This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/2AA6E65B86E4423AEC7D02D85B43BA008012D29D.cer File: 2AA6E65B86E4423AEC7D02D85B43BA008012D29D.cer (raw, json) Hash identifier: d0QCVhUS/eXdM/dJmX6/Wl+71VSSydgVFOVjDNLzfTg= Subject key identifier: 2A:A6:E6:5B:86:E4:42:3A:EC:7D:02:D8:5B:43:BA:00:80:12:D2:9D Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4D244F2522E44DFBF900F6C23F6FE228728CFE35 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/7e6bff9d-fb13-47b9-9cc0-dd6a0730a1c6/0/2AA6E65B86E4423AEC7D02D85B43BA008012D29D.mft caRepository: rsync://repo-rpki.idnic.net/repo/7e6bff9d-fb13-47b9-9cc0-dd6a0730a1c6/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 06 Nov 2025 14:49:12 +0000 Certificate not after: Thu 05 Nov 2026 14:54:12 +0000 Subordinate resources: IP: 103.129.48.0/22 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:24:4f:25:22:e4:4d:fb:f9:00:f6:c2:3f:6f:e2:28:72:8c:fe:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 6 14:49:12 2025 GMT Not After : Nov 5 14:54:12 2026 GMT Subject: CN=2AA6E65B86E4423AEC7D02D85B43BA008012D29D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:10:33:1b:f3:95:e6:b4:2c:66:1a:87:98:c5: bf:91:b6:a3:c5:6e:a1:fb:87:57:bd:67:1f:c8:71: fd:9b:87:42:b8:ac:0a:67:a3:bc:2d:3d:3c:b7:70: 2e:53:a3:12:7b:fa:5a:31:26:1b:73:f6:f5:b2:0d: e3:f2:34:a1:ab:e1:0b:cb:bc:c2:56:ef:bf:e1:eb: 8c:5e:06:ac:3c:bc:97:fa:d5:9a:11:07:24:f0:88: 8c:f4:d8:2c:ec:b3:64:0e:7c:4d:94:55:55:1c:cc: ed:12:48:21:34:ac:3c:f1:69:52:20:c6:41:66:8a: 43:5d:26:aa:22:26:be:7b:75:7e:aa:5c:92:d8:f7: f0:e9:33:ee:8d:66:6e:99:3c:6f:7e:4c:ea:7f:6c: db:47:99:5c:26:89:a3:27:68:5a:63:0d:e1:48:d9: 68:64:f6:47:44:7b:19:0d:ff:da:58:3d:d8:9b:5c: dc:1b:74:74:de:c4:5a:fe:ff:35:94:7f:7a:9b:cb: ca:11:e8:0a:be:f0:99:9d:6e:68:8d:be:10:40:40: c9:9e:86:79:be:64:04:f9:11:d1:56:2d:e2:dc:70: 80:69:d7:58:eb:5c:92:05:5b:fa:51:db:63:98:ba: c7:aa:e0:93:57:48:1c:bd:aa:dd:41:b0:eb:b5:55: 5f:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2A:A6:E6:5B:86:E4:42:3A:EC:7D:02:D8:5B:43:BA:00:80:12:D2:9D X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/7e6bff9d-fb13-47b9-9cc0-dd6a0730a1c6/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/7e6bff9d-fb13-47b9-9cc0-dd6a0730a1c6/0/2AA6E65B86E4423AEC7D02D85B43BA008012D29D.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.129.48.0/22 Signature Algorithm: sha256WithRSAEncryption 0f:c5:c6:5c:5a:1f:c4:a8:7d:d4:35:b5:cd:f9:17:8e:0a:69: aa:75:9c:e0:db:4b:15:fa:f9:be:85:9b:70:f0:b3:28:d5:01: 0d:87:c5:7c:4e:c6:77:ff:55:90:84:51:36:38:ff:0e:74:4e: 86:24:e2:2e:0f:f2:fb:74:2d:2c:4c:1c:13:f5:28:15:2f:74: 0e:52:b2:69:c9:73:f1:82:81:69:53:41:aa:8c:f7:db:c4:f6: 92:2f:31:1e:65:96:9f:b3:35:eb:31:e5:c6:cf:10:b0:af:d3: bf:35:54:4a:a4:58:5b:08:75:20:f5:8b:9a:f4:0e:0d:af:e1: d1:0f:53:98:77:c8:b6:fd:fa:74:86:3a:61:24:6c:e6:2f:3f: 49:61:d7:c0:4a:7c:3b:e2:bc:3d:1d:32:4a:d7:72:d7:1b:d5: 29:06:1f:b7:85:bf:32:f5:c9:47:af:e8:37:91:1f:40:75:c9: 39:b1:e7:9e:4d:c1:39:91:c1:14:78:e5:77:b7:bd:83:18:97: 73:cb:7d:bf:2c:79:40:f5:ef:18:db:7f:7a:ca:d2:f0:0b:14: 4e:57:dd:05:e0:73:ac:37:a1:a5:36:29:b3:2b:df:1c:42:16: 17:a6:ec:bd:c5:9e:a6:19:5d:0d:54:a5:08:a5:e5:5e:d1:26: bb:f0:bd:f6 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUTSRPJSLkTfv5APbCP2/iKHKM/jUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTEwNjE0NDkxMloX DTI2MTEwNTE0NTQxMlowMzExMC8GA1UEAxMoMkFBNkU2NUI4NkU0NDIzQUVDN0Qw MkQ4NUI0M0JBMDA4MDEyRDI5RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPEQMxvzlea0LGYah5jFv5G2o8VuofuHV71nH8hx/ZuHQrisCmejvC09PLdw LlOjEnv6WjEmG3P29bIN4/I0oavhC8u8wlbvv+HrjF4GrDy8l/rVmhEHJPCIjPTY LOyzZA58TZRVVRzM7RJIITSsPPFpUiDGQWaKQ10mqiImvnt1fqpcktj38Okz7o1m bpk8b35M6n9s20eZXCaJoydoWmMN4UjZaGT2R0R7GQ3/2lg92Jtc3Bt0dN7EWv7/ NZR/epvLyhHoCr7wmZ1uaI2+EEBAyZ6Geb5kBPkR0VYt4txwgGnXWOtckgVb+lHb Y5i6x6rgk1dIHL2q3UGw67VVX+ECAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCqm5luG5EI67H0C2FtDugCAEtKdMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83ZTZiZmY5ZC1mYjEzLTQ3YjktOWNjMC1kZDZhMDczMGExYzYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdlNmJmZjlk LWZiMTMtNDdiOS05Y2MwLWRkNmEwNzMwYTFjNi8wLzJBQTZFNjVCODZFNDQyM0FF QzdEMDJEODVCNDNCQTAwODAxMkQyOUQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJngTAwDQYJKoZIhvcNAQELBQADggEBAA/FxlxaH8SofdQ1tc35F44Kaap1nODb SxX6+b6Fm3DwsyjVAQ2HxXxOxnf/VZCEUTY4/w50ToYk4i4P8vt0LSxMHBP1KBUv dA5SsmnJc/GCgWlTQaqM99vE9pIvMR5llp+zNesx5cbPELCv0781VEqkWFsIdSD1 i5r0Dg2v4dEPU5h3yLb9+nSGOmEkbOYvP0lh18BKfDvivD0dMkrXctcb1SkGH7eF vzL1yUev6DeRH0B1yTmx555NwTmRwRR45Xe3vYMYl3PLfb8seUD17xjbf3rK0vAL FE5X3QXgc6w3oaU2KbMr3xxCFhem7L3FnqYZXQ1UpQil5V7RJrvwvfY= -----END CERTIFICATE-----Generated at Wed Dec 3 12:45:54 2025 by rpki-client