$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.cer File: AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.cer (raw, json) Hash identifier: KkU9UO8B/PMrIzfyvZmO9tf+up2nDgFiFfVXPLutUR4= Subject key identifier: AF:4B:58:D4:B1:65:30:B9:F6:91:9D:BF:4F:53:DC:3A:E4:D5:FD:E6 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0C315C0A4B11E0F3637B5E6D0D17D4490BB75F07 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.mft caRepository: rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 03 Jun 2025 17:14:57 +0000 Certificate not after: Tue 02 Jun 2026 17:19:57 +0000 Subordinate resources: IP: 43.240.228.0/22 IP: 103.10.120.0/22 IP: 103.11.28.0/22 IP: 116.68.160.0/22 IP: 116.68.167.0 -- 116.68.169.255 IP: 2404:fd00::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:09:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:31:5c:0a:4b:11:e0:f3:63:7b:5e:6d:0d:17:d4:49:0b:b7:5f:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 3 17:14:57 2025 GMT Not After : Jun 2 17:19:57 2026 GMT Subject: CN=AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ed:9e:15:20:0e:b1:cc:7a:e7:7f:26:c7:a1: 12:7d:2a:c0:6c:33:f9:42:00:f9:ea:98:ed:05:07: c5:b2:ea:08:0d:92:ae:f5:df:31:89:29:d1:07:4c: 96:7a:dd:23:5b:a0:32:33:9f:68:be:7f:46:a1:65: 6f:14:87:50:f0:30:52:57:77:b8:34:fc:ff:8a:05: 3e:60:91:e2:9b:c9:4c:34:43:2b:69:47:a0:7a:75: 4f:ef:0c:ca:4d:26:2e:f4:9e:86:97:b8:20:a7:b1: 53:2f:53:ef:fc:8d:79:3e:d3:e3:96:85:33:62:0c: 28:00:83:a4:3e:2b:bc:99:a6:4d:83:b3:c0:7f:b2: 4a:8d:bc:7b:f5:8d:bf:3f:49:2a:51:da:3a:f4:52: 00:fa:14:78:29:12:46:1c:6c:25:0b:0a:a0:55:5b: dc:b3:63:f8:12:d7:3f:53:f5:df:84:ee:4c:f7:06: 61:8a:e4:25:b8:14:68:8c:03:37:fa:06:18:1b:e7: f2:a3:d3:27:36:e4:ae:00:37:b6:eb:ba:83:ea:7e: 42:de:38:ce:84:22:dd:63:7d:77:f7:f2:19:b6:1d: 1f:f2:8f:9f:80:52:fc:8f:82:26:e0:73:e0:e1:8b: 7c:e6:5a:ef:9a:37:3b:ff:94:8e:0b:90:86:89:b9: 40:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AF:4B:58:D4:B1:65:30:B9:F6:91:9D:BF:4F:53:DC:3A:E4:D5:FD:E6 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.240.228.0/22 103.10.120.0/22 103.11.28.0/22 116.68.160.0/22 116.68.167.0-116.68.169.255 IPv6: 2404:fd00::/32 Signature Algorithm: sha256WithRSAEncryption 93:f3:cd:46:83:f8:1a:ae:71:6d:0f:db:c2:ec:88:52:0d:9d: d1:8e:8c:44:de:d3:35:70:5a:66:03:37:5f:d6:e7:e2:21:14: e5:64:d5:16:31:9d:2f:f7:c4:2e:b2:29:ab:8d:d1:36:f0:53: 75:04:3d:62:c2:02:3e:d2:b1:06:64:61:48:0d:26:50:6a:08: 95:55:ee:5e:82:ca:0b:86:d1:42:3f:e2:3b:45:06:8f:a0:2d: 70:07:dd:1f:e1:85:9c:a4:ff:4c:91:f5:18:67:4f:af:39:c1: 9a:95:1b:c6:2b:f8:d8:4e:d7:ed:17:50:eb:49:59:bf:3c:dc: 5a:8c:60:b2:18:43:a7:e9:53:16:e0:12:5d:8a:74:e5:6e:63: aa:b9:17:91:b8:3a:8d:69:df:bb:94:27:df:d7:e5:56:e0:bc: ea:6d:c5:05:c8:5d:8c:6e:1c:14:d9:28:e0:47:18:df:fb:16: 83:4d:9f:e0:3e:0b:24:c1:d7:4f:26:0c:71:3e:15:48:77:1e: 87:0c:c5:da:4a:b8:65:7b:ed:b4:0b:be:27:a5:e7:8f:d5:02: 8f:a2:3b:66:fe:8c:89:c8:8d:93:80:4b:c3:37:5c:f7:de:51: 0e:85:ed:76:99:f7:d1:2d:2a:1b:97:3a:8f:91:9c:0a:87:fa: ab:ef:b2:e2 -----BEGIN CERTIFICATE----- MIIF9DCCBNygAwIBAgIUDDFcCksR4PNje15tDRfUSQu3XwcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwMzE3MTQ1N1oX DTI2MDYwMjE3MTk1N1owMzExMC8GA1UEAxMoQUY0QjU4RDRCMTY1MzBCOUY2OTE5 REJGNEY1M0RDM0FFNEQ1RkRFNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALztnhUgDrHMeud/JsehEn0qwGwz+UIA+eqY7QUHxbLqCA2SrvXfMYkp0QdM lnrdI1ugMjOfaL5/RqFlbxSHUPAwUld3uDT8/4oFPmCR4pvJTDRDK2lHoHp1T+8M yk0mLvSehpe4IKexUy9T7/yNeT7T45aFM2IMKACDpD4rvJmmTYOzwH+ySo28e/WN vz9JKlHaOvRSAPoUeCkSRhxsJQsKoFVb3LNj+BLXP1P134TuTPcGYYrkJbgUaIwD N/oGGBvn8qPTJzbkrgA3tuu6g+p+Qt44zoQi3WN9d/fyGbYdH/KPn4BS/I+CJuBz 4OGLfOZa75o3O/+UjguQhom5QAsCAwEAAaOCAucwggLjMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFK9LWNSxZTC59pGdv09T3Drk1f3mMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by81ZDIyN2RiZS00YTFjLTQwYjAtOTRhNi03OTNiZGJkYTM3NzcvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVkMjI3ZGJl LTRhMWMtNDBiMC05NGE2LTc5M2JkYmRhMzc3Ny8wL0FGNEI1OEQ0QjE2NTMwQjlG NjkxOURCRjRGNTNEQzNBRTRENUZERTYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwTgYIKwYBBQUHAQcBAf8EPzA9MCwEAgABMCYD BAIr8OQDBAJnCngDBAJnCxwDBAJ0RKAwDAMEAHREpwMEAXREqDANBAIAAjAHAwUA JAT9ADANBgkqhkiG9w0BAQsFAAOCAQEAk/PNRoP4Gq5xbQ/bwuyIUg2d0Y6MRN7T NXBaZgM3X9bn4iEU5WTVFjGdL/fELrIpq43RNvBTdQQ9YsICPtKxBmRhSA0mUGoI lVXuXoLKC4bRQj/iO0UGj6AtcAfdH+GFnKT/TJH1GGdPrznBmpUbxiv42E7X7RdQ 60lZvzzcWoxgshhDp+lTFuASXYp05W5jqrkXkbg6jWnfu5Qn39flVuC86m3FBchd jG4cFNko4EcY3/sWg02f4D4LJMHXTyYMcT4VSHcehwzF2kq4ZXvttAu+J6Xnj9UC j6I7Zv6MiciNk4BLwzdc995RDoXtdpn30S0qG5c6j5GcCof6q++y4g== -----END CERTIFICATE-----Generated at Tue Jun 3 23:26:35 2025 by rpki-client