$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/A075EFE65C596438427C6A22E60EB0A01ADEDA8A.cer File: A075EFE65C596438427C6A22E60EB0A01ADEDA8A.cer (raw, json) Hash identifier: Ijm8e1zj6wCpBILinhEqEtqFUhpEHdCEhmCQTVbE0iI= Subject key identifier: A0:75:EF:E6:5C:59:64:38:42:7C:6A:22:E6:0E:B0:A0:1A:DE:DA:8A Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2F7D0383C49F2E5CD98AE90229EB28AA3D75B52A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/904d0397-ffa0-4903-805f-084527bc430c/0/A075EFE65C596438427C6A22E60EB0A01ADEDA8A.mft caRepository: rsync://repo-rpki.idnic.net/repo/904d0397-ffa0-4903-805f-084527bc430c/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 12 Feb 2025 19:43:21 +0000 Certificate not after: Wed 11 Feb 2026 19:48:21 +0000 Subordinate resources: IP: 103.22.204.0/22 IP: 2001:df0:a00::/48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:7d:03:83:c4:9f:2e:5c:d9:8a:e9:02:29:eb:28:aa:3d:75:b5:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 12 19:43:21 2025 GMT Not After : Feb 11 19:48:21 2026 GMT Subject: CN=A075EFE65C596438427C6A22E60EB0A01ADEDA8A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:b7:14:97:4d:a0:f9:5c:40:7b:f1:aa:58:5c: 0a:fa:20:f5:90:f8:29:5d:fc:39:bb:73:d8:18:f5: 0a:49:c8:97:cb:d2:50:f7:01:59:d1:88:0e:ce:b1: 8c:50:f2:21:d0:00:af:af:1c:74:5c:0f:8e:9d:23: c8:67:de:3f:bc:68:44:0d:6f:0a:e3:17:47:8c:55: 79:d6:b9:68:f7:2f:be:12:84:2c:1f:1d:b4:52:e3: f1:d5:5e:05:33:ad:df:7c:bd:29:d1:ff:ed:3f:85: b3:96:8d:6a:f1:67:b5:19:9c:dc:62:47:c4:c4:83: 0a:8e:16:5d:68:14:da:61:4e:c8:98:cb:a9:26:d4: 3b:9c:77:ba:30:ed:b6:67:db:c4:9f:b6:81:02:f4: b3:7e:a0:10:8a:26:df:4e:4d:2f:ff:8c:4e:f5:3d: 51:24:9d:b4:15:7a:fe:52:66:3c:69:72:3f:9a:b7: 65:bc:7e:e9:ef:e0:1c:f9:f3:95:b9:64:1a:2d:72: 0a:bd:92:6c:a3:4a:c7:64:75:60:b2:39:90:79:ee: de:aa:03:ca:a8:c1:2f:c5:f4:cc:56:5e:08:a6:b0: 7a:d2:9d:cc:d5:cc:45:f7:4b:50:fd:6e:2e:03:e3: 6e:6a:d5:bf:56:1a:b1:87:24:5b:ca:af:42:d6:49: b6:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: A0:75:EF:E6:5C:59:64:38:42:7C:6A:22:E6:0E:B0:A0:1A:DE:DA:8A X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/904d0397-ffa0-4903-805f-084527bc430c/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/904d0397-ffa0-4903-805f-084527bc430c/0/A075EFE65C596438427C6A22E60EB0A01ADEDA8A.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.22.204.0/22 IPv6: 2001:df0:a00::/48 Signature Algorithm: sha256WithRSAEncryption 24:11:bb:dc:7b:5d:27:d6:13:29:d5:7d:00:8f:41:12:be:dc: 16:f4:18:08:05:2e:ce:28:6e:f4:be:39:7b:f5:a1:a6:f8:e8: 1e:d8:65:3f:2c:fa:5a:b1:d6:1b:3b:96:48:48:15:f5:8e:c7: ba:46:fd:ff:2e:1b:a6:d9:b9:ef:af:0a:8c:9d:c9:16:8f:14: 0f:72:ec:30:ed:9b:b0:bd:fb:2c:96:ca:5a:1d:56:76:ac:fb: 99:99:06:ae:97:13:78:00:4e:fc:7d:b5:55:01:9c:65:ba:b2: a0:f4:e1:9c:31:32:6a:43:f5:25:20:fe:71:a0:e5:d3:fe:5c: 59:db:02:70:64:57:af:67:3e:26:e5:8c:48:3f:e4:48:0c:74: 6e:bf:91:29:9a:b5:aa:3f:38:74:0e:4f:fe:46:36:33:bb:5b: 6c:bd:e3:c5:14:99:ae:b2:8c:aa:29:f7:e1:e0:fe:99:c4:9e: 89:91:2e:ba:d1:d8:88:a4:bb:86:4a:c4:ec:91:69:4c:16:c9: 66:63:c1:ad:a1:8c:18:f2:c6:c9:bb:69:2f:c4:ae:de:7f:8d: 74:bf:30:5d:09:85:21:a7:fa:2d:0c:07:d9:02:8f:a9:a2:3a: 40:4d:2f:6b:02:a5:a4:26:0a:dc:d7:01:95:29:b5:ec:5c:f0: d8:23:d9:b8 -----BEGIN CERTIFICATE----- MIIF1jCCBL6gAwIBAgIUL30Dg8SfLlzZiukCKesoqj11tSowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDIxMjE5NDMyMVoX DTI2MDIxMTE5NDgyMVowMzExMC8GA1UEAxMoQTA3NUVGRTY1QzU5NjQzODQyN0M2 QTIyRTYwRUIwQTAxQURFREE4QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL23FJdNoPlcQHvxqlhcCvog9ZD4KV38Obtz2Bj1CknIl8vSUPcBWdGIDs6x jFDyIdAAr68cdFwPjp0jyGfeP7xoRA1vCuMXR4xVeda5aPcvvhKELB8dtFLj8dVe BTOt33y9KdH/7T+Fs5aNavFntRmc3GJHxMSDCo4WXWgU2mFOyJjLqSbUO5x3ujDt tmfbxJ+2gQL0s36gEIom305NL/+MTvU9USSdtBV6/lJmPGlyP5q3Zbx+6e/gHPnz lblkGi1yCr2SbKNKx2R1YLI5kHnu3qoDyqjBL8X0zFZeCKawetKdzNXMRfdLUP1u LgPjbmrVv1YasYckW8qvQtZJto0CAwEAAaOCAskwggLFMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKB17+ZcWWQ4QnxqIuYOsKAa3tqKMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by85MDRkMDM5Ny1mZmEwLTQ5MDMtODA1Zi0wODQ1MjdiYzQzMGMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzkwNGQwMzk3 LWZmYTAtNDkwMy04MDVmLTA4NDUyN2JjNDMwYy8wL0EwNzVFRkU2NUM1OTY0Mzg0 MjdDNkEyMkU2MEVCMEEwMUFERURBOEEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYD BAJnFswwDwQCAAIwCQMHACABDfAKADANBgkqhkiG9w0BAQsFAAOCAQEAJBG73Htd J9YTKdV9AI9BEr7cFvQYCAUuzihu9L45e/WhpvjoHthlPyz6WrHWGzuWSEgV9Y7H ukb9/y4bptm5768KjJ3JFo8UD3LsMO2bsL37LJbKWh1Wdqz7mZkGrpcTeABO/H21 VQGcZbqyoPThnDEyakP1JSD+caDl0/5cWdsCcGRXr2c+JuWMSD/kSAx0br+RKZq1 qj84dA5P/kY2M7tbbL3jxRSZrrKMqin34eD+mcSeiZEuutHYiKS7hkrE7JFpTBbJ ZmPBraGMGPLGybtpL8Su3n+NdL8wXQmFIaf6LQwH2QKPqaI6QE0vawKlpCYK3NcB lSm17Fzw2CPZuA== -----END CERTIFICATE-----Generated at Sat Apr 5 06:31:41 2025 by rpki-client