$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.cer File: 11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.cer (raw, json) Hash identifier: 0E+MyvBsLkWxVQbx5yULzfYpHGZvgbrkDLcflwmejUY= Subject key identifier: 11:C9:BA:28:53:4B:A4:49:99:B4:BA:5D:6B:0F:28:E5:68:DF:6E:14 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3E8A69A609E5807390C1D7F8ECBD2032196C8ADD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.mft caRepository: rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 10 May 2025 06:51:42 +0000 Certificate not after: Sat 09 May 2026 06:56:42 +0000 Subordinate resources: IP: 27.131.0.0/21 IP: 45.115.64.0/22 IP: 103.16.112.0/22 IP: 103.29.4.0/22 IP: 119.110.80.0/21 IP: 2401:ae00::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:41:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:8a:69:a6:09:e5:80:73:90:c1:d7:f8:ec:bd:20:32:19:6c:8a:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 10 06:51:42 2025 GMT Not After : May 9 06:56:42 2026 GMT Subject: CN=11C9BA28534BA44999B4BA5D6B0F28E568DF6E14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:c8:94:79:5d:20:3f:bc:60:a3:4b:a0:c2:25: 84:d5:65:fd:f4:89:68:86:94:1c:96:58:6d:ca:00: ab:eb:55:21:8e:8a:ed:e0:32:24:7d:b2:01:05:89: f9:e8:9e:1f:f3:af:54:62:77:45:3a:11:d4:58:30: 11:40:ee:92:cc:d8:c6:6e:90:fb:c0:3f:e1:6c:41: 5c:46:26:68:3c:65:9f:43:8f:40:96:82:b8:66:87: 4e:b0:0e:56:f3:74:cc:54:b2:d6:ce:30:7f:72:ba: e5:5d:38:b0:61:05:2f:12:f6:ce:75:1a:85:ec:b2: ca:fa:10:15:af:dd:ca:e4:e0:80:37:e5:ff:02:56: f9:6c:c3:a2:66:ca:25:0e:ec:fa:8c:6d:dc:14:ef: 46:a1:4b:71:04:63:22:7c:0c:09:19:32:e7:a7:89: f4:bf:9c:1e:61:30:18:22:b1:0d:d1:60:27:4f:99: 5f:b4:08:6e:d2:31:b0:37:8a:21:5a:94:77:d2:10: 3b:58:9b:fa:3f:6e:44:2d:32:4a:0a:6f:73:2f:49: 01:45:c9:9a:23:36:60:f6:fa:6b:54:48:3d:69:5b: 9f:36:6d:9a:cb:9d:64:8c:59:af:d4:90:0b:ff:26: b5:3d:d7:fb:28:8a:61:10:5c:65:9d:61:8d:17:fd: cb:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 11:C9:BA:28:53:4B:A4:49:99:B4:BA:5D:6B:0F:28:E5:68:DF:6E:14 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 27.131.0.0/21 45.115.64.0/22 103.16.112.0/22 103.29.4.0/22 119.110.80.0/21 IPv6: 2401:ae00::/32 Signature Algorithm: sha256WithRSAEncryption 4b:3d:d7:ea:4b:8f:18:97:46:2d:58:82:37:a7:20:ed:7e:eb: 49:f7:c6:f2:7b:f2:90:31:57:b5:bd:14:4d:0f:8c:3b:85:d5: aa:c3:5c:04:7a:ef:c1:26:69:69:21:50:be:86:15:b5:14:c2: 31:a9:e2:e9:59:c4:70:ec:4f:6f:06:50:b6:34:02:2b:7e:8d: 40:ad:45:fd:42:4d:62:ee:89:23:95:fd:cf:93:bc:c5:79:24: 8e:4c:5f:50:24:6e:59:93:60:47:e7:ed:32:1f:74:63:cb:a4: dd:39:48:e2:5d:75:dc:26:86:67:2e:dd:62:90:77:c1:4a:2f: e5:94:1b:e0:63:80:b2:40:40:44:59:50:92:84:d8:38:d9:19: 8d:f9:83:d8:96:d0:78:4f:90:5f:bf:9b:e5:61:1e:c8:7a:27: 78:63:ac:b0:1f:97:54:c7:f8:e3:79:63:c3:38:02:3e:a0:b8: 8b:5b:3e:2b:9c:7e:fe:9e:eb:fb:67:65:1e:fe:0b:b4:4a:57: 54:60:20:96:02:70:27:11:8d:77:be:b5:e8:80:18:6a:5c:7b: ea:e0:30:28:db:37:69:58:5f:0a:a1:c4:f1:a8:d5:89:6e:e2: 01:67:52:a1:d7:c8:d8:4c:7e:df:04:b1:74:c8:15:4e:a1:8a: 69:f5:9d:ea -----BEGIN CERTIFICATE----- MIIF7DCCBNSgAwIBAgIUPopppgnlgHOQwdf47L0gMhlsit0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUxMDA2NTE0MloX DTI2MDUwOTA2NTY0MlowMzExMC8GA1UEAxMoMTFDOUJBMjg1MzRCQTQ0OTk5QjRC QTVENkIwRjI4RTU2OERGNkUxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL/IlHldID+8YKNLoMIlhNVl/fSJaIaUHJZYbcoAq+tVIY6K7eAyJH2yAQWJ +eieH/OvVGJ3RToR1FgwEUDukszYxm6Q+8A/4WxBXEYmaDxln0OPQJaCuGaHTrAO VvN0zFSy1s4wf3K65V04sGEFLxL2znUaheyyyvoQFa/dyuTggDfl/wJW+WzDombK JQ7s+oxt3BTvRqFLcQRjInwMCRky56eJ9L+cHmEwGCKxDdFgJ0+ZX7QIbtIxsDeK IVqUd9IQO1ib+j9uRC0ySgpvcy9JAUXJmiM2YPb6a1RIPWlbnzZtmsudZIxZr9SQ C/8mtT3X+yiKYRBcZZ1hjRf9yycCAwEAAaOCAt8wggLbMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFBHJuihTS6RJmbS6XWsPKOVo324UMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9hMDZiNjY3My00N2ExLTQ1ZTUtYjZjMi00MmFiOGI0NzYyNDkvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2EwNmI2Njcz LTQ3YTEtNDVlNS1iNmMyLTQyYWI4YjQ3NjI0OS8wLzExQzlCQTI4NTM0QkE0NDk5 OUI0QkE1RDZCMEYyOEU1NjhERjZFMTQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4D BAMbgwADBAItc0ADBAJnEHADBAJnHQQDBAN3blAwDQQCAAIwBwMFACQBrgAwDQYJ KoZIhvcNAQELBQADggEBAEs91+pLjxiXRi1YgjenIO1+60n3xvJ78pAxV7W9FE0P jDuF1arDXAR678EmaWkhUL6GFbUUwjGp4ulZxHDsT28GULY0Ait+jUCtRf1CTWLu iSOV/c+TvMV5JI5MX1AkblmTYEfn7TIfdGPLpN05SOJdddwmhmcu3WKQd8FKL+WU G+BjgLJAQERZUJKE2DjZGY35g9iW0HhPkF+/m+VhHsh6J3hjrLAfl1TH+ON5Y8M4 Aj6guItbPiucfv6e6/tnZR7+C7RKV1RgIJYCcCcRjXe+teiAGGpce+rgMCjbN2lY XwqhxPGo1Ylu4gFnUqHXyNhMft8EsXTIFU6himn1neo= -----END CERTIFICATE-----Generated at Tue Jun 3 23:41:25 2025 by rpki-client