$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/5BB7E8A3ABF6DF6D46C3D5F91EC3B77870CE6C61.cer File: 5BB7E8A3ABF6DF6D46C3D5F91EC3B77870CE6C61.cer (raw, json) Hash identifier: 7+Xe+TO9Sq1tPt8DxC3LXpNxogzduwLqNTTVXS57QK0= Subject key identifier: 5B:B7:E8:A3:AB:F6:DF:6D:46:C3:D5:F9:1E:C3:B7:78:70:CE:6C:61 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 31B96628A480E4DB6406BBE3872BE3758E73A054 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/35a20077-fc53-43a3-bda7-f39956d9926d/0/5BB7E8A3ABF6DF6D46C3D5F91EC3B77870CE6C61.mft caRepository: rsync://repo-rpki.idnic.net/repo/35a20077-fc53-43a3-bda7-f39956d9926d/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 21 May 2025 10:06:45 +0000 Certificate not after: Wed 20 May 2026 10:11:45 +0000 Subordinate resources: IP: 160.22.70.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 11:46:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:b9:66:28:a4:80:e4:db:64:06:bb:e3:87:2b:e3:75:8e:73:a0:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 21 10:06:45 2025 GMT Not After : May 20 10:11:45 2026 GMT Subject: CN=5BB7E8A3ABF6DF6D46C3D5F91EC3B77870CE6C61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:d9:fa:a8:3e:33:eb:1f:88:be:67:80:8c:a6: cf:38:6a:62:5e:67:cb:e7:b5:82:d3:25:b6:40:54: af:a6:b1:62:ea:bd:b8:3b:8b:b0:0a:4d:31:bb:ff: c0:b4:d6:d8:d6:c8:86:83:51:5b:f9:5c:bd:dd:5b: d6:83:98:60:74:33:05:f1:07:eb:a0:a8:26:ca:a3: 62:2c:7a:a2:2a:21:0c:0a:e2:cd:60:4f:60:02:49: 4f:fb:85:dc:75:56:a9:36:08:99:3e:c9:ff:d6:83: 6e:32:cf:7e:e7:85:c2:e5:4e:23:19:77:6e:6f:1e: 5b:ca:a8:52:2c:98:39:90:31:07:e7:eb:1e:52:9a: ce:23:fc:3d:4e:0e:f9:b0:46:49:4b:f0:f9:86:9a: a4:6b:83:62:f8:f5:6b:c2:bd:54:7d:65:83:15:43: be:0c:bd:38:2a:d1:60:db:f7:3e:72:9a:40:58:88: 6e:e6:e7:06:45:9f:11:68:8a:f6:cb:fe:66:48:92: 4c:f4:87:d6:87:1c:ec:05:d4:0c:9f:c2:1f:a9:f8: 7b:0a:cc:77:e2:92:e5:2f:32:14:ee:1c:76:7f:23: 14:c6:35:63:85:d5:84:a5:ed:a0:86:fd:f2:e5:53: 7d:ac:4b:27:aa:30:c9:36:a6:24:70:f2:d3:69:73: db:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 5B:B7:E8:A3:AB:F6:DF:6D:46:C3:D5:F9:1E:C3:B7:78:70:CE:6C:61 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/35a20077-fc53-43a3-bda7-f39956d9926d/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/35a20077-fc53-43a3-bda7-f39956d9926d/0/5BB7E8A3ABF6DF6D46C3D5F91EC3B77870CE6C61.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.70.0/23 Signature Algorithm: sha256WithRSAEncryption 28:0a:ce:69:29:04:27:b7:a8:c0:35:9c:96:31:15:dc:e3:98: 93:23:bc:fb:0a:c9:07:ae:0a:46:dd:c6:71:d8:47:1a:45:0b: 8a:77:e1:c0:93:74:bc:5e:f5:8a:59:b0:1c:3d:ee:cf:11:8a: 61:01:e9:a7:61:1d:85:33:b6:6a:bb:2c:fe:c0:1b:9f:22:9c: 1b:26:e7:ca:d0:c4:e1:fa:91:2b:44:19:65:d9:87:7f:0f:9a: bb:4e:18:69:56:69:17:c8:60:a7:77:1f:7b:62:00:6e:ac:e2: 61:af:76:84:85:dd:ed:d4:ad:e8:ba:04:a0:af:d9:98:26:7c: 61:8c:0d:71:a3:6e:a7:22:29:92:11:1c:ce:ad:98:4f:d8:8b: 21:87:44:fa:51:67:37:c6:0c:87:3f:bb:81:4a:6b:50:a0:ec: 5e:bf:26:8c:9b:13:4a:b7:a0:f5:86:0d:f9:68:1e:77:d3:2c: f7:09:0c:36:7f:98:64:ef:f0:88:49:0f:c7:dc:54:a4:f0:41: c6:20:60:92:52:93:c3:15:47:ed:88:87:5f:a6:a0:ea:5e:18: 64:0c:19:75:8e:90:87:34:0d:9f:41:3e:76:7d:75:f6:4a:c1: b3:96:8f:3a:d7:02:f4:07:33:c8:4b:1a:23:c4:37:5a:88:0f: 86:b7:1e:a9 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUMblmKKSA5NtkBrvjhyvjdY5zoFQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDUyMTEwMDY0NVoX DTI2MDUyMDEwMTE0NVowMzExMC8GA1UEAxMoNUJCN0U4QTNBQkY2REY2RDQ2QzNE NUY5MUVDM0I3Nzg3MENFNkM2MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOPZ+qg+M+sfiL5ngIymzzhqYl5ny+e1gtMltkBUr6axYuq9uDuLsApNMbv/ wLTW2NbIhoNRW/lcvd1b1oOYYHQzBfEH66CoJsqjYix6oiohDArizWBPYAJJT/uF 3HVWqTYImT7J/9aDbjLPfueFwuVOIxl3bm8eW8qoUiyYOZAxB+frHlKaziP8PU4O +bBGSUvw+YaapGuDYvj1a8K9VH1lgxVDvgy9OCrRYNv3PnKaQFiIbubnBkWfEWiK 9sv+ZkiSTPSH1occ7AXUDJ/CH6n4ewrMd+KS5S8yFO4cdn8jFMY1Y4XVhKXtoIb9 8uVTfaxLJ6owyTamJHDy02lz25MCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFu36KOr9t9tRsPV+R7Dt3hwzmxhMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zNWEyMDA3Ny1mYzUzLTQzYTMtYmRhNy1mMzk5NTZkOTkyNmQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzM1YTIwMDc3 LWZjNTMtNDNhMy1iZGE3LWYzOTk1NmQ5OTI2ZC8wLzVCQjdFOEEzQUJGNkRGNkQ0 NkMzRDVGOTFFQzNCNzc4NzBDRTZDNjEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgFkYwDQYJKoZIhvcNAQELBQADggEBACgKzmkpBCe3qMA1nJYxFdzjmJMjvPsK yQeuCkbdxnHYRxpFC4p34cCTdLxe9YpZsBw97s8RimEB6adhHYUztmq7LP7AG58i nBsm58rQxOH6kStEGWXZh38PmrtOGGlWaRfIYKd3H3tiAG6s4mGvdoSF3e3Urei6 BKCv2ZgmfGGMDXGjbqciKZIRHM6tmE/YiyGHRPpRZzfGDIc/u4FKa1Cg7F6/Joyb E0q3oPWGDfloHnfTLPcJDDZ/mGTv8IhJD8fcVKTwQcYgYJJSk8MVR+2Ih1+moOpe GGQMGXWOkIc0DZ9BPnZ9dfZKwbOWjzrXAvQHM8hLGiPEN1qID4a3Hqk= -----END CERTIFICATE-----Generated at Wed Jun 4 12:03:40 2025 by rpki-client