$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/8999E6DA986A355F868ABD73E4E2AADC08244F29.cer File: 8999E6DA986A355F868ABD73E4E2AADC08244F29.cer (raw, json) Hash identifier: Lp+xSEQXv2KcBr/WiETS013+SqimrFfv++6cFeXbLa4= Subject key identifier: 89:99:E6:DA:98:6A:35:5F:86:8A:BD:73:E4:E2:AA:DC:08:24:4F:29 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 6CEB7F006A44F3FEEBFCDAA6C2E7557869B0A2C0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/9329793e-8f18-4116-9268-a133daf11cef/0/8999E6DA986A355F868ABD73E4E2AADC08244F29.mft caRepository: rsync://repo-rpki.idnic.net/repo/9329793e-8f18-4116-9268-a133daf11cef/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 21 May 2025 20:48:30 +0000 Certificate not after: Wed 20 May 2026 20:53:30 +0000 Subordinate resources: IP: 157.66.57.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 11:46:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:eb:7f:00:6a:44:f3:fe:eb:fc:da:a6:c2:e7:55:78:69:b0:a2:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 21 20:48:30 2025 GMT Not After : May 20 20:53:30 2026 GMT Subject: CN=8999E6DA986A355F868ABD73E4E2AADC08244F29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:70:81:e0:b9:93:d0:ea:b0:b9:52:22:93:1c: 74:72:b5:e1:b0:20:f1:16:22:e1:4a:bb:eb:2a:49: 9c:22:e5:ce:3d:62:3c:a2:3a:07:cb:f6:05:89:27: 8e:f1:7e:d2:3e:6d:c0:0a:2c:d5:fa:9b:9b:e2:e3: 1a:04:29:9a:51:cf:03:c7:e4:51:5b:18:4d:5b:fe: 53:b8:2b:32:b6:8c:35:ff:b0:8d:b4:b5:97:94:ce: 54:53:7b:e6:f5:b2:ab:92:ad:f6:64:ae:ec:bb:44: 86:af:10:30:97:58:8a:0b:1a:fc:88:76:cc:b2:a2: 46:3a:15:93:08:8c:79:6d:92:87:86:f7:78:3f:d4: 76:a1:b4:5a:35:20:73:c2:0f:52:26:e4:8a:ba:d2: 14:b4:c9:ec:15:4d:0f:d2:a5:33:d9:d9:48:fc:11: e5:d7:11:a9:e9:f0:c2:38:1d:3e:df:e6:00:93:a0: f2:8c:ca:c7:ff:9c:8a:84:c7:8b:a2:37:a0:aa:16: 45:21:9b:a6:60:ed:cb:1d:d9:07:9b:cf:15:79:27: 00:36:dd:12:a0:67:b9:58:a7:25:6c:d4:50:33:ee: aa:2e:7e:93:a7:8b:25:86:8f:21:9c:0b:39:3e:9b: a6:5a:7e:08:08:60:77:a1:73:46:63:5c:69:69:4f: 66:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 89:99:E6:DA:98:6A:35:5F:86:8A:BD:73:E4:E2:AA:DC:08:24:4F:29 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/9329793e-8f18-4116-9268-a133daf11cef/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/9329793e-8f18-4116-9268-a133daf11cef/0/8999E6DA986A355F868ABD73E4E2AADC08244F29.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.57.0/24 Signature Algorithm: sha256WithRSAEncryption 2d:6a:a5:6e:3c:79:36:96:a6:f0:4d:8a:e5:bb:4c:94:8e:af: 2a:9c:e2:19:b0:0a:0c:18:5b:98:ad:51:db:16:42:8a:69:de: 3c:fb:a0:8d:3c:42:b8:ea:81:72:69:23:46:22:28:78:94:a2: 33:8c:3d:0e:f0:1b:24:a1:6e:62:f9:df:e9:fc:5e:16:ab:eb: c7:29:fd:35:6c:63:05:5d:37:36:00:d8:d4:40:06:e4:16:07: b3:01:43:c4:68:72:76:8f:4f:91:81:9d:31:0b:66:6e:38:70: c2:5c:41:88:65:72:02:a1:72:82:25:df:ab:06:a9:42:3e:04: d0:08:ca:22:c2:7a:1d:d2:6d:05:17:09:1f:57:71:0a:e3:23: 4e:4c:09:91:07:ea:84:fe:52:0c:0f:c1:2a:b9:74:b6:db:98: 62:4d:50:eb:11:12:5a:02:ea:b2:0d:78:02:a8:d0:d7:98:a5: c6:4a:ae:56:de:fa:dd:8d:8a:32:8c:8b:25:dc:24:68:cd:dd: 61:b7:ea:9f:d7:fe:b9:c2:3a:71:e3:f7:5d:45:80:f2:8f:1e: a7:e1:da:81:7c:b9:70:c6:d0:eb:c2:f9:9f:12:a6:85:da:79: e7:57:6d:53:2d:c6:42:08:7e:b5:da:94:1b:62:0a:58:bf:f0: 13:13:30:79 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUbOt/AGpE8/7r/NqmwudVeGmwosAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDUyMTIwNDgzMFoX DTI2MDUyMDIwNTMzMFowMzExMC8GA1UEAxMoODk5OUU2REE5ODZBMzU1Rjg2OEFC RDczRTRFMkFBREMwODI0NEYyOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANtwgeC5k9DqsLlSIpMcdHK14bAg8RYi4Uq76ypJnCLlzj1iPKI6B8v2BYkn jvF+0j5twAos1fqbm+LjGgQpmlHPA8fkUVsYTVv+U7grMraMNf+wjbS1l5TOVFN7 5vWyq5Kt9mSu7LtEhq8QMJdYigsa/Ih2zLKiRjoVkwiMeW2Sh4b3eD/UdqG0WjUg c8IPUibkirrSFLTJ7BVND9KlM9nZSPwR5dcRqenwwjgdPt/mAJOg8ozKx/+cioTH i6I3oKoWRSGbpmDtyx3ZB5vPFXknADbdEqBnuVinJWzUUDPuqi5+k6eLJYaPIZwL OT6bplp+CAhgd6FzRmNcaWlPZv8CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFImZ5tqYajVfhoq9c+TiqtwIJE8pMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by85MzI5NzkzZS04ZjE4LTQxMTYtOTI2OC1hMTMzZGFmMTFjZWYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzkzMjk3OTNl LThmMTgtNDExNi05MjY4LWExMzNkYWYxMWNlZi8wLzg5OTlFNkRBOTg2QTM1NUY4 NjhBQkQ3M0U0RTJBQURDMDgyNDRGMjkubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACdQjkwDQYJKoZIhvcNAQELBQADggEBAC1qpW48eTaWpvBNiuW7TJSOryqc4hmw CgwYW5itUdsWQopp3jz7oI08QrjqgXJpI0YiKHiUojOMPQ7wGyShbmL53+n8Xhar 68cp/TVsYwVdNzYA2NRABuQWB7MBQ8RocnaPT5GBnTELZm44cMJcQYhlcgKhcoIl 36sGqUI+BNAIyiLCeh3SbQUXCR9XcQrjI05MCZEH6oT+UgwPwSq5dLbbmGJNUOsR EloC6rINeAKo0NeYpcZKrlbe+t2NijKMiyXcJGjN3WG36p/X/rnCOnHj911FgPKP Hqfh2oF8uXDG0OvC+Z8SpoXaeedXbVMtxkIIfrXalBtiCli/8BMTMHk= -----END CERTIFICATE-----Generated at Wed Jun 4 11:56:58 2025 by rpki-client