff:be:95: 40:55:68:b3:04:d4:3d:2c:a5:26:d4:30:07:be:45: ec:2e:b1:6c:f0:5b:17:85:3e:60:ac:0d:a8:cd:a9: fb:c0:eb:bb:09:51:88:3f:22:fb:ba:b3:6e:87:2e: 0c:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: BC:A0:C1:EF:5A:4A:B3:AE:F4:25:E1:5A:B8:9A:19:CD:E5:68:82:44 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.20.38.0/23 Signature Algorithm: sha256WithRSAEncryption 8e:ca:11:38:9d:5f:39:18:a7:1c:38:a3:ce:89:b6:c4:74:2c: 2c:89:1b:8d:ff:39:bc:fc:4e:31:54:72:34:e5:f4:85:bf:37: d5:89:47:32:e9:ce:00:4a:ac:be:80:11:64:03:2b:ae:70:3e: 89:4f:f0:41:79:c1:f2:7b:f7:76:40:66:8f:1c:4c:d6:14:56: da:0b:8c:8f:80:d7:a0:29:a4:a8:fc:59:8e:42:ab:81:d5:66: b4:d2:62:3a:d0:6d:ae:86:97:f1:5f:94:8b:88:bf:4e:5f:38: 61:e5:e2:ed:89:ed:3a:c6:ea:d1:fe:52:d9:bc:99:dd:ca:20: 95:b4:60:0e:28:b4:21:9c:b5:25:55:a7:36:64:6f:f1:df:58: 6d:d7:eb:fb:4a:95:b9:86:64:eb:91:77:0d:3f:2a:b3:5c:98: 08:48:f4:c9:e6:83:1c:11:db:b1:af:2b:9b:f7:1b:8f:c9:b1: 2d:a8:9b:d4:89:f6:20:ec:9f:f6:14:3c:f0:e4:f7:07:9c:6a: a8:89:86:48:91:20:2c:2c:9d:29:34:58:25:e5:f8:df:24:53: d3:ab:06:82:2b:16:e6:b2:cb:4f:fc:08:88:c2:1e:a8:29:cd: 0f:86:fc:0e:88:9e:df:45:50:c0:9b:37:89:28:ec:5c:f9:52: ad:64:bf:88 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUKVgZeaZVzJuDtXOouFJG1eznROkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDQxODIzNTkyOFoX DTI3MDQxODAwMDQyOFowMzExMC8GA1UEAxMoQkNBMEMxRUY1QTRBQjNBRUY0MjVF MTVBQjg5QTE5Q0RFNTY4ODI0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFIM0Dm6MaCTg84QmtT3o1mX1HarKY0XdapSdubI2cflwIDXMIZdcoFmaBL dNL3SmW63sBJM1F8Sn3skb2zb5OxjZdlhBNAClPhhU8zB1nCK4pDOZ4SS1ctgysy qxFPW+dEFTXqtFrDyn8L48m6NdMiQco2yYnzSYlD3gw6Z9GK87RlLlyGqwd5feLj pf7m/KU2a3yB6M1FiHXer/F4Hz0xdhWT5JDsUBXY3wbYayAgmotbV1DbCOubao2g /cv8mKdx57j3O8i1Xcmz6OE0/76VQFVoswTUPSylJtQwB75F7C6xbPBbF4U+YKwN qM2p+8DruwlRiD8i+7qzbocuDPkCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFLygwe9aSrOu9CXhWriaGc3laIJEMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9kZmU3ZGFjYy0yYjQ1LTQxNDEtOTc3NS1mMWJiOWYwNTIzOTYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2RmZTdkYWNj LTJiNDUtNDE0MS05Nzc1LWYxYmI5ZjA1MjM5Ni8wL0JDQTBDMUVGNUE0QUIzQUVG NDI1RTE1QUI4OUExOUNERTU2ODgyNDQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgFCYwDQYJKoZIhvcNAQELBQADggEBAI7KETidXzkYpxw4o86JtsR0LCyJG43/ Obz8TjFUcjTl9IW/N9WJRzLpzgBKrL6AEWQDK65wPolP8EF5wfJ793ZAZo8cTNYU VtoLjI+A16AppKj8WY5Cq4HVZrTSYjrQba6Gl/FflIuIv05fOGHl4u2J7TrG6tH+ Utm8md3KIJW0YA4otCGctSVVpzZkb/HfWG3X6/tKlbmGZOuRdw0/KrNcmAhI9Mnm gxwR27GvK5v3G4/JsS2om9SJ9iDsn/YUPPDk9wecaqiJhkiRICwsnSk0WCXl+N8k U9OrBoIrFuayy0/8CIjCHqgpzQ+G/A6Int9FUMCbN4ko7Fz5Uq1kv4g= -----END CERTIFICATE-----Generated at Wed Apr 22 03:36:13 2026 by rpki-client