$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer File: 645C9D445B2796662EE98A03E50C124F3E962CAB.cer (raw, json) Hash identifier: vv5fFjgNG1VUZPj3AlvupjEx3S9QiG9mWMiCdmBcHPY= Subject key identifier: 64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 09327B8544E12D1FF6D61D2E1580DDFD955E10E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft caRepository: rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 05 Mar 2025 04:13:40 +0000 Certificate not after: Wed 04 Mar 2026 04:18:40 +0000 Subordinate resources: IP: 103.100.172.0/22 IP: 2401:be40::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:32:7b:85:44:e1:2d:1f:f6:d6:1d:2e:15:80:dd:fd:95:5e:10:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Mar 5 04:13:40 2025 GMT Not After : Mar 4 04:18:40 2026 GMT Subject: CN=645C9D445B2796662EE98A03E50C124F3E962CAB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:a2:07:06:50:9f:a6:10:d3:95:a1:08:1f:c6: fc:91:9a:ea:e0:d5:a0:05:c1:22:26:d2:0b:7a:37: 8f:4f:86:9f:8d:92:79:ce:8e:d9:6c:c6:8d:1f:df: c5:57:83:88:e0:f3:7e:7c:78:63:7f:14:e6:63:63: 2f:3e:c0:38:a1:57:bd:0c:f0:2e:8b:09:66:dc:82: c0:76:c0:68:66:8e:63:84:34:74:84:0d:4d:7c:96: 86:73:38:b7:2e:ad:59:3f:74:79:6a:10:26:71:5e: 6d:36:fb:39:d1:38:19:ef:ba:1a:a4:d7:84:a2:a2: 84:60:db:c2:d4:b1:2f:84:c1:48:d5:bd:ea:9d:28: 7d:57:a9:0c:00:59:07:82:01:bf:ba:a9:aa:be:1d: 07:a2:61:5f:68:56:48:a9:8b:22:bb:e1:08:17:a4: d3:54:12:ee:db:04:00:a4:7f:df:85:2e:6f:de:69: 7a:74:e8:40:ca:d3:e1:81:5f:28:44:63:be:be:76: 33:cb:8f:54:59:f9:43:75:f2:f7:a3:f9:41:f7:80: a5:0f:47:e7:9c:f8:1a:55:cd:ca:9a:9b:8c:d1:de: 6e:0f:0e:10:57:09:d2:fb:7f:5a:6c:cf:49:fd:63: 4c:3a:e1:28:86:b0:51:d5:b8:e6:59:2a:6c:96:9e: 98:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.100.172.0/22 IPv6: 2401:be40::/32 Signature Algorithm: sha256WithRSAEncryption 09:58:a8:3b:2c:5a:3c:72:71:4b:67:a9:ef:88:f0:66:69:83: 3b:41:87:11:a4:12:c5:f9:7c:d9:7f:35:31:12:56:1d:6f:27: 83:6b:bb:cf:aa:7c:fd:8b:9f:a9:96:d3:d5:fe:ed:55:c4:b1: 11:87:22:49:0a:1e:9f:1b:11:a7:a0:84:97:a8:d5:98:af:27: 36:91:7d:90:a1:63:dc:88:b6:36:09:19:ab:b4:54:ba:60:c7: ac:64:e5:ab:ea:d4:19:01:a4:4e:b4:61:4f:cd:1e:8e:de:a7: c4:32:c7:04:d7:9a:90:b2:73:88:59:04:a0:aa:e9:b8:8e:8d: ae:1f:08:95:82:c5:3b:c0:24:5f:c9:32:08:ef:d0:36:a2:bd: e5:b5:43:2b:df:ba:54:9d:3f:3c:0a:a5:de:9d:1e:a1:4f:7a: 59:90:20:1f:6c:e6:3d:41:23:fc:14:37:04:99:30:61:f7:cc: 01:f8:35:71:5c:e6:82:bc:7d:59:90:25:89:9c:61:64:81:53: 3e:b9:74:0d:a9:ea:73:06:68:39:89:ff:ab:a1:1f:cf:b1:af: aa:c3:23:49:78:6f:8d:06:18:c1:7e:8b:7b:6e:58:66:88:2f: 2a:ed:f7:be:e8:67:17:07:44:35:16:76:c3:09:17:dd:a2:48: c6:0e:9c:6b -----BEGIN CERTIFICATE----- MIIF1DCCBLygAwIBAgIUCTJ7hUThLR/21h0uFYDd/ZVeEOAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDMwNTA0MTM0MFoX DTI2MDMwNDA0MTg0MFowMzExMC8GA1UEAxMoNjQ1QzlENDQ1QjI3OTY2NjJFRTk4 QTAzRTUwQzEyNEYzRTk2MkNBQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKqiBwZQn6YQ05WhCB/G/JGa6uDVoAXBIibSC3o3j0+Gn42Sec6O2WzGjR/f xVeDiODzfnx4Y38U5mNjLz7AOKFXvQzwLosJZtyCwHbAaGaOY4Q0dIQNTXyWhnM4 ty6tWT90eWoQJnFebTb7OdE4Ge+6GqTXhKKihGDbwtSxL4TBSNW96p0ofVepDABZ B4IBv7qpqr4dB6JhX2hWSKmLIrvhCBek01QS7tsEAKR/34Uub95penToQMrT4YFf KERjvr52M8uPVFn5Q3Xy96P5QfeApQ9H55z4GlXNypqbjNHebg8OEFcJ0vt/WmzP Sf1jTDrhKIawUdW45lkqbJaemCUCAwEAAaOCAscwggLDMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFGRcnURbJ5ZmLumKA+UMEk8+liyrMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8wNzMwNGI4My0zMGFhLTRiYmYtOWZkNy0yZmNlYWRiZjAwMzAvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA3MzA0Yjgz LTMwYWEtNGJiZi05ZmQ3LTJmY2VhZGJmMDAzMC8wLzY0NUM5RDQ0NUIyNzk2NjYy RUU5OEEwM0U1MEMxMjRGM0U5NjJDQUIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYD BAJnZKwwDQQCAAIwBwMFACQBvkAwDQYJKoZIhvcNAQELBQADggEBAAlYqDssWjxy cUtnqe+I8GZpgztBhxGkEsX5fNl/NTESVh1vJ4Nru8+qfP2Ln6mW09X+7VXEsRGH IkkKHp8bEaeghJeo1ZivJzaRfZChY9yItjYJGau0VLpgx6xk5avq1BkBpE60YU/N Ho7ep8QyxwTXmpCyc4hZBKCq6biOja4fCJWCxTvAJF/JMgjv0DaiveW1QyvfulSd PzwKpd6dHqFPelmQIB9s5j1BI/wUNwSZMGH3zAH4NXFc5oK8fVmQJYmcYWSBUz65 dA2p6nMGaDmJ/6uhH8+xr6rDI0l4b40GGMF+i3tuWGaILyrt977oZxcHRDUWdsMJ F92iSMYOnGs= -----END CERTIFICATE-----Generated at Sat Apr 5 07:10:36 2025 by rpki-client