$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/4EE959798755CD4BA407AEB6EBDD3100261EAA55.cer File: 4EE959798755CD4BA407AEB6EBDD3100261EAA55.cer (raw, json) Hash identifier: A8/v4+kzFa8sdUS3dSd7b/47g2GoHqEBwDN3hhsda6E= Subject key identifier: 4E:E9:59:79:87:55:CD:4B:A4:07:AE:B6:EB:DD:31:00:26:1E:AA:55 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 46440306213395FA40AA56B691E8315A5F63D537 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/038d580b-452e-42d7-b041-901dc33d6857/0/4EE959798755CD4BA407AEB6EBDD3100261EAA55.mft caRepository: rsync://repo-rpki.idnic.net/repo/038d580b-452e-42d7-b041-901dc33d6857/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 31 May 2025 18:38:49 +0000 Certificate not after: Sat 30 May 2026 18:43:49 +0000 Subordinate resources: IP: 103.168.250.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:41:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:44:03:06:21:33:95:fa:40:aa:56:b6:91:e8:31:5a:5f:63:d5:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 31 18:38:49 2025 GMT Not After : May 30 18:43:49 2026 GMT Subject: CN=4EE959798755CD4BA407AEB6EBDD3100261EAA55 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:fb:12:53:b1:c7:10:c7:2f:17:c8:aa:f5:58: b2:c9:a4:63:5f:12:f1:da:ad:55:11:8c:41:fb:9e: 73:e1:68:dc:c8:4c:a2:ec:a1:b4:30:b4:90:34:94: ed:4c:64:3e:e3:e3:d0:c1:bb:1f:59:b7:3c:5c:bd: 59:9d:21:e6:02:2f:81:44:6f:2c:21:5b:b8:23:3d: 27:e7:1b:53:20:8a:d2:5c:cf:79:9d:2c:c5:8f:96: dd:be:e5:c9:32:5a:7c:79:1f:fc:8e:59:c6:b0:d1: 52:3c:31:0b:66:e5:14:8a:63:aa:42:fa:b1:c5:8e: 23:ac:c7:c1:f5:b8:f6:e1:14:dd:4c:ab:10:9b:88: 06:95:4b:75:c2:48:b6:a4:be:c1:48:9a:d1:e9:c5: 16:c3:c3:23:98:86:3b:df:cf:b6:c5:b9:ac:45:1b: 0e:cb:ba:af:a4:9b:2b:ac:25:27:92:40:1e:c3:f2: 52:39:12:21:3b:99:97:d5:f3:5c:89:3a:53:7e:80: 33:1b:b8:12:37:07:ce:ea:01:81:70:36:be:54:bf: bf:9d:2b:80:d9:f5:95:d6:3a:30:3f:bf:ae:a0:be: 9b:a7:c6:51:67:c6:2c:df:b1:dc:c3:25:38:9f:52: 51:3e:47:ab:ec:ac:d6:80:df:62:ce:4c:78:0e:48: 5e:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 4E:E9:59:79:87:55:CD:4B:A4:07:AE:B6:EB:DD:31:00:26:1E:AA:55 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/038d580b-452e-42d7-b041-901dc33d6857/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/038d580b-452e-42d7-b041-901dc33d6857/0/4EE959798755CD4BA407AEB6EBDD3100261EAA55.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.168.250.0/23 Signature Algorithm: sha256WithRSAEncryption 7c:9f:f2:11:9d:fa:68:f1:25:9b:cf:8b:40:37:3c:73:b6:0c: 02:6b:86:bd:ff:1d:88:af:82:2b:7c:2a:bd:fa:55:13:2d:69: 40:41:0f:43:b2:c5:36:3b:1a:c5:69:96:02:c1:cf:b6:c1:0a: 3f:d0:a9:5c:c7:41:13:8d:a3:b8:2e:30:54:98:5b:86:1c:78: 96:50:60:83:c7:7a:c8:b2:96:98:a8:39:80:d2:b7:bb:d3:fe: 0f:4c:06:6a:32:4e:b1:60:91:4b:0c:42:ac:eb:55:39:bf:74: b8:e1:46:fc:57:3f:18:b5:5b:99:01:0f:99:8d:da:89:0e:77: c5:cc:27:df:a7:f7:63:2f:30:5f:09:6b:16:e3:d9:5c:80:05: 05:e5:7d:01:e6:ce:61:8b:30:16:8b:1b:65:a1:13:ed:57:13: b4:22:46:ac:f8:b1:b6:66:fa:80:b4:7f:af:34:3c:f0:26:6d: 3f:29:42:e6:fd:2d:4f:1a:e0:ef:c1:a6:b4:76:da:9b:5d:d6: c4:15:40:df:3b:28:f4:e8:90:a1:0e:15:23:7e:87:6a:c9:37: df:95:43:3a:26:f9:b6:f7:34:58:bc:39:bb:0c:f0:e1:9e:56: 16:f5:74:90:12:1b:a8:48:1d:59:a7:c9:48:17:81:d5:05:0f: 2e:3c:0b:03 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIURkQDBiEzlfpAqla2kegxWl9j1TcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUzMTE4Mzg0OVoX DTI2MDUzMDE4NDM0OVowMzExMC8GA1UEAxMoNEVFOTU5Nzk4NzU1Q0Q0QkE0MDdB RUI2RUJERDMxMDAyNjFFQUE1NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMv7ElOxxxDHLxfIqvVYssmkY18S8dqtVRGMQfuec+Fo3MhMouyhtDC0kDSU 7UxkPuPj0MG7H1m3PFy9WZ0h5gIvgURvLCFbuCM9J+cbUyCK0lzPeZ0sxY+W3b7l yTJafHkf/I5ZxrDRUjwxC2blFIpjqkL6scWOI6zHwfW49uEU3UyrEJuIBpVLdcJI tqS+wUia0enFFsPDI5iGO9/PtsW5rEUbDsu6r6SbK6wlJ5JAHsPyUjkSITuZl9Xz XIk6U36AMxu4EjcHzuoBgXA2vlS/v50rgNn1ldY6MD+/rqC+m6fGUWfGLN+x3MMl OJ9SUT5Hq+ys1oDfYs5MeA5IXtUCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFE7pWXmHVc1LpAeutuvdMQAmHqpVMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8wMzhkNTgwYi00NTJlLTQyZDctYjA0MS05MDFkYzMzZDY4NTcvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzAzOGQ1ODBi LTQ1MmUtNDJkNy1iMDQxLTkwMWRjMzNkNjg1Ny8wLzRFRTk1OTc5ODc1NUNENEJB NDA3QUVCNkVCREQzMTAwMjYxRUFBNTUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnqPowDQYJKoZIhvcNAQELBQADggEBAHyf8hGd+mjxJZvPi0A3PHO2DAJrhr3/ HYivgit8Kr36VRMtaUBBD0OyxTY7GsVplgLBz7bBCj/QqVzHQRONo7guMFSYW4Yc eJZQYIPHesiylpioOYDSt7vT/g9MBmoyTrFgkUsMQqzrVTm/dLjhRvxXPxi1W5kB D5mN2okOd8XMJ9+n92MvMF8Jaxbj2VyABQXlfQHmzmGLMBaLG2WhE+1XE7QiRqz4 sbZm+oC0f680PPAmbT8pQub9LU8a4O/BprR22ptd1sQVQN87KPTokKEOFSN+h2rJ N9+VQzom+bb3NFi8ObsM8OGeVhb1dJASG6hIHVmnyUgXgdUFDy48CwM= -----END CERTIFICATE-----Generated at Tue Jun 3 23:38:31 2025 by rpki-client