$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3C6D7485D61AD54226152E5D8A813D70E34D29AB.cer File: 3C6D7485D61AD54226152E5D8A813D70E34D29AB.cer (raw, json) Hash identifier: PSlBfAiEuHPNqY54ElEwzcd5dQ7Ygs5e6cR1WrwhnTM= Subject key identifier: 3C:6D:74:85:D6:1A:D5:42:26:15:2E:5D:8A:81:3D:70:E3:4D:29:AB Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 2BAB7E54A3C2B194C08571A5366FDC2BDDC81651 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/d159a362-950c-45c2-aecc-82b214bce474/0/3C6D7485D61AD54226152E5D8A813D70E34D29AB.mft caRepository: rsync://repo-rpki.idnic.net/repo/d159a362-950c-45c2-aecc-82b214bce474/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 04 Mar 2025 10:36:31 +0000 Certificate not after: Tue 03 Mar 2026 10:41:31 +0000 Subordinate resources: IP: 157.20.158.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 21:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:ab:7e:54:a3:c2:b1:94:c0:85:71:a5:36:6f:dc:2b:dd:c8:16:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Mar 4 10:36:31 2025 GMT Not After : Mar 3 10:41:31 2026 GMT Subject: CN=3C6D7485D61AD54226152E5D8A813D70E34D29AB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:81:50:67:ad:85:19:fa:e9:ae:20:c8:74:55: 9b:6c:17:08:16:44:bc:e4:14:79:36:ba:d5:78:df: 6f:44:cd:1e:cb:0d:4b:00:2f:95:29:e7:9a:bd:14: 16:9a:94:89:c0:6d:d1:74:5b:38:95:c6:24:fb:8e: ab:3d:6b:e9:51:bc:4e:12:6e:ad:b2:06:cc:a4:68: 02:03:14:ba:ce:f9:f3:5e:40:29:e4:77:e1:fc:32: bf:79:0a:73:57:30:30:4e:2b:51:fa:65:e9:9e:9d: a3:6f:6b:b1:9e:a3:63:4c:29:df:e3:c9:dc:bc:bf: 29:3c:a1:94:c9:b4:a9:db:3b:d8:24:35:ab:e9:ae: 47:c9:5d:4e:d9:6b:37:75:89:b4:e8:25:61:9e:bf: 76:09:06:bc:7a:1c:92:ee:b7:30:9f:3e:ba:b2:bf: 6e:ba:16:8f:8f:4a:ad:36:43:ef:8e:3c:53:db:73: b7:88:68:91:cc:f4:8e:de:8f:bd:87:9b:95:2d:33: 6c:79:1a:3e:8e:64:53:02:5b:04:62:d3:83:28:bf: 33:b5:1e:53:35:81:64:7a:13:b9:31:71:55:e7:6c: 0d:a2:6e:cf:ec:07:17:ae:f9:63:d2:49:07:7d:02: c6:93:d7:d7:10:eb:14:11:76:55:4d:1a:63:a5:88: b6:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3C:6D:74:85:D6:1A:D5:42:26:15:2E:5D:8A:81:3D:70:E3:4D:29:AB X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/d159a362-950c-45c2-aecc-82b214bce474/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/d159a362-950c-45c2-aecc-82b214bce474/0/3C6D7485D61AD54226152E5D8A813D70E34D29AB.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.158.0/23 Signature Algorithm: sha256WithRSAEncryption 3c:ca:f7:8c:f3:a4:20:59:8a:ca:1c:0d:1b:44:ff:ae:35:a2: 50:a4:45:ea:49:52:7b:d7:fc:22:76:30:36:4b:4a:fc:9e:1f: 5b:fd:e0:a3:b2:e1:14:7b:03:d5:04:84:37:9f:41:16:1f:27: f0:5e:57:39:74:9b:a6:ca:6c:82:80:75:93:90:26:05:74:6e: 87:bb:20:d7:f6:5b:17:a2:8f:ad:b4:63:e9:39:ca:f5:4a:db: 6c:b1:40:c8:75:c5:31:d2:a0:4d:41:44:f0:c0:c2:82:b6:ec: e8:d0:13:0a:d5:b0:13:26:6c:35:f3:d2:cc:2d:bd:e8:a0:51: 23:45:72:b6:89:68:76:7c:fc:24:df:a0:f5:5f:1d:35:fd:ce: 47:53:ac:fe:da:ac:94:d5:8f:31:4c:d5:a1:f0:b0:9a:4b:b5: 01:e9:ff:53:f0:2e:0e:2d:5d:56:56:42:0d:bc:f7:d9:23:74: 63:95:68:2f:46:bd:64:56:dd:18:32:cf:3a:ec:50:54:26:1e: 4b:9c:37:f0:6b:c5:89:27:d7:47:93:0f:0a:54:b4:93:59:5c: fe:98:99:9d:bb:41:c5:db:80:16:96:62:23:02:89:39:a9:8d: 67:65:a6:59:db:0f:7f:48:13:c0:e0:eb:77:72:ae:4b:b4:38: d1:57:9d:9a -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUK6t+VKPCsZTAhXGlNm/cK93IFlEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDMwNDEwMzYzMVoX DTI2MDMwMzEwNDEzMVowMzExMC8GA1UEAxMoM0M2RDc0ODVENjFBRDU0MjI2MTUy RTVEOEE4MTNENzBFMzREMjlBQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALiBUGethRn66a4gyHRVm2wXCBZEvOQUeTa61Xjfb0TNHssNSwAvlSnnmr0U FpqUicBt0XRbOJXGJPuOqz1r6VG8ThJurbIGzKRoAgMUus75815AKeR34fwyv3kK c1cwME4rUfpl6Z6do29rsZ6jY0wp3+PJ3Ly/KTyhlMm0qds72CQ1q+muR8ldTtlr N3WJtOglYZ6/dgkGvHocku63MJ8+urK/broWj49KrTZD7448U9tzt4hokcz0jt6P vYeblS0zbHkaPo5kUwJbBGLTgyi/M7UeUzWBZHoTuTFxVedsDaJuz+wHF675Y9JJ B30CxpPX1xDrFBF2VU0aY6WItgcCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDxtdIXWGtVCJhUuXYqBPXDjTSmrMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9kMTU5YTM2Mi05NTBjLTQ1YzItYWVjYy04MmIyMTRiY2U0NzQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QxNTlhMzYy LTk1MGMtNDVjMi1hZWNjLTgyYjIxNGJjZTQ3NC8wLzNDNkQ3NDg1RDYxQUQ1NDIy NjE1MkU1RDhBODEzRDcwRTM0RDI5QUIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGdFJ4wDQYJKoZIhvcNAQELBQADggEBADzK94zzpCBZisocDRtE/641olCkRepJ UnvX/CJ2MDZLSvyeH1v94KOy4RR7A9UEhDefQRYfJ/BeVzl0m6bKbIKAdZOQJgV0 boe7INf2Wxeij620Y+k5yvVK22yxQMh1xTHSoE1BRPDAwoK27OjQEwrVsBMmbDXz 0swtveigUSNFcraJaHZ8/CTfoPVfHTX9zkdTrP7arJTVjzFM1aHwsJpLtQHp/1Pw Lg4tXVZWQg2899kjdGOVaC9GvWRW3RgyzzrsUFQmHkucN/BrxYkn10eTDwpUtJNZ XP6YmZ27QcXbgBaWYiMCiTmpjWdlplnbD39IE8Dg63dyrku0ONFXnZo= -----END CERTIFICATE-----Generated at Mon Apr 7 03:50:54 2025 by rpki-client