This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/1D024B7DF6A4F54213C50C405AE1E37B8521B49A.cer File: 1D024B7DF6A4F54213C50C405AE1E37B8521B49A.cer (raw, json) Hash identifier: 7RPeyg0AsiPsdGiBHKQFN3g6VXGkrwJa5n8ZRU0ZmZ0= Subject key identifier: 1D:02:4B:7D:F6:A4:F5:42:13:C5:0C:40:5A:E1:E3:7B:85:21:B4:9A Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 30B51DC14743D83AD38782835190E5A58E03389A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/a13de3ec-4d3c-4402-a7b8-8a1b96226e75/1/1D024B7DF6A4F54213C50C405AE1E37B8521B49A.mft caRepository: rsync://repo-rpki.idnic.net/repo/a13de3ec-4d3c-4402-a7b8-8a1b96226e75/1/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 05 Nov 2025 05:21:31 +0000 Certificate not after: Wed 04 Nov 2026 05:26:31 +0000 Subordinate resources: IP: 61.247.0.0/18 IP: 103.21.212.0/22 IP: 111.94.0.0/15 IP: 118.136.0.0/15 IP: 202.73.96.0/19 IP: 2404:5600::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:b5:1d:c1:47:43:d8:3a:d3:87:82:83:51:90:e5:a5:8e:03:38:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 5 05:21:31 2025 GMT Not After : Nov 4 05:26:31 2026 GMT Subject: CN=1D024B7DF6A4F54213C50C405AE1E37B8521B49A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:96:9e:8f:2b:cf:3f:1d:34:85:39:60:31:c7: 96:4e:de:ef:aa:5f:ce:ea:ad:aa:0e:db:5d:e4:67: 86:19:0b:67:71:99:6f:1c:0d:85:f1:b4:4f:02:dc: 55:b3:67:b1:7d:eb:44:01:e1:0a:1b:36:3b:4e:8f: 19:44:c3:e0:2f:1d:85:e1:9d:20:a0:68:1e:61:0d: b7:a9:21:44:b1:d7:97:13:2d:7c:ae:50:92:4e:be: c9:36:62:ac:54:af:4b:34:b8:19:13:1b:e9:f9:3b: aa:17:48:98:63:41:73:f9:2a:83:56:26:7c:90:fb: 0a:81:5d:33:fa:bb:81:de:e6:65:46:da:6a:38:59: 25:12:64:80:6c:91:87:6a:ae:98:43:7a:64:ec:9b: 5d:ae:66:fd:41:28:3a:89:eb:06:6c:be:7d:9b:c8: 86:0d:a0:a5:0a:ef:a9:cd:84:37:9a:99:ac:6b:75: 17:b3:48:b3:ca:a0:f5:95:dc:52:77:ab:e1:a6:c0: 7e:cb:f1:03:85:5b:a1:1d:e3:e1:65:5d:8f:3e:67: f2:32:7b:42:b1:db:e1:a5:3f:76:41:7d:e4:c0:f1: 20:8a:cf:fa:26:0c:f0:2d:2b:b4:36:ee:e3:16:f2: 69:52:68:b2:2a:c7:bd:3e:e4:66:2e:2a:4c:8a:77: 30:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 1D:02:4B:7D:F6:A4:F5:42:13:C5:0C:40:5A:E1:E3:7B:85:21:B4:9A X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/a13de3ec-4d3c-4402-a7b8-8a1b96226e75/1 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/a13de3ec-4d3c-4402-a7b8-8a1b96226e75/1/1D024B7DF6A4F54213C50C405AE1E37B8521B49A.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 61.247.0.0/18 103.21.212.0/22 111.94.0.0/15 118.136.0.0/15 202.73.96.0/19 IPv6: 2404:5600::/32 Signature Algorithm: sha256WithRSAEncryption 19:a3:46:52:64:0f:a3:5a:c6:a8:34:4b:87:98:8c:e3:30:92: da:7f:26:f5:52:3b:d1:6d:1e:42:ee:2c:09:cb:94:00:e0:32: bd:c4:5b:94:a2:48:3c:87:dc:58:bb:5a:72:90:3c:ef:98:62: 18:ea:27:6f:d7:5b:53:2d:bc:b9:f4:98:be:88:cf:0c:bc:c1: 3f:07:1a:de:03:f8:d2:fc:92:0d:62:d6:29:1b:b9:5e:20:53: e9:b6:4d:2f:9d:cc:e6:70:b8:9a:15:d3:37:d9:e4:f2:f9:63: e1:6c:81:10:05:7e:ad:e0:75:51:b1:04:02:f7:b5:00:3a:a9: cc:00:e9:2d:69:82:a4:64:5f:c4:36:1a:6f:c8:14:eb:71:72: 67:bd:44:60:3d:58:06:5e:3a:6d:d6:3e:b7:11:12:78:b4:20: 4d:a2:fa:41:cc:d4:e1:09:b0:a2:bd:1a:f9:e7:9d:66:98:2f: 19:60:3d:f4:f7:76:0e:47:20:4f:82:0c:10:2b:6d:18:f8:17: cd:1e:e7:13:0e:20:05:d4:9f:08:90:9a:af:c3:d2:29:15:90: 17:4a:8d:d0:f7:24:9a:df:00:bf:87:cb:b3:7c:9b:c0:87:5d: a4:32:6e:d1:9a:fe:df:43:2a:56:be:bd:80:0d:08:4d:09:7f: 60:ea:62:32 -----BEGIN CERTIFICATE----- MIIF6jCCBNKgAwIBAgIUMLUdwUdD2DrTh4KDUZDlpY4DOJowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTEwNTA1MjEzMVoX DTI2MTEwNDA1MjYzMVowMzExMC8GA1UEAxMoMUQwMjRCN0RGNkE0RjU0MjEzQzUw QzQwNUFFMUUzN0I4NTIxQjQ5QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOqWno8rzz8dNIU5YDHHlk7e76pfzuqtqg7bXeRnhhkLZ3GZbxwNhfG0TwLc VbNnsX3rRAHhChs2O06PGUTD4C8dheGdIKBoHmENt6khRLHXlxMtfK5Qkk6+yTZi rFSvSzS4GRMb6fk7qhdImGNBc/kqg1YmfJD7CoFdM/q7gd7mZUbaajhZJRJkgGyR h2qumEN6ZOybXa5m/UEoOonrBmy+fZvIhg2gpQrvqc2EN5qZrGt1F7NIs8qg9ZXc Uner4abAfsvxA4VboR3j4WVdjz5n8jJ7QrHb4aU/dkF95MDxIIrP+iYM8C0rtDbu 4xbyaVJosirHvT7kZi4qTIp3MFUCAwEAAaOCAt0wggLZMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFB0CS332pPVCE8UMQFrh43uFIbSaMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9hMTNkZTNlYy00ZDNjLTQ0MDItYTdiOC04YTFiOTYyMjZlNzUvMTCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ExM2RlM2Vj LTRkM2MtNDQwMi1hN2I4LThhMWI5NjIyNmU3NS8xLzFEMDI0QjdERjZBNEY1NDIx M0M1MEM0MDVBRTFFMzdCODUyMUI0OUEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwRAYIKwYBBQUHAQcBAf8ENTAzMCIEAgABMBwD BAY99wADBAJnFdQDAwFvXgMDAXaIAwQFyklgMA0EAgACMAcDBQAkBFYAMA0GCSqG SIb3DQEBCwUAA4IBAQAZo0ZSZA+jWsaoNEuHmIzjMJLafyb1UjvRbR5C7iwJy5QA 4DK9xFuUokg8h9xYu1pykDzvmGIY6idv11tTLby59Ji+iM8MvME/BxreA/jS/JIN YtYpG7leIFPptk0vnczmcLiaFdM32eTy+WPhbIEQBX6t4HVRsQQC97UAOqnMAOkt aYKkZF/ENhpvyBTrcXJnvURgPVgGXjpt1j63ERJ4tCBNovpBzNThCbCivRr5551m mC8ZYD3093YORyBPggwQK20Y+BfNHucTDiAF1J8IkJqvw9IpFZAXSo3Q9ySa3wC/ h8uzfJvAh12kMm7Rmv7fQypWvr2ADQhNCX9g6mIy -----END CERTIFICATE-----Generated at Wed Dec 3 13:16:29 2025 by rpki-client