$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/8D5A49C9E42E371BFD1E67ACE1B3D55EC1ABF73F.cer File: 8D5A49C9E42E371BFD1E67ACE1B3D55EC1ABF73F.cer (raw, json) Hash identifier: 9vnHWjTIuq/dz0NWIDT3W/6joto4F7Rx1v5laKeyT40= Subject key identifier: 8D:5A:49:C9:E4:2E:37:1B:FD:1E:67:AC:E1:B3:D5:5E:C1:AB:F7:3F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0EF57DF2AA334D56F2508548A92E113D9A24249D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/62f5986b-c764-4cd7-b414-a25bd05c3f92/0/8D5A49C9E42E371BFD1E67ACE1B3D55EC1ABF73F.mft caRepository: rsync://repo-rpki.idnic.net/repo/62f5986b-c764-4cd7-b414-a25bd05c3f92/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 27 Aug 2025 18:47:55 +0000 Certificate not after: Wed 26 Aug 2026 18:52:55 +0000 Subordinate resources: IP: 103.216.105.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 17:31:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:f5:7d:f2:aa:33:4d:56:f2:50:85:48:a9:2e:11:3d:9a:24:24:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 27 18:47:55 2025 GMT Not After : Aug 26 18:52:55 2026 GMT Subject: CN=8D5A49C9E42E371BFD1E67ACE1B3D55EC1ABF73F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:a9:e9:71:74:54:08:cb:03:63:d7:d0:20:30: dd:28:dc:f0:65:29:ab:7c:cd:e1:9c:75:6b:6c:93: fa:82:c4:6f:c3:6e:dc:fe:63:f6:f8:6d:76:23:93: db:4d:44:2e:46:95:a6:d7:a9:aa:ee:73:29:fe:b2: 8b:03:ed:21:95:a4:83:7d:57:7d:e8:42:0a:f3:71: e3:62:88:97:80:d7:10:6b:bd:b7:75:e8:db:f3:4c: 9b:97:92:83:12:5a:2c:7a:99:b6:f8:32:fc:b6:c0: 1a:77:9d:77:c2:56:06:72:49:94:00:ab:e4:f8:dc: 26:4e:ef:ad:be:c7:1c:99:54:01:3f:ab:f0:c9:f7: 1a:c2:8e:db:4e:13:68:52:49:14:67:f9:b4:ca:d9: bc:04:e6:59:e6:68:79:cb:91:04:30:ba:11:37:eb: 60:ef:55:c0:f2:c2:83:3c:29:5d:20:5e:81:b3:b1: 47:01:eb:f2:98:6d:35:22:03:b8:fb:b1:e5:e6:37: 9d:da:9a:fd:23:f0:f8:6a:d1:2e:ef:49:22:39:b5: 81:8e:eb:e4:c6:12:a0:b4:99:d1:d7:aa:12:34:8d: 7f:01:0f:1a:7c:12:cd:ef:c4:12:12:71:3b:6b:40: 52:2f:ca:8d:72:65:50:d9:61:34:11:32:85:15:03: 03:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 8D:5A:49:C9:E4:2E:37:1B:FD:1E:67:AC:E1:B3:D5:5E:C1:AB:F7:3F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/62f5986b-c764-4cd7-b414-a25bd05c3f92/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/62f5986b-c764-4cd7-b414-a25bd05c3f92/0/8D5A49C9E42E371BFD1E67ACE1B3D55EC1ABF73F.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.216.105.0/24 Signature Algorithm: sha256WithRSAEncryption 4a:d6:02:81:92:88:f8:24:0e:e3:5d:ea:d6:52:9f:43:5f:5f: 45:d8:b8:8b:da:b7:dc:e0:6a:40:19:72:6e:c1:5f:19:e5:71: 28:40:ee:58:82:20:e3:65:dd:70:1f:aa:d0:cd:ef:1c:b8:a5: ae:13:86:51:4b:03:95:4d:4f:e8:bf:b4:ca:8e:a8:3a:19:bb: e2:24:9c:99:f6:41:f2:e8:53:80:6a:7f:11:6d:86:04:ee:ea: 2f:e8:7f:06:11:b7:a8:6b:a9:aa:90:eb:d8:7c:b9:ea:48:88: 00:3c:94:c2:ed:25:fa:7c:eb:ef:9c:fa:70:99:e6:f9:7b:0c: da:be:a3:99:11:9d:d5:fc:ab:9c:63:17:d1:e4:03:f2:99:13: 3a:0b:a7:52:0a:4e:68:01:ff:57:f5:4f:10:f4:72:20:14:3c: 5a:cd:8a:71:90:bf:f9:c4:a5:47:1e:5c:ef:30:5f:15:7c:58: 9f:ff:5d:68:52:86:08:fe:74:35:70:bb:df:27:a6:2c:ef:b2: 6d:5b:71:41:8d:d4:d0:9d:85:f8:ce:a9:ff:10:4e:98:e5:50: 86:bd:79:6d:e7:03:71:17:2d:29:72:5a:ca:57:6e:c4:4d:95: 53:5b:d4:82:d2:65:3b:17:82:06:fb:82:f8:8f:6d:67:23:ac: a4:4e:1a:89 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUDvV98qozTVbyUIVIqS4RPZokJJ0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDgyNzE4NDc1NVoX DTI2MDgyNjE4NTI1NVowMzExMC8GA1UEAxMoOEQ1QTQ5QzlFNDJFMzcxQkZEMUU2 N0FDRTFCM0Q1NUVDMUFCRjczRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ6p6XF0VAjLA2PX0CAw3Sjc8GUpq3zN4Zx1a2yT+oLEb8Nu3P5j9vhtdiOT 201ELkaVptepqu5zKf6yiwPtIZWkg31XfehCCvNx42KIl4DXEGu9t3Xo2/NMm5eS gxJaLHqZtvgy/LbAGnedd8JWBnJJlACr5PjcJk7vrb7HHJlUAT+r8Mn3GsKO204T aFJJFGf5tMrZvATmWeZoecuRBDC6ETfrYO9VwPLCgzwpXSBegbOxRwHr8phtNSID uPux5eY3ndqa/SPw+GrRLu9JIjm1gY7r5MYSoLSZ0deqEjSNfwEPGnwSze/EEhJx O2tAUi/KjXJlUNlhNBEyhRUDA5MCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFI1aScnkLjcb/R5nrOGz1V7Bq/c/MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by82MmY1OTg2Yi1jNzY0LTRjZDctYjQxNC1hMjViZDA1YzNmOTIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzYyZjU5ODZi LWM3NjQtNGNkNy1iNDE0LWEyNWJkMDVjM2Y5Mi8wLzhENUE0OUM5RTQyRTM3MUJG RDFFNjdBQ0UxQjNENTVFQzFBQkY3M0YubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn2GkwDQYJKoZIhvcNAQELBQADggEBAErWAoGSiPgkDuNd6tZSn0NfX0XYuIva t9zgakAZcm7BXxnlcShA7liCIONl3XAfqtDN7xy4pa4ThlFLA5VNT+i/tMqOqDoZ u+IknJn2QfLoU4BqfxFthgTu6i/ofwYRt6hrqaqQ69h8uepIiAA8lMLtJfp86++c +nCZ5vl7DNq+o5kRndX8q5xjF9HkA/KZEzoLp1IKTmgB/1f1TxD0ciAUPFrNinGQ v/nEpUceXO8wXxV8WJ//XWhShgj+dDVwu98npizvsm1bcUGN1NCdhfjOqf8QTpjl UIa9eW3nA3EXLSlyWspXbsRNlVNb1ILSZTsXggb7gviPbWcjrKROGok= -----END CERTIFICATE-----Generated at Fri Sep 5 10:13:05 2025 by rpki-client