$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/C00163880F235714759920507217F2A7D557C953.cer File: C00163880F235714759920507217F2A7D557C953.cer (raw, json) Hash identifier: YFIcprbubxx1vnOOTn41x1cNNDk8Tur51/RNZKqgjjg= Subject key identifier: C0:01:63:88:0F:23:57:14:75:99:20:50:72:17:F2:A7:D5:57:C9:53 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 435AFAFB266D991254332623C941A70808CFB44C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/aea7a115-b8b8-490b-8320-c9e59a1003dd/0/C00163880F235714759920507217F2A7D557C953.mft caRepository: rsync://repo-rpki.idnic.net/repo/aea7a115-b8b8-490b-8320-c9e59a1003dd/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 03 Jun 2025 12:23:02 +0000 Certificate not after: Tue 02 Jun 2026 12:28:02 +0000 Subordinate resources: IP: 43.252.156.0/22 IP: 49.128.176.0/21 IP: 103.17.244.0/22 IP: 103.247.120.0/22 IP: 103.255.240.0/22 IP: 111.68.24.0/21 IP: 112.78.32.0/21 IP: 116.254.112.0/21 IP: 119.2.48.0/21 IP: 202.145.6.0/23 IP: 203.30.236.0/23 IP: 2401:1700::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 05:25:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:5a:fa:fb:26:6d:99:12:54:33:26:23:c9:41:a7:08:08:cf:b4:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 3 12:23:02 2025 GMT Not After : Jun 2 12:28:02 2026 GMT Subject: CN=C00163880F235714759920507217F2A7D557C953 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:f9:b5:8a:ea:c0:fd:68:f2:5c:61:df:7e:5b: 9d:ef:d1:7b:e8:3e:08:6f:6e:e6:5e:5f:c2:c7:67: 06:27:b7:c7:e1:11:74:26:3d:65:d0:0e:2e:5c:fb: cc:3b:6f:d4:f9:6d:1b:fc:24:6f:e9:ac:d4:47:f3: 62:90:b9:a4:dc:86:26:4e:5b:2b:6d:f8:c7:23:f3: 32:45:a8:c9:35:08:82:21:a1:54:32:6a:b3:22:e2: 0a:92:d0:87:57:de:a6:07:d5:2d:9d:1b:0d:ed:40: f7:eb:8f:cc:63:7d:8e:8b:24:04:0f:c1:f4:fe:55: 65:6a:e6:1f:19:18:7c:4e:60:2e:77:8f:0b:26:d1: 81:64:d9:b4:5c:b8:30:a8:e4:ad:a3:65:f7:9e:a3: f6:71:56:f8:79:c7:1f:04:b2:ba:05:00:31:27:4f: 11:13:ed:6c:e3:1f:da:6b:0d:1d:ee:88:18:50:32: d5:7c:39:e7:ae:5a:e7:9d:14:6b:aa:7f:ee:a5:01: 58:e5:2a:f7:16:f7:b6:36:76:b9:65:4a:5b:d7:e9: 75:5e:6c:a6:6b:87:0e:f1:bc:a8:9d:42:27:00:5e: 97:ad:eb:19:da:be:54:77:ff:c8:d6:61:e5:19:fe: 72:35:9c:0c:78:95:98:74:b1:c6:40:42:5e:6a:2a: b4:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: C0:01:63:88:0F:23:57:14:75:99:20:50:72:17:F2:A7:D5:57:C9:53 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/aea7a115-b8b8-490b-8320-c9e59a1003dd/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/aea7a115-b8b8-490b-8320-c9e59a1003dd/0/C00163880F235714759920507217F2A7D557C953.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.252.156.0/22 49.128.176.0/21 103.17.244.0/22 103.247.120.0/22 103.255.240.0/22 111.68.24.0/21 112.78.32.0/21 116.254.112.0/21 119.2.48.0/21 202.145.6.0/23 203.30.236.0/23 IPv6: 2401:1700::/32 Signature Algorithm: sha256WithRSAEncryption 55:a3:fd:a4:3a:d0:1f:c1:f0:de:d3:18:21:6a:f9:c7:4c:05: 25:c5:95:98:59:2a:c8:d7:f6:09:7d:29:01:59:99:a7:0a:f9: 9c:7d:1f:1e:e1:0f:cc:b1:5c:49:08:56:d3:62:9f:1b:e0:d5: 4d:51:43:16:50:c7:d7:2c:ea:a7:1d:e3:8c:89:11:b8:37:4b: 0d:6f:84:18:b0:a6:c8:79:8c:ab:12:18:2e:d2:23:27:c1:b3: 2a:b7:f9:ee:2c:74:46:14:73:f1:92:c1:ee:dc:d1:51:58:38: 2c:aa:6c:22:a4:61:7f:28:59:3d:e8:c5:45:7f:2b:ea:27:75: ce:10:3a:5d:e6:10:7f:06:e1:98:fc:0d:f7:af:7c:90:e5:d3: d9:0a:ef:19:97:9f:16:b8:e5:df:4d:ed:38:fa:20:83:b9:29: 4f:04:4a:7d:35:97:6f:8e:62:b7:2f:68:38:77:18:d9:8a:e8: 54:d1:0e:f8:a0:c7:20:82:f4:a6:9d:72:1f:19:1b:ce:ee:e0: cf:c7:c3:64:f3:dc:2d:ca:2d:e9:6c:f7:f5:d9:b4:aa:1d:7d: 95:da:90:df:a4:db:bc:d3:13:d0:1f:51:ee:6b:81:20:37:94: 01:a9:0d:9f:fe:b5:93:0f:77:a7:9f:be:8c:a7:b5:0d:ea:60: a2:16:bc:76 -----BEGIN CERTIFICATE----- MIIGEDCCBPigAwIBAgIUQ1r6+yZtmRJUMyYjyUGnCAjPtEwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwMzEyMjMwMloX DTI2MDYwMjEyMjgwMlowMzExMC8GA1UEAxMoQzAwMTYzODgwRjIzNTcxNDc1OTky MDUwNzIxN0YyQTdENTU3Qzk1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOn5tYrqwP1o8lxh335bne/Re+g+CG9u5l5fwsdnBie3x+ERdCY9ZdAOLlz7 zDtv1PltG/wkb+ms1EfzYpC5pNyGJk5bK234xyPzMkWoyTUIgiGhVDJqsyLiCpLQ h1fepgfVLZ0bDe1A9+uPzGN9joskBA/B9P5VZWrmHxkYfE5gLnePCybRgWTZtFy4 MKjkraNl956j9nFW+HnHHwSyugUAMSdPERPtbOMf2msNHe6IGFAy1Xw5565a550U a6p/7qUBWOUq9xb3tjZ2uWVKW9fpdV5spmuHDvG8qJ1CJwBel63rGdq+VHf/yNZh 5Rn+cjWcDHiVmHSxxkBCXmoqtNUCAwEAAaOCAwMwggL/MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFMABY4gPI1cUdZkgUHIX8qfVV8lTMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9hZWE3YTExNS1iOGI4LTQ5MGItODMyMC1jOWU1OWExMDAzZGQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2FlYTdhMTE1 LWI4YjgtNDkwYi04MzIwLWM5ZTU5YTEwMDNkZC8wL0MwMDE2Mzg4MEYyMzU3MTQ3 NTk5MjA1MDcyMTdGMkE3RDU1N0M5NTMubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwagYIKwYBBQUHAQcBAf8EWzBZMEgEAgABMEID BAIr/JwDBAMxgLADBAJnEfQDBAJn93gDBAJn//ADBANvRBgDBANwTiADBAN0/nAD BAN3AjADBAHKkQYDBAHLHuwwDQQCAAIwBwMFACQBFwAwDQYJKoZIhvcNAQELBQAD ggEBAFWj/aQ60B/B8N7TGCFq+cdMBSXFlZhZKsjX9gl9KQFZmacK+Zx9Hx7hD8yx XEkIVtNinxvg1U1RQxZQx9cs6qcd44yJEbg3Sw1vhBiwpsh5jKsSGC7SIyfBsyq3 +e4sdEYUc/GSwe7c0VFYOCyqbCKkYX8oWT3oxUV/K+ondc4QOl3mEH8G4Zj8Dfev fJDl09kK7xmXnxa45d9N7Tj6IIO5KU8ESn01l2+OYrcvaDh3GNmK6FTRDvigxyCC 9Kadch8ZG87u4M/Hw2Tz3C3KLels9/XZtKodfZXakN+k27zTE9AfUe5rgSA3lAGp DZ/+tZMPd6efvoyntQ3qYKIWvHY= -----END CERTIFICATE-----Generated at Tue Jun 3 23:59:30 2025 by rpki-client