This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3D95B729FF923CD2442549B7702A6D7C2F78DE85.cer File: 3D95B729FF923CD2442549B7702A6D7C2F78DE85.cer (raw, json) Hash identifier: 1J0UN1s+JoGI19yNcnDok0kxf9UrdIiu2GAtJNXR8kI= Subject key identifier: 3D:95:B7:29:FF:92:3C:D2:44:25:49:B7:70:2A:6D:7C:2F:78:DE:85 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2D7000A6D06A3B414B9A84C1B8780891D6B5F5E1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/7c8c46fb-b6c1-4a69-83fb-90e7d5c326de/0/3D95B729FF923CD2442549B7702A6D7C2F78DE85.mft caRepository: rsync://repo-rpki.idnic.net/repo/7c8c46fb-b6c1-4a69-83fb-90e7d5c326de/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 04 Nov 2025 23:44:45 +0000 Certificate not after: Tue 03 Nov 2026 23:49:45 +0000 Subordinate resources: IP: 103.240.0.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:70:00:a6:d0:6a:3b:41:4b:9a:84:c1:b8:78:08:91:d6:b5:f5:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 4 23:44:45 2025 GMT Not After : Nov 3 23:49:45 2026 GMT Subject: CN=3D95B729FF923CD2442549B7702A6D7C2F78DE85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:73:ce:05:67:96:51:38:8d:71:68:b0:09:8d: 0a:31:b1:12:37:84:0d:c4:99:87:ec:54:1b:7f:f7: 66:aa:96:99:39:df:1e:e0:5d:a3:d9:f1:58:bb:08: f2:0c:e6:32:51:c0:45:56:40:77:18:d0:81:58:12: 64:1a:dc:c6:11:c0:fa:70:29:84:cd:7a:39:dd:cc: f1:4f:75:92:29:86:0b:38:7a:82:45:28:67:97:dc: b1:cd:84:b0:0b:a2:67:77:8e:5b:a1:0f:83:54:b8: 5a:1f:3c:bb:a7:c7:37:f5:90:d9:56:59:08:bb:5e: b6:b4:e9:d9:b1:53:b3:f4:31:73:d3:ff:04:15:e8: 23:72:7c:87:f4:57:3e:27:b0:dc:08:11:99:88:c7: b2:3a:1e:62:71:dd:8a:c3:9e:c2:e0:7b:7e:e5:cd: c6:56:34:2b:12:2e:81:29:5e:a7:6e:21:07:ff:8a: 57:ba:57:f5:cf:fa:b5:72:c2:5b:2f:9b:a7:71:61: 53:da:24:43:e9:dd:88:a4:71:ae:83:5b:0c:19:63: 12:7f:95:7d:1a:96:ca:3d:f3:27:de:0f:38:3e:71: ba:40:af:6a:21:16:53:8e:c8:f4:27:f7:61:91:59: 49:8c:95:3d:3b:fa:39:a3:cd:c2:b4:f4:23:5b:f7: b6:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3D:95:B7:29:FF:92:3C:D2:44:25:49:B7:70:2A:6D:7C:2F:78:DE:85 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/7c8c46fb-b6c1-4a69-83fb-90e7d5c326de/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/7c8c46fb-b6c1-4a69-83fb-90e7d5c326de/0/3D95B729FF923CD2442549B7702A6D7C2F78DE85.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.240.0.0/24 Signature Algorithm: sha256WithRSAEncryption 4d:a1:46:88:a2:4c:b9:d3:3c:bf:23:42:4a:d0:be:9b:f0:1e: 54:4e:20:fb:72:7c:51:38:dd:d9:be:27:fd:d6:05:73:5c:89: ac:f9:0c:69:51:46:1b:b0:19:d3:19:db:e6:74:93:63:9b:7b: 5f:31:5e:a1:cc:fa:b8:89:01:f6:02:fc:ab:97:c2:3c:e9:9f: 22:fd:e8:1b:c4:32:05:0c:71:37:2d:c6:ae:16:12:55:fd:74: 4c:97:f6:fb:cb:61:32:f6:a2:00:a4:5f:2b:ef:21:5f:4d:7f: d8:94:47:bf:0f:3c:30:25:24:ca:5a:cb:cb:09:3d:4d:4b:15: f6:17:95:b7:bf:32:ab:4b:5e:9d:7f:fa:e8:f2:3e:4a:99:de: dd:f4:df:b7:6c:e5:9a:5b:1c:7a:bd:40:8d:6b:8d:4f:4e:b8: 58:2e:33:a5:bd:d1:9b:da:a1:a4:70:2d:f4:f7:bb:be:eb:7e: f1:87:0a:d3:88:f7:02:45:c1:a9:a6:a8:74:5e:c3:d9:14:42: 61:03:1c:1a:46:ff:e5:cf:1b:99:40:7b:02:3a:bc:2e:26:06: 96:dc:6b:a2:db:af:48:a7:a6:b5:90:c2:48:e5:4b:2a:5f:91: 57:7a:d0:a6:c0:65:72:9e:f8:fe:d4:c7:1e:ee:3d:de:d1:31: e4:28:b6:d1 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIULXAAptBqO0FLmoTBuHgIkda19eEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTEwNDIzNDQ0NVoX DTI2MTEwMzIzNDk0NVowMzExMC8GA1UEAxMoM0Q5NUI3MjlGRjkyM0NEMjQ0MjU0 OUI3NzAyQTZEN0MyRjc4REU4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKtzzgVnllE4jXFosAmNCjGxEjeEDcSZh+xUG3/3ZqqWmTnfHuBdo9nxWLsI 8gzmMlHARVZAdxjQgVgSZBrcxhHA+nAphM16Od3M8U91kimGCzh6gkUoZ5fcsc2E sAuiZ3eOW6EPg1S4Wh88u6fHN/WQ2VZZCLtetrTp2bFTs/Qxc9P/BBXoI3J8h/RX Piew3AgRmYjHsjoeYnHdisOewuB7fuXNxlY0KxIugSlep24hB/+KV7pX9c/6tXLC Wy+bp3FhU9okQ+ndiKRxroNbDBljEn+VfRqWyj3zJ94POD5xukCvaiEWU47I9Cf3 YZFZSYyVPTv6OaPNwrT0I1v3tlkCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFD2Vtyn/kjzSRCVJt3AqbXwveN6FMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83YzhjNDZmYi1iNmMxLTRhNjktODNmYi05MGU3ZDVjMzI2ZGUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdjOGM0NmZi LWI2YzEtNGE2OS04M2ZiLTkwZTdkNWMzMjZkZS8wLzNEOTVCNzI5RkY5MjNDRDI0 NDI1NDlCNzcwMkE2RDdDMkY3OERFODUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn8AAwDQYJKoZIhvcNAQELBQADggEBAE2hRoiiTLnTPL8jQkrQvpvwHlROIPty fFE43dm+J/3WBXNciaz5DGlRRhuwGdMZ2+Z0k2Obe18xXqHM+riJAfYC/KuXwjzp nyL96BvEMgUMcTctxq4WElX9dEyX9vvLYTL2ogCkXyvvIV9Nf9iUR78PPDAlJMpa y8sJPU1LFfYXlbe/MqtLXp1/+ujyPkqZ3t3037ds5ZpbHHq9QI1rjU9OuFguM6W9 0ZvaoaRwLfT3u77rfvGHCtOI9wJFwammqHRew9kUQmEDHBpG/+XPG5lAewI6vC4m Bpbca6Lbr0inprWQwkjlSypfkVd60KbAZXKe+P7Uxx7uPd7RMeQottE= -----END CERTIFICATE-----Generated at Wed Dec 3 13:17:07 2025 by rpki-client