$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.cer File: 528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.cer (raw, json) Hash identifier: CAYbwZO24sUKt0ShoGBDGi/mBN+hSDHeKbgvg8x9D2Y= Subject key identifier: 52:8A:79:9E:94:BD:50:52:F6:F5:8A:CF:DD:9F:4D:ED:3A:0E:D5:BB Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2D7B528650AC029BC77B6F08FBDE38C798470067 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/f98f19c3-e4e1-41a1-aaf0-d613aca4930c/0/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.mft caRepository: rsync://repo-rpki.idnic.net/repo/f98f19c3-e4e1-41a1-aaf0-d613aca4930c/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sun 13 Jul 2025 11:17:17 +0000 Certificate not after: Sun 12 Jul 2026 11:22:17 +0000 Subordinate resources: IP: 103.195.88.0/22 IP: 2001:df6:ac00::/48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Jul 2025 16:16:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:7b:52:86:50:ac:02:9b:c7:7b:6f:08:fb:de:38:c7:98:47:00:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 13 11:17:17 2025 GMT Not After : Jul 12 11:22:17 2026 GMT Subject: CN=528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:8e:9b:ab:3a:72:41:63:06:7c:b7:91:30:89: 71:3d:40:8e:73:38:d8:e1:c5:8d:17:3b:42:9e:f0: 0d:57:98:a0:df:54:12:5f:4b:d3:ef:9c:dd:a8:8d: 3c:73:a4:7b:19:92:21:26:eb:a1:bf:3e:0f:51:32: 35:eb:51:85:9d:d0:1b:d7:a0:6a:58:7d:5e:a5:7a: 69:14:17:36:b5:59:2d:be:99:04:82:ca:6c:7e:cc: ee:71:51:db:7b:86:c9:06:20:80:f5:b9:73:b3:8b: 84:ce:f4:20:6a:05:8f:12:0e:56:1a:68:51:ba:33: 85:7a:34:d0:a9:06:22:7a:0e:77:ff:7f:95:d8:38: d1:f6:b3:bc:4c:28:68:cd:95:94:b9:3d:ad:a6:36: f8:51:cf:07:1d:21:ed:9f:49:28:9d:de:bd:f2:9b: c0:1f:23:ec:a0:8d:5e:92:2e:e9:20:d3:8b:e8:94: 99:d5:30:57:73:84:14:3f:df:81:7f:45:2e:92:20: dc:de:d3:14:18:3a:82:0e:df:18:b0:a3:bf:c5:14: 85:cb:d7:55:69:f0:c9:d1:4e:79:9e:90:0c:02:8c: 78:8e:44:86:da:06:34:65:1d:fa:bb:c0:d7:8a:4a: 48:55:47:68:7c:53:f7:1f:38:f8:f9:3c:18:42:71: b6:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 52:8A:79:9E:94:BD:50:52:F6:F5:8A:CF:DD:9F:4D:ED:3A:0E:D5:BB X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/f98f19c3-e4e1-41a1-aaf0-d613aca4930c/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/f98f19c3-e4e1-41a1-aaf0-d613aca4930c/0/528A799E94BD5052F6F58ACFDD9F4DED3A0ED5BB.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.195.88.0/22 IPv6: 2001:df6:ac00::/48 Signature Algorithm: sha256WithRSAEncryption 5c:dc:4a:6b:b7:04:5f:70:b5:87:83:2d:c5:91:35:11:7d:73: 00:aa:bd:0e:4c:4f:64:bc:ce:97:1d:b5:bf:5a:e0:a6:dc:9b: d3:28:ec:2c:b0:77:61:8d:4a:51:57:18:16:7d:ac:5e:1b:ab: 3f:ca:34:d8:e4:42:ff:2f:53:a2:b3:25:18:d4:f6:2a:24:be: c9:5a:e6:6f:d3:99:f6:e5:14:50:78:07:83:07:a7:ed:5c:32: be:c9:a9:c0:14:28:6f:be:6d:ce:c1:fa:62:ca:ad:52:6c:3d: f9:75:94:b3:70:d4:e4:b7:af:9b:88:05:57:44:88:6a:1d:7b: 3f:fc:15:be:1f:f2:14:49:a9:d9:6f:67:2e:f9:8d:d5:51:0d: fb:25:26:8b:7b:92:42:d0:bb:fd:16:16:04:ae:67:4f:87:f3: 4a:3f:99:90:7e:6f:09:be:f1:ab:ea:39:1c:49:a1:f7:08:b1: cc:74:11:d1:e9:27:69:56:53:5a:af:ac:ac:c9:2f:4f:4f:98: c6:c9:0f:6e:5d:64:63:e2:76:9a:92:ad:6e:7c:cb:aa:2d:af: 67:62:1c:85:31:17:e8:e7:dc:02:90:a2:07:51:53:ee:33:ed: aa:07:d8:9f:3f:63:2d:67:6c:60:6e:b9:d8:4d:dd:f2:32:9d: 11:34:64:48 -----BEGIN CERTIFICATE----- MIIF1jCCBL6gAwIBAgIULXtShlCsApvHe28I+944x5hHAGcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcxMzExMTcxN1oX DTI2MDcxMjExMjIxN1owMzExMC8GA1UEAxMoNTI4QTc5OUU5NEJENTA1MkY2RjU4 QUNGREQ5RjRERUQzQTBFRDVCQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALuOm6s6ckFjBny3kTCJcT1AjnM42OHFjRc7Qp7wDVeYoN9UEl9L0++c3aiN PHOkexmSISbrob8+D1EyNetRhZ3QG9egalh9XqV6aRQXNrVZLb6ZBILKbH7M7nFR 23uGyQYggPW5c7OLhM70IGoFjxIOVhpoUbozhXo00KkGInoOd/9/ldg40fazvEwo aM2VlLk9raY2+FHPBx0h7Z9JKJ3evfKbwB8j7KCNXpIu6SDTi+iUmdUwV3OEFD/f gX9FLpIg3N7TFBg6gg7fGLCjv8UUhcvXVWnwydFOeZ6QDAKMeI5EhtoGNGUd+rvA 14pKSFVHaHxT9x84+Pk8GEJxtr0CAwEAAaOCAskwggLFMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFKKeZ6UvVBS9vWKz92fTe06DtW7MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9mOThmMTljMy1lNGUxLTQxYTEtYWFmMC1kNjEzYWNhNDkzMGMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Y5OGYxOWMz LWU0ZTEtNDFhMS1hYWYwLWQ2MTNhY2E0OTMwYy8wLzUyOEE3OTlFOTRCRDUwNTJG NkY1OEFDRkREOUY0REVEM0EwRUQ1QkIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYD BAJnw1gwDwQCAAIwCQMHACABDfasADANBgkqhkiG9w0BAQsFAAOCAQEAXNxKa7cE X3C1h4MtxZE1EX1zAKq9DkxPZLzOlx21v1rgptyb0yjsLLB3YY1KUVcYFn2sXhur P8o02ORC/y9TorMlGNT2KiS+yVrmb9OZ9uUUUHgHgwen7VwyvsmpwBQob75tzsH6 YsqtUmw9+XWUs3DU5Levm4gFV0SIah17P/wVvh/yFEmp2W9nLvmN1VEN+yUmi3uS QtC7/RYWBK5nT4fzSj+ZkH5vCb7xq+o5HEmh9wixzHQR0eknaVZTWq+srMkvT0+Y xskPbl1kY+J2mpKtbnzLqi2vZ2IchTEX6OfcApCiB1FT7jPtqgfYnz9jLWdsYG65 2E3d8jKdETRkSA== -----END CERTIFICATE-----Generated at Sun Jul 20 17:33:27 2025 by rpki-client