$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/2CCC85BF6CCD365701EFA75EE416D234F861385B.cer File: 2CCC85BF6CCD365701EFA75EE416D234F861385B.cer (raw, json) Hash identifier: 7pGAMfwiER/Xa8eqp/WTbBEE/Sr+XBHxYSf6VwHCLlk= Subject key identifier: 2C:CC:85:BF:6C:CD:36:57:01:EF:A7:5E:E4:16:D2:34:F8:61:38:5B Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 402D0C0248FBE80C7482AE57A0583361E0FB5A7D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/3af07f18-5c49-4129-aa53-7085ccd57b63/0/2CCC85BF6CCD365701EFA75EE416D234F861385B.mft caRepository: rsync://repo-rpki.idnic.net/repo/3af07f18-5c49-4129-aa53-7085ccd57b63/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 01 Jul 2025 07:34:26 +0000 Certificate not after: Tue 30 Jun 2026 07:39:26 +0000 Subordinate resources: IP: 160.25.218.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 22 Jul 2025 13:45:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:2d:0c:02:48:fb:e8:0c:74:82:ae:57:a0:58:33:61:e0:fb:5a:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jul 1 07:34:26 2025 GMT Not After : Jun 30 07:39:26 2026 GMT Subject: CN=2CCC85BF6CCD365701EFA75EE416D234F861385B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:c2:1c:1f:e1:73:df:fa:6f:3b:f4:f6:3f:64: c8:8f:90:2f:24:16:cf:00:6e:99:4d:d9:fa:5f:8d: a0:db:39:cf:11:19:df:c7:ab:11:bb:0c:dc:cb:75: 33:10:ee:30:e5:d1:88:de:f4:3c:6d:97:6c:a4:e5: a8:81:5b:c0:9a:78:e4:43:e5:a4:d1:12:90:2b:a2: 0f:84:ca:0f:37:85:f2:6f:a9:3d:08:21:5e:1e:ac: 51:7c:cc:86:e4:12:7c:3f:e7:e2:c9:dc:54:c5:bf: f3:7e:d9:cd:28:27:a6:f1:d3:63:57:eb:ef:34:2e: 29:a8:8e:53:0f:7f:14:fa:a5:96:e6:b3:5c:06:b3: 8c:ca:55:bb:87:55:15:99:ac:0b:c4:b9:7b:2c:1a: e2:98:4d:5e:fc:c0:5e:82:0b:92:5e:2a:2e:32:9d: bb:fc:95:d2:ea:63:e0:36:b5:76:16:20:ec:24:4d: 19:5a:e7:72:a3:12:17:cd:89:a6:cf:a5:44:f8:00: ee:86:30:63:ce:ba:5d:26:77:de:81:06:93:fd:7c: c1:33:fd:40:30:11:97:dd:83:7f:25:5d:cb:b7:73: b7:ec:da:c3:3a:93:eb:4f:6d:a1:9a:6b:fd:c4:7b: de:a8:51:4a:16:fd:d2:b2:ac:ce:a9:b7:64:8c:a3: 17:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2C:CC:85:BF:6C:CD:36:57:01:EF:A7:5E:E4:16:D2:34:F8:61:38:5B X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/3af07f18-5c49-4129-aa53-7085ccd57b63/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/3af07f18-5c49-4129-aa53-7085ccd57b63/0/2CCC85BF6CCD365701EFA75EE416D234F861385B.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.218.0/23 Signature Algorithm: sha256WithRSAEncryption 5c:15:89:2b:b0:d5:fd:b1:32:d8:06:b4:a2:51:0a:a4:b5:e1: 73:c9:a5:e2:93:49:f9:8d:31:90:03:b9:55:0f:2a:c8:04:f9: ad:5e:17:90:66:8d:9a:0d:27:30:9c:94:0f:9a:b0:98:6e:eb: a4:5f:f3:b4:4a:a4:0f:13:ca:43:85:0d:16:c5:5f:68:aa:ee: 93:a4:ec:e7:87:83:40:99:e5:c1:b0:80:f7:33:85:53:53:80: da:33:d6:b4:b3:3e:36:4d:53:ce:0c:01:68:31:f7:74:2d:1e: 31:30:18:9a:b0:d9:ab:f0:1f:1e:22:2c:5f:2a:1b:46:03:f6: 97:89:2a:7b:bf:b9:ac:ac:7b:b2:10:8d:50:50:a4:d0:15:1c: 6d:9b:9d:68:78:a9:9c:4c:4c:a9:35:af:f8:84:da:e0:52:2f: de:2f:62:69:6a:33:3f:c0:c1:3a:1e:4c:a6:c2:0e:f0:af:dc: 95:01:33:1f:fb:b0:01:b3:3a:25:02:6c:75:87:31:f2:c4:dc: bc:94:2e:b0:02:f4:1f:80:2b:f9:10:61:f1:3e:b5:02:7c:ae: 1b:d6:95:4f:0d:fb:6c:ca:22:cd:dd:68:f9:65:92:70:5f:1e: 55:45:22:9b:75:82:15:70:ff:34:92:91:ff:1d:79:e4:35:f3: d2:f7:49:f8 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUQC0MAkj76Ax0gq5XoFgzYeD7Wn0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDcwMTA3MzQyNloX DTI2MDYzMDA3MzkyNlowMzExMC8GA1UEAxMoMkNDQzg1QkY2Q0NEMzY1NzAxRUZB NzVFRTQxNkQyMzRGODYxMzg1QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMjCHB/hc9/6bzv09j9kyI+QLyQWzwBumU3Z+l+NoNs5zxEZ38erEbsM3Mt1 MxDuMOXRiN70PG2XbKTlqIFbwJp45EPlpNESkCuiD4TKDzeF8m+pPQghXh6sUXzM huQSfD/n4sncVMW/837ZzSgnpvHTY1fr7zQuKaiOUw9/FPqlluazXAazjMpVu4dV FZmsC8S5eywa4phNXvzAXoILkl4qLjKdu/yV0upj4Da1dhYg7CRNGVrncqMSF82J ps+lRPgA7oYwY866XSZ33oEGk/18wTP9QDARl92DfyVdy7dzt+zawzqT609toZpr /cR73qhRShb90rKszqm3ZIyjF5ECAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCzMhb9szTZXAe+nXuQW0jT4YThbMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zYWYwN2YxOC01YzQ5LTQxMjktYWE1My03MDg1Y2NkNTdiNjMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNhZjA3ZjE4 LTVjNDktNDEyOS1hYTUzLTcwODVjY2Q1N2I2My8wLzJDQ0M4NUJGNkNDRDM2NTcw MUVGQTc1RUU0MTZEMjM0Rjg2MTM4NUIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgGdowDQYJKoZIhvcNAQELBQADggEBAFwViSuw1f2xMtgGtKJRCqS14XPJpeKT SfmNMZADuVUPKsgE+a1eF5BmjZoNJzCclA+asJhu66Rf87RKpA8TykOFDRbFX2iq 7pOk7OeHg0CZ5cGwgPczhVNTgNoz1rSzPjZNU84MAWgx93QtHjEwGJqw2avwHx4i LF8qG0YD9peJKnu/uayse7IQjVBQpNAVHG2bnWh4qZxMTKk1r/iE2uBSL94vYmlq Mz/AwToeTKbCDvCv3JUBMx/7sAGzOiUCbHWHMfLE3LyULrAC9B+AK/kQYfE+tQJ8 rhvWlU8N+2zKIs3daPllknBfHlVFIpt1ghVw/zSSkf8deeQ189L3Sfg= -----END CERTIFICATE-----Generated at Mon Jul 21 00:15:25 2025 by rpki-client