This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/878DF4B7E3C776B2EDC1752FCCBC5E289C453BEE.cer File: 878DF4B7E3C776B2EDC1752FCCBC5E289C453BEE.cer (raw, json) Hash identifier: CsbCMQZg+o8Ja/7lcvV6gSecqKZ3aUafdA+uDg2h5+A= Subject key identifier: 87:8D:F4:B7:E3:C7:76:B2:ED:C1:75:2F:CC:BC:5E:28:9C:45:3B:EE Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3591250C93C22826484986E551977E4C3E5159CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/5c897c4a-e0ff-4652-a591-ff2d48e72c91/0/878DF4B7E3C776B2EDC1752FCCBC5E289C453BEE.mft caRepository: rsync://repo-rpki.idnic.net/repo/5c897c4a-e0ff-4652-a591-ff2d48e72c91/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 25 Jul 2025 00:43:28 +0000 Certificate not after: Fri 24 Jul 2026 00:48:28 +0000 Subordinate resources: IP: 103.156.96.0/24 IP: 2406:8440::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:91:25:0c:93:c2:28:26:48:49:86:e5:51:97:7e:4c:3e:51:59:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 25 00:43:28 2025 GMT Not After : Jul 24 00:48:28 2026 GMT Subject: CN=878DF4B7E3C776B2EDC1752FCCBC5E289C453BEE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:24:39:3a:8a:af:1a:75:7e:f1:1b:a7:00:6c: 97:a5:fa:1b:f4:9d:eb:92:63:43:8d:d2:f4:4f:d9: 71:11:48:6a:a6:b2:10:9e:a5:51:86:7b:b6:c4:6e: 42:1e:d3:1f:a1:3e:14:48:77:2f:90:92:0a:dc:b8: 5c:d1:10:26:70:25:04:2b:35:e6:91:60:e4:3c:14: e8:b8:98:e5:a6:61:e0:55:aa:f5:76:86:ce:20:e5: 52:65:4b:68:05:be:9d:1e:fb:19:b1:dd:cd:0e:eb: bf:e5:c4:ea:dc:62:19:8c:9f:21:5c:81:1a:62:74: f4:0c:7f:1a:78:15:9d:0b:d3:76:29:af:55:b5:58: 5b:9b:3f:9d:ca:ff:90:74:4f:be:6e:c6:47:94:e9: 68:7f:e0:1c:68:2c:78:ff:14:b8:63:eb:0b:4a:8e: 52:7b:e9:22:34:9e:e9:57:61:69:6e:58:c6:37:c9: e3:e5:ae:de:8e:a6:92:0c:f8:b7:89:2c:d6:83:23: af:33:68:96:54:8c:12:56:52:ee:1f:fc:67:1e:76: ee:c2:3d:cd:f5:b2:d3:03:7d:c1:3f:12:1a:94:b3: 21:3b:4f:c9:b0:8c:04:5a:65:19:4c:a1:80:32:66: 76:22:7a:01:9e:7f:65:42:95:14:ef:53:0f:3f:ab: 0d:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 87:8D:F4:B7:E3:C7:76:B2:ED:C1:75:2F:CC:BC:5E:28:9C:45:3B:EE X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/5c897c4a-e0ff-4652-a591-ff2d48e72c91/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/5c897c4a-e0ff-4652-a591-ff2d48e72c91/0/878DF4B7E3C776B2EDC1752FCCBC5E289C453BEE.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.156.96.0/24 IPv6: 2406:8440::/32 Signature Algorithm: sha256WithRSAEncryption 21:8b:86:81:97:83:4e:fe:ea:dd:f7:23:57:61:45:59:5f:29: 37:de:87:6e:9d:46:e0:74:84:89:2a:7e:a9:2b:d4:56:8e:34: a7:22:05:22:67:77:b3:7e:a9:97:22:61:1a:cd:72:c8:86:bd: f7:57:21:39:f5:48:42:51:23:86:6f:af:1f:45:5e:a1:44:89: 72:f0:76:fd:f2:b4:5f:c2:99:ee:7c:7e:f6:3b:ae:42:ea:e6: 67:04:37:4d:cc:88:0e:d7:d5:26:d8:2a:fe:4a:90:ac:44:ce: 35:2a:fb:3b:3b:2e:62:98:f5:64:33:40:7d:4f:f9:19:f1:18: 98:fc:f2:12:2d:a6:3f:6a:a0:77:72:44:cd:4e:b5:6b:58:7a: 9a:b5:8f:05:ce:ce:b5:d5:29:58:1e:c0:c8:83:a0:83:b7:9c: cd:10:31:e0:20:e3:88:32:cd:8f:a4:97:8f:5c:03:2c:14:32: e0:5a:7a:2e:3a:ee:c6:fa:28:a2:95:f6:5e:36:ce:2e:20:bc: c4:51:c3:29:e2:2d:2c:50:2e:78:c2:11:0c:90:b6:81:7a:a1: b0:56:34:9c:3b:1f:60:b9:6b:a6:00:4f:44:4a:f9:81:f1:9e: 1b:bc:73:44:8d:73:4c:c1:a6:e2:5f:57:fe:0f:6f:8b:04:63: 86:8c:75:ca -----BEGIN CERTIFICATE----- MIIF1DCCBLygAwIBAgIUNZElDJPCKCZISYblUZd+TD5RWcowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcyNTAwNDMyOFoX DTI2MDcyNDAwNDgyOFowMzExMC8GA1UEAxMoODc4REY0QjdFM0M3NzZCMkVEQzE3 NTJGQ0NCQzVFMjg5QzQ1M0JFRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOckOTqKrxp1fvEbpwBsl6X6G/Sd65JjQ43S9E/ZcRFIaqayEJ6lUYZ7tsRu Qh7TH6E+FEh3L5CSCty4XNEQJnAlBCs15pFg5DwU6LiY5aZh4FWq9XaGziDlUmVL aAW+nR77GbHdzQ7rv+XE6txiGYyfIVyBGmJ09Ax/GngVnQvTdimvVbVYW5s/ncr/ kHRPvm7GR5TpaH/gHGgseP8UuGPrC0qOUnvpIjSe6VdhaW5YxjfJ4+Wu3o6mkgz4 t4ks1oMjrzNollSMElZS7h/8Zx527sI9zfWy0wN9wT8SGpSzITtPybCMBFplGUyh gDJmdiJ6AZ5/ZUKVFO9TDz+rDd8CAwEAAaOCAscwggLDMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFIeN9Lfjx3ay7cF1L8y8XiicRTvuMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by81Yzg5N2M0YS1lMGZmLTQ2NTItYTU5MS1mZjJkNDhlNzJjOTEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVjODk3YzRh LWUwZmYtNDY1Mi1hNTkxLWZmMmQ0OGU3MmM5MS8wLzg3OERGNEI3RTNDNzc2QjJF REMxNzUyRkNDQkM1RTI4OUM0NTNCRUUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYD BABnnGAwDQQCAAIwBwMFACQGhEAwDQYJKoZIhvcNAQELBQADggEBACGLhoGXg07+ 6t33I1dhRVlfKTfeh26dRuB0hIkqfqkr1FaONKciBSJnd7N+qZciYRrNcsiGvfdX ITn1SEJRI4Zvrx9FXqFEiXLwdv3ytF/Cme58fvY7rkLq5mcEN03MiA7X1SbYKv5K kKxEzjUq+zs7LmKY9WQzQH1P+RnxGJj88hItpj9qoHdyRM1OtWtYepq1jwXOzrXV KVgewMiDoIO3nM0QMeAg44gyzY+kl49cAywUMuBaei467sb6KKKV9l42zi4gvMRR wyniLSxQLnjCEQyQtoF6obBWNJw7H2C5a6YAT0RK+YHxnhu8c0SNc0zBpuJfV/4P b4sEY4aMdco= -----END CERTIFICATE-----Generated at Wed Dec 3 13:58:52 2025 by rpki-client