$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3E648E6A8623C5C5DDF001526D0FDC0FF200F613.cer File: 3E648E6A8623C5C5DDF001526D0FDC0FF200F613.cer (raw, json) Hash identifier: 803F529+auW21bkhLawM3uCnVxGHtI+rH8BjlIObQsw= Subject key identifier: 3E:64:8E:6A:86:23:C5:C5:DD:F0:01:52:6D:0F:DC:0F:F2:00:F6:13 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 44D30806D463760AFAB9078529A994A54C50ED0F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/621f3fae-d0cb-4a17-a548-1ba6631b1e09/0/3E648E6A8623C5C5DDF001526D0FDC0FF200F613.mft caRepository: rsync://repo-rpki.idnic.net/repo/621f3fae-d0cb-4a17-a548-1ba6631b1e09/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 16 May 2025 21:17:51 +0000 Certificate not after: Fri 15 May 2026 21:22:51 +0000 Subordinate resources: IP: 103.191.141.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:41:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:d3:08:06:d4:63:76:0a:fa:b9:07:85:29:a9:94:a5:4c:50:ed:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 16 21:17:51 2025 GMT Not After : May 15 21:22:51 2026 GMT Subject: CN=3E648E6A8623C5C5DDF001526D0FDC0FF200F613 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:80:0c:5b:3d:b3:21:02:3a:6e:c0:9d:d8:75: 58:63:94:24:70:83:91:d1:84:c3:47:7b:cf:7a:f4: c9:3d:a8:dd:67:6f:4f:f1:49:8b:4a:61:92:85:b3: 1e:c3:e3:5c:54:09:49:a5:0c:37:11:76:95:b3:6a: 92:ba:dd:5b:aa:f0:53:f7:cb:a1:3d:03:87:a6:5b: b4:ed:f9:f3:1f:f0:30:6e:8c:d5:9d:88:6e:6b:3c: 67:bb:a5:03:15:4a:23:87:5f:01:6a:2e:8d:ea:e8: e3:de:b3:7a:aa:c5:4d:e2:0a:12:1f:c0:bd:88:df: ca:a6:50:94:ce:67:4a:04:91:bb:d4:bc:f1:37:df: 8d:95:c3:2c:b1:1f:89:0b:e5:58:6b:ae:42:2f:2e: a5:f5:8e:d8:46:55:59:dd:0a:14:4d:79:1c:e8:46: 4d:01:d3:50:c1:65:ba:e0:bf:c2:52:3c:f7:42:0a: 1b:65:25:20:c5:5a:03:7e:af:60:10:e6:a6:39:21: 2c:db:8d:52:58:1a:29:67:b2:e7:2f:a5:32:4c:88: 21:c3:e4:e8:23:56:33:12:d6:a2:b3:42:64:2a:b3: 0e:8d:2c:98:84:c3:cf:54:5a:52:38:ec:e9:f9:68: c4:bf:b0:8e:ae:8d:67:06:b1:92:53:51:7a:d9:cb: 9b:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3E:64:8E:6A:86:23:C5:C5:DD:F0:01:52:6D:0F:DC:0F:F2:00:F6:13 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/621f3fae-d0cb-4a17-a548-1ba6631b1e09/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/621f3fae-d0cb-4a17-a548-1ba6631b1e09/0/3E648E6A8623C5C5DDF001526D0FDC0FF200F613.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.191.141.0/24 Signature Algorithm: sha256WithRSAEncryption 66:f6:b4:36:09:47:28:7f:d2:d4:41:10:d4:73:01:dc:49:a6: 5f:41:c3:bd:d9:9a:e5:a4:d0:a3:60:7d:9c:8a:a9:aa:f7:e6: 03:94:d2:71:84:5a:6e:e4:74:96:0f:0f:1b:fe:13:66:57:b3: ba:2a:53:71:dc:67:e5:df:be:82:2b:3b:08:a3:d9:7e:47:b8: c2:76:8d:ef:a5:92:ac:64:39:c4:7f:05:70:39:fd:12:bd:86: 27:b6:ae:22:c1:e1:69:dc:e8:8c:da:fe:64:85:6c:ba:31:5f: 81:ff:34:1c:cf:ce:1f:ba:92:b3:e6:3a:10:21:d9:ff:59:53: e0:7b:86:f1:7b:7b:2b:84:cf:71:e4:b6:5f:12:d7:16:5a:0b: d6:1f:47:2a:10:02:c5:70:41:ad:ce:8e:8d:0a:df:ef:c9:4f: d4:3c:70:9d:58:a4:52:97:18:46:fb:65:ba:4f:64:4a:e7:c1: ee:99:2d:59:c0:44:b1:21:93:41:81:6b:d2:06:fc:26:a3:52: 52:30:be:b5:17:3e:a6:24:dd:d6:b2:94:89:32:cd:ff:e7:e1: b7:f4:b9:fd:be:f7:63:0e:fd:78:9e:69:1f:db:a9:29:7b:00: 29:67:a2:73:d9:b7:ad:f3:04:54:b3:c1:e2:2f:dd:85:47:ea: f4:0c:82:51 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIURNMIBtRjdgr6uQeFKamUpUxQ7Q8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUxNjIxMTc1MVoX DTI2MDUxNTIxMjI1MVowMzExMC8GA1UEAxMoM0U2NDhFNkE4NjIzQzVDNURERjAw MTUyNkQwRkRDMEZGMjAwRjYxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALSADFs9syECOm7Andh1WGOUJHCDkdGEw0d7z3r0yT2o3WdvT/FJi0phkoWz HsPjXFQJSaUMNxF2lbNqkrrdW6rwU/fLoT0Dh6ZbtO358x/wMG6M1Z2Ibms8Z7ul AxVKI4dfAWoujero496zeqrFTeIKEh/AvYjfyqZQlM5nSgSRu9S88TffjZXDLLEf iQvlWGuuQi8upfWO2EZVWd0KFE15HOhGTQHTUMFluuC/wlI890IKG2UlIMVaA36v YBDmpjkhLNuNUlgaKWey5y+lMkyIIcPk6CNWMxLWorNCZCqzDo0smITDz1RaUjjs 6floxL+wjq6NZwaxklNRetnLm7ECAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFD5kjmqGI8XF3fABUm0P3A/yAPYTMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by82MjFmM2ZhZS1kMGNiLTRhMTctYTU0OC0xYmE2NjMxYjFlMDkvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzYyMWYzZmFl LWQwY2ItNGExNy1hNTQ4LTFiYTY2MzFiMWUwOS8wLzNFNjQ4RTZBODYyM0M1QzVE REYwMDE1MjZEMEZEQzBGRjIwMEY2MTMubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnv40wDQYJKoZIhvcNAQELBQADggEBAGb2tDYJRyh/0tRBENRzAdxJpl9Bw73Z muWk0KNgfZyKqar35gOU0nGEWm7kdJYPDxv+E2ZXs7oqU3HcZ+XfvoIrOwij2X5H uMJ2je+lkqxkOcR/BXA5/RK9hie2riLB4Wnc6Iza/mSFbLoxX4H/NBzPzh+6krPm OhAh2f9ZU+B7hvF7eyuEz3Hktl8S1xZaC9YfRyoQAsVwQa3Ojo0K3+/JT9Q8cJ1Y pFKXGEb7ZbpPZErnwe6ZLVnARLEhk0GBa9IG/CajUlIwvrUXPqYk3daylIkyzf/n 4bf0uf2+92MO/XieaR/bqSl7AClnonPZt63zBFSzweIv3YVH6vQMglE= -----END CERTIFICATE-----Generated at Tue Jun 3 23:10:23 2025 by rpki-client