$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.cer File: AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.cer (raw, json) Hash identifier: thjMaANzfRGXYQ0hjK13pdCcjAP+qOhG7eHAgk9zHsA= Subject key identifier: AF:5A:2A:D0:C9:E5:CB:1D:9E:F8:5E:6F:8F:44:03:10:F1:00:CE:38 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 7715DF1733A44B672B24FD587CED7D1406314E51 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/041e4ac9-c06b-4343-8526-3a1f1b1b5d82/0/AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.mft caRepository: rsync://repo-rpki.idnic.net/repo/041e4ac9-c06b-4343-8526-3a1f1b1b5d82/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sun 30 Mar 2025 02:23:57 +0000 Certificate not after: Sun 29 Mar 2026 02:28:57 +0000 Subordinate resources: IP: 103.169.4.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 12:08:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:15:df:17:33:a4:4b:67:2b:24:fd:58:7c:ed:7d:14:06:31:4e:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Mar 30 02:23:57 2025 GMT Not After : Mar 29 02:28:57 2026 GMT Subject: CN=AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:0a:fc:f6:c6:51:fc:38:84:cf:50:4a:67:fa: 0c:eb:5e:54:1f:42:26:90:b1:96:bd:66:b8:97:96: 74:14:19:ef:1f:05:8d:1f:e9:e1:eb:68:45:8d:46: 72:ec:19:90:ab:71:1c:79:f5:f3:19:5a:34:0b:b2: c2:47:27:cc:b3:68:22:34:64:62:40:e1:3d:69:8f: ba:90:55:ab:7a:4a:37:08:97:2c:ab:b3:83:31:33: 5e:b7:11:51:8b:14:36:bc:41:9a:49:3d:12:88:2a: 98:77:a7:ac:50:f4:49:eb:65:b6:14:6b:59:34:2c: d3:1d:fc:ce:0a:ac:f0:e0:ca:4e:82:a4:f5:53:27: f9:48:34:87:0e:67:fe:21:c5:e5:de:3b:d8:da:8d: 29:6a:f7:2b:da:9d:f6:98:bd:3d:a7:9d:91:38:ef: 50:20:83:ad:2e:0b:67:d7:c3:ea:03:84:ec:52:da: a6:95:04:2f:6c:45:46:f9:85:a8:5d:f6:5f:56:af: c7:7f:1e:53:06:32:ba:e2:c1:c2:23:46:f8:c7:75: 9d:f2:f1:8f:c3:51:24:80:bf:ac:97:de:be:51:1b: 0b:1c:7e:d5:c4:81:bf:21:ed:2a:4e:33:a9:e8:46: 09:c7:f8:6e:a6:91:ba:75:7b:80:45:c2:98:33:07: dd:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AF:5A:2A:D0:C9:E5:CB:1D:9E:F8:5E:6F:8F:44:03:10:F1:00:CE:38 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/041e4ac9-c06b-4343-8526-3a1f1b1b5d82/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/041e4ac9-c06b-4343-8526-3a1f1b1b5d82/0/AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.169.4.0/23 Signature Algorithm: sha256WithRSAEncryption 16:c1:90:4f:fe:7c:da:d2:df:b1:b2:52:bc:7b:fb:39:b1:8f: 29:23:88:a0:d0:0c:8d:dc:32:4d:d3:a5:f5:29:fb:2d:34:84: 5a:8e:5a:60:ff:13:83:84:ae:45:39:23:a9:75:e5:e7:b3:fd: ef:4e:10:2d:f6:64:d3:c2:fa:f7:78:2a:c6:5e:18:3d:6c:b0: 94:7a:d6:a2:0d:74:79:6b:37:ed:43:7f:7c:0a:f3:d8:90:05: b3:d8:38:41:7d:de:06:f9:b9:80:16:48:8a:4a:27:27:ee:74: 1c:0b:84:ec:b9:bd:db:1f:c1:bb:4f:32:01:55:72:17:b9:3f: 2b:70:ba:b9:6c:84:68:2b:fb:e7:a7:1b:ab:2e:ac:1d:5b:b0: 0e:9e:93:f5:f5:0a:1b:75:22:bc:d9:c1:e6:c1:69:b1:05:02: 13:5d:6a:f4:af:cb:d2:6b:95:62:d7:fa:b3:56:79:9d:0a:05: 3e:25:60:42:8c:1a:74:ff:5d:88:98:4a:ba:bf:ec:3d:35:47: 01:e3:1f:9c:85:7b:20:7f:d3:1e:e4:55:ff:e2:ec:0c:2c:c0: 37:a9:d3:5e:2c:31:e6:3e:54:f5:a3:b4:d5:e0:46:55:98:19: 62:58:2d:9e:66:8f:43:ae:05:a8:e8:ec:4c:8c:df:21:e4:71: a2:6f:c4:1b -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUdxXfFzOkS2crJP1YfO19FAYxTlEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDMzMDAyMjM1N1oX DTI2MDMyOTAyMjg1N1owMzExMC8GA1UEAxMoQUY1QTJBRDBDOUU1Q0IxRDlFRjg1 RTZGOEY0NDAzMTBGMTAwQ0UzODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALQK/PbGUfw4hM9QSmf6DOteVB9CJpCxlr1muJeWdBQZ7x8FjR/p4etoRY1G cuwZkKtxHHn18xlaNAuywkcnzLNoIjRkYkDhPWmPupBVq3pKNwiXLKuzgzEzXrcR UYsUNrxBmkk9EogqmHenrFD0SetlthRrWTQs0x38zgqs8ODKToKk9VMn+Ug0hw5n /iHF5d472NqNKWr3K9qd9pi9PaedkTjvUCCDrS4LZ9fD6gOE7FLappUEL2xFRvmF qF32X1avx38eUwYyuuLBwiNG+Md1nfLxj8NRJIC/rJfevlEbCxx+1cSBvyHtKk4z qehGCcf4bqaRunV7gEXCmDMH3UECAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFK9aKtDJ5csdnvheb49EAxDxAM44MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8wNDFlNGFjOS1jMDZiLTQzNDMtODUyNi0zYTFmMWIxYjVkODIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA0MWU0YWM5 LWMwNmItNDM0My04NTI2LTNhMWYxYjFiNWQ4Mi8wL0FGNUEyQUQwQzlFNUNCMUQ5 RUY4NUU2RjhGNDQwMzEwRjEwMENFMzgubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnqQQwDQYJKoZIhvcNAQELBQADggEBABbBkE/+fNrS37GyUrx7+zmxjykjiKDQ DI3cMk3TpfUp+y00hFqOWmD/E4OErkU5I6l15eez/e9OEC32ZNPC+vd4KsZeGD1s sJR61qINdHlrN+1Df3wK89iQBbPYOEF93gb5uYAWSIpKJyfudBwLhOy5vdsfwbtP MgFVche5PytwurlshGgr++enG6surB1bsA6ek/X1Cht1IrzZwebBabEFAhNdavSv y9JrlWLX+rNWeZ0KBT4lYEKMGnT/XYiYSrq/7D01RwHjH5yFeyB/0x7kVf/i7Aws wDep014sMeY+VPWjtNXgRlWYGWJYLZ5mj0OuBajo7EyM3yHkcaJvxBs= -----END CERTIFICATE-----Generated at Tue Apr 8 14:37:10 2025 by rpki-client