$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/2FB994CD1282292E6D2907FCECD7F9E472F49985.cer File: 2FB994CD1282292E6D2907FCECD7F9E472F49985.cer (raw, json) Hash identifier: cm8sEtd7Ro7jvSZ9NTOhTAJgvBadPJIqNMdyTDYGTIo= Subject key identifier: 2F:B9:94:CD:12:82:29:2E:6D:29:07:FC:EC:D7:F9:E4:72:F4:99:85 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 36AEFFB1F1B65BE799CC413703B6CB9F75F9F3AE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/2da773dd-95aa-447e-993d-4cf4a1273b31/0/2FB994CD1282292E6D2907FCECD7F9E472F49985.mft caRepository: rsync://repo-rpki.idnic.net/repo/2da773dd-95aa-447e-993d-4cf4a1273b31/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 03 Jun 2025 07:02:43 +0000 Certificate not after: Tue 02 Jun 2026 07:07:43 +0000 Subordinate resources: IP: 103.110.8.0/22 IP: 2001:df4:5700::/48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Oct 2025 19:35:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:ae:ff:b1:f1:b6:5b:e7:99:cc:41:37:03:b6:cb:9f:75:f9:f3:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 3 07:02:43 2025 GMT Not After : Jun 2 07:07:43 2026 GMT Subject: CN=2FB994CD1282292E6D2907FCECD7F9E472F49985 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:e9:e0:70:5e:f0:fc:38:d1:a8:a0:32:d0:ac: 41:2a:28:4c:65:65:61:74:2d:e6:ce:ca:7e:31:79: 19:1d:30:ce:20:e6:78:13:3c:ba:b8:ec:c1:a7:9a: 93:a0:61:65:60:1b:4c:ca:dd:cc:52:b0:b5:f0:b9: 8e:ce:6c:a5:ee:b9:b9:66:ba:c6:91:d0:d9:0b:41: c8:f5:5a:29:5d:e5:a2:fb:e6:ec:65:ad:72:a1:24: 72:d6:12:39:4d:48:ba:ad:36:99:7d:81:13:14:c2: 19:54:cf:a6:a2:b1:53:37:1d:ed:51:ac:64:39:90: bd:19:d8:8e:19:e6:78:da:6a:d5:e4:13:33:03:fa: 6c:eb:1d:cc:16:68:4b:47:d5:4f:ac:d4:10:c5:32: 83:49:69:bb:65:6a:9e:c0:a8:c5:7a:09:29:9d:78: 09:2b:33:60:b2:8d:3b:ae:c2:7f:b9:10:c3:6f:59: 93:f9:46:db:2e:08:87:4c:88:72:c6:06:4b:78:f0: d7:02:8b:13:03:f9:b9:fd:60:4f:03:b4:63:f6:f0: c8:73:0d:2b:23:96:c5:f4:db:0a:5f:ce:bc:e6:ed: 34:20:93:0d:16:52:fc:79:11:4d:5c:f4:79:8c:62: 7a:d9:0f:ec:aa:bf:f1:a3:0f:8d:82:df:a5:8d:d8: 43:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2F:B9:94:CD:12:82:29:2E:6D:29:07:FC:EC:D7:F9:E4:72:F4:99:85 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/2da773dd-95aa-447e-993d-4cf4a1273b31/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/2da773dd-95aa-447e-993d-4cf4a1273b31/0/2FB994CD1282292E6D2907FCECD7F9E472F49985.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.110.8.0/22 IPv6: 2001:df4:5700::/48 Signature Algorithm: sha256WithRSAEncryption 0e:f0:6b:9b:b7:7f:d5:63:07:1b:d1:f0:cb:4d:68:10:f9:ae: 9d:ad:62:b5:b8:c1:79:88:65:6b:86:5c:43:59:48:68:43:06: ea:e4:fa:72:22:c8:8c:eb:a6:ba:79:56:b8:63:c9:3e:6c:c8: 5c:99:32:1f:d5:07:37:7a:2d:db:d3:10:3a:2e:99:7d:23:86: 80:e0:ce:e6:af:b3:92:d3:d9:54:2f:a0:6b:9d:d3:a5:62:71: c4:e4:e0:fe:3d:76:e3:c7:10:43:4b:e3:64:d8:9f:8b:7b:5f: 77:20:4c:6f:b3:24:50:c1:4a:41:0b:3b:25:d6:ae:44:8a:8c: a3:02:a9:82:d1:d4:15:6a:c6:3c:b7:f0:3c:27:27:e0:0a:31: 41:55:14:a2:bc:a4:66:5b:52:50:37:c3:3d:94:41:38:e0:7b: 61:77:b1:c8:e9:cb:27:3f:de:4a:35:77:97:50:3a:76:62:7e: 6f:f1:5b:7e:4d:63:db:04:55:15:bd:1b:29:d1:cd:af:3b:96: 23:7e:cc:f1:81:c2:3e:50:f9:f3:96:44:93:03:e2:c8:25:2e: 71:2b:77:38:9e:2f:ae:6a:f9:b5:b7:32:89:89:87:41:0c:1f: 71:c7:15:95:dd:eb:8f:31:e8:b8:1e:42:3e:0a:83:a9:72:cf: 3d:f4:10:76 -----BEGIN CERTIFICATE----- MIIF1jCCBL6gAwIBAgIUNq7/sfG2W+eZzEE3A7bLn3X5864wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwMzA3MDI0M1oX DTI2MDYwMjA3MDc0M1owMzExMC8GA1UEAxMoMkZCOTk0Q0QxMjgyMjkyRTZEMjkw N0ZDRUNEN0Y5RTQ3MkY0OTk4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMzp4HBe8Pw40aigMtCsQSooTGVlYXQt5s7KfjF5GR0wziDmeBM8urjswaea k6BhZWAbTMrdzFKwtfC5js5spe65uWa6xpHQ2QtByPVaKV3lovvm7GWtcqEkctYS OU1Iuq02mX2BExTCGVTPpqKxUzcd7VGsZDmQvRnYjhnmeNpq1eQTMwP6bOsdzBZo S0fVT6zUEMUyg0lpu2VqnsCoxXoJKZ14CSszYLKNO67Cf7kQw29Zk/lG2y4Ih0yI csYGS3jw1wKLEwP5uf1gTwO0Y/bwyHMNKyOWxfTbCl/OvObtNCCTDRZS/HkRTVz0 eYxietkP7Kq/8aMPjYLfpY3YQx0CAwEAAaOCAskwggLFMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFC+5lM0SgikubSkH/OzX+eRy9JmFMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8yZGE3NzNkZC05NWFhLTQ0N2UtOTkzZC00Y2Y0YTEyNzNiMzEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJkYTc3M2Rk LTk1YWEtNDQ3ZS05OTNkLTRjZjRhMTI3M2IzMS8wLzJGQjk5NENEMTI4MjI5MkU2 RDI5MDdGQ0VDRDdGOUU0NzJGNDk5ODUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYD BAJnbggwDwQCAAIwCQMHACABDfRXADANBgkqhkiG9w0BAQsFAAOCAQEADvBrm7d/ 1WMHG9Hwy01oEPmuna1itbjBeYhla4ZcQ1lIaEMG6uT6ciLIjOumunlWuGPJPmzI XJkyH9UHN3ot29MQOi6ZfSOGgODO5q+zktPZVC+ga53TpWJxxOTg/j1248cQQ0vj ZNifi3tfdyBMb7MkUMFKQQs7JdauRIqMowKpgtHUFWrGPLfwPCcn4AoxQVUUoryk ZltSUDfDPZRBOOB7YXexyOnLJz/eSjV3l1A6dmJ+b/Fbfk1j2wRVFb0bKdHNrzuW I37M8YHCPlD585ZEkwPiyCUucSt3OJ4vrmr5tbcyiYmHQQwfcccVld3rjzHouB5C PgqDqXLPPfQQdg== -----END CERTIFICATE-----Generated at Sat Oct 25 12:45:40 2025 by rpki-client