$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/9C948BB5F7C6539DB5D4585DBEEAF35AE23DDCA5.cer File: 9C948BB5F7C6539DB5D4585DBEEAF35AE23DDCA5.cer (raw, json) Hash identifier: vvv5enOgcmFG+PsOI6oTPz8HDHMcs8NoGhPzO/feJzs= Subject key identifier: 9C:94:8B:B5:F7:C6:53:9D:B5:D4:58:5D:BE:EA:F3:5A:E2:3D:DC:A5 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 0752CC5EBC3368F99A39F32684FCFC7CE960CE4B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/356e42e6-c6cd-4ccd-bda7-5ae9a246044a/0/9C948BB5F7C6539DB5D4585DBEEAF35AE23DDCA5.mft caRepository: rsync://repo-rpki.idnic.net/repo/356e42e6-c6cd-4ccd-bda7-5ae9a246044a/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 03 Jun 2025 21:26:57 +0000 Certificate not after: Tue 02 Jun 2026 21:31:57 +0000 Subordinate resources: IP: 160.22.206.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 11:46:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:52:cc:5e:bc:33:68:f9:9a:39:f3:26:84:fc:fc:7c:e9:60:ce:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 3 21:26:57 2025 GMT Not After : Jun 2 21:31:57 2026 GMT Subject: CN=9C948BB5F7C6539DB5D4585DBEEAF35AE23DDCA5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:c3:e0:cc:29:e7:be:a2:65:82:39:d1:7b:d6: 21:91:79:f1:23:ea:1f:30:ae:0b:d8:f9:2b:6b:ee: 68:6e:ea:de:0b:e4:e9:24:f4:6b:19:35:4e:f5:e8: 68:da:9c:4c:ca:4f:58:0e:e1:a0:de:1b:c9:b5:b8: a3:66:d1:59:cf:6a:e3:f6:8b:be:4a:df:05:b8:d1: cc:21:75:94:4d:cb:fa:ca:2d:f7:dc:80:31:b6:18: f4:bd:85:71:0c:be:71:02:36:f9:6b:ba:10:ac:71: 67:53:66:51:63:10:9c:48:5d:cf:a6:0c:d5:20:b5: 37:36:78:0f:6b:a4:67:39:41:36:8a:6d:f6:2b:00: fe:c7:3e:1d:63:9c:8d:8a:e4:31:75:cc:fe:3a:77: e9:f8:f8:d3:36:0d:b0:8a:b8:3a:f3:c6:6a:e2:bc: 71:c4:a7:e6:e1:a9:da:f3:0f:a7:08:a8:c6:28:86: 08:98:d5:cb:15:d6:7c:5c:76:62:18:5a:dc:38:f9: c7:c0:65:a5:e3:a6:2a:5b:99:e3:3b:f7:0c:dc:86: c0:ca:72:f9:39:c3:f3:bc:95:aa:e0:b6:00:72:9e: 74:a2:37:67:32:a0:71:bf:53:3d:d1:bf:b9:73:98: 12:0a:b7:80:0d:cd:e9:57:3d:96:33:8c:4d:97:88: 02:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 9C:94:8B:B5:F7:C6:53:9D:B5:D4:58:5D:BE:EA:F3:5A:E2:3D:DC:A5 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/356e42e6-c6cd-4ccd-bda7-5ae9a246044a/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/356e42e6-c6cd-4ccd-bda7-5ae9a246044a/0/9C948BB5F7C6539DB5D4585DBEEAF35AE23DDCA5.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.206.0/23 Signature Algorithm: sha256WithRSAEncryption 55:1a:c1:b3:f6:a1:36:a8:49:42:2c:ca:39:ff:bc:6c:ad:2e: b7:3e:ae:e3:75:4b:de:1c:d6:54:3e:f8:79:44:e0:90:fd:09: 42:7f:59:7a:f2:0e:9a:88:a5:b7:50:57:f6:53:93:5f:45:5f: c7:01:f0:40:ae:93:8c:0c:b3:38:b2:24:c4:3e:97:3e:4c:f7: fb:dc:5b:7e:d3:3e:ed:8d:04:1d:32:bb:b1:57:d5:5d:48:52: ad:b0:35:6a:1a:10:7a:03:b5:4e:d0:5b:90:ab:99:e7:b8:42: 18:e8:05:26:31:ea:5f:9f:9f:71:5d:c1:2c:4f:6d:48:c5:c3: 2b:c8:9f:77:18:b6:05:ce:56:a1:cc:7c:d3:7b:8d:f6:36:0d: bf:72:3c:00:8d:0d:38:c1:b7:5b:4a:be:09:eb:2d:e5:01:52: 76:bd:cd:f1:09:e5:2d:00:89:10:c9:b3:5e:c1:9f:c6:49:d0: 84:44:d1:a3:06:5d:ef:9e:54:17:ef:da:f5:d9:d5:2c:c9:9a: e7:71:da:e6:b3:ef:fa:60:31:2b:9f:2e:0c:b9:8c:8d:c9:42: cc:3d:65:06:3e:59:cc:14:a7:36:04:e7:69:7b:47:07:28:72: 23:ff:b2:65:b0:cb:ff:1c:37:8e:c5:8e:aa:02:87:d6:da:ed: 08:a2:d2:aa -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUB1LMXrwzaPmaOfMmhPz8fOlgzkswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDYwMzIxMjY1N1oX DTI2MDYwMjIxMzE1N1owMzExMC8GA1UEAxMoOUM5NDhCQjVGN0M2NTM5REI1RDQ1 ODVEQkVFQUYzNUFFMjNERENBNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALPD4Mwp576iZYI50XvWIZF58SPqHzCuC9j5K2vuaG7q3gvk6ST0axk1TvXo aNqcTMpPWA7hoN4bybW4o2bRWc9q4/aLvkrfBbjRzCF1lE3L+sot99yAMbYY9L2F cQy+cQI2+Wu6EKxxZ1NmUWMQnEhdz6YM1SC1NzZ4D2ukZzlBNopt9isA/sc+HWOc jYrkMXXM/jp36fj40zYNsIq4OvPGauK8ccSn5uGp2vMPpwioxiiGCJjVyxXWfFx2 Yhha3Dj5x8BlpeOmKluZ4zv3DNyGwMpy+TnD87yVquC2AHKedKI3ZzKgcb9TPdG/ uXOYEgq3gA3N6Vc9ljOMTZeIAv0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFJyUi7X3xlOdtdRYXb7q81riPdylMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zNTZlNDJlNi1jNmNkLTRjY2QtYmRhNy01YWU5YTI0NjA0NGEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzM1NmU0MmU2 LWM2Y2QtNGNjZC1iZGE3LTVhZTlhMjQ2MDQ0YS8wLzlDOTQ4QkI1RjdDNjUzOURC NUQ0NTg1REJFRUFGMzVBRTIzRERDQTUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgFs4wDQYJKoZIhvcNAQELBQADggEBAFUawbP2oTaoSUIsyjn/vGytLrc+ruN1 S94c1lQ++HlE4JD9CUJ/WXryDpqIpbdQV/ZTk19FX8cB8ECuk4wMsziyJMQ+lz5M 9/vcW37TPu2NBB0yu7FX1V1IUq2wNWoaEHoDtU7QW5Crmee4QhjoBSYx6l+fn3Fd wSxPbUjFwyvIn3cYtgXOVqHMfNN7jfY2Db9yPACNDTjBt1tKvgnrLeUBUna9zfEJ 5S0AiRDJs17Bn8ZJ0IRE0aMGXe+eVBfv2vXZ1SzJmudx2uaz7/pgMSufLgy5jI3J Qsw9ZQY+WcwUpzYE52l7RwcociP/smWwy/8cN47FjqoCh9ba7Qii0qo= -----END CERTIFICATE-----Generated at Wed Jun 4 11:38:18 2025 by rpki-client