$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/961A52A522DEB902D9CBDDE98AF82B424422F566.cer File: 961A52A522DEB902D9CBDDE98AF82B424422F566.cer (raw, json) Hash identifier: vmOb33NQ7ctMB9V6qGWFQvbug5Iuu1BuDsUPjFRqyvI= Subject key identifier: 96:1A:52:A5:22:DE:B9:02:D9:CB:DD:E9:8A:F8:2B:42:44:22:F5:66 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 51ACB7AB747DEAAF7FCE072E3D1E12F28FDE0E9F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/cf72f012-a43a-4fcb-86a9-ab3e9573a8d9/0/961A52A522DEB902D9CBDDE98AF82B424422F566.mft caRepository: rsync://repo-rpki.idnic.net/repo/cf72f012-a43a-4fcb-86a9-ab3e9573a8d9/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sun 07 Sep 2025 03:09:44 +0000 Certificate not after: Sun 06 Sep 2026 03:14:44 +0000 Subordinate resources: IP: 160.25.120.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 03:04:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:ac:b7:ab:74:7d:ea:af:7f:ce:07:2e:3d:1e:12:f2:8f:de:0e:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Sep 7 03:09:44 2025 GMT Not After : Sep 6 03:14:44 2026 GMT Subject: CN=961A52A522DEB902D9CBDDE98AF82B424422F566 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:e1:1b:15:e8:92:b0:d6:bf:cd:c6:fd:f9:34: 96:4f:52:24:b3:ec:03:72:6f:ca:7b:5b:0c:55:ef: e2:12:0e:a2:d7:f3:a1:de:85:92:7a:17:44:95:cb: 1c:d2:bb:6f:eb:48:ff:39:1d:d7:85:49:07:a3:e3: 52:73:f9:66:40:3d:91:eb:b7:49:3f:cb:f5:11:3d: 50:ec:c2:0d:fd:f0:dd:ba:af:86:17:e7:03:76:29: 34:99:e6:ea:df:fd:9f:4f:fa:31:4f:17:95:01:64: 16:57:37:c0:63:c7:ee:34:15:22:ed:7e:20:c0:fd: 22:6e:10:b2:0f:d1:6b:5e:00:3e:72:eb:6b:d9:27: 17:9e:9a:7a:6c:dc:3f:eb:24:1d:45:2a:3d:22:18: 82:bf:f1:97:19:56:0a:0a:d3:f8:97:f1:1e:57:d5: 23:01:ce:04:17:13:80:79:11:e3:0a:2b:88:91:85: 63:22:67:3f:c7:9d:57:76:9f:1a:f4:77:d7:43:fc: 3b:d5:e0:3c:1e:82:a1:55:2c:50:7f:49:63:0c:f2: 67:c8:e4:a4:f6:1b:0e:49:19:b5:e0:e8:29:29:fa: 4d:c4:1c:8b:06:24:71:87:f4:d6:25:b9:76:81:a5: ee:c8:65:85:41:ae:8c:03:52:b1:33:98:ed:cc:36: e9:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 96:1A:52:A5:22:DE:B9:02:D9:CB:DD:E9:8A:F8:2B:42:44:22:F5:66 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/cf72f012-a43a-4fcb-86a9-ab3e9573a8d9/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/cf72f012-a43a-4fcb-86a9-ab3e9573a8d9/0/961A52A522DEB902D9CBDDE98AF82B424422F566.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.120.0/23 Signature Algorithm: sha256WithRSAEncryption 53:4c:6d:8b:a5:62:73:e1:70:de:17:01:3b:04:a1:90:e0:7b: df:81:c4:9a:42:49:80:7c:21:4c:20:ea:4f:63:c5:f7:b6:fd: f2:07:30:e6:5e:10:be:00:09:c7:58:a3:5e:3b:80:f4:40:35: 0b:12:b2:02:a2:53:b2:09:54:d0:3e:72:e1:f1:fa:a5:43:69: 13:64:71:00:fa:07:cf:2a:ce:f1:53:70:1b:79:1c:78:75:03: d6:78:3b:d0:74:57:fa:34:29:7d:9e:9d:28:5d:65:82:ef:cc: 99:91:54:de:60:a0:91:14:96:78:c5:fd:5f:df:de:88:64:d0: d8:3d:27:ec:b1:b5:01:b1:c0:16:fe:93:43:69:00:0e:a5:95: 32:6a:3c:48:e7:4b:a3:bb:a5:0b:64:f0:ed:ac:ed:c1:67:b2: 36:47:24:08:fb:a9:35:9e:c6:1e:de:5c:e5:59:0f:c6:9e:7c: cc:66:02:2f:d4:d1:d1:59:96:ef:79:be:78:45:65:6a:42:ee: e8:20:ad:da:10:48:42:3e:52:16:42:19:24:62:27:a9:43:df: e5:4d:c9:b0:e9:6f:51:5e:7a:f8:0c:66:00:90:64:1c:f8:a0: e9:72:99:29:c1:1b:8a:04:ad:85:81:3e:8a:81:22:fc:10:4d: bd:61:65:a9 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUUay3q3R96q9/zgcuPR4S8o/eDp8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDkwNzAzMDk0NFoX DTI2MDkwNjAzMTQ0NFowMzExMC8GA1UEAxMoOTYxQTUyQTUyMkRFQjkwMkQ5Q0JE REU5OEFGODJCNDI0NDIyRjU2NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJfhGxXokrDWv83G/fk0lk9SJLPsA3JvyntbDFXv4hIOotfzod6FknoXRJXL HNK7b+tI/zkd14VJB6PjUnP5ZkA9keu3ST/L9RE9UOzCDf3w3bqvhhfnA3YpNJnm 6t/9n0/6MU8XlQFkFlc3wGPH7jQVIu1+IMD9Im4Qsg/Ra14APnLra9knF56aemzc P+skHUUqPSIYgr/xlxlWCgrT+JfxHlfVIwHOBBcTgHkR4woriJGFYyJnP8edV3af GvR310P8O9XgPB6CoVUsUH9JYwzyZ8jkpPYbDkkZteDoKSn6TcQciwYkcYf01iW5 doGl7shlhUGujANSsTOY7cw26ZECAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFJYaUqUi3rkC2cvd6Yr4K0JEIvVmMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9jZjcyZjAxMi1hNDNhLTRmY2ItODZhOS1hYjNlOTU3M2E4ZDkvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2NmNzJmMDEy LWE0M2EtNGZjYi04NmE5LWFiM2U5NTczYThkOS8wLzk2MUE1MkE1MjJERUI5MDJE OUNCRERFOThBRjgyQjQyNDQyMkY1NjYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgGXgwDQYJKoZIhvcNAQELBQADggEBAFNMbYulYnPhcN4XATsEoZDge9+BxJpC SYB8IUwg6k9jxfe2/fIHMOZeEL4ACcdYo147gPRANQsSsgKiU7IJVNA+cuHx+qVD aRNkcQD6B88qzvFTcBt5HHh1A9Z4O9B0V/o0KX2enShdZYLvzJmRVN5goJEUlnjF /V/f3ohk0Ng9J+yxtQGxwBb+k0NpAA6llTJqPEjnS6O7pQtk8O2s7cFnsjZHJAj7 qTWexh7eXOVZD8aefMxmAi/U0dFZlu95vnhFZWpC7uggrdoQSEI+UhZCGSRiJ6lD 3+VNybDpb1FeevgMZgCQZBz4oOlymSnBG4oErYWBPoqBIvwQTb1hZak= -----END CERTIFICATE-----Generated at Mon Oct 20 17:54:24 2025 by rpki-client