$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/A4AC49C4F55BF5D4AF3D42104A8A5EC1F2123E6F.cer File: A4AC49C4F55BF5D4AF3D42104A8A5EC1F2123E6F.cer (raw, json) Hash identifier: Bq+qpGA+bnRlYMJSB21LP4EpxjbpDbnWEwCewlju6nM= Subject key identifier: A4:AC:49:C4:F5:5B:F5:D4:AF:3D:42:10:4A:8A:5E:C1:F2:12:3E:6F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 29F311D899FF9687B97CDC7FC8F301DCBFBD99E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/57280400-9654-4d45-888b-9067bada190b/0/A4AC49C4F55BF5D4AF3D42104A8A5EC1F2123E6F.mft caRepository: rsync://repo-rpki.idnic.net/repo/57280400-9654-4d45-888b-9067bada190b/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 28 Jan 2025 14:46:04 +0000 Certificate not after: Tue 27 Jan 2026 14:51:04 +0000 Subordinate resources: IP: 103.81.64.0/22 IP: 2400:64c0::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:f3:11:d8:99:ff:96:87:b9:7c:dc:7f:c8:f3:01:dc:bf:bd:99:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Jan 28 14:46:04 2025 GMT Not After : Jan 27 14:51:04 2026 GMT Subject: CN=A4AC49C4F55BF5D4AF3D42104A8A5EC1F2123E6F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:d1:3c:a2:82:90:09:0e:29:df:67:1e:65:d2: f3:e1:7d:ee:6d:54:a0:d3:6f:fe:80:a3:b8:79:96: ef:f2:02:2f:4c:60:21:f8:ec:4a:74:73:98:03:42: 54:10:3e:60:a7:32:6d:29:12:4a:d4:93:a4:63:d5: b6:5d:aa:a1:fc:38:a6:e5:15:c4:2e:3c:5d:c8:31: 36:ff:90:81:d4:09:bc:e3:b1:3e:12:a9:26:ab:72: 02:2a:de:34:49:2c:91:a9:b4:93:8b:6f:9b:71:7f: f1:d3:ba:7f:16:9f:c7:f3:65:83:71:71:f2:eb:0c: 3d:51:c7:ae:f2:ef:fd:c4:c8:a2:1a:fe:88:5b:7f: e0:d7:cc:a6:27:1e:ff:48:9d:c9:0b:37:83:d5:dc: d4:ca:1e:1a:ad:db:e5:8a:dc:47:e3:01:d6:d7:bc: f4:f3:8f:7c:cb:00:b4:76:15:9d:08:c5:3a:37:f7: 8e:87:97:33:57:d8:b0:bb:0c:b7:da:a0:99:7e:8a: 1c:ae:10:27:73:cd:10:5e:24:a6:51:af:ec:07:89: 92:34:0f:ec:7e:d7:b2:32:ed:49:6d:4c:56:fa:d1: a0:9b:e3:b7:1d:35:1f:22:d7:c6:12:e4:11:c1:33: 68:89:68:57:bd:d8:99:65:6b:76:72:6a:f5:48:02: 57:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: A4:AC:49:C4:F5:5B:F5:D4:AF:3D:42:10:4A:8A:5E:C1:F2:12:3E:6F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/57280400-9654-4d45-888b-9067bada190b/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/57280400-9654-4d45-888b-9067bada190b/0/A4AC49C4F55BF5D4AF3D42104A8A5EC1F2123E6F.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.81.64.0/22 IPv6: 2400:64c0::/32 Signature Algorithm: sha256WithRSAEncryption 9a:49:a2:cb:72:93:b9:ef:e8:fa:f4:99:8c:b5:41:4a:bd:0e: e7:e6:d3:ea:92:79:e1:aa:bb:ad:81:79:ad:26:90:49:b9:a2: 6d:d5:f5:3b:a8:14:69:a7:b0:58:bc:c3:ff:69:09:4c:34:d3: b5:9d:3a:f1:0a:ce:7e:5d:19:8c:69:ac:19:10:c5:78:98:1f: d5:46:9d:12:f4:d8:d8:d5:22:a6:a5:24:59:0a:f7:da:63:53: dd:82:34:ee:49:07:81:33:32:c7:d7:2b:a2:14:a1:f6:0c:f0: dd:8b:c4:40:b0:88:e4:bb:5e:c8:cd:96:85:78:79:d7:48:14: 52:ae:5f:85:16:66:dd:1d:c7:3f:7b:e2:d4:f8:dc:d7:1e:1c: 96:d9:f5:66:1f:47:c3:2d:3d:71:72:6e:16:d7:ee:9f:c7:40: 44:37:d5:9d:4f:13:e8:97:ea:42:8f:4c:c8:ba:21:1a:ef:77: ac:d9:75:68:4f:d8:41:5c:d2:d5:a1:6f:b3:17:5b:53:92:f5: 84:6e:da:74:c8:96:1f:3b:cc:2d:b0:8c:85:77:bb:b0:4c:62: 64:a7:94:b8:16:c2:3a:9d:48:03:0c:e4:eb:2b:19:78:9e:4c: 09:0c:46:dc:da:58:11:6d:7c:fd:c8:e6:3e:f2:3f:6a:05:d2: fe:7f:0a:57 -----BEGIN CERTIFICATE----- MIIF1DCCBLygAwIBAgIUKfMR2Jn/loe5fNx/yPMB3L+9megwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDEyODE0NDYwNFoX DTI2MDEyNzE0NTEwNFowMzExMC8GA1UEAxMoQTRBQzQ5QzRGNTVCRjVENEFGM0Q0 MjEwNEE4QTVFQzFGMjEyM0U2RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANTRPKKCkAkOKd9nHmXS8+F97m1UoNNv/oCjuHmW7/ICL0xgIfjsSnRzmANC VBA+YKcybSkSStSTpGPVtl2qofw4puUVxC48XcgxNv+QgdQJvOOxPhKpJqtyAire NEkskam0k4tvm3F/8dO6fxafx/Nlg3Fx8usMPVHHrvLv/cTIohr+iFt/4NfMpice /0idyQs3g9Xc1MoeGq3b5YrcR+MB1te89POPfMsAtHYVnQjFOjf3joeXM1fYsLsM t9qgmX6KHK4QJ3PNEF4kplGv7AeJkjQP7H7XsjLtSW1MVvrRoJvjtx01HyLXxhLk EcEzaIloV73YmWVrdnJq9UgCV7sCAwEAAaOCAscwggLDMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKSsScT1W/XUrz1CEEqKXsHyEj5vMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by81NzI4MDQwMC05NjU0LTRkNDUtODg4Yi05MDY3YmFkYTE5MGIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU3MjgwNDAw LTk2NTQtNGQ0NS04ODhiLTkwNjdiYWRhMTkwYi8wL0E0QUM0OUM0RjU1QkY1RDRB RjNENDIxMDRBOEE1RUMxRjIxMjNFNkYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYD BAJnUUAwDQQCAAIwBwMFACQAZMAwDQYJKoZIhvcNAQELBQADggEBAJpJostyk7nv 6Pr0mYy1QUq9Dufm0+qSeeGqu62Bea0mkEm5om3V9TuoFGmnsFi8w/9pCUw007Wd OvEKzn5dGYxprBkQxXiYH9VGnRL02NjVIqalJFkK99pjU92CNO5JB4EzMsfXK6IU ofYM8N2LxECwiOS7XsjNloV4eddIFFKuX4UWZt0dxz974tT43NceHJbZ9WYfR8Mt PXFybhbX7p/HQEQ31Z1PE+iX6kKPTMi6IRrvd6zZdWhP2EFc0tWhb7MXW1OS9YRu 2nTIlh87zC2wjIV3u7BMYmSnlLgWwjqdSAMM5OsrGXieTAkMRtzaWBFtfP3I5j7y P2oF0v5/Clc= -----END CERTIFICATE-----Generated at Sat Apr 5 10:05:21 2025 by rpki-client