$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/85735A4922D529215199E6F4D6829DF68512E117.cer File: 85735A4922D529215199E6F4D6829DF68512E117.cer (raw, json) Hash identifier: gIMQF1OLK1PnEixJQoTgd/gRSgu3NniCQnuEzmqgKfs= Subject key identifier: 85:73:5A:49:22:D5:29:21:51:99:E6:F4:D6:82:9D:F6:85:12:E1:17 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 4C7059DB71A8A14B991FADFF174CC00F65AC24E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/3c3e68bd-b04c-4d35-8020-02936342fb1d/0/85735A4922D529215199E6F4D6829DF68512E117.mft caRepository: rsync://repo-rpki.idnic.net/repo/3c3e68bd-b04c-4d35-8020-02936342fb1d/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 31 Mar 2025 15:51:49 +0000 Certificate not after: Mon 30 Mar 2026 15:56:49 +0000 Subordinate resources: IP: 157.66.34.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 21:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:70:59:db:71:a8:a1:4b:99:1f:ad:ff:17:4c:c0:0f:65:ac:24:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Mar 31 15:51:49 2025 GMT Not After : Mar 30 15:56:49 2026 GMT Subject: CN=85735A4922D529215199E6F4D6829DF68512E117 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:26:ae:f9:9c:70:e1:ee:b8:8f:8c:52:1d:b3: 75:6d:3a:ad:08:75:2f:38:98:94:03:5a:6c:fa:e5: 97:8d:38:f6:d6:cc:b9:fb:26:ff:12:52:2d:f1:f0: f1:c2:b8:c6:09:c8:90:7a:07:7a:3a:55:ec:e3:88: 0c:08:5e:9c:89:9f:d9:59:90:92:cc:bb:92:60:54: 21:50:d9:4b:f6:22:aa:76:5b:ca:a5:67:a6:19:6f: 13:74:6d:e4:5f:39:3a:a9:ab:a7:fb:80:16:ef:ea: ae:c4:4c:d3:85:f4:b0:db:cb:70:a1:03:91:82:4c: e5:2d:47:7f:be:9d:ee:04:8b:5c:8c:5c:b4:a7:6b: f7:15:df:7c:92:b5:c7:9d:04:50:62:b1:34:a5:87: b1:e1:3f:49:12:20:c3:9b:37:8a:2c:6a:f4:10:75: e7:8e:7c:fd:fc:07:20:2d:05:92:f4:0f:8d:30:4b: 76:8d:0a:d9:3b:fd:23:61:04:80:b2:3e:5d:16:b2: 44:c0:5a:96:24:5f:f3:10:aa:6c:ce:59:96:3c:af: 91:4f:e9:4a:e6:c8:d3:11:2a:77:3c:b5:cf:35:52: 3a:d7:e4:2f:f9:d1:6b:a1:a6:8e:17:d1:c8:da:82: 8e:7b:a3:8c:fb:e3:57:4b:93:bc:33:65:4f:25:54: dd:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 85:73:5A:49:22:D5:29:21:51:99:E6:F4:D6:82:9D:F6:85:12:E1:17 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/3c3e68bd-b04c-4d35-8020-02936342fb1d/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/3c3e68bd-b04c-4d35-8020-02936342fb1d/0/85735A4922D529215199E6F4D6829DF68512E117.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.34.0/23 Signature Algorithm: sha256WithRSAEncryption 51:d0:0c:be:5c:1a:6e:4c:9c:10:4b:5d:62:e4:10:e6:2c:1b: 87:cc:c2:53:e4:6c:a2:a1:d8:6d:72:d4:8a:b9:31:5f:ac:01: f5:96:b1:ff:24:aa:34:0c:40:8b:4f:e2:33:33:9d:e3:4e:f5: 36:6f:5a:3c:b8:98:0e:95:e5:67:3c:86:6b:f9:67:a4:c3:e2: 9e:2e:e3:b1:e7:90:64:86:80:ad:01:84:70:0f:b7:40:1a:39: 60:38:d0:cc:d6:e4:51:00:5c:be:bc:14:d9:eb:1c:f9:2e:1a: a8:c0:be:6d:51:d2:c7:df:a2:62:3e:ec:17:8a:ce:43:d2:6a: f3:fb:33:31:f8:d4:fd:aa:37:9c:f2:67:4a:5b:fa:22:27:cd: ef:de:2e:93:04:ea:55:7e:74:03:bf:23:2b:e6:ca:86:c5:c2: 48:ec:00:d9:01:46:2b:5e:21:71:d4:12:f8:7d:5b:80:d0:78: f1:13:75:06:1b:b9:06:8b:ce:a2:62:aa:f1:c0:ea:b2:ca:9c: 94:f4:93:f5:68:dd:b3:fa:1e:8f:a7:62:8b:06:dc:c2:12:92: 8d:f2:84:bd:ef:ae:e0:d7:e9:36:cf:99:88:6b:67:c6:05:ac: 23:1d:8e:fc:b0:6f:87:fc:60:66:2a:f2:01:60:bd:59:18:25: ae:b4:08:d1 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUTHBZ23GooUuZH63/F0zAD2WsJOcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDMzMTE1NTE0OVoX DTI2MDMzMDE1NTY0OVowMzExMC8GA1UEAxMoODU3MzVBNDkyMkQ1MjkyMTUxOTlF NkY0RDY4MjlERjY4NTEyRTExNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKEmrvmccOHuuI+MUh2zdW06rQh1LziYlANabPrll4049tbMufsm/xJSLfHw 8cK4xgnIkHoHejpV7OOIDAhenImf2VmQksy7kmBUIVDZS/YiqnZbyqVnphlvE3Rt 5F85Oqmrp/uAFu/qrsRM04X0sNvLcKEDkYJM5S1Hf76d7gSLXIxctKdr9xXffJK1 x50EUGKxNKWHseE/SRIgw5s3iixq9BB15458/fwHIC0FkvQPjTBLdo0K2Tv9I2EE gLI+XRayRMBaliRf8xCqbM5ZljyvkU/pSubI0xEqdzy1zzVSOtfkL/nRa6GmjhfR yNqCjnujjPvjV0uTvDNlTyVU3RUCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFIVzWkki1SkhUZnm9NaCnfaFEuEXMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zYzNlNjhiZC1iMDRjLTRkMzUtODAyMC0wMjkzNjM0MmZiMWQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNjM2U2OGJk LWIwNGMtNGQzNS04MDIwLTAyOTM2MzQyZmIxZC8wLzg1NzM1QTQ5MjJENTI5MjE1 MTk5RTZGNEQ2ODI5REY2ODUxMkUxMTcubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGdQiIwDQYJKoZIhvcNAQELBQADggEBAFHQDL5cGm5MnBBLXWLkEOYsG4fMwlPk bKKh2G1y1Iq5MV+sAfWWsf8kqjQMQItP4jMzneNO9TZvWjy4mA6V5Wc8hmv5Z6TD 4p4u47HnkGSGgK0BhHAPt0AaOWA40MzW5FEAXL68FNnrHPkuGqjAvm1R0sffomI+ 7BeKzkPSavP7MzH41P2qN5zyZ0pb+iInze/eLpME6lV+dAO/IyvmyobFwkjsANkB RiteIXHUEvh9W4DQePETdQYbuQaLzqJiqvHA6rLKnJT0k/Vo3bP6Ho+nYosG3MIS ko3yhL3vruDX6TbPmYhrZ8YFrCMdjvywb4f8YGYq8gFgvVkYJa60CNE= -----END CERTIFICATE-----Generated at Mon Apr 7 09:31:44 2025 by rpki-client