$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/C3F745EDE7F4C0D8E5674965B52080083B271E3E.cer File: C3F745EDE7F4C0D8E5674965B52080083B271E3E.cer (raw, json) Hash identifier: kqgSkdZTV5VOAeUl5hCrxW1iA21Oh/Wy2Nwga0rTiRY= Subject key identifier: C3:F7:45:ED:E7:F4:C0:D8:E5:67:49:65:B5:20:80:08:3B:27:1E:3E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3845740054276F34D0BDCE06FCCF51BF1A1F1981 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/009c22b1-1b7b-4671-ab94-5c5e74882547/0/C3F745EDE7F4C0D8E5674965B52080083B271E3E.mft caRepository: rsync://repo-rpki.idnic.net/repo/009c22b1-1b7b-4671-ab94-5c5e74882547/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 02 Jun 2025 21:37:40 +0000 Certificate not after: Mon 01 Jun 2026 21:42:40 +0000 Subordinate resources: IP: 103.215.24.0/22 IP: 112.109.16.0/21 IP: 119.82.240.0/21 IP: 123.255.200.0/21 IP: 175.184.224.0/20 IP: 203.89.24.0/21 IP: 2403:ba00::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Nov 2025 20:54:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:45:74:00:54:27:6f:34:d0:bd:ce:06:fc:cf:51:bf:1a:1f:19:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 2 21:37:40 2025 GMT Not After : Jun 1 21:42:40 2026 GMT Subject: CN=C3F745EDE7F4C0D8E5674965B52080083B271E3E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:09:c7:15:46:3e:be:ee:0b:25:10:89:7e:09: 2a:10:dc:a7:cd:c8:46:18:4f:1a:c0:cb:a4:4a:e5: 4e:2c:e0:44:a0:08:62:b5:88:2c:64:30:7b:e2:87: 9c:51:f1:84:43:c7:30:b1:cf:45:62:b0:e3:28:d1: e4:e2:8e:17:b2:d2:85:ac:97:cf:4b:f0:e4:28:01: 7e:ba:75:eb:69:2d:41:76:42:5b:24:2b:96:4f:ce: 5b:43:e3:1c:5d:6d:17:ad:33:e3:0b:09:24:9f:56: b6:e5:e9:78:e1:2c:c4:67:08:5e:f3:78:cb:96:9e: 7f:d3:5c:17:58:f8:e7:93:9f:a8:fa:8f:83:32:6f: 7f:73:18:19:a1:76:0f:cb:70:ec:a1:8a:5f:05:21: a6:82:c7:76:c4:2e:c1:78:f0:d8:71:c4:ac:87:0b: ee:ee:28:5a:a6:f4:6d:1e:e9:0c:97:e3:0f:c6:4b: c0:df:ff:50:b0:f1:f9:e2:98:0c:8d:3e:76:b0:8b: f2:04:30:4d:95:0e:5f:c5:15:95:91:95:c6:ff:d8: 8f:dd:25:76:2d:f3:c5:92:60:77:0d:39:3d:f4:e2: 0a:f6:b1:d8:6e:a7:8d:ad:54:37:e4:f6:78:40:3a: 6d:69:81:88:ed:9b:3a:83:97:cf:06:c9:a6:ff:b0: a5:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: C3:F7:45:ED:E7:F4:C0:D8:E5:67:49:65:B5:20:80:08:3B:27:1E:3E X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/009c22b1-1b7b-4671-ab94-5c5e74882547/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/009c22b1-1b7b-4671-ab94-5c5e74882547/0/C3F745EDE7F4C0D8E5674965B52080083B271E3E.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.215.24.0/22 112.109.16.0/21 119.82.240.0/21 123.255.200.0/21 175.184.224.0/20 203.89.24.0/21 IPv6: 2403:ba00::/32 Signature Algorithm: sha256WithRSAEncryption 33:36:b0:c0:90:ba:0c:1f:61:dc:7e:ed:ff:2d:e6:d7:01:d4: 66:ca:af:5c:ef:71:51:5a:1e:d8:bd:a9:d4:ea:5d:ab:7c:f1: 9b:a1:96:26:b9:46:27:b0:8c:51:4a:c2:3b:09:a5:ba:b4:39: 88:68:ea:5a:03:5f:0d:bc:0d:21:db:08:6c:70:6b:db:c7:8b: 33:81:1d:44:74:43:2e:c8:d1:65:3f:12:ba:95:ca:94:d7:52: 51:3b:18:83:49:bc:3d:b7:c6:24:df:f7:93:0a:38:d5:56:f9: f9:b6:d1:c2:5f:6a:e9:b4:ab:65:b3:b1:48:38:56:9d:85:56: a1:5f:0d:d5:b5:23:e7:dd:6c:17:79:9e:9b:d0:02:94:f3:a7: 98:13:37:86:fc:86:bb:fe:9f:f5:91:23:a6:16:bf:2c:b5:c7: 2c:8c:00:ee:d0:3c:9c:e3:94:1f:22:f1:35:9c:9d:e5:69:0c: 12:c7:77:58:47:f3:39:39:d6:31:f4:b1:89:3c:28:79:de:70: 11:1a:c6:66:a8:26:4d:94:a3:fc:54:84:11:93:be:6c:1c:c9: bc:c0:a9:6e:7e:33:4d:82:53:4a:2f:8e:f7:1a:cb:73:e4:b9: 12:d6:7e:5b:2f:57:8d:20:da:31:bd:1e:ba:51:37:0d:10:50: 56:a7:47:f1 -----BEGIN CERTIFICATE----- MIIF8jCCBNqgAwIBAgIUOEV0AFQnbzTQvc4G/M9RvxofGYEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwMjIxMzc0MFoX DTI2MDYwMTIxNDI0MFowMzExMC8GA1UEAxMoQzNGNzQ1RURFN0Y0QzBEOEU1Njc0 OTY1QjUyMDgwMDgzQjI3MUUzRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANwJxxVGPr7uCyUQiX4JKhDcp83IRhhPGsDLpErlTizgRKAIYrWILGQwe+KH nFHxhEPHMLHPRWKw4yjR5OKOF7LShayXz0vw5CgBfrp162ktQXZCWyQrlk/OW0Pj HF1tF60z4wsJJJ9WtuXpeOEsxGcIXvN4y5aef9NcF1j455OfqPqPgzJvf3MYGaF2 D8tw7KGKXwUhpoLHdsQuwXjw2HHErIcL7u4oWqb0bR7pDJfjD8ZLwN//ULDx+eKY DI0+drCL8gQwTZUOX8UVlZGVxv/Yj90ldi3zxZJgdw05PfTiCvax2G6nja1UN+T2 eEA6bWmBiO2bOoOXzwbJpv+wpV0CAwEAAaOCAuUwggLhMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFMP3Re3n9MDY5WdJZbUggAg7Jx4+MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8wMDljMjJiMS0xYjdiLTQ2NzEtYWI5NC01YzVlNzQ4ODI1NDcvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzAwOWMyMmIx LTFiN2ItNDY3MS1hYjk0LTVjNWU3NDg4MjU0Ny8wL0MzRjc0NUVERTdGNEMwRDhF NTY3NDk2NUI1MjA4MDA4M0IyNzFFM0UubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwTAYIKwYBBQUHAQcBAf8EPTA7MCoEAgABMCQD BAJn1xgDBANwbRADBAN3UvADBAN7/8gDBASvuOADBAPLWRgwDQQCAAIwBwMFACQD ugAwDQYJKoZIhvcNAQELBQADggEBADM2sMCQugwfYdx+7f8t5tcB1GbKr1zvcVFa Hti9qdTqXat88Zuhlia5RiewjFFKwjsJpbq0OYho6loDXw28DSHbCGxwa9vHizOB HUR0Qy7I0WU/ErqVypTXUlE7GINJvD23xiTf95MKONVW+fm20cJfaum0q2WzsUg4 Vp2FVqFfDdW1I+fdbBd5npvQApTzp5gTN4b8hrv+n/WRI6YWvyy1xyyMAO7QPJzj lB8i8TWcneVpDBLHd1hH8zk51jH0sYk8KHnecBEaxmaoJk2Uo/xUhBGTvmwcybzA qW5+M02CU0ovjvcay3PkuRLWflsvV40g2jG9HrpRNw0QUFanR/E= -----END CERTIFICATE-----Generated at Thu Oct 30 15:11:31 2025 by rpki-client