$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer File: 552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer (raw, json) Hash identifier: xbaRrsNzxwiwGfiM+Tv8Dg4oYjcJ0PrKxY91x6LAJtM= Subject key identifier: 55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5D20923C84FA0DEAD45E096EA96CFBDAB7D5FECC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.mft caRepository: rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 12 Jul 2025 05:43:53 +0000 Certificate not after: Sat 11 Jul 2026 05:48:53 +0000 Subordinate resources: IP: 43.229.253.0 -- 43.229.255.255 IP: 103.31.44.0/22 IP: 110.232.64.0/19 IP: 150.107.136.0/22 IP: 202.162.192.0/20 IP: 2401:2900::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Jul 2025 00:11:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:20:92:3c:84:fa:0d:ea:d4:5e:09:6e:a9:6c:fb:da:b7:d5:fe:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 12 05:43:53 2025 GMT Not After : Jul 11 05:48:53 2026 GMT Subject: CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:d1:db:d2:55:70:ae:a9:de:f9:ea:48:a7:e3: 8e:f3:ae:e6:3f:a4:e8:65:19:ae:ee:eb:f6:fb:ca: 31:09:3d:78:96:2f:40:6b:9c:51:24:98:b6:13:36: 5b:f0:20:a7:ba:a7:96:81:a0:30:4b:0c:47:14:25: 51:e1:ea:18:94:01:64:b4:72:20:7b:cd:44:c0:2f: fd:97:e6:f0:fa:29:69:30:86:26:72:f0:5d:b3:2e: 6f:98:15:a8:39:46:04:b9:b0:94:5d:d7:a8:10:40: 64:a8:eb:88:55:0e:0b:cf:45:75:3b:38:b9:b0:42: ae:65:62:19:1b:ef:ed:b3:bd:91:77:3d:d1:16:77: 06:9c:78:1d:fa:d1:8a:00:7e:60:5c:45:1c:d9:e1: 5a:f2:18:80:30:bd:e0:2e:2b:d4:aa:81:f3:14:ab: a1:3f:91:1a:79:2c:be:f0:ff:07:be:9d:6f:8a:99: b7:ae:6d:31:e3:b3:c2:2e:0d:67:d9:1c:a2:98:5e: 26:86:02:06:c2:3b:d7:75:a4:d4:3f:67:20:25:d1: e4:be:23:e3:b3:4b:2b:e9:c0:1c:28:61:d5:7f:c4: 0e:d9:65:f3:0d:af:5b:34:f2:16:78:d2:ca:37:65: 11:77:30:0e:99:25:b7:39:54:01:63:e0:0e:61:36: 36:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.229.253.0-43.229.255.255 103.31.44.0/22 110.232.64.0/19 150.107.136.0/22 202.162.192.0/20 IPv6: 2401:2900::/32 Signature Algorithm: sha256WithRSAEncryption 9c:56:af:b4:d1:5d:37:df:6c:c1:71:42:36:b5:53:68:de:1f: ee:13:db:04:1d:93:10:8e:d9:3c:a2:87:45:8b:e6:9c:72:cc: e9:b9:c0:23:39:f4:5b:b1:23:68:a4:08:de:e5:54:a2:1a:5b: 8c:85:96:8c:ed:ad:36:e6:c4:fc:e2:e5:6f:60:b3:82:5c:64: 97:b3:55:b3:cd:85:59:78:49:01:ea:72:73:f8:3f:b3:d3:e7: 32:e8:b6:d3:53:2b:19:93:4f:a1:c5:1d:5c:57:17:be:bc:92: 60:6e:1d:63:33:af:79:d0:e4:96:f8:fe:cd:57:15:6e:45:44: 61:4c:08:d6:42:8e:e5:27:13:48:10:82:11:83:23:27:c0:34: fe:6d:b1:14:2a:b5:50:99:3c:b7:6c:53:7b:3f:65:85:6f:94: 15:99:2d:eb:c0:b4:ec:bf:00:f1:b8:6d:e6:89:f3:ed:f0:38: 81:48:76:0e:52:d8:e1:22:12:c6:ec:9e:9d:4c:e6:1f:fb:d2: ef:41:a9:45:52:99:c3:1b:d8:e2:7a:8f:50:03:cf:e2:e4:9a: 09:58:f5:8b:a3:f3:3f:a0:7b:c5:47:03:5e:00:d4:14:88:1a: cd:bd:c6:f3:74:e0:fd:93:0b:71:c8:ca:36:99:36:f1:b8:49: c2:66:85:f6 -----BEGIN CERTIFICATE----- MIIF8zCCBNugAwIBAgIUXSCSPIT6DerUXgluqWz72rfV/swwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcxMjA1NDM1M1oX DTI2MDcxMTA1NDg1M1owMzExMC8GA1UEAxMoNTUyQjMxQTI2RTkyQTlERDZBNTg1 QjkyMzc1QjdGQ0E0RkE2Njk4NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANnR29JVcK6p3vnqSKfjjvOu5j+k6GUZru7r9vvKMQk9eJYvQGucUSSYthM2 W/Agp7qnloGgMEsMRxQlUeHqGJQBZLRyIHvNRMAv/Zfm8PopaTCGJnLwXbMub5gV qDlGBLmwlF3XqBBAZKjriFUOC89FdTs4ubBCrmViGRvv7bO9kXc90RZ3Bpx4HfrR igB+YFxFHNnhWvIYgDC94C4r1KqB8xSroT+RGnksvvD/B76db4qZt65tMeOzwi4N Z9kcopheJoYCBsI713Wk1D9nICXR5L4j47NLK+nAHChh1X/EDtll8w2vWzTyFnjS yjdlEXcwDpkltzlUAWPgDmE2NtMCAwEAAaOCAuYwggLiMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFUrMaJukqndalhbkjdbf8pPpmmEMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8yMDE0MzJjYy0zYmM5LTQ4NTgtYjUwNi0yMThhYWIwYjA4OWMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNj LTNiYzktNDg1OC1iNTA2LTIxOGFhYjBiMDg5Yy8wLzU1MkIzMUEyNkU5MkE5REQ2 QTU4NUI5MjM3NUI3RkNBNEZBNjY5ODQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwTQYIKwYBBQUHAQcBAf8EPjA8MCsEAgABMCUw CwMEACvl/QMDASvkAwQCZx8sAwQFbuhAAwQClmuIAwQEyqLAMA0EAgACMAcDBQAk ASkAMA0GCSqGSIb3DQEBCwUAA4IBAQCcVq+00V0332zBcUI2tVNo3h/uE9sEHZMQ jtk8oodFi+accszpucAjOfRbsSNopAje5VSiGluMhZaM7a025sT84uVvYLOCXGSX s1WzzYVZeEkB6nJz+D+z0+cy6LbTUysZk0+hxR1cVxe+vJJgbh1jM6950OSW+P7N VxVuRURhTAjWQo7lJxNIEIIRgyMnwDT+bbEUKrVQmTy3bFN7P2WFb5QVmS3rwLTs vwDxuG3mifPt8DiBSHYOUtjhIhLG7J6dTOYf+9LvQalFUpnDG9jieo9QA8/i5JoJ WPWLo/M/oHvFRwNeANQUiBrNvcbzdOD9kwtxyMo2mTbxuEnCZoX2 -----END CERTIFICATE-----Generated at Sun Jul 20 22:47:54 2025 by rpki-client