$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/8FC4899CA3D612A45C1C1DC02A21F63372DAEDD6.cer File: 8FC4899CA3D612A45C1C1DC02A21F63372DAEDD6.cer (raw, json) Hash identifier: PWrssnPDnZ2iRMQ4no3BBu7ne/b7AOy2paRK6gCme8c= Subject key identifier: 8F:C4:89:9C:A3:D6:12:A4:5C:1C:1D:C0:2A:21:F6:33:72:DA:ED:D6 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6529795C6748A65FE65446698DE0B03B7843CCBB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/e5413ff4-202b-4999-b45d-73c972f10116/0/8FC4899CA3D612A45C1C1DC02A21F63372DAEDD6.mft caRepository: rsync://repo-rpki.idnic.net/repo/e5413ff4-202b-4999-b45d-73c972f10116/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 01 Feb 2025 23:02:57 +0000 Certificate not after: Sat 31 Jan 2026 23:07:57 +0000 Subordinate resources: IP: 103.138.116.0/23 IP: 2404:cac0::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:29:79:5c:67:48:a6:5f:e6:54:46:69:8d:e0:b0:3b:78:43:cc:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 1 23:02:57 2025 GMT Not After : Jan 31 23:07:57 2026 GMT Subject: CN=8FC4899CA3D612A45C1C1DC02A21F63372DAEDD6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:c9:12:fb:1a:af:9b:12:89:d1:58:d9:33:7c: 5c:a7:95:45:ce:24:81:4a:68:ae:2c:86:7b:05:02: e6:d5:fd:eb:7e:38:cf:b9:ea:23:40:84:89:55:e0: 35:a9:ec:4e:d3:30:b9:f6:4f:92:41:f3:37:8c:5b: 53:7f:a9:27:cc:8c:19:6d:c4:2a:f1:cf:9f:0d:39: 82:b5:98:97:00:bc:e3:68:7b:1d:ec:37:60:7a:3b: c7:96:8c:3c:bc:ac:0d:29:ad:d8:a2:7d:1d:2a:25: ae:8b:16:89:f9:6b:c2:f1:bd:58:7b:fa:00:61:65: 58:6b:d3:fb:66:70:a4:b8:51:fc:87:81:9f:f7:63: 5d:f6:9c:e9:96:cf:8c:ad:9a:bb:56:bf:ef:35:fb: 65:4a:3a:51:7a:a1:ea:be:ed:f4:66:2d:d9:c7:29: ce:2f:e3:02:9d:d9:57:46:ca:df:44:2d:10:b2:43: 1b:9d:17:c3:0a:0c:b1:69:93:17:65:56:a5:14:a3: 91:be:f7:f3:a7:ae:bc:8e:d6:1f:bc:fb:54:a7:32: ea:0b:61:6d:be:92:1e:18:6b:63:31:14:04:41:11: b5:32:73:87:15:e7:b2:21:07:5b:98:c4:45:b6:8b: 19:4a:5a:d7:53:7a:9f:7c:ce:a8:db:c8:92:68:39: 2d:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 8F:C4:89:9C:A3:D6:12:A4:5C:1C:1D:C0:2A:21:F6:33:72:DA:ED:D6 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/e5413ff4-202b-4999-b45d-73c972f10116/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/e5413ff4-202b-4999-b45d-73c972f10116/0/8FC4899CA3D612A45C1C1DC02A21F63372DAEDD6.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.138.116.0/23 IPv6: 2404:cac0::/32 Signature Algorithm: sha256WithRSAEncryption 1b:56:2f:25:3e:db:d5:ad:b6:a1:da:9b:13:c6:f0:b5:d7:29: 28:08:1e:80:8a:61:82:fc:9a:22:95:9b:10:f9:1f:0e:0f:88: 2a:ac:78:31:fa:28:8b:c8:55:6b:92:c1:fc:0d:f4:71:6e:a2: 13:02:8f:a1:64:6b:15:86:9b:92:34:c6:b9:64:15:97:e7:2c: 73:39:16:97:e2:36:f0:76:6c:b5:c8:4f:83:76:cf:bb:49:c8: b0:2e:0c:70:5d:61:c6:99:e9:28:0e:42:e7:9f:2a:e8:ce:4e: e2:43:6b:11:d0:a8:6f:f8:4f:56:0e:1d:25:06:5b:6b:43:bf: 1b:b5:a3:a2:19:ca:a3:2f:8e:66:7a:4e:c2:d2:ea:11:3d:42: bc:77:d8:db:14:b9:b3:7a:e8:51:84:31:2a:19:df:33:46:fc: 50:5e:ee:4a:52:f6:c1:b9:0e:75:4c:01:87:30:13:ba:e0:1e: 15:63:78:b3:37:0f:60:7a:f4:63:e7:52:dd:43:7d:64:26:54: 93:70:02:ac:07:a5:79:8e:96:7f:71:3e:0c:a2:de:d4:f0:6a: 68:93:95:f5:95:15:37:48:2a:fb:c7:44:c6:5d:4e:b5:07:0c: 92:46:81:2d:17:4d:5c:45:6e:86:ab:c9:00:81:90:d4:2d:30: 77:15:4c:c2 -----BEGIN CERTIFICATE----- MIIF1DCCBLygAwIBAgIUZSl5XGdIpl/mVEZpjeCwO3hDzLswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDIwMTIzMDI1N1oX DTI2MDEzMTIzMDc1N1owMzExMC8GA1UEAxMoOEZDNDg5OUNBM0Q2MTJBNDVDMUMx REMwMkEyMUY2MzM3MkRBRURENjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK7JEvsar5sSidFY2TN8XKeVRc4kgUporiyGewUC5tX96344z7nqI0CEiVXg NansTtMwufZPkkHzN4xbU3+pJ8yMGW3EKvHPnw05grWYlwC842h7Hew3YHo7x5aM PLysDSmt2KJ9HSolrosWiflrwvG9WHv6AGFlWGvT+2ZwpLhR/IeBn/djXfac6ZbP jK2au1a/7zX7ZUo6UXqh6r7t9GYt2ccpzi/jAp3ZV0bK30QtELJDG50XwwoMsWmT F2VWpRSjkb7386euvI7WH7z7VKcy6gthbb6SHhhrYzEUBEERtTJzhxXnsiEHW5jE RbaLGUpa11N6n3zOqNvIkmg5LeMCAwEAAaOCAscwggLDMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFI/EiZyj1hKkXBwdwCoh9jNy2u3WMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9lNTQxM2ZmNC0yMDJiLTQ5OTktYjQ1ZC03M2M5NzJmMTAxMTYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U1NDEzZmY0 LTIwMmItNDk5OS1iNDVkLTczYzk3MmYxMDExNi8wLzhGQzQ4OTlDQTNENjEyQTQ1 QzFDMURDMDJBMjFGNjMzNzJEQUVERDYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYD BAFninQwDQQCAAIwBwMFACQEysAwDQYJKoZIhvcNAQELBQADggEBABtWLyU+29Wt tqHamxPG8LXXKSgIHoCKYYL8miKVmxD5Hw4PiCqseDH6KIvIVWuSwfwN9HFuohMC j6FkaxWGm5I0xrlkFZfnLHM5FpfiNvB2bLXIT4N2z7tJyLAuDHBdYcaZ6SgOQuef KujOTuJDaxHQqG/4T1YOHSUGW2tDvxu1o6IZyqMvjmZ6TsLS6hE9Qrx32NsUubN6 6FGEMSoZ3zNG/FBe7kpS9sG5DnVMAYcwE7rgHhVjeLM3D2B69GPnUt1DfWQmVJNw AqwHpXmOln9xPgyi3tTwamiTlfWVFTdIKvvHRMZdTrUHDJJGgS0XTVxFboaryQCB kNQtMHcVTMI= -----END CERTIFICATE-----Generated at Sat Apr 5 07:06:16 2025 by rpki-client