$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/9AF7BD047F3C54F9CE5826DC9196C2A32E4A7C5F.cer File: 9AF7BD047F3C54F9CE5826DC9196C2A32E4A7C5F.cer (raw, json) Hash identifier: QTfLViRVkKbcJ0/bCocOYaD8rhXw9o0jUx9Y14Z0AU8= Subject key identifier: 9A:F7:BD:04:7F:3C:54:F9:CE:58:26:DC:91:96:C2:A3:2E:4A:7C:5F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3C46B9837004FC78E431B5AD0F705C43EF9C7F28 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/357fb17e-9d58-4d51-846e-0a84c8699142/0/9AF7BD047F3C54F9CE5826DC9196C2A32E4A7C5F.mft caRepository: rsync://repo-rpki.idnic.net/repo/357fb17e-9d58-4d51-846e-0a84c8699142/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 28 Aug 2025 03:50:41 +0000 Certificate not after: Thu 27 Aug 2026 03:55:41 +0000 Subordinate resources: IP: 103.255.98.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 08 Sep 2025 09:48:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:46:b9:83:70:04:fc:78:e4:31:b5:ad:0f:70:5c:43:ef:9c:7f:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 28 03:50:41 2025 GMT Not After : Aug 27 03:55:41 2026 GMT Subject: CN=9AF7BD047F3C54F9CE5826DC9196C2A32E4A7C5F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:cb:43:49:e4:64:76:0e:1f:f2:14:6e:60:83: 87:9d:27:c0:aa:f2:02:44:e3:2b:49:f0:75:13:cf: 38:8a:c6:33:09:b3:6b:c2:ee:94:da:37:f2:8a:71: 89:cf:e1:d5:07:57:72:f4:41:0d:f6:b2:03:20:29: 35:53:17:6d:57:8f:f8:e2:2e:ce:21:71:c1:1e:d4: 5a:93:68:7a:e8:9e:5e:62:10:1f:d7:e5:b4:ab:75: 1f:72:f0:39:d8:e8:ed:c0:d8:0c:ec:fa:6d:99:43: 7b:44:e2:ef:00:42:95:0e:6b:e6:20:b7:2d:2e:10: ac:e2:8d:8b:d9:f4:aa:b6:ba:7c:1a:de:f1:1c:52: e1:aa:ce:fe:99:c1:e9:64:17:bc:a2:72:1c:70:3e: f2:37:ea:d8:de:5f:fe:29:15:c2:fd:03:3e:9e:23: 58:67:f6:4d:c3:1d:30:f3:e3:6d:cf:37:17:76:93: 26:00:80:7c:e6:71:97:83:a9:87:68:39:bd:e0:85: 66:d7:d4:80:b9:c7:eb:e6:5c:80:56:50:43:c8:ca: 2d:c6:da:95:71:3c:54:af:79:6b:67:3d:fd:c5:04: 17:08:c3:30:25:4b:4e:73:93:f0:c8:4b:c3:fd:e7: 49:10:a4:2f:95:5c:51:b1:76:5d:0b:c8:ca:e2:4b: c1:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 9A:F7:BD:04:7F:3C:54:F9:CE:58:26:DC:91:96:C2:A3:2E:4A:7C:5F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/357fb17e-9d58-4d51-846e-0a84c8699142/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/357fb17e-9d58-4d51-846e-0a84c8699142/0/9AF7BD047F3C54F9CE5826DC9196C2A32E4A7C5F.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.255.98.0/23 Signature Algorithm: sha256WithRSAEncryption 38:61:e5:b9:0a:3e:7e:e0:b8:0e:d5:22:f2:7f:48:78:fc:e5: 09:92:7b:2e:64:c4:58:01:54:f8:de:fe:c1:b0:5a:6e:d8:45: 55:80:7e:f3:e3:2a:5d:ef:ab:78:6c:c6:0a:2c:94:16:1a:c2: 19:fb:be:85:dd:d3:69:7b:8e:6d:01:aa:00:5d:1d:b4:8f:3f: 3c:72:2d:c7:d5:aa:42:32:cc:ce:70:b2:5e:d6:1f:f2:93:df: cd:cd:5e:30:d3:bc:76:96:62:96:a6:3c:02:d7:9c:53:22:04: 33:40:bd:cc:f2:e0:6b:43:0d:22:cb:cf:ed:75:a3:23:63:5d: 73:e7:4a:68:18:26:b5:87:85:72:51:11:b8:cf:85:69:10:ce: ff:bf:d1:ed:44:75:6e:c4:35:65:ce:de:3b:f2:fb:a6:d0:93: 7e:91:7d:9a:15:c9:ed:d6:d0:eb:4c:54:48:2e:d5:8d:3d:84: 9b:3c:8e:8f:08:22:47:57:c5:d0:69:6f:d0:c9:8b:7e:96:35: fd:46:bf:23:b9:5c:f3:ee:dc:70:33:87:c9:17:3d:ab:4f:8f: 98:93:fb:a6:50:27:85:4a:66:d0:49:80:0c:da:6b:b2:9a:cb: a0:70:cf:23:7c:9b:ca:80:79:10:b6:1e:b7:99:b8:34:7d:63: 8d:e0:d4:02 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUPEa5g3AE/HjkMbWtD3BcQ++cfygwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDgyODAzNTA0MVoX DTI2MDgyNzAzNTU0MVowMzExMC8GA1UEAxMoOUFGN0JEMDQ3RjNDNTRGOUNFNTgy NkRDOTE5NkMyQTMyRTRBN0M1RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMHLQ0nkZHYOH/IUbmCDh50nwKryAkTjK0nwdRPPOIrGMwmza8LulNo38opx ic/h1QdXcvRBDfayAyApNVMXbVeP+OIuziFxwR7UWpNoeuieXmIQH9fltKt1H3Lw Odjo7cDYDOz6bZlDe0Ti7wBClQ5r5iC3LS4QrOKNi9n0qra6fBre8RxS4arO/pnB 6WQXvKJyHHA+8jfq2N5f/ikVwv0DPp4jWGf2TcMdMPPjbc83F3aTJgCAfOZxl4Op h2g5veCFZtfUgLnH6+ZcgFZQQ8jKLcbalXE8VK95a2c9/cUEFwjDMCVLTnOT8MhL w/3nSRCkL5VcUbF2XQvIyuJLwZUCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFJr3vQR/PFT5zlgm3JGWwqMuSnxfMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zNTdmYjE3ZS05ZDU4LTRkNTEtODQ2ZS0wYTg0Yzg2OTkxNDIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzM1N2ZiMTdl LTlkNTgtNGQ1MS04NDZlLTBhODRjODY5OTE0Mi8wLzlBRjdCRDA0N0YzQzU0RjlD RTU4MjZEQzkxOTZDMkEzMkU0QTdDNUYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFn/2IwDQYJKoZIhvcNAQELBQADggEBADhh5bkKPn7guA7VIvJ/SHj85QmSey5k xFgBVPje/sGwWm7YRVWAfvPjKl3vq3hsxgoslBYawhn7voXd02l7jm0BqgBdHbSP PzxyLcfVqkIyzM5wsl7WH/KT383NXjDTvHaWYpamPALXnFMiBDNAvczy4GtDDSLL z+11oyNjXXPnSmgYJrWHhXJREbjPhWkQzv+/0e1EdW7ENWXO3jvy+6bQk36RfZoV ye3W0OtMVEgu1Y09hJs8jo8IIkdXxdBpb9DJi36WNf1GvyO5XPPu3HAzh8kXPatP j5iT+6ZQJ4VKZtBJgAzaa7Kay6BwzyN8m8qAeRC2HreZuDR9Y43g1AI= -----END CERTIFICATE-----Generated at Fri Sep 5 08:16:11 2025 by rpki-client