This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer File: 228E752BBFB8C16B3B46F3D388ECED50CF9A6473.cer (raw, json) Hash identifier: hoYYP5NS1id7cZak4TBCfhPukHcoxoe9eLne2Qpa+aI= Subject key identifier: 22:8E:75:2B:BF:B8:C1:6B:3B:46:F3:D3:88:EC:ED:50:CF:9A:64:73 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3ED1626F83863FCBE1C409C80E46DEA7444B591F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.mft caRepository: rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 12 Dec 2025 06:28:09 +0000 Certificate not after: Fri 11 Dec 2026 06:33:09 +0000 Subordinate resources: IP: 27.124.80.0/20 IP: 103.25.108.0/22 IP: 119.47.88.0/22 IP: 119.47.95.0/24 IP: 124.109.20.0/22 IP: 2402:d680::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 19 Dec 2025 21:36:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:d1:62:6f:83:86:3f:cb:e1:c4:09:c8:0e:46:de:a7:44:4b:59:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Dec 12 06:28:09 2025 GMT Not After : Dec 11 06:33:09 2026 GMT Subject: CN=228E752BBFB8C16B3B46F3D388ECED50CF9A6473 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:5a:e8:a1:6e:6a:ce:95:9d:b9:2a:1c:03:cd: 99:98:96:8a:84:82:5a:38:84:49:68:04:bf:f5:fe: c5:c5:98:11:ff:f3:9c:a9:4b:8e:92:7d:93:b3:a7: 85:7a:ad:16:d5:c2:14:97:a4:14:f6:7f:08:c5:05: 24:b2:72:1a:4c:1d:a2:7d:2c:09:27:91:e0:12:cb: c2:73:97:28:48:cf:02:78:d1:f4:d2:1a:01:ae:fd: 9e:3e:63:af:56:d7:4c:30:fc:ba:aa:5a:39:29:b8: 53:7d:60:48:ce:7e:de:cf:31:42:56:94:33:49:2c: 69:72:8b:e8:8b:7f:d9:ac:2d:02:97:98:5d:be:e4: e6:4a:ca:0c:b6:bd:a9:c0:a6:4d:98:66:4e:d4:c6: 99:63:2b:57:72:d2:8f:11:e0:5d:79:da:c1:df:30: 36:00:45:22:c5:16:41:49:70:ac:0b:ee:61:3e:c9: 2e:01:67:75:43:4d:5d:b2:27:3b:22:b8:bc:f3:85: c4:fd:80:21:15:07:14:0d:2c:0c:6e:0c:9b:98:d5: 2e:7d:af:ab:0c:a3:59:9c:32:72:1d:77:8c:69:2d: d2:be:a8:e8:5e:0b:30:4a:55:86:f8:2e:14:1d:a1: 10:4d:72:45:b5:23:6e:2e:e9:c6:af:06:7a:fa:68: 18:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 22:8E:75:2B:BF:B8:C1:6B:3B:46:F3:D3:88:EC:ED:50:CF:9A:64:73 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/317efd2a-02ab-4202-970f-f699dff97de5/0/228E752BBFB8C16B3B46F3D388ECED50CF9A6473.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 27.124.80.0/20 103.25.108.0/22 119.47.88.0/22 119.47.95.0/24 124.109.20.0/22 IPv6: 2402:d680::/32 Signature Algorithm: sha256WithRSAEncryption 90:0e:d4:e5:ad:30:2e:d2:a4:bb:0e:f2:61:85:90:b9:bd:3c: ce:60:06:b6:53:1c:31:e1:34:d6:5a:97:9a:28:76:ab:49:2b: fa:c8:fe:83:de:56:e2:4a:4e:9d:33:3b:73:86:78:ed:89:52: 32:fd:85:d9:94:a7:8a:10:9f:47:ec:f0:32:50:09:a1:5d:22: 68:1f:12:0b:57:bf:ca:e6:97:ec:8b:b5:39:7a:c0:23:13:19: de:1c:d0:df:1a:75:00:32:0b:c4:af:0a:2b:d9:43:68:73:00: 91:1e:af:d1:6f:61:58:d0:00:bf:23:79:6e:7b:09:6b:47:fe: c8:f9:20:1b:64:58:f4:ac:fb:06:46:7b:bb:c8:d0:b0:16:fc: 57:9b:e7:9e:a2:9f:4d:6a:56:20:53:88:98:a4:cf:8c:69:63: 16:e6:18:16:58:db:47:9b:91:c5:f8:ce:4c:0d:2d:b3:85:f4: 8d:98:67:72:5e:2c:9a:60:7e:1e:a7:81:a7:f6:56:f5:ab:7f: ac:ef:bb:c3:ce:a3:61:1c:e1:8c:99:e1:c2:ed:78:72:ae:d1: 6a:6c:c2:69:47:b7:40:2d:5a:38:b1:ef:fd:b9:8e:d6:85:80: a9:8c:4a:96:11:56:50:98:90:a7:95:78:8c:b9:1f:89:fb:69: ca:2f:53:45 -----BEGIN CERTIFICATE----- MIIF7DCCBNSgAwIBAgIUPtFib4OGP8vhxAnIDkbep0RLWR8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTIxMjA2MjgwOVoX DTI2MTIxMTA2MzMwOVowMzExMC8GA1UEAxMoMjI4RTc1MkJCRkI4QzE2QjNCNDZG M0QzODhFQ0VENTBDRjlBNjQ3MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN9a6KFuas6VnbkqHAPNmZiWioSCWjiESWgEv/X+xcWYEf/znKlLjpJ9k7On hXqtFtXCFJekFPZ/CMUFJLJyGkwdon0sCSeR4BLLwnOXKEjPAnjR9NIaAa79nj5j r1bXTDD8uqpaOSm4U31gSM5+3s8xQlaUM0ksaXKL6It/2awtApeYXb7k5krKDLa9 qcCmTZhmTtTGmWMrV3LSjxHgXXnawd8wNgBFIsUWQUlwrAvuYT7JLgFndUNNXbIn OyK4vPOFxP2AIRUHFA0sDG4Mm5jVLn2vqwyjWZwych13jGkt0r6o6F4LMEpVhvgu FB2hEE1yRbUjbi7pxq8GevpoGMUCAwEAAaOCAt8wggLbMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCKOdSu/uMFrO0bz04js7VDPmmRzMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zMTdlZmQyYS0wMmFiLTQyMDItOTcwZi1mNjk5ZGZmOTdkZTUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMxN2VmZDJh LTAyYWItNDIwMi05NzBmLWY2OTlkZmY5N2RlNS8wLzIyOEU3NTJCQkZCOEMxNkIz QjQ2RjNEMzg4RUNFRDUwQ0Y5QTY0NzMubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4D BAQbfFADBAJnGWwDBAJ3L1gDBAB3L18DBAJ8bRQwDQQCAAIwBwMFACQC1oAwDQYJ KoZIhvcNAQELBQADggEBAJAO1OWtMC7SpLsO8mGFkLm9PM5gBrZTHDHhNNZal5oo dqtJK/rI/oPeVuJKTp0zO3OGeO2JUjL9hdmUp4oQn0fs8DJQCaFdImgfEgtXv8rm l+yLtTl6wCMTGd4c0N8adQAyC8SvCivZQ2hzAJEer9FvYVjQAL8jeW57CWtH/sj5 IBtkWPSs+wZGe7vI0LAW/Feb556in01qViBTiJikz4xpYxbmGBZY20ebkcX4zkwN LbOF9I2YZ3JeLJpgfh6ngaf2VvWrf6zvu8POo2Ec4YyZ4cLteHKu0WpswmlHt0At Wjix7/25jtaFgKmMSpYRVlCYkKeVeIy5H4n7acovU0U= -----END CERTIFICATE-----Generated at Tue Dec 16 13:47:12 2025 by rpki-client