$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/142A78CA51D88042BA512A1BB46D6DF44F63BBD7.cer File: 142A78CA51D88042BA512A1BB46D6DF44F63BBD7.cer (raw, json) Hash identifier: z1S/FDkrgEHswmJWx9rnxK5b7nSbSXaFvrcNP7oMuSQ= Subject key identifier: 14:2A:78:CA:51:D8:80:42:BA:51:2A:1B:B4:6D:6D:F4:4F:63:BB:D7 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 7D8E58DB3C479E9EF45F202B5156A526DCDF58EF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/7fc5a1cc-cc5e-4e58-8df4-f886718313aa/0/142A78CA51D88042BA512A1BB46D6DF44F63BBD7.mft caRepository: rsync://repo-rpki.idnic.net/repo/7fc5a1cc-cc5e-4e58-8df4-f886718313aa/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 01 Jul 2025 05:01:50 +0000 Certificate not after: Tue 30 Jun 2026 05:06:50 +0000 Subordinate resources: IP: 160.20.240.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Jul 2025 02:27:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:8e:58:db:3c:47:9e:9e:f4:5f:20:2b:51:56:a5:26:dc:df:58:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jul 1 05:01:50 2025 GMT Not After : Jun 30 05:06:50 2026 GMT Subject: CN=142A78CA51D88042BA512A1BB46D6DF44F63BBD7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:d8:8f:cf:04:e3:d6:5c:17:97:23:13:c7:f2: 70:cd:2b:ac:8a:d6:73:95:ca:0c:39:95:ba:96:d0: 8c:55:54:6b:3f:d1:fe:4a:f5:33:25:7f:06:80:ba: 31:0c:37:32:ff:47:04:35:ae:63:c5:04:d7:72:23: 97:8a:60:a0:0b:6d:90:b1:1a:35:5b:94:b4:53:4c: d0:d7:ef:74:f5:cd:17:46:03:3e:0b:ac:4a:76:81: 4e:c1:24:d2:3d:e5:4a:80:ba:d4:fb:5b:fa:f1:48: 5d:6d:21:96:fc:5e:43:22:70:d3:36:22:02:18:56: 36:e4:7e:a4:0e:a8:f4:a2:74:0f:46:00:c8:1e:b8: 9d:0c:29:83:8b:c7:65:a5:c9:1b:da:95:da:11:8a: 4d:3d:86:c2:20:45:9b:92:6e:7a:e2:fe:ab:59:53: 49:ff:91:8c:0e:73:81:94:10:37:01:2c:aa:b6:fd: 4e:f4:e3:f0:15:ee:d4:29:29:5a:11:8f:6a:8c:08: 83:05:67:37:71:ca:07:af:48:d6:06:ab:0e:65:5c: b6:15:06:05:ee:47:92:93:84:6d:f9:1f:cc:90:ca: 99:02:bb:08:97:0e:21:a4:d2:33:53:6d:e2:08:c8: e8:45:b1:5e:75:cd:d4:8e:0c:c4:10:51:be:32:2a: 8a:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 14:2A:78:CA:51:D8:80:42:BA:51:2A:1B:B4:6D:6D:F4:4F:63:BB:D7 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/7fc5a1cc-cc5e-4e58-8df4-f886718313aa/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/7fc5a1cc-cc5e-4e58-8df4-f886718313aa/0/142A78CA51D88042BA512A1BB46D6DF44F63BBD7.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.20.240.0/24 Signature Algorithm: sha256WithRSAEncryption 78:2d:33:9b:b4:30:b6:6a:a1:af:84:89:55:6f:1c:d0:72:a2: 18:27:3a:5b:4c:28:0b:5f:a0:97:2e:28:c9:2c:6d:bc:4a:fe: 91:01:2f:87:ce:1c:fc:fe:1e:2f:90:01:3f:fa:73:e7:85:4e: 73:1c:93:d2:4c:f2:11:eb:54:7a:ea:55:e6:ee:7f:ff:f6:a9: cf:0c:0e:39:58:c1:80:02:ea:ab:fc:29:51:0d:07:74:dc:6e: 9e:4f:f1:b8:3a:05:f4:4b:07:00:34:22:78:11:1b:3a:54:5f: 23:cd:0b:9e:f8:5a:12:2a:cf:44:d9:b3:10:42:c1:9e:e9:04: 11:8d:7d:fd:7f:16:cf:b8:61:e3:52:1e:e9:36:74:95:9a:7b: 0d:0a:72:76:9d:bd:d2:d6:ef:dc:ba:d8:2e:bd:19:0f:4c:7d: 86:55:fa:99:2c:1e:6a:4f:d9:2f:92:86:45:9a:4b:c8:8f:bb: ae:69:54:08:6e:99:96:0f:49:44:b5:c7:5b:16:3e:ae:5e:2a: 34:27:b8:7a:dc:01:83:01:f5:f1:17:1d:93:48:6b:bd:23:3a: cc:57:16:9e:f5:18:7f:60:51:65:8c:f1:18:99:7b:d8:63:ca: 38:3b:38:0c:22:56:a7:f7:6d:22:b7:13:a3:da:66:05:08:80: b0:5b:51:2a -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUfY5Y2zxHnp70XyArUValJtzfWO8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDcwMTA1MDE1MFoX DTI2MDYzMDA1MDY1MFowMzExMC8GA1UEAxMoMTQyQTc4Q0E1MUQ4ODA0MkJBNTEy QTFCQjQ2RDZERjQ0RjYzQkJENzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALzYj88E49ZcF5cjE8fycM0rrIrWc5XKDDmVupbQjFVUaz/R/kr1MyV/BoC6 MQw3Mv9HBDWuY8UE13Ijl4pgoAttkLEaNVuUtFNM0NfvdPXNF0YDPgusSnaBTsEk 0j3lSoC61Ptb+vFIXW0hlvxeQyJw0zYiAhhWNuR+pA6o9KJ0D0YAyB64nQwpg4vH ZaXJG9qV2hGKTT2GwiBFm5JueuL+q1lTSf+RjA5zgZQQNwEsqrb9TvTj8BXu1Ckp WhGPaowIgwVnN3HKB69I1garDmVcthUGBe5HkpOEbfkfzJDKmQK7CJcOIaTSM1Nt 4gjI6EWxXnXN1I4MxBBRvjIqiiMCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFBQqeMpR2IBCulEqG7RtbfRPY7vXMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83ZmM1YTFjYy1jYzVlLTRlNTgtOGRmNC1mODg2NzE4MzEzYWEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdmYzVhMWNj LWNjNWUtNGU1OC04ZGY0LWY4ODY3MTgzMTNhYS8wLzE0MkE3OENBNTFEODgwNDJC QTUxMkExQkI0NkQ2REY0NEY2M0JCRDcubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACgFPAwDQYJKoZIhvcNAQELBQADggEBAHgtM5u0MLZqoa+EiVVvHNByohgnOltM KAtfoJcuKMksbbxK/pEBL4fOHPz+Hi+QAT/6c+eFTnMck9JM8hHrVHrqVebuf//2 qc8MDjlYwYAC6qv8KVENB3Tcbp5P8bg6BfRLBwA0IngRGzpUXyPNC574WhIqz0TZ sxBCwZ7pBBGNff1/Fs+4YeNSHuk2dJWaew0KcnadvdLW79y62C69GQ9MfYZV+pks HmpP2S+ShkWaS8iPu65pVAhumZYPSUS1x1sWPq5eKjQnuHrcAYMB9fEXHZNIa70j OsxXFp71GH9gUWWM8RiZe9hjyjg7OAwiVqf3bSK3E6PaZgUIgLBbUSo= -----END CERTIFICATE-----Generated at Mon Jul 21 03:17:20 2025 by rpki-client