$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/9388695CCB2DCC37F2AB8A3D10E4FDE0C3A975A1.cer File: 9388695CCB2DCC37F2AB8A3D10E4FDE0C3A975A1.cer (raw, json) Hash identifier: yZ7JOizuh4g4PgOs68u+PdIRj2RHFqjA1LDOKnCrQLo= Subject key identifier: 93:88:69:5C:CB:2D:CC:37:F2:AB:8A:3D:10:E4:FD:E0:C3:A9:75:A1 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 2ECEFD492A888E5A5E4B48CDB71E8C6DE44DFB8E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/83cbd67b-d190-4a4c-83b6-11887d7c2e99/0/9388695CCB2DCC37F2AB8A3D10E4FDE0C3A975A1.mft caRepository: rsync://repo-rpki.idnic.net/repo/83cbd67b-d190-4a4c-83b6-11887d7c2e99/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 04 Jun 2025 03:52:52 +0000 Certificate not after: Wed 03 Jun 2026 03:57:52 +0000 Subordinate resources: IP: 160.22.96.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 11:46:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:ce:fd:49:2a:88:8e:5a:5e:4b:48:cd:b7:1e:8c:6d:e4:4d:fb:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 4 03:52:52 2025 GMT Not After : Jun 3 03:57:52 2026 GMT Subject: CN=9388695CCB2DCC37F2AB8A3D10E4FDE0C3A975A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:3c:8d:4f:60:25:b1:68:56:49:26:c0:cb:a1: aa:f8:0b:11:18:bb:45:a6:c2:8a:97:fa:cf:65:9e: f2:cf:b8:59:b9:37:ca:f9:7b:97:e9:9f:25:80:3a: d9:d1:3a:97:9e:16:1f:40:28:ab:ae:b8:ae:63:e3: 4d:7e:0e:2b:ea:fc:5f:f5:ba:0d:94:ae:7d:f1:78: c3:8f:bd:57:ba:43:9f:d7:59:ef:46:49:07:1f:11: de:52:36:13:8c:e1:e5:20:75:b1:a8:8f:d9:e7:74: 8d:0a:75:51:2f:84:39:98:81:5a:8e:f9:fd:f5:c8: e4:fc:0c:c4:33:ac:63:bd:a9:c0:61:46:21:dd:b5: f7:d4:52:46:a4:19:b1:df:50:c6:06:76:0a:22:65: 00:1e:96:aa:50:08:5e:c6:64:96:b9:d4:c6:05:da: b6:67:6f:18:b6:1f:da:ba:cd:d7:3b:a2:4f:36:85: a2:0d:9d:0f:bd:04:a8:3e:e4:a0:90:de:bf:62:d2: b0:8f:b9:5f:d5:85:03:36:20:ef:08:a3:9f:55:65: d9:b7:f3:d4:fb:86:7f:74:9c:a4:ac:a9:04:13:97: 2a:f7:cc:fd:d2:2c:0d:fa:79:79:75:ab:90:d4:d7: db:05:25:4d:16:47:bb:ed:6b:62:f7:4e:b1:7a:68: a4:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 93:88:69:5C:CB:2D:CC:37:F2:AB:8A:3D:10:E4:FD:E0:C3:A9:75:A1 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/83cbd67b-d190-4a4c-83b6-11887d7c2e99/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/83cbd67b-d190-4a4c-83b6-11887d7c2e99/0/9388695CCB2DCC37F2AB8A3D10E4FDE0C3A975A1.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.96.0/23 Signature Algorithm: sha256WithRSAEncryption 5f:29:fb:bf:00:34:bc:e1:3c:09:df:6b:67:62:6b:51:ca:4d: 4e:81:a5:20:3f:23:2e:9f:0e:26:4a:91:48:e5:58:6d:6c:ec: 7f:b6:9d:3b:1b:c8:fa:3a:77:73:20:0a:97:62:f8:7c:1b:19: 41:28:16:b8:4b:c3:c8:22:e5:06:da:df:a2:ac:50:cf:d8:2b: c1:aa:ee:70:e4:c0:d4:9a:6d:de:8e:74:bc:3f:08:23:2e:ab: 3c:9c:2b:9c:90:a4:64:0b:b8:e1:19:34:72:48:bd:3a:93:66: 63:3d:d7:d1:6d:9a:b5:96:09:ea:fb:fb:9f:87:40:b1:31:a2: cc:ce:b1:ac:02:e1:5d:56:a8:7a:9e:e9:33:c4:cc:b4:cd:fa: e7:94:56:c3:13:bd:8a:55:7c:ec:31:d8:90:c3:16:5f:aa:4d: e1:c5:3d:6e:79:b3:8f:52:a2:19:16:61:c9:d2:3d:a3:ec:39: bd:b3:14:01:29:7e:62:ff:c1:19:db:4b:6e:cc:3e:1e:a4:58: 00:7c:30:17:10:86:c0:d9:11:f6:9e:c7:bd:f0:20:db:9e:ea: f9:d4:ab:1a:76:12:a4:5b:52:8d:08:c2:e6:89:52:28:be:5a: 80:23:17:f7:ab:43:11:f0:3b:09:07:42:19:6e:3d:56:a3:ae: 11:42:be:49 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIULs79SSqIjlpeS0jNtx6MbeRN+44wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDYwNDAzNTI1MloX DTI2MDYwMzAzNTc1MlowMzExMC8GA1UEAxMoOTM4ODY5NUNDQjJEQ0MzN0YyQUI4 QTNEMTBFNEZERTBDM0E5NzVBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALs8jU9gJbFoVkkmwMuhqvgLERi7RabCipf6z2We8s+4Wbk3yvl7l+mfJYA6 2dE6l54WH0Aoq664rmPjTX4OK+r8X/W6DZSuffF4w4+9V7pDn9dZ70ZJBx8R3lI2 E4zh5SB1saiP2ed0jQp1US+EOZiBWo75/fXI5PwMxDOsY72pwGFGId2199RSRqQZ sd9QxgZ2CiJlAB6WqlAIXsZklrnUxgXatmdvGLYf2rrN1zuiTzaFog2dD70EqD7k oJDev2LSsI+5X9WFAzYg7wijn1Vl2bfz1PuGf3ScpKypBBOXKvfM/dIsDfp5eXWr kNTX2wUlTRZHu+1rYvdOsXpopMkCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFJOIaVzLLcw38quKPRDk/eDDqXWhMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by84M2NiZDY3Yi1kMTkwLTRhNGMtODNiNi0xMTg4N2Q3YzJlOTkvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzgzY2JkNjdi LWQxOTAtNGE0Yy04M2I2LTExODg3ZDdjMmU5OS8wLzkzODg2OTVDQ0IyRENDMzdG MkFCOEEzRDEwRTRGREUwQzNBOTc1QTEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgFmAwDQYJKoZIhvcNAQELBQADggEBAF8p+78ANLzhPAnfa2dia1HKTU6BpSA/ Iy6fDiZKkUjlWG1s7H+2nTsbyPo6d3MgCpdi+HwbGUEoFrhLw8gi5Qba36KsUM/Y K8Gq7nDkwNSabd6OdLw/CCMuqzycK5yQpGQLuOEZNHJIvTqTZmM919FtmrWWCer7 +5+HQLExoszOsawC4V1WqHqe6TPEzLTN+ueUVsMTvYpVfOwx2JDDFl+qTeHFPW55 s49SohkWYcnSPaPsOb2zFAEpfmL/wRnbS27MPh6kWAB8MBcQhsDZEfaex73wINue 6vnUqxp2EqRbUo0IwuaJUii+WoAjF/erQxHwOwkHQhluPVajrhFCvkk= -----END CERTIFICATE-----Generated at Wed Jun 4 12:03:43 2025 by rpki-client