$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/1678F34665D7A5281AECD895B892F07EA136CF72.cer File: 1678F34665D7A5281AECD895B892F07EA136CF72.cer (raw, json) Hash identifier: MHrR2Kdms2EM7+E6vAhkiGkL+/GMyvpliglf+s5JlHI= Subject key identifier: 16:78:F3:46:65:D7:A5:28:1A:EC:D8:95:B8:92:F0:7E:A1:36:CF:72 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 404F39B1E655F6FF90DF62CDE62DCB4D5BD324E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/4793686b-3384-4412-8e7c-e9d1b852aa1e/0/1678F34665D7A5281AECD895B892F07EA136CF72.mft caRepository: rsync://repo-rpki.idnic.net/repo/4793686b-3384-4412-8e7c-e9d1b852aa1e/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 03 Jun 2025 19:24:57 +0000 Certificate not after: Tue 02 Jun 2026 19:29:57 +0000 Subordinate resources: IP: 202.129.224.0/22 IP: 2001:df3:e600::/48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 00:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:4f:39:b1:e6:55:f6:ff:90:df:62:cd:e6:2d:cb:4d:5b:d3:24:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 3 19:24:57 2025 GMT Not After : Jun 2 19:29:57 2026 GMT Subject: CN=1678F34665D7A5281AECD895B892F07EA136CF72 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:c9:e3:e4:f2:01:6b:51:ac:3f:a6:9d:89:0b: 39:0b:14:f0:be:3d:aa:a6:4e:0b:29:f8:a6:33:c7: b3:5a:dc:c3:5b:82:c3:6e:45:99:f5:8d:fa:0b:05: 8d:da:47:c3:7f:97:ee:d8:08:75:ab:66:ee:47:46: 4a:50:bd:9a:08:65:79:60:69:c9:12:29:83:4c:44: a5:e6:95:ea:6c:6b:4d:81:84:92:f7:69:72:20:af: 72:d4:5e:8d:3f:b0:a8:6d:78:24:b7:63:00:1a:6b: 4d:a0:5b:fd:db:20:70:c6:ec:f3:18:d8:be:42:87: 20:c4:c8:ce:4a:a3:58:4a:89:96:65:f8:f7:37:e5: 0a:ff:ea:18:16:f8:7e:9a:a1:25:31:b7:6d:61:5b: 6e:4b:38:d7:be:f3:94:c4:f8:48:0b:e5:73:04:5c: d8:36:90:7d:7a:a4:30:45:84:15:2c:64:39:7f:30: af:dd:5a:43:1f:66:2b:0e:90:45:aa:05:6f:3e:f4: 55:4f:5a:5a:79:7e:fd:37:33:75:9b:bf:34:90:e0: fd:fa:80:b6:55:7b:6a:36:34:60:7b:08:21:35:b5: fa:60:6e:17:32:3d:fa:cb:36:a8:6b:ad:48:a1:de: c2:ca:59:6d:0f:0c:3f:08:13:c3:29:f9:1e:6c:69: 2d:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 16:78:F3:46:65:D7:A5:28:1A:EC:D8:95:B8:92:F0:7E:A1:36:CF:72 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/4793686b-3384-4412-8e7c-e9d1b852aa1e/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/4793686b-3384-4412-8e7c-e9d1b852aa1e/0/1678F34665D7A5281AECD895B892F07EA136CF72.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.129.224.0/22 IPv6: 2001:df3:e600::/48 Signature Algorithm: sha256WithRSAEncryption 1f:f3:3c:55:0a:b6:a4:a5:f0:82:89:06:48:b6:21:0a:53:66: de:6d:7e:0a:df:30:50:b3:9a:13:3d:a9:fd:4c:b8:a1:c1:90: 03:3a:8c:8c:c9:5f:97:08:f0:06:33:a7:c8:27:a7:45:b1:f6: 2d:f2:3b:b9:6c:ef:6e:1b:87:78:01:12:53:b4:a7:f5:d6:8b: 76:a8:7e:2f:e9:a8:2b:54:eb:54:09:d2:c6:75:d3:ac:8d:3e: 01:89:c5:8b:1d:14:65:8f:42:9d:37:7c:83:2e:6c:1a:76:df: 89:50:44:d6:3d:5a:60:fa:68:5b:44:53:90:1b:21:c0:d3:59: 4d:3e:9b:d2:74:0f:4d:6a:93:a0:af:a5:e0:8b:a0:46:6a:88: 96:be:f6:73:d9:7f:35:c4:7a:78:3e:6e:21:23:5a:84:87:d5: 2a:bc:61:8e:9e:08:fb:27:bd:29:85:5b:8a:1c:d8:17:5b:ea: 8a:4e:5f:08:01:e1:e7:a1:58:7d:31:b8:db:2f:27:48:9e:e9: 33:70:d0:ca:ea:0e:f5:ef:62:c4:e1:41:36:f0:46:74:0f:5a: f9:19:8f:a1:4e:8d:bc:7c:51:76:04:54:41:cc:e5:26:72:f0: 5b:da:2e:5f:97:79:f0:76:7c:6a:a5:3d:f5:8f:6c:16:23:3c: 12:35:7d:51 -----BEGIN CERTIFICATE----- MIIF1jCCBL6gAwIBAgIUQE85seZV9v+Q32LN5i3LTVvTJOcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwMzE5MjQ1N1oX DTI2MDYwMjE5Mjk1N1owMzExMC8GA1UEAxMoMTY3OEYzNDY2NUQ3QTUyODFBRUNE ODk1Qjg5MkYwN0VBMTM2Q0Y3MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMPJ4+TyAWtRrD+mnYkLOQsU8L49qqZOCyn4pjPHs1rcw1uCw25FmfWN+gsF jdpHw3+X7tgIdatm7kdGSlC9mghleWBpyRIpg0xEpeaV6mxrTYGEkvdpciCvctRe jT+wqG14JLdjABprTaBb/dsgcMbs8xjYvkKHIMTIzkqjWEqJlmX49zflCv/qGBb4 fpqhJTG3bWFbbks4177zlMT4SAvlcwRc2DaQfXqkMEWEFSxkOX8wr91aQx9mKw6Q RaoFbz70VU9aWnl+/TczdZu/NJDg/fqAtlV7ajY0YHsIITW1+mBuFzI9+ss2qGut SKHewspZbQ8MPwgTwyn5HmxpLckCAwEAAaOCAskwggLFMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFBZ480Zl16UoGuzYlbiS8H6hNs9yMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by80NzkzNjg2Yi0zMzg0LTQ0MTItOGU3Yy1lOWQxYjg1MmFhMWUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ3OTM2ODZi LTMzODQtNDQxMi04ZTdjLWU5ZDFiODUyYWExZS8wLzE2NzhGMzQ2NjVEN0E1Mjgx QUVDRDg5NUI4OTJGMDdFQTEzNkNGNzIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYD BALKgeAwDwQCAAIwCQMHACABDfPmADANBgkqhkiG9w0BAQsFAAOCAQEAH/M8VQq2 pKXwgokGSLYhClNm3m1+Ct8wULOaEz2p/Uy4ocGQAzqMjMlflwjwBjOnyCenRbH2 LfI7uWzvbhuHeAESU7Sn9daLdqh+L+moK1TrVAnSxnXTrI0+AYnFix0UZY9CnTd8 gy5sGnbfiVBE1j1aYPpoW0RTkBshwNNZTT6b0nQPTWqToK+l4IugRmqIlr72c9l/ NcR6eD5uISNahIfVKrxhjp4I+ye9KYVbihzYF1vqik5fCAHh56FYfTG42y8nSJ7p M3DQyuoO9e9ixOFBNvBGdA9a+RmPoU6NvHxRdgRUQczlJnLwW9ouX5d58HZ8aqU9 9Y9sFiM8EjV9UQ== -----END CERTIFICATE-----Generated at Mon Nov 3 19:38:22 2025 by rpki-client