$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer File: 20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer (raw, json) Hash identifier: RRV5eI8g2s05TsCnLoepfO2gFGMz2UQSyHJDzkUW/7c= Subject key identifier: 20:B1:5C:95:FA:33:51:40:2D:60:E9:68:AD:1D:9E:CD:28:9A:BF:F9 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6AB5B12A50BBCBDCD9C25AB6F3F40609C9A15151 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft caRepository: rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 03 Sep 2025 11:54:13 +0000 Certificate not after: Wed 02 Sep 2026 11:59:13 +0000 Subordinate resources: IP: 103.162.0.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 17:31:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:b5:b1:2a:50:bb:cb:dc:d9:c2:5a:b6:f3:f4:06:09:c9:a1:51:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 3 11:54:13 2025 GMT Not After : Sep 2 11:59:13 2026 GMT Subject: CN=20B15C95FA3351402D60E968AD1D9ECD289ABFF9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:c5:96:da:3f:7a:a2:b2:f5:43:b7:32:74:a8: ac:49:60:c3:eb:cc:13:05:7b:1b:7d:1d:7e:ae:57: 86:cb:22:08:ac:f1:e4:7e:60:83:84:83:bc:2b:d4: c6:11:fa:f7:ad:48:58:fc:12:2c:4b:71:3d:56:bc: fe:39:86:6d:14:0b:a8:ff:ea:a8:5f:0e:3b:d0:b7: b9:62:a8:5c:dc:ca:b5:b2:30:df:e0:4e:5e:53:da: 41:4e:88:da:f7:6c:7d:fb:25:46:ad:8f:9c:c9:e8: 3b:fe:b4:3f:dd:11:83:cf:26:24:d7:f7:96:65:52: 6c:2e:45:de:95:0f:59:bc:b0:58:da:f3:49:fa:aa: cb:71:7c:32:79:a3:74:e6:a8:0d:66:92:18:52:a6: 1d:c5:a9:f9:35:da:13:8f:7a:04:bf:62:8b:5f:c6: f9:57:93:c3:1b:22:9d:b3:86:fc:f6:c0:d9:00:42: 0c:6e:2c:ea:83:5e:41:27:21:f7:f8:82:7c:9c:41: e4:4c:d2:17:e3:69:d0:23:a3:7d:e3:5e:34:ca:ec: ec:b8:d6:89:05:6f:44:23:f2:53:50:ab:6d:13:77: 2c:05:20:65:55:72:6e:44:6f:4e:68:96:fa:5e:7b: 5c:2a:a6:4a:b2:eb:f6:da:99:72:a9:8b:4d:c7:79: eb:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 20:B1:5C:95:FA:33:51:40:2D:60:E9:68:AD:1D:9E:CD:28:9A:BF:F9 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.162.0.0/23 Signature Algorithm: sha256WithRSAEncryption 9c:7a:3d:b3:df:02:83:0b:18:8d:b7:af:a9:27:51:e3:b1:78: c6:90:27:cb:fd:8b:67:9f:23:c3:16:1a:8e:f4:05:fd:6e:2b: ea:3a:e4:72:38:01:94:56:ed:29:61:f1:2a:12:c4:b4:9b:bb: ed:6c:7f:80:8e:1e:0b:07:5d:39:a5:f4:4e:f5:27:c1:bd:05: e5:7f:eb:a2:d0:21:0c:8d:07:3a:a7:ce:12:cc:5f:72:d7:ae: 9b:89:6e:09:d5:34:08:bc:0e:d9:b5:e2:cb:1e:3c:da:05:08: 76:0b:2e:d1:b0:52:20:90:ca:64:f5:c9:e9:db:02:de:2e:c5: 39:94:2b:31:b0:43:75:e9:c7:38:1b:4a:12:b0:3d:ac:85:d9: e3:54:75:5b:9f:41:87:07:65:2d:3a:5d:c4:16:af:31:0f:49: 89:f5:cf:8e:46:dd:d0:c2:02:0a:f9:aa:67:8b:22:bf:14:64: e7:dd:f0:60:d1:dd:44:0e:cc:3d:5b:9e:01:80:bb:97:56:d2: 49:df:d1:a2:67:71:9e:65:1e:8b:f7:8b:0f:3a:f2:b2:96:28: 6d:bc:d0:46:70:da:ac:5b:0a:76:c2:fe:bf:5c:9a:9b:76:8d: a1:b5:24:d7:65:74:4c:f1:90:a9:db:23:f9:99:24:fe:3d:0b: b9:5f:a4:a4 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUarWxKlC7y9zZwlq28/QGCcmhUVEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDkwMzExNTQxM1oX DTI2MDkwMjExNTkxM1owMzExMC8GA1UEAxMoMjBCMTVDOTVGQTMzNTE0MDJENjBF OTY4QUQxRDlFQ0QyODlBQkZGOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL/Flto/eqKy9UO3MnSorElgw+vMEwV7G30dfq5XhssiCKzx5H5gg4SDvCvU xhH6961IWPwSLEtxPVa8/jmGbRQLqP/qqF8OO9C3uWKoXNzKtbIw3+BOXlPaQU6I 2vdsffslRq2PnMnoO/60P90Rg88mJNf3lmVSbC5F3pUPWbywWNrzSfqqy3F8Mnmj dOaoDWaSGFKmHcWp+TXaE496BL9ii1/G+VeTwxsinbOG/PbA2QBCDG4s6oNeQSch 9/iCfJxB5EzSF+Np0COjfeNeNMrs7LjWiQVvRCPyU1CrbRN3LAUgZVVybkRvTmiW +l57XCqmSrLr9tqZcqmLTcd561kCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCCxXJX6M1FALWDpaK0dns0omr/5MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9kMTQxOTNjNC00YWJkLTRlMmMtYTFkMC0xYjVjZTMyZTQyMGIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QxNDE5M2M0 LTRhYmQtNGUyYy1hMWQwLTFiNWNlMzJlNDIwYi8wLzIwQjE1Qzk1RkEzMzUxNDAy RDYwRTk2OEFEMUQ5RUNEMjg5QUJGRjkubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnogAwDQYJKoZIhvcNAQELBQADggEBAJx6PbPfAoMLGI23r6knUeOxeMaQJ8v9 i2efI8MWGo70Bf1uK+o65HI4AZRW7Slh8SoSxLSbu+1sf4COHgsHXTml9E71J8G9 BeV/66LQIQyNBzqnzhLMX3LXrpuJbgnVNAi8Dtm14ssePNoFCHYLLtGwUiCQymT1 yenbAt4uxTmUKzGwQ3XpxzgbShKwPayF2eNUdVufQYcHZS06XcQWrzEPSYn1z45G 3dDCAgr5qmeLIr8UZOfd8GDR3UQOzD1bngGAu5dW0knf0aJncZ5lHov3iw868rKW KG280EZw2qxbCnbC/r9cmpt2jaG1JNdldEzxkKnbI/mZJP49C7lfpKQ= -----END CERTIFICATE-----Generated at Fri Sep 5 08:21:53 2025 by rpki-client