This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3FD6EB17E67ACC4060F777F5A4E3F9A027AB3F9A.cer File: 3FD6EB17E67ACC4060F777F5A4E3F9A027AB3F9A.cer (raw, json) Hash identifier: Uq6mdZg2YqmwMzOWnkgZQoFTH5r9bNyDiUc69UpSaDU= Subject key identifier: 3F:D6:EB:17:E6:7A:CC:40:60:F7:77:F5:A4:E3:F9:A0:27:AB:3F:9A Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 567172E77435192FA604CC3CE4FC3CAC11C628E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/29226948-b1a1-4294-9150-6af0e0bebfb8/0/3FD6EB17E67ACC4060F777F5A4E3F9A027AB3F9A.mft caRepository: rsync://repo-rpki.idnic.net/repo/29226948-b1a1-4294-9150-6af0e0bebfb8/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 02 Dec 2025 04:38:33 +0000 Certificate not after: Tue 01 Dec 2026 04:43:33 +0000 Subordinate resources: IP: 103.184.122.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:71:72:e7:74:35:19:2f:a6:04:cc:3c:e4:fc:3c:ac:11:c6:28:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Dec 2 04:38:33 2025 GMT Not After : Dec 1 04:43:33 2026 GMT Subject: CN=3FD6EB17E67ACC4060F777F5A4E3F9A027AB3F9A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:a1:30:77:3b:af:71:d3:6f:cd:23:ac:25:51: 04:9d:ed:d9:2a:aa:84:57:e0:98:bb:3d:ab:b7:a9: 73:34:30:0b:30:60:e0:e6:5b:30:80:25:35:0a:15: ed:ee:e3:13:6b:41:cf:35:ac:63:34:40:b5:e4:cb: 38:f2:24:a8:71:64:05:69:60:c5:79:47:03:46:b6: d4:fb:03:43:86:de:b4:16:b5:0f:a3:bf:ef:d1:58: f4:a2:0c:69:d3:67:f2:d5:ba:c7:1d:91:97:4c:64: bb:e3:a3:82:d5:47:d9:5c:12:b4:fa:67:16:8b:d1: 06:cb:d2:90:8a:b2:b2:31:00:9a:9c:3b:54:3d:ca: 6b:91:c4:12:ed:53:2a:4e:c8:0a:0a:8c:a3:e8:47: ff:7d:55:9f:a9:b8:da:17:c5:d2:81:f6:47:e9:cd: d1:34:05:3e:6a:b6:ab:22:f1:f5:fc:52:c0:e6:7e: 4e:af:77:bc:42:53:e8:81:d0:51:a2:f5:da:8f:57: a3:b4:6c:3c:42:42:4d:7b:a4:ce:35:e5:07:b3:06: 40:92:4c:d9:80:6d:2b:63:bd:f8:05:09:e3:2e:6c: a2:83:5d:c9:63:12:cc:b4:ee:2b:98:7d:3a:b1:aa: 67:f6:3b:71:e2:58:9b:16:79:cd:1a:19:6e:56:5d: 28:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3F:D6:EB:17:E6:7A:CC:40:60:F7:77:F5:A4:E3:F9:A0:27:AB:3F:9A X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/29226948-b1a1-4294-9150-6af0e0bebfb8/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/29226948-b1a1-4294-9150-6af0e0bebfb8/0/3FD6EB17E67ACC4060F777F5A4E3F9A027AB3F9A.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.184.122.0/23 Signature Algorithm: sha256WithRSAEncryption 0a:0b:78:0d:3d:56:2f:7b:bb:52:d9:8f:90:a0:f3:52:ed:48: db:8e:f5:00:02:3a:a7:7f:68:8b:c9:7d:a7:b6:77:11:88:84: ea:76:a3:c7:e0:04:05:d2:14:46:e5:05:45:b5:e9:90:45:80: a6:37:69:bb:15:70:c6:12:f1:95:11:6a:39:20:31:7b:42:b2: 73:57:a7:5f:3b:84:3f:3a:6e:f9:f3:9a:5f:66:5c:ee:2e:03: aa:e4:96:65:c1:9d:ef:d4:d0:0a:76:88:96:81:84:f5:69:3d: f8:a5:47:cb:aa:aa:07:05:f8:6e:36:eb:0a:5a:e6:e7:02:2b: f1:5b:ae:1b:8b:73:52:b9:c1:c3:e5:27:ad:37:b3:91:2a:15: c1:d1:91:50:b1:e9:95:e9:28:ec:cf:7d:79:95:52:04:04:c4: 18:b5:72:ce:58:09:f8:84:d2:0c:6b:76:39:b9:44:14:73:38: 05:31:e2:64:5a:36:2d:24:a3:74:21:69:90:68:02:aa:c8:4a: 46:f4:98:de:76:a0:61:73:f2:7f:1c:f3:02:67:8e:70:57:5e: 8e:5d:10:56:3b:0e:1b:cb:e9:50:f0:52:e7:cc:72:69:04:46: 9c:53:3c:e6:08:35:8f:d1:a4:47:cd:e4:03:56:a3:88:94:fa: bf:54:74:63 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUVnFy53Q1GS+mBMw85Pw8rBHGKOgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTIwMjA0MzgzM1oX DTI2MTIwMTA0NDMzM1owMzExMC8GA1UEAxMoM0ZENkVCMTdFNjdBQ0M0MDYwRjc3 N0Y1QTRFM0Y5QTAyN0FCM0Y5QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN+hMHc7r3HTb80jrCVRBJ3t2SqqhFfgmLs9q7epczQwCzBg4OZbMIAlNQoV 7e7jE2tBzzWsYzRAteTLOPIkqHFkBWlgxXlHA0a21PsDQ4betBa1D6O/79FY9KIM adNn8tW6xx2Rl0xku+OjgtVH2VwStPpnFovRBsvSkIqysjEAmpw7VD3Ka5HEEu1T Kk7ICgqMo+hH/31Vn6m42hfF0oH2R+nN0TQFPmq2qyLx9fxSwOZ+Tq93vEJT6IHQ UaL12o9Xo7RsPEJCTXukzjXlB7MGQJJM2YBtK2O9+AUJ4y5sooNdyWMSzLTuK5h9 OrGqZ/Y7ceJYmxZ5zRoZblZdKOsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFD/W6xfmesxAYPd39aTj+aAnqz+aMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8yOTIyNjk0OC1iMWExLTQyOTQtOTE1MC02YWYwZTBiZWJmYjgvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzI5MjI2OTQ4 LWIxYTEtNDI5NC05MTUwLTZhZjBlMGJlYmZiOC8wLzNGRDZFQjE3RTY3QUNDNDA2 MEY3NzdGNUE0RTNGOUEwMjdBQjNGOUEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnuHowDQYJKoZIhvcNAQELBQADggEBAAoLeA09Vi97u1LZj5Cg81LtSNuO9QAC Oqd/aIvJfae2dxGIhOp2o8fgBAXSFEblBUW16ZBFgKY3absVcMYS8ZURajkgMXtC snNXp187hD86bvnzml9mXO4uA6rklmXBne/U0Ap2iJaBhPVpPfilR8uqqgcF+G42 6wpa5ucCK/FbrhuLc1K5wcPlJ603s5EqFcHRkVCx6ZXpKOzPfXmVUgQExBi1cs5Y CfiE0gxrdjm5RBRzOAUx4mRaNi0ko3QhaZBoAqrISkb0mN52oGFz8n8c8wJnjnBX Xo5dEFY7DhvL6VDwUufMcmkERpxTPOYINY/RpEfN5ANWo4iU+r9UdGM= -----END CERTIFICATE-----Generated at Wed Dec 3 13:56:59 2025 by rpki-client