$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/1D8D9CBC52934EF02BCD1D478AEBA6A368F80419.cer File: 1D8D9CBC52934EF02BCD1D478AEBA6A368F80419.cer (raw, json) Hash identifier: dU1x4KEVqMJVkoiWS0sef02x8lGzv1CZmV5GYXStp9M= Subject key identifier: 1D:8D:9C:BC:52:93:4E:F0:2B:CD:1D:47:8A:EB:A6:A3:68:F8:04:19 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 045C2B16A1D70E58D4AC3E334A8FFBA8416C634A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/ce1ea513-ac6e-4a5f-b3eb-d5352caf486b/0/1D8D9CBC52934EF02BCD1D478AEBA6A368F80419.mft caRepository: rsync://repo-rpki.idnic.net/repo/ce1ea513-ac6e-4a5f-b3eb-d5352caf486b/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sun 06 Jul 2025 11:22:56 +0000 Certificate not after: Sun 05 Jul 2026 11:27:56 +0000 Subordinate resources: IP: 103.156.14.0/23 IP: 2406:7b40::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 Oct 2025 17:45:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:5c:2b:16:a1:d7:0e:58:d4:ac:3e:33:4a:8f:fb:a8:41:6c:63:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 6 11:22:56 2025 GMT Not After : Jul 5 11:27:56 2026 GMT Subject: CN=1D8D9CBC52934EF02BCD1D478AEBA6A368F80419 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:da:69:e8:fb:d0:22:93:f3:92:50:b4:32:b7: 24:5f:28:56:75:ad:d5:2e:92:bc:dc:ae:76:77:24: d2:bf:79:60:9d:7a:90:3a:68:13:fa:4c:74:a8:c6: c4:f3:97:b4:4c:eb:58:fe:10:89:28:98:c6:07:d5: 5c:fd:fc:05:dc:71:59:dd:b2:c4:80:6c:d5:df:6e: 07:ad:64:04:d1:98:e2:60:1b:2b:c0:46:04:6b:b6: 9f:05:1c:3b:7b:de:2b:04:05:5c:7d:42:da:7a:04: aa:eb:c3:b3:c9:e0:6f:23:21:ea:8f:60:fe:17:8f: 9f:39:8f:fb:c7:45:c0:97:62:c0:f8:65:dc:33:45: 48:6a:80:0d:f8:42:62:28:25:f8:9d:57:dd:61:eb: 9d:b6:43:5a:c1:f2:bc:24:8f:61:1e:2f:7f:4d:fc: e1:1a:13:8c:30:b4:7a:1b:d1:c1:be:32:b0:9d:bc: fb:5f:75:e9:3d:05:c2:dd:58:ac:4b:2b:37:f4:d2: 7f:84:0f:a2:51:a7:68:72:f0:57:c8:43:d6:04:4c: e9:a6:8a:0c:b8:75:0b:34:c3:c2:3f:51:cf:6c:9e: 6d:d8:38:b9:93:87:a8:bb:8f:5f:99:41:7d:20:f6: 50:3d:74:4a:48:04:f2:f2:90:03:99:2d:df:b8:e8: 95:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 1D:8D:9C:BC:52:93:4E:F0:2B:CD:1D:47:8A:EB:A6:A3:68:F8:04:19 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/ce1ea513-ac6e-4a5f-b3eb-d5352caf486b/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/ce1ea513-ac6e-4a5f-b3eb-d5352caf486b/0/1D8D9CBC52934EF02BCD1D478AEBA6A368F80419.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.156.14.0/23 IPv6: 2406:7b40::/32 Signature Algorithm: sha256WithRSAEncryption 13:fa:23:34:c5:0d:c0:bf:51:88:66:fd:2e:25:13:bf:31:c7: 85:fe:80:35:e4:59:b8:b3:b7:86:c4:b7:32:31:8b:19:97:4f: 7c:ec:76:e7:59:af:95:48:14:a8:63:e5:eb:e4:78:6d:92:35: 83:d2:07:98:1a:16:17:78:f7:fb:e6:59:46:fa:fb:7c:ba:f4: 1b:28:5a:d9:5f:8e:a6:1a:3c:cf:2d:3d:7c:35:25:76:1f:bf: b4:a8:02:01:af:4e:b4:6c:39:d2:da:22:6c:fd:38:78:a6:82: b3:49:e5:15:f1:cd:90:7a:34:aa:84:30:74:a4:6d:fd:df:92: dd:73:58:7f:58:d4:43:37:0e:24:65:09:de:97:f0:91:ec:6d: 99:e9:6b:9a:8d:4c:f3:94:12:4d:84:7e:a6:e4:4e:b9:42:05: 11:7e:48:83:6b:23:71:02:b0:09:8d:b4:d7:64:c1:36:69:ff: db:cc:fc:85:64:7c:c6:03:64:d4:91:b4:09:a8:24:be:dd:1c: c5:d7:c5:b5:a5:7f:9e:29:ba:f2:fa:23:c6:0c:01:c1:4f:06: e0:02:7f:b9:64:61:bb:d5:8f:53:44:fd:82:6f:5c:92:35:3a: 5f:1d:9f:85:ce:0b:b0:b6:ae:f4:2e:4f:04:77:08:f5:94:9d: b5:3a:59:64 -----BEGIN CERTIFICATE----- MIIF1DCCBLygAwIBAgIUBFwrFqHXDljUrD4zSo/7qEFsY0owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcwNjExMjI1NloX DTI2MDcwNTExMjc1NlowMzExMC8GA1UEAxMoMUQ4RDlDQkM1MjkzNEVGMDJCQ0Qx RDQ3OEFFQkE2QTM2OEY4MDQxOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMLaaej70CKT85JQtDK3JF8oVnWt1S6SvNyudnck0r95YJ16kDpoE/pMdKjG xPOXtEzrWP4QiSiYxgfVXP38BdxxWd2yxIBs1d9uB61kBNGY4mAbK8BGBGu2nwUc O3veKwQFXH1C2noEquvDs8ngbyMh6o9g/hePnzmP+8dFwJdiwPhl3DNFSGqADfhC Yigl+J1X3WHrnbZDWsHyvCSPYR4vf0384RoTjDC0ehvRwb4ysJ28+1916T0Fwt1Y rEsrN/TSf4QPolGnaHLwV8hD1gRM6aaKDLh1CzTDwj9Rz2yebdg4uZOHqLuPX5lB fSD2UD10SkgE8vKQA5kt37jolYcCAwEAAaOCAscwggLDMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFB2NnLxSk07wK80dR4rrpqNo+AQZMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9jZTFlYTUxMy1hYzZlLTRhNWYtYjNlYi1kNTM1MmNhZjQ4NmIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2NlMWVhNTEz LWFjNmUtNGE1Zi1iM2ViLWQ1MzUyY2FmNDg2Yi8wLzFEOEQ5Q0JDNTI5MzRFRjAy QkNEMUQ0NzhBRUJBNkEzNjhGODA0MTkubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYD BAFnnA4wDQQCAAIwBwMFACQGe0AwDQYJKoZIhvcNAQELBQADggEBABP6IzTFDcC/ UYhm/S4lE78xx4X+gDXkWbizt4bEtzIxixmXT3zsdudZr5VIFKhj5evkeG2SNYPS B5gaFhd49/vmWUb6+3y69BsoWtlfjqYaPM8tPXw1JXYfv7SoAgGvTrRsOdLaImz9 OHimgrNJ5RXxzZB6NKqEMHSkbf3fkt1zWH9Y1EM3DiRlCd6X8JHsbZnpa5qNTPOU Ek2EfqbkTrlCBRF+SINrI3ECsAmNtNdkwTZp/9vM/IVkfMYDZNSRtAmoJL7dHMXX xbWlf54puvL6I8YMAcFPBuACf7lkYbvVj1NE/YJvXJI1Ol8dn4XOC7C2rvQuTwR3 CPWUnbU6WWQ= -----END CERTIFICATE-----Generated at Tue Oct 28 15:53:01 2025 by rpki-client