$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/575C39865D3AE23DCCC322AD08D1424FD40FB8C2.cer File: 575C39865D3AE23DCCC322AD08D1424FD40FB8C2.cer (raw, json) Hash identifier: 5acCclluAsfPxZaJov8ZAJUU0SS3ZwnhaXKexHJkmrs= Subject key identifier: 57:5C:39:86:5D:3A:E2:3D:CC:C3:22:AD:08:D1:42:4F:D4:0F:B8:C2 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0832913577033F132D624009C66DB517CB25B8ED Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/811d9abc-4987-4dbc-976d-3f32b291715d/0/575C39865D3AE23DCCC322AD08D1424FD40FB8C2.mft caRepository: rsync://repo-rpki.idnic.net/repo/811d9abc-4987-4dbc-976d-3f32b291715d/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 04 Sep 2025 14:15:00 +0000 Certificate not after: Thu 03 Sep 2026 14:20:00 +0000 Subordinate resources: IP: 103.250.129.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 17:31:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:32:91:35:77:03:3f:13:2d:62:40:09:c6:6d:b5:17:cb:25:b8:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 4 14:15:00 2025 GMT Not After : Sep 3 14:20:00 2026 GMT Subject: CN=575C39865D3AE23DCCC322AD08D1424FD40FB8C2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:97:76:c5:82:14:dc:5a:1b:af:d1:2c:2d:eb: 4f:06:c2:a0:d9:9c:ee:75:3c:c4:2f:9f:84:d0:3a: ee:03:36:a7:17:b0:69:43:52:57:60:04:04:e4:1c: 54:e5:c3:2f:b7:ef:ca:91:d5:4a:c7:bc:3e:3f:12: d4:89:0a:24:51:52:6e:34:ee:ca:2f:65:3c:7d:b2: 1c:aa:07:f1:44:9c:c7:68:2d:5b:c8:cb:8f:14:55: 88:9c:a0:92:88:23:f1:db:2d:2d:4f:62:20:ed:c1: 1e:d8:b9:5b:a8:0a:aa:85:ea:49:8d:84:e1:ab:95: 6e:c0:5a:fb:65:a0:57:da:63:64:8a:3f:b1:44:35: 70:b7:f0:87:74:ff:19:e0:94:b6:ca:e0:01:15:90: fd:81:5b:39:69:29:13:8e:a1:bb:dc:bd:20:6c:af: 74:1f:11:c1:34:de:7d:d6:c2:58:52:f6:60:19:47: 1f:bb:f7:5a:5c:b1:93:89:12:46:ad:53:f5:7e:92: 92:e2:d9:10:77:60:fb:eb:7e:1a:c9:8a:06:59:3d: 70:36:3e:f5:73:cb:a4:83:0e:27:2c:23:b8:b7:b8: 73:87:91:73:ca:75:30:d7:78:df:1c:eb:7a:2f:33: f9:55:56:77:6b:38:93:fb:72:0a:f0:3c:b2:68:75: 51:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 57:5C:39:86:5D:3A:E2:3D:CC:C3:22:AD:08:D1:42:4F:D4:0F:B8:C2 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/811d9abc-4987-4dbc-976d-3f32b291715d/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/811d9abc-4987-4dbc-976d-3f32b291715d/0/575C39865D3AE23DCCC322AD08D1424FD40FB8C2.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.250.129.0/24 Signature Algorithm: sha256WithRSAEncryption 2e:33:e8:d8:c0:25:7e:a1:8c:b0:43:62:90:65:a2:67:ca:26: 25:9f:07:8b:9b:ca:af:eb:f5:a6:65:4c:88:c4:9d:57:f1:36: 97:9a:e5:8b:e4:ab:ba:6d:9f:a0:01:d6:72:f9:17:ab:c9:0e: 5d:dd:9d:19:61:56:1f:73:cc:fc:d4:2b:ad:de:a0:cf:25:5f: f0:24:e2:d6:0e:bb:21:27:98:2d:2d:78:a5:e2:c9:a1:68:6b: a1:1d:2b:02:ea:1d:f0:ca:29:12:49:a9:0b:f9:8f:7f:d8:f3: fe:3d:bd:c9:26:89:06:48:27:44:a5:5d:65:55:89:7e:7a:37: 22:0b:89:36:d9:bc:f7:be:4f:3f:47:c0:7a:e5:7d:96:6d:4c: d6:6e:98:77:d3:e0:2e:69:09:5a:4f:7a:b6:a3:7c:48:73:b4: fe:c3:5f:aa:fa:d6:c5:37:01:50:b6:8b:f1:4e:7d:ed:5e:54: 10:b6:c2:c1:99:c2:37:7a:b5:db:ef:92:93:63:95:bb:05:5c: 66:42:cc:88:88:fb:ac:46:22:66:d5:ce:11:76:58:ad:b6:f4: 70:93:6a:78:77:29:18:9d:d2:41:ef:e0:7d:6f:58:e3:4b:07: 00:d2:3e:86:10:2b:e3:82:c5:17:e9:9c:4b:bf:25:d7:09:6c: f9:03:67:87 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUCDKRNXcDPxMtYkAJxm21F8sluO0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDkwNDE0MTUwMFoX DTI2MDkwMzE0MjAwMFowMzExMC8GA1UEAxMoNTc1QzM5ODY1RDNBRTIzRENDQzMy MkFEMDhEMTQyNEZENDBGQjhDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMKXdsWCFNxaG6/RLC3rTwbCoNmc7nU8xC+fhNA67gM2pxewaUNSV2AEBOQc VOXDL7fvypHVSse8Pj8S1IkKJFFSbjTuyi9lPH2yHKoH8UScx2gtW8jLjxRViJyg kogj8dstLU9iIO3BHti5W6gKqoXqSY2E4auVbsBa+2WgV9pjZIo/sUQ1cLfwh3T/ GeCUtsrgARWQ/YFbOWkpE46hu9y9IGyvdB8RwTTefdbCWFL2YBlHH7v3Wlyxk4kS Rq1T9X6SkuLZEHdg++t+GsmKBlk9cDY+9XPLpIMOJywjuLe4c4eRc8p1MNd43xzr ei8z+VVWd2s4k/tyCvA8smh1UQsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFdcOYZdOuI9zMMirQjRQk/UD7jCMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by84MTFkOWFiYy00OTg3LTRkYmMtOTc2ZC0zZjMyYjI5MTcxNWQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzgxMWQ5YWJj LTQ5ODctNGRiYy05NzZkLTNmMzJiMjkxNzE1ZC8wLzU3NUMzOTg2NUQzQUUyM0RD Q0MzMjJBRDA4RDE0MjRGRDQwRkI4QzIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn+oEwDQYJKoZIhvcNAQELBQADggEBAC4z6NjAJX6hjLBDYpBlomfKJiWfB4ub yq/r9aZlTIjEnVfxNpea5Yvkq7ptn6AB1nL5F6vJDl3dnRlhVh9zzPzUK63eoM8l X/Ak4tYOuyEnmC0teKXiyaFoa6EdKwLqHfDKKRJJqQv5j3/Y8/49vckmiQZIJ0Sl XWVViX56NyILiTbZvPe+Tz9HwHrlfZZtTNZumHfT4C5pCVpPerajfEhztP7DX6r6 1sU3AVC2i/FOfe1eVBC2wsGZwjd6tdvvkpNjlbsFXGZCzIiI+6xGImbVzhF2WK22 9HCTanh3KRid0kHv4H1vWONLBwDSPoYQK+OCxRfpnEu/JdcJbPkDZ4c= -----END CERTIFICATE-----Generated at Fri Sep 5 10:10:26 2025 by rpki-client