$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.cer File: BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.cer (raw, json) Hash identifier: 1za2R86COHzXiVDeRRd5AFLJAtE4u+jx35pSitM5JCs= Subject key identifier: BF:07:6E:A2:4A:68:CF:15:2C:32:3C:7A:3D:FD:3F:92:AF:E8:AA:2B Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 24B2EBB6B0372F4CE107B47A0E825B38F53916EE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.mft caRepository: rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 02 Jun 2025 22:29:48 +0000 Certificate not after: Mon 01 Jun 2026 22:34:48 +0000 Subordinate resources: IP: 45.64.100.0/22 IP: 103.21.84.0/22 IP: 111.67.64.0/19 IP: 182.50.240.0/20 IP: 202.61.100.0/23 IP: 2001:df0:cb::/48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 02:27:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:b2:eb:b6:b0:37:2f:4c:e1:07:b4:7a:0e:82:5b:38:f5:39:16:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 2 22:29:48 2025 GMT Not After : Jun 1 22:34:48 2026 GMT Subject: CN=BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:7c:04:81:af:55:10:f9:8e:75:66:7b:5d:48: 24:65:26:a0:f0:08:84:84:e2:5b:8c:ad:52:55:9d: 34:57:e4:ed:f9:dc:b7:ab:d7:dc:65:6d:e1:22:9f: 28:6c:cd:79:04:e5:3c:6a:33:cc:36:85:d4:62:b6: 73:f5:ea:d7:38:bc:57:87:0e:74:bc:80:6d:83:c7: de:34:1f:16:f1:7c:f1:61:de:0c:e2:00:db:78:6b: ec:21:32:ac:09:e1:8d:87:1c:fb:6b:93:aa:4b:98: a4:7d:74:b8:83:f8:e7:9f:8d:fd:10:30:f1:cb:b3: e6:7d:0b:17:55:84:d6:1d:3e:cf:59:b7:42:eb:da: ca:80:3d:20:4f:77:ad:72:2b:a4:6b:e7:ac:8d:be: 7c:d5:59:11:f0:ee:a5:50:5c:7c:f5:60:c2:43:91: fb:3f:f3:d9:9e:b6:37:cd:04:9c:40:70:9d:a5:3d: 0c:7a:18:3b:9e:b8:84:18:c9:a6:e9:3a:9c:b9:8f: 53:f6:9e:4c:42:4b:e0:89:2f:99:07:f4:75:ba:73: 30:60:68:b0:25:58:21:04:e8:cf:c6:08:b8:f4:8f: fb:ba:71:cc:f9:b5:b9:cc:57:84:7e:e1:d3:e1:a8: b9:3a:da:19:ba:4a:58:13:6c:b7:27:d7:9a:d7:ec: 51:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: BF:07:6E:A2:4A:68:CF:15:2C:32:3C:7A:3D:FD:3F:92:AF:E8:AA:2B X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.64.100.0/22 103.21.84.0/22 111.67.64.0/19 182.50.240.0/20 202.61.100.0/23 IPv6: 2001:df0:cb::/48 Signature Algorithm: sha256WithRSAEncryption 98:45:af:ff:df:69:07:e2:c0:59:bd:20:05:66:06:fc:0d:6d: d4:04:05:c6:f7:1d:43:ae:b4:21:e0:79:99:bd:6f:e8:8d:a5: a8:ab:ed:6b:8a:5e:e7:79:c4:5c:d8:55:35:48:de:c6:7f:9a: f5:60:71:08:91:64:4e:51:b1:7a:d0:33:ce:a6:ec:01:ea:42: 1b:99:46:92:d2:b4:8d:b2:c3:45:1b:51:a6:4c:7c:9b:a8:0e: 91:99:76:18:f6:7b:ac:0d:da:f3:3d:b3:54:6e:86:48:dd:c5: 50:9c:8e:c6:ae:4f:10:c9:66:08:ce:ef:93:f0:5d:c2:84:0f: db:fa:9c:d9:ca:42:51:bf:ec:ee:77:e9:d7:55:26:02:40:5a: 39:48:70:86:3d:43:42:47:54:07:29:5c:52:91:31:53:e6:54: 08:4e:bd:08:bc:97:e7:78:31:0f:cd:ee:81:ac:90:4c:1b:32: bf:25:f7:ee:c6:62:96:2a:55:4b:a6:40:52:f1:36:43:29:7f: fc:48:7a:a9:e5:79:06:0b:e7:e3:d3:b7:f6:fc:0c:58:6b:2e: e6:c2:93:b3:1d:3d:dc:cd:75:97:72:10:7b:78:c0:8f:13:1a: 3f:80:4b:3e:74:13:96:c5:6c:a4:03:2a:50:dd:a9:88:a8:03: cf:88:31:6e -----BEGIN CERTIFICATE----- MIIF7jCCBNagAwIBAgIUJLLrtrA3L0zhB7R6DoJbOPU5Fu4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwMjIyMjk0OFoX DTI2MDYwMTIyMzQ0OFowMzExMC8GA1UEAxMoQkYwNzZFQTI0QTY4Q0YxNTJDMzIz QzdBM0RGRDNGOTJBRkU4QUEyQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMZ8BIGvVRD5jnVme11IJGUmoPAIhITiW4ytUlWdNFfk7fnct6vX3GVt4SKf KGzNeQTlPGozzDaF1GK2c/Xq1zi8V4cOdLyAbYPH3jQfFvF88WHeDOIA23hr7CEy rAnhjYcc+2uTqkuYpH10uIP455+N/RAw8cuz5n0LF1WE1h0+z1m3QuvayoA9IE93 rXIrpGvnrI2+fNVZEfDupVBcfPVgwkOR+z/z2Z62N80EnEBwnaU9DHoYO564hBjJ puk6nLmPU/aeTEJL4IkvmQf0dbpzMGBosCVYIQToz8YIuPSP+7pxzPm1ucxXhH7h 0+GouTraGbpKWBNstyfXmtfsUQ0CAwEAAaOCAuEwggLdMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFL8HbqJKaM8VLDI8ej39P5Kv6KorMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9lNTBkYTQ0Ny1hMTM4LTQ2MjUtYTQyMC1hNzExYWMyNDM1MTkvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U1MGRhNDQ3 LWExMzgtNDYyNS1hNDIwLWE3MTFhYzI0MzUxOS8wL0JGMDc2RUEyNEE2OENGMTUy QzMyM0M3QTNERkQzRjkyQUZFOEFBMkIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwSAYIKwYBBQUHAQcBAf8EOTA3MCQEAgABMB4D BAItQGQDBAJnFVQDBAVvQ0ADBAS2MvADBAHKPWQwDwQCAAIwCQMHACABDfAAyzAN BgkqhkiG9w0BAQsFAAOCAQEAmEWv/99pB+LAWb0gBWYG/A1t1AQFxvcdQ660IeB5 mb1v6I2lqKvta4pe53nEXNhVNUjexn+a9WBxCJFkTlGxetAzzqbsAepCG5lGktK0 jbLDRRtRpkx8m6gOkZl2GPZ7rA3a8z2zVG6GSN3FUJyOxq5PEMlmCM7vk/BdwoQP 2/qc2cpCUb/s7nfp11UmAkBaOUhwhj1DQkdUBylcUpExU+ZUCE69CLyX53gxD83u gayQTBsyvyX37sZilipVS6ZAUvE2Qyl//Eh6qeV5Bgvn49O39vwMWGsu5sKTsx09 3M11l3IQe3jAjxMaP4BLPnQTlsVspAMqUN2piKgDz4gxbg== -----END CERTIFICATE-----Generated at Sun Jun 8 18:30:20 2025 by rpki-client