This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.cer File: 3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.cer (raw, json) Hash identifier: 0ZXs2hJh6cCbzuVaHzNwmy+SnB0d/bBNSeAvI+ITGrA= Subject key identifier: 3B:2B:A9:E8:D5:35:7A:BD:77:6B:6E:C4:CA:F7:C1:C5:9E:18:20:74 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 16B8E3DD5C0833714E31622EE3AF93D9E54FC00E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft caRepository: rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 13 Jun 2025 20:21:46 +0000 Certificate not after: Fri 12 Jun 2026 20:26:46 +0000 Subordinate resources: IP: 103.254.168.0/22 IP: 2400:f580::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:b8:e3:dd:5c:08:33:71:4e:31:62:2e:e3:af:93:d9:e5:4f:c0:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 13 20:21:46 2025 GMT Not After : Jun 12 20:26:46 2026 GMT Subject: CN=3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:6a:c6:8b:69:33:d8:13:53:2e:93:6a:fa:90: c2:a2:1b:b3:e7:dd:64:13:11:0d:60:b4:72:97:98: 3f:c3:a0:40:f2:82:41:ad:4f:8c:10:c3:e6:65:f5: 51:00:2c:53:c1:6a:f1:2a:18:01:fa:55:ea:75:08: 04:4a:a7:39:e3:13:78:e1:7c:42:42:de:e4:ef:a2: c9:00:94:33:b4:39:0a:3c:ec:74:f4:b5:57:80:07: d0:95:44:d8:2e:99:43:5f:21:c9:c5:56:fa:31:f5: 90:b1:da:8b:10:7a:fe:50:85:5e:47:89:27:19:06: 54:11:a6:df:76:32:20:0d:e6:43:f8:12:70:f4:c9: 08:4c:36:39:2e:d7:f7:2b:b6:c5:7a:c6:16:61:84: e4:b4:37:df:88:eb:17:f0:48:04:67:b9:32:3f:c9: 16:f5:14:fb:6c:2b:2a:70:a2:db:a4:2e:de:e3:96: 3a:bf:cf:e4:09:9c:10:2c:27:65:cc:aa:6c:8a:5e: 4c:9e:2c:8c:97:07:84:91:61:0b:cb:02:cf:92:7f: b7:59:8a:1e:98:bb:70:c2:75:0e:04:1a:ec:98:50: 6c:5c:02:02:08:e6:91:fc:e0:a1:a2:9d:4b:eb:d4: f7:57:58:46:75:a8:26:6f:3a:3a:92:4f:5b:46:e8: 0b:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3B:2B:A9:E8:D5:35:7A:BD:77:6B:6E:C4:CA:F7:C1:C5:9E:18:20:74 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/2ae7d461-0e32-4e65-bb88-d72405b24451/0/3B2BA9E8D5357ABD776B6EC4CAF7C1C59E182074.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.254.168.0/22 IPv6: 2400:f580::/32 Signature Algorithm: sha256WithRSAEncryption 58:c4:60:90:35:43:75:9f:36:07:59:e1:69:22:46:bd:81:19: 94:62:a3:57:85:75:99:b6:0a:20:ce:de:c8:a8:0b:7f:4b:2b: fb:44:83:9e:ae:a3:0c:0b:3f:78:e3:d7:62:7d:9a:d2:cf:59: e8:59:73:05:a5:17:4c:ea:a8:69:89:6c:47:97:aa:1d:ef:31: 07:17:b8:2d:62:59:a1:02:07:b7:1c:aa:41:2f:4e:1d:d0:02: 7e:1b:44:f7:83:15:e2:48:8f:d6:a8:43:d8:29:33:71:57:48: 19:36:25:28:97:55:f4:10:15:38:dd:49:0e:ca:84:42:28:f8: 58:3b:98:de:46:32:ac:58:a7:d9:b1:55:72:97:f6:f6:65:30: a3:67:09:cb:b5:93:6d:0c:52:f6:03:9c:83:b0:b7:50:17:38: 8b:8f:bf:58:6f:a1:36:c4:38:9d:03:26:06:7f:b0:6d:1f:83: 2c:a7:1c:0f:59:ab:d4:4d:39:7c:08:95:62:90:a8:10:5e:89: 81:d1:0a:23:cb:b9:27:54:25:6d:d1:9e:c2:f7:25:5e:5b:55: d9:24:5d:2a:c8:e2:b1:e9:67:46:1e:f9:9e:86:5c:33:ab:ce: 27:d0:fd:e8:54:e3:84:26:45:89:ce:42:25:cb:63:b4:13:37: ea:69:7b:69 -----BEGIN CERTIFICATE----- MIIF1DCCBLygAwIBAgIUFrjj3VwIM3FOMWIu46+T2eVPwA4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYxMzIwMjE0NloX DTI2MDYxMjIwMjY0NlowMzExMC8GA1UEAxMoM0IyQkE5RThENTM1N0FCRDc3NkI2 RUM0Q0FGN0MxQzU5RTE4MjA3NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANVqxotpM9gTUy6TavqQwqIbs+fdZBMRDWC0cpeYP8OgQPKCQa1PjBDD5mX1 UQAsU8Fq8SoYAfpV6nUIBEqnOeMTeOF8QkLe5O+iyQCUM7Q5CjzsdPS1V4AH0JVE 2C6ZQ18hycVW+jH1kLHaixB6/lCFXkeJJxkGVBGm33YyIA3mQ/gScPTJCEw2OS7X 9yu2xXrGFmGE5LQ334jrF/BIBGe5Mj/JFvUU+2wrKnCi26Qu3uOWOr/P5AmcECwn ZcyqbIpeTJ4sjJcHhJFhC8sCz5J/t1mKHpi7cMJ1DgQa7JhQbFwCAgjmkfzgoaKd S+vU91dYRnWoJm86OpJPW0boC4sCAwEAAaOCAscwggLDMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDsrqejVNXq9d2tuxMr3wcWeGCB0MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8yYWU3ZDQ2MS0wZTMyLTRlNjUtYmI4OC1kNzI0MDViMjQ0NTEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJhZTdkNDYx LTBlMzItNGU2NS1iYjg4LWQ3MjQwNWIyNDQ1MS8wLzNCMkJBOUU4RDUzNTdBQkQ3 NzZCNkVDNENBRjdDMUM1OUUxODIwNzQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYD BAJn/qgwDQQCAAIwBwMFACQA9YAwDQYJKoZIhvcNAQELBQADggEBAFjEYJA1Q3Wf NgdZ4WkiRr2BGZRio1eFdZm2CiDO3sioC39LK/tEg56uowwLP3jj12J9mtLPWehZ cwWlF0zqqGmJbEeXqh3vMQcXuC1iWaECB7ccqkEvTh3QAn4bRPeDFeJIj9aoQ9gp M3FXSBk2JSiXVfQQFTjdSQ7KhEIo+Fg7mN5GMqxYp9mxVXKX9vZlMKNnCcu1k20M UvYDnIOwt1AXOIuPv1hvoTbEOJ0DJgZ/sG0fgyynHA9Zq9RNOXwIlWKQqBBeiYHR CiPLuSdUJW3RnsL3JV5bVdkkXSrI4rHpZ0Ye+Z6GXDOrzifQ/ehU44QmRYnOQiXL Y7QTN+ppe2k= -----END CERTIFICATE-----Generated at Wed Dec 3 13:59:47 2025 by rpki-client