$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/2098B3BD046CFFF28B48954F288A333FADDD1DE9.cer File: 2098B3BD046CFFF28B48954F288A333FADDD1DE9.cer (raw, json) Hash identifier: HfKu8ltCF0lxNuyx9PSFSSNCS6OzQMgZJ7IoyMQpvEo= Subject key identifier: 20:98:B3:BD:04:6C:FF:F2:8B:48:95:4F:28:8A:33:3F:AD:DD:1D:E9 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 52A0BB2F3E69856874182ECFB63671D4F887870F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/aa417608-16b8-4497-81e3-947d78dbcf11/0/2098B3BD046CFFF28B48954F288A333FADDD1DE9.mft caRepository: rsync://repo-rpki.idnic.net/repo/aa417608-16b8-4497-81e3-947d78dbcf11/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 05 Sep 2025 16:54:11 +0000 Certificate not after: Fri 04 Sep 2026 16:59:11 +0000 Subordinate resources: IP: 160.25.229.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 14:17:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:a0:bb:2f:3e:69:85:68:74:18:2e:cf:b6:36:71:d4:f8:87:87:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Sep 5 16:54:11 2025 GMT Not After : Sep 4 16:59:11 2026 GMT Subject: CN=2098B3BD046CFFF28B48954F288A333FADDD1DE9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:3e:16:31:b2:48:d4:e7:88:27:da:92:1e:7e: 38:92:be:1c:6e:1a:93:e2:c1:25:1a:04:b5:c3:eb: 05:e7:8f:f8:69:3a:d9:b2:27:b1:2c:44:f4:c3:89: d6:ed:e5:e1:52:d0:68:2b:2b:63:40:63:b8:60:08: 9d:a8:6a:5b:fa:7f:c1:d1:14:54:52:58:4e:94:3c: d7:92:c9:48:ff:c8:b4:c3:b8:bf:c2:fa:3c:05:a4: 8e:d8:9b:10:fe:b1:f3:cf:af:a7:7b:73:3c:ed:b4: 3d:37:dc:e6:b1:ae:39:41:26:60:33:8b:6f:5a:84: 40:2e:bb:8e:ac:ef:f3:9b:a1:4f:07:9a:ef:85:46: 33:ad:bf:c4:d2:7c:94:4a:a2:4a:42:f9:cf:10:09: 22:46:90:c8:21:c4:74:7a:25:38:70:7c:53:22:41: 8f:e0:e3:2d:34:12:79:21:8b:00:3c:a9:3d:a5:0e: db:77:68:c5:e8:2c:00:5f:51:97:a3:12:fd:dd:50: a7:c8:a7:cc:b6:7e:cc:2d:ef:c9:a1:ed:47:49:a3: a5:ac:ab:d4:c7:25:01:6e:e5:01:8b:72:a6:44:2e: b5:4b:5b:a9:7f:b1:3b:ee:28:04:c3:aa:b4:05:4d: e7:68:c9:09:13:7d:b4:ae:03:51:6e:4d:dc:5f:48: dc:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 20:98:B3:BD:04:6C:FF:F2:8B:48:95:4F:28:8A:33:3F:AD:DD:1D:E9 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/aa417608-16b8-4497-81e3-947d78dbcf11/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/aa417608-16b8-4497-81e3-947d78dbcf11/0/2098B3BD046CFFF28B48954F288A333FADDD1DE9.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.229.0/24 Signature Algorithm: sha256WithRSAEncryption 5d:e8:07:0e:dd:29:7b:a2:e5:df:59:71:76:b0:56:b1:6e:db: a8:85:88:a3:30:e7:d2:0a:8e:dc:70:2f:df:95:46:0a:b6:98: 5e:a2:bd:9b:aa:a1:42:c3:6c:7b:ea:03:5d:42:b6:2d:ca:2b: 0e:17:9a:a1:ca:3b:26:0c:57:a8:93:5f:e6:07:5b:d7:09:c5: c0:be:dc:b5:bd:b4:fa:5e:8c:1f:86:71:f3:dc:1e:22:44:0d: cc:98:fe:57:5e:89:39:14:09:38:28:b3:52:31:cd:d2:2c:50: 95:74:9f:56:49:be:ea:8b:d7:de:e3:37:1f:21:e4:59:8a:62: b9:45:be:a9:8c:7f:81:0a:be:87:25:cc:0f:f3:cd:3d:4d:76: 4d:79:be:50:3b:ee:2d:02:97:a1:f3:a4:d4:fe:d8:26:8e:53: d6:68:dd:cd:b3:46:51:06:92:25:bc:e2:3e:e9:57:ba:be:66: 93:ce:da:f9:40:d3:fd:5c:11:a4:ac:88:27:1e:fd:50:cd:b8: a9:78:47:05:be:4b:3d:92:b4:45:d2:82:3c:93:5d:ec:d5:9b: 94:a2:7a:ad:ce:07:7e:0d:eb:f1:05:89:83:8a:0b:b8:bf:80: c6:13:1b:e4:ae:bb:2a:fa:68:24:90:0a:90:5f:89:91:48:a0: 5c:6d:6b:12 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUUqC7Lz5phWh0GC7PtjZx1PiHhw8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDkwNTE2NTQxMVoX DTI2MDkwNDE2NTkxMVowMzExMC8GA1UEAxMoMjA5OEIzQkQwNDZDRkZGMjhCNDg5 NTRGMjg4QTMzM0ZBREREMURFOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKk+FjGySNTniCfakh5+OJK+HG4ak+LBJRoEtcPrBeeP+Gk62bInsSxE9MOJ 1u3l4VLQaCsrY0BjuGAInahqW/p/wdEUVFJYTpQ815LJSP/ItMO4v8L6PAWkjtib EP6x88+vp3tzPO20PTfc5rGuOUEmYDOLb1qEQC67jqzv85uhTwea74VGM62/xNJ8 lEqiSkL5zxAJIkaQyCHEdHolOHB8UyJBj+DjLTQSeSGLADypPaUO23doxegsAF9R l6MS/d1Qp8inzLZ+zC3vyaHtR0mjpayr1MclAW7lAYtypkQutUtbqX+xO+4oBMOq tAVN52jJCRN9tK4DUW5N3F9I3O0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCCYs70EbP/yi0iVTyiKMz+t3R3pMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9hYTQxNzYwOC0xNmI4LTQ0OTctODFlMy05NDdkNzhkYmNmMTEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2FhNDE3NjA4 LTE2YjgtNDQ5Ny04MWUzLTk0N2Q3OGRiY2YxMS8wLzIwOThCM0JEMDQ2Q0ZGRjI4 QjQ4OTU0RjI4OEEzMzNGQURERDFERTkubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACgGeUwDQYJKoZIhvcNAQELBQADggEBAF3oBw7dKXui5d9ZcXawVrFu26iFiKMw 59IKjtxwL9+VRgq2mF6ivZuqoULDbHvqA11Cti3KKw4XmqHKOyYMV6iTX+YHW9cJ xcC+3LW9tPpejB+GcfPcHiJEDcyY/ldeiTkUCTgos1IxzdIsUJV0n1ZJvuqL197j Nx8h5FmKYrlFvqmMf4EKvoclzA/zzT1Ndk15vlA77i0Cl6HzpNT+2CaOU9Zo3c2z RlEGkiW84j7pV7q+ZpPO2vlA0/1cEaSsiCce/VDNuKl4RwW+Sz2StEXSgjyTXezV m5Sieq3OB34N6/EFiYOKC7i/gMYTG+Suuyr6aCSQCpBfiZFIoFxtaxI= -----END CERTIFICATE-----Generated at Sun Sep 7 10:13:34 2025 by rpki-client