$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer File: AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer (raw, json) Hash identifier: GM7zJ5+oEXV4YmS9FqozXz4JUDaIHxW3UVevUzq/Hvg= Subject key identifier: AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 656124D792D8A9D7E91282924FF918A92BC78D6A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft caRepository: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 15 Jul 2025 22:29:39 +0000 Certificate not after: Tue 14 Jul 2026 22:34:39 +0000 Subordinate resources: IP: 160.25.152.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 14:09:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:61:24:d7:92:d8:a9:d7:e9:12:82:92:4f:f9:18:a9:2b:c7:8d:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jul 15 22:29:39 2025 GMT Not After : Jul 14 22:34:39 2026 GMT Subject: CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:78:f6:a7:18:81:05:ff:24:6e:2f:de:6a:6c: 65:0a:b1:af:3b:1f:7c:d0:f0:a4:74:98:7b:79:56: 3b:eb:5c:f4:e0:e7:aa:f5:59:58:99:05:71:06:25: 0f:82:73:7f:1e:3c:65:5a:8d:f3:67:ce:1f:cd:2b: cb:e8:a4:b6:64:7c:fd:c6:1d:7d:b4:44:df:58:6f: 15:cc:00:b8:80:16:52:94:3c:12:ef:81:fa:e0:b4: 11:53:cb:80:2d:6f:9e:33:41:46:73:4b:27:36:2a: fd:dd:97:0a:44:b8:1c:25:b7:f1:9d:ad:dd:cd:79: 7d:64:eb:91:fc:32:ff:6c:2c:cc:9e:4d:48:80:52: 1a:90:f0:42:40:e7:67:7f:cb:77:af:f2:e7:b5:81: 10:83:ba:c1:42:fd:8d:c9:f1:07:91:5c:78:98:a8: da:de:c8:75:1e:f6:e7:59:1f:24:0a:7c:47:34:81: ed:97:18:1a:1c:6b:cf:50:83:4d:c4:99:10:12:b6: c8:df:de:d1:86:f6:00:35:90:8a:ad:f4:1f:26:4c: fd:7d:e3:ea:e5:6b:8b:60:58:f2:d3:fe:55:0f:5e: ce:c1:46:ea:46:75:27:e3:8b:0e:4e:3b:d2:74:aa: cb:ff:aa:ab:82:31:37:c7:6c:9b:f5:a1:ef:e7:a3: 4e:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.152.0/24 Signature Algorithm: sha256WithRSAEncryption 86:03:17:4c:f5:3b:52:4a:8f:b0:fa:3f:56:a4:a0:3e:c6:8e: ae:80:51:52:7f:bd:a4:55:4d:2f:db:0d:73:46:c8:2a:d8:f4: 4a:38:ed:34:20:c0:9f:fb:f1:62:ad:92:7e:b5:81:68:bc:bf: 4a:f5:6d:66:e4:b5:d1:79:18:a8:40:a7:9c:6e:b2:60:e9:ab: 0a:6d:30:5f:1e:99:12:45:83:da:a6:55:94:88:91:3b:00:ec: 8e:87:de:49:00:cc:3b:3d:6e:09:37:ba:16:3a:90:55:ca:be: 2c:46:12:0e:8c:89:ba:eb:eb:05:d8:c1:4f:23:b6:45:7f:3e: b4:26:fa:08:41:18:a8:1b:19:bd:15:29:a3:c3:86:12:0c:d2: e1:09:6e:8c:86:a6:8b:1f:0f:a1:7f:17:1e:cb:24:cd:23:fe: 8a:21:94:91:3b:f1:10:83:22:b2:59:9f:a6:88:01:9a:e9:62: 44:3a:f6:9c:c6:13:bf:2d:80:14:01:e4:db:3e:f9:ae:dc:88: a2:93:e3:d0:77:5c:0d:d7:0d:5a:6c:67:87:c0:0d:2a:54:7b: c6:47:e1:2e:57:63:05:e6:fd:0b:f2:be:1a:9d:2d:6e:a0:49: 07:20:b6:d8:94:6f:91:02:48:c7:91:0a:4e:5f:81:52:4e:1c: 35:cb:e4:6f -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUZWEk15LYqdfpEoKST/kYqSvHjWowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDcxNTIyMjkzOVoX DTI2MDcxNDIyMzQzOVowMzExMC8GA1UEAxMoQUEzRDdGNTAzQzk5QzBBQjYzMEQ1 NEM1MjgzODNDMzQwMkQ2QUYyMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMV49qcYgQX/JG4v3mpsZQqxrzsffNDwpHSYe3lWO+tc9ODnqvVZWJkFcQYl D4Jzfx48ZVqN82fOH80ry+iktmR8/cYdfbRE31hvFcwAuIAWUpQ8Eu+B+uC0EVPL gC1vnjNBRnNLJzYq/d2XCkS4HCW38Z2t3c15fWTrkfwy/2wszJ5NSIBSGpDwQkDn Z3/Ld6/y57WBEIO6wUL9jcnxB5FceJio2t7IdR7251kfJAp8RzSB7ZcYGhxrz1CD TcSZEBK2yN/e0Yb2ADWQiq30HyZM/X3j6uVri2BY8tP+VQ9ezsFG6kZ1J+OLDk47 0nSqy/+qq4IxN8dsm/Wh7+ejTl0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKo9f1A8mcCrYw1UxSg4PDQC1q8hMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by85NmNkMDMyNS0zMWFmLTRmZmUtOGJlYi1lNzc5OTdlNmMzZTEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk2Y2QwMzI1 LTMxYWYtNGZmZS04YmViLWU3Nzk5N2U2YzNlMS8wL0FBM0Q3RjUwM0M5OUMwQUI2 MzBENTRDNTI4MzgzQzM0MDJENkFGMjEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACgGZgwDQYJKoZIhvcNAQELBQADggEBAIYDF0z1O1JKj7D6P1akoD7Gjq6AUVJ/ vaRVTS/bDXNGyCrY9Eo47TQgwJ/78WKtkn61gWi8v0r1bWbktdF5GKhAp5xusmDp qwptMF8emRJFg9qmVZSIkTsA7I6H3kkAzDs9bgk3uhY6kFXKvixGEg6Mibrr6wXY wU8jtkV/PrQm+ghBGKgbGb0VKaPDhhIM0uEJboyGposfD6F/Fx7LJM0j/oohlJE7 8RCDIrJZn6aIAZrpYkQ69pzGE78tgBQB5Ns++a7ciKKT49B3XA3XDVpsZ4fADSpU e8ZH4S5XYwXm/QvyvhqdLW6gSQcgttiUb5ECSMeRCk5fgVJOHDXL5G8= -----END CERTIFICATE-----Generated at Thu Jul 24 04:51:24 2025 by rpki-client