$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.cer File: BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.cer (raw, json) Hash identifier: NKVQUSPgIVZvXN3cS/QX4FOSdBLjQnzRL3Fz663USE8= Subject key identifier: BC:A0:C1:EF:5A:4A:B3:AE:F4:25:E1:5A:B8:9A:19:CD:E5:68:82:44 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 69DF5B9462525284C86D3C4CF11E23B6C0B24988 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.mft caRepository: rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 17 May 2025 12:57:53 +0000 Certificate not after: Sat 16 May 2026 13:02:53 +0000 Subordinate resources: IP: 160.20.38.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 11:46:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:df:5b:94:62:52:52:84:c8:6d:3c:4c:f1:1e:23:b6:c0:b2:49:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 17 12:57:53 2025 GMT Not After : May 16 13:02:53 2026 GMT Subject: CN=BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:48:33:40:e6:e8:c6:82:4e:0f:38:42:6b:53: de:8d:66:5f:51:da:ac:a6:34:5d:d6:a9:49:db:9b: 23:67:1f:97:02:03:5c:c2:19:75:ca:05:99:a0:4b: 74:d2:f7:4a:65:ba:de:c0:49:33:51:7c:4a:7d:ec: 91:bd:b3:6f:93:b1:8d:97:65:84:13:40:0a:53:e1: 85:4f:33:07:59:c2:2b:8a:43:39:9e:12:4b:57:2d: 83:2b:32:ab:11:4f:5b:e7:44:15:35:ea:b4:5a:c3: ca:7f:0b:e3:c9:ba:35:d3:22:41:ca:36:c9:89:f3: 49:89:43:de:0c:3a:67:d1:8a:f3:b4:65:2e:5c:86: ab:07:79:7d:e2:e3:a5:fe:e6:fc:a5:36:6b:7c:81: e8:cd:45:88:75:de:af:f1:78:1f:3d:31:76:15:93: e4:90:ec:50:15:d8:df:06:d8:6b:20:20:9a:8b:5b: 57:50:db:08:eb:9b:6a:8d:a0:fd:cb:fc:98:a7:71: e7:b8:f7:3b:c8:b5:5d:c9:b3:e8:e1:34:ff:be:95: 40:55:68:b3:04:d4:3d:2c:a5:26:d4:30:07:be:45: ec:2e:b1:6c:f0:5b:17:85:3e:60:ac:0d:a8:cd:a9: fb:c0:eb:bb:09:51:88:3f:22:fb:ba:b3:6e:87:2e: 0c:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: BC:A0:C1:EF:5A:4A:B3:AE:F4:25:E1:5A:B8:9A:19:CD:E5:68:82:44 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.20.38.0/23 Signature Algorithm: sha256WithRSAEncryption 8f:8e:79:32:50:18:02:fc:48:53:d8:aa:da:5d:6c:60:16:db: de:a8:d9:78:ad:0f:22:81:c2:67:6f:a9:bc:ef:28:b2:54:25: 98:84:75:f5:1d:91:e4:d4:b5:af:79:83:f1:86:55:e2:c7:a2: 97:c8:04:4d:09:58:3b:dc:dc:16:7a:30:01:de:98:12:ff:71: 34:ec:1c:61:b7:71:79:42:08:be:22:7d:92:db:d7:d5:5e:38: a4:99:5e:ae:1a:c6:79:98:34:fc:0e:84:aa:ff:7b:79:05:07: 79:2d:d2:ae:cd:f2:ce:d6:38:86:43:5b:aa:78:6f:89:71:11: 82:45:fa:9e:3b:d6:4f:f0:be:cf:cd:3a:fe:4d:6c:44:a3:4e: d1:14:0c:78:69:8f:9e:a2:b1:93:a9:eb:ab:9f:24:59:a3:b2: b3:e2:3b:be:fe:61:c1:8c:84:81:b7:bc:b6:b8:da:b3:70:d6: 5c:9c:27:c7:ff:19:34:7f:7e:8e:7a:7e:23:74:9a:f2:dd:6e: e4:1f:14:96:e0:42:01:a5:c6:61:1c:cc:87:62:2f:0b:ea:3a: 10:df:f8:e7:4f:9a:33:e3:fc:f4:10:1b:36:19:25:b8:69:7d: fe:0c:ec:f8:e1:37:27:7b:77:b1:97:27:32:39:49:aa:9e:2c: 63:e3:61:57 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUad9blGJSUoTIbTxM8R4jtsCySYgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDUxNzEyNTc1M1oX DTI2MDUxNjEzMDI1M1owMzExMC8GA1UEAxMoQkNBMEMxRUY1QTRBQjNBRUY0MjVF MTVBQjg5QTE5Q0RFNTY4ODI0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFIM0Dm6MaCTg84QmtT3o1mX1HarKY0XdapSdubI2cflwIDXMIZdcoFmaBL dNL3SmW63sBJM1F8Sn3skb2zb5OxjZdlhBNAClPhhU8zB1nCK4pDOZ4SS1ctgysy qxFPW+dEFTXqtFrDyn8L48m6NdMiQco2yYnzSYlD3gw6Z9GK87RlLlyGqwd5feLj pf7m/KU2a3yB6M1FiHXer/F4Hz0xdhWT5JDsUBXY3wbYayAgmotbV1DbCOubao2g /cv8mKdx57j3O8i1Xcmz6OE0/76VQFVoswTUPSylJtQwB75F7C6xbPBbF4U+YKwN qM2p+8DruwlRiD8i+7qzbocuDPkCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFLygwe9aSrOu9CXhWriaGc3laIJEMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9kZmU3ZGFjYy0yYjQ1LTQxNDEtOTc3NS1mMWJiOWYwNTIzOTYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2RmZTdkYWNj LTJiNDUtNDE0MS05Nzc1LWYxYmI5ZjA1MjM5Ni8wL0JDQTBDMUVGNUE0QUIzQUVG NDI1RTE1QUI4OUExOUNERTU2ODgyNDQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgFCYwDQYJKoZIhvcNAQELBQADggEBAI+OeTJQGAL8SFPYqtpdbGAW296o2Xit DyKBwmdvqbzvKLJUJZiEdfUdkeTUta95g/GGVeLHopfIBE0JWDvc3BZ6MAHemBL/ cTTsHGG3cXlCCL4ifZLb19VeOKSZXq4axnmYNPwOhKr/e3kFB3kt0q7N8s7WOIZD W6p4b4lxEYJF+p471k/wvs/NOv5NbESjTtEUDHhpj56isZOp66ufJFmjsrPiO77+ YcGMhIG3vLa42rNw1lycJ8f/GTR/fo56fiN0mvLdbuQfFJbgQgGlxmEczIdiLwvq OhDf+OdPmjPj/PQQGzYZJbhpff4M7PjhNyd7d7GXJzI5SaqeLGPjYVc= -----END CERTIFICATE-----Generated at Wed Jun 4 12:05:16 2025 by rpki-client