$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/89402655017312B8CFCB367BA82966AA21E11F90.cer File: 89402655017312B8CFCB367BA82966AA21E11F90.cer (raw, json) Hash identifier: QdBAahRr3W8GycdP0ZWUSFMO4Z6qspTIoi1iGh95+0w= Subject key identifier: 89:40:26:55:01:73:12:B8:CF:CB:36:7B:A8:29:66:AA:21:E1:1F:90 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 554775B310A02A29CEB14435CD0FEA07F3D5F636 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/5fb1c80c-4d6c-4408-8947-fba6e7c4be7c/0/89402655017312B8CFCB367BA82966AA21E11F90.mft caRepository: rsync://repo-rpki.idnic.net/repo/5fb1c80c-4d6c-4408-8947-fba6e7c4be7c/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 07 Jul 2025 03:49:45 +0000 Certificate not after: Mon 06 Jul 2026 03:54:45 +0000 Subordinate resources: IP: 103.213.128.0/22 IP: 110.50.80.0/21 IP: 123.253.232.0/22 IP: 202.147.192.0/20 IP: 2400:1880::/32 IP: 2404:b280::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Jul 2025 16:16:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:47:75:b3:10:a0:2a:29:ce:b1:44:35:cd:0f:ea:07:f3:d5:f6:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 7 03:49:45 2025 GMT Not After : Jul 6 03:54:45 2026 GMT Subject: CN=89402655017312B8CFCB367BA82966AA21E11F90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a0:a7:5c:fa:7b:a2:eb:56:ee:c0:29:3c:b5: f8:22:d7:21:cc:a0:b3:60:37:47:c1:78:d1:b2:be: 8b:12:e6:b8:e3:b4:1f:47:8d:78:64:db:21:3a:bd: d4:27:37:6f:cd:4c:25:af:7a:1a:14:d3:3f:54:54: f8:b9:6a:23:18:a5:40:3f:1f:74:2f:ab:e3:93:0c: 31:73:23:a2:35:6a:df:e4:40:e6:3f:80:78:d5:cb: 3e:f3:ec:97:a5:74:bd:95:73:2b:24:64:5e:b8:bf: ef:dd:6c:03:b7:62:eb:36:23:50:84:98:2b:ec:5c: 7e:2d:4e:6e:80:d9:cd:55:e4:c6:98:dc:11:d5:62: d4:df:8a:5e:11:2d:04:4c:87:3f:47:dc:c4:4c:96: ef:03:3d:2c:04:c0:11:6b:e5:1c:0a:9e:10:23:16: 01:28:ba:d6:b8:61:44:13:7f:be:8e:08:e1:ba:0c: f3:c5:94:2e:5a:3c:5c:40:06:a2:43:8a:a3:88:e5: 60:28:ad:de:2e:6c:8a:93:de:83:17:b5:4c:e0:b0: 33:7a:51:9c:c6:30:f7:d0:8a:20:fe:a0:f5:32:46: f3:66:99:4d:6b:bd:93:fd:fb:f4:de:f7:51:30:b1: 99:e3:5f:09:ac:70:84:46:27:32:62:60:31:e2:84: 82:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 89:40:26:55:01:73:12:B8:CF:CB:36:7B:A8:29:66:AA:21:E1:1F:90 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/5fb1c80c-4d6c-4408-8947-fba6e7c4be7c/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/5fb1c80c-4d6c-4408-8947-fba6e7c4be7c/0/89402655017312B8CFCB367BA82966AA21E11F90.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.213.128.0/22 110.50.80.0/21 123.253.232.0/22 202.147.192.0/20 IPv6: 2400:1880::/32 2404:b280::/32 Signature Algorithm: sha256WithRSAEncryption 4b:be:22:8c:43:67:36:da:77:2e:5b:dd:ef:ff:c0:07:e1:59: db:84:d4:14:0f:d6:ce:a5:4b:45:e2:ce:86:a2:86:86:52:dc: 66:cc:1c:ec:7e:cb:57:c2:c0:fc:2a:32:15:70:48:2a:b0:70: eb:8e:d0:14:a2:03:a8:d1:65:0a:c6:ec:e0:a3:ca:97:c6:08: 48:ff:d8:1f:d1:a2:05:6c:90:bf:ab:b0:02:b1:40:74:56:81: 40:93:6d:d2:da:53:03:ed:46:9c:0d:08:a3:e4:f8:33:e6:5e: 71:14:d1:e0:1c:47:25:3e:13:9b:3c:86:3e:79:3a:bf:ae:88: f8:ae:b3:dc:2e:8e:9a:0b:9d:58:2b:ac:a6:18:bc:27:30:8d: 5b:92:0b:34:03:a3:c3:ba:3a:58:54:b4:46:9c:a6:18:ab:e7: 05:92:e0:87:66:da:c7:9c:31:1a:cc:86:c5:a1:ca:ea:cb:18: 3e:eb:e4:80:14:8e:e8:bc:d7:56:b7:d8:cf:22:55:85:de:85: 4c:73:20:d2:ba:d4:0c:d2:99:ee:ab:e8:95:ec:98:ca:dd:81: 8f:53:2f:fd:0f:30:d9:1e:59:16:fe:e7:a7:91:48:d4:3a:9c: cb:7b:10:a0:7e:74:7f:75:61:7e:5a:1b:f7:30:54:b4:a4:a6: 75:85:44:2a -----BEGIN CERTIFICATE----- MIIF7TCCBNWgAwIBAgIUVUd1sxCgKinOsUQ1zQ/qB/PV9jYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcwNzAzNDk0NVoX DTI2MDcwNjAzNTQ0NVowMzExMC8GA1UEAxMoODk0MDI2NTUwMTczMTJCOENGQ0Iz NjdCQTgyOTY2QUEyMUUxMUY5MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALSgp1z6e6LrVu7AKTy1+CLXIcygs2A3R8F40bK+ixLmuOO0H0eNeGTbITq9 1Cc3b81MJa96GhTTP1RU+LlqIxilQD8fdC+r45MMMXMjojVq3+RA5j+AeNXLPvPs l6V0vZVzKyRkXri/791sA7di6zYjUISYK+xcfi1OboDZzVXkxpjcEdVi1N+KXhEt BEyHP0fcxEyW7wM9LATAEWvlHAqeECMWASi61rhhRBN/vo4I4boM88WULlo8XEAG okOKo4jlYCit3i5sipPegxe1TOCwM3pRnMYw99CKIP6g9TJG82aZTWu9k/379N73 UTCxmeNfCaxwhEYnMmJgMeKEgmsCAwEAAaOCAuAwggLcMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFIlAJlUBcxK4z8s2e6gpZqoh4R+QMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by81ZmIxYzgwYy00ZDZjLTQ0MDgtODk0Ny1mYmE2ZTdjNGJlN2MvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVmYjFjODBj LTRkNmMtNDQwOC04OTQ3LWZiYTZlN2M0YmU3Yy8wLzg5NDAyNjU1MDE3MzEyQjhD RkNCMzY3QkE4Mjk2NkFBMjFFMTFGOTAubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwRwYIKwYBBQUHAQcBAf8EODA2MB4EAgABMBgD BAJn1YADBANuMlADBAJ7/egDBATKk8AwFAQCAAIwDgMFACQAGIADBQAkBLKAMA0G CSqGSIb3DQEBCwUAA4IBAQBLviKMQ2c22ncuW93v/8AH4VnbhNQUD9bOpUtF4s6G ooaGUtxmzBzsfstXwsD8KjIVcEgqsHDrjtAUogOo0WUKxuzgo8qXxghI/9gf0aIF bJC/q7ACsUB0VoFAk23S2lMD7UacDQij5Pgz5l5xFNHgHEclPhObPIY+eTq/roj4 rrPcLo6aC51YK6ymGLwnMI1bkgs0A6PDujpYVLRGnKYYq+cFkuCHZtrHnDEazIbF ocrqyxg+6+SAFI7ovNdWt9jPIlWF3oVMcyDSutQM0pnuq+iV7JjK3YGPUy/9DzDZ HlkW/uenkUjUOpzLexCgfnR/dWF+Whv3MFS0pKZ1hUQq -----END CERTIFICATE-----Generated at Sun Jul 20 17:24:04 2025 by rpki-client