This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/CBB5E8D87996C4897C9F5DC0CB32864F4F0C5A7A.cer File: CBB5E8D87996C4897C9F5DC0CB32864F4F0C5A7A.cer (raw, json) Hash identifier: JGoceoowbzzvfHvTAR4p9+BobHSceASpUxfPPmJjLrw= Subject key identifier: CB:B5:E8:D8:79:96:C4:89:7C:9F:5D:C0:CB:32:86:4F:4F:0C:5A:7A Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 67B16E0129C25E012A07D431E7026F775746BA84 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/57f6e57b-4c26-442b-8afc-0329eedafb72/0/CBB5E8D87996C4897C9F5DC0CB32864F4F0C5A7A.mft caRepository: rsync://repo-rpki.idnic.net/repo/57f6e57b-4c26-442b-8afc-0329eedafb72/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 06 Nov 2025 18:00:23 +0000 Certificate not after: Thu 05 Nov 2026 18:05:23 +0000 Subordinate resources: IP: 103.129.68.0/22 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 06 Dec 2025 12:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:b1:6e:01:29:c2:5e:01:2a:07:d4:31:e7:02:6f:77:57:46:ba:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 6 18:00:23 2025 GMT Not After : Nov 5 18:05:23 2026 GMT Subject: CN=CBB5E8D87996C4897C9F5DC0CB32864F4F0C5A7A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:bb:1f:7d:9f:14:50:a0:54:d7:25:d4:8f:11: a7:7f:ef:9b:90:6c:87:09:8a:bb:54:2e:21:e2:b7: f8:09:f8:8e:e3:72:b0:78:e1:c2:f9:f3:a9:a7:ac: 56:08:4a:9d:15:98:25:9e:4b:5f:14:f7:fe:ce:3b: ca:f1:3b:c2:b9:12:2f:2f:e2:1f:a1:1e:b7:f7:4c: 19:51:19:f7:ce:02:a8:e9:69:40:7b:df:0a:a2:e0: 15:b1:8c:d0:33:51:ec:94:42:c4:7f:64:56:48:e5: 52:59:79:ae:ec:5e:43:62:23:ec:52:51:4f:5c:8e: 0b:80:01:c2:35:c7:ca:0d:af:d8:12:06:7a:38:99: 1c:f5:59:ca:a2:32:e7:4e:7a:46:53:f1:d5:7b:63: ee:67:39:41:b4:bf:2c:a7:7b:68:fd:a7:d3:47:a4: c0:b3:4a:78:47:1d:2b:56:64:2e:59:57:3f:58:46: be:a1:55:50:48:e2:75:1f:df:ca:7d:5d:00:78:b6: 3d:18:03:16:47:2e:39:8d:cb:1a:8e:c6:3c:d9:de: 42:1c:49:67:a8:64:1d:35:bd:e4:bf:a1:83:72:4a: 1b:93:97:36:e8:b4:ad:46:cc:a4:d6:5f:e8:f2:45: 59:9a:f6:31:07:54:af:40:57:bf:06:0b:51:06:10: 77:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: CB:B5:E8:D8:79:96:C4:89:7C:9F:5D:C0:CB:32:86:4F:4F:0C:5A:7A X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/57f6e57b-4c26-442b-8afc-0329eedafb72/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/57f6e57b-4c26-442b-8afc-0329eedafb72/0/CBB5E8D87996C4897C9F5DC0CB32864F4F0C5A7A.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.129.68.0/22 Signature Algorithm: sha256WithRSAEncryption 85:34:1c:16:22:97:52:d2:37:3c:ac:71:32:8e:c2:18:75:27: 24:06:91:74:69:45:ee:2c:e2:e8:6d:17:c2:50:1f:5d:21:bc: 35:45:a7:8f:3d:f8:b6:31:1e:59:cd:a0:b3:b0:ce:8f:84:b2: f4:24:ad:4a:e0:f7:c2:6f:ba:3b:61:c0:7c:b4:cb:14:48:3d: 6a:36:96:4e:a8:30:99:2d:11:17:88:d9:53:b8:11:4e:83:b4: a2:17:88:bc:2c:51:cf:3a:f7:de:d5:f0:bc:1f:08:68:4f:4e: 3b:a1:a5:96:04:67:c0:77:d8:f6:be:0e:9f:a2:68:90:1b:25: ab:ee:7d:43:0d:ec:77:08:84:97:19:97:63:ad:40:1f:5a:8e: 9f:70:20:4e:62:7b:71:52:60:3c:7b:b7:9c:76:92:d8:74:ef: af:f6:1a:08:a7:8a:ad:00:9f:8b:00:0c:56:15:97:11:e6:56: f2:ef:78:82:a6:45:16:5d:59:77:1d:87:2e:85:5f:10:91:01: a2:58:28:72:69:22:f0:f0:dd:bf:55:2d:ab:16:46:19:87:ce: 21:25:10:27:06:8a:b3:52:ae:51:90:1c:4b:e9:30:7b:45:d5: ee:64:f4:97:2e:93:6f:08:3e:3f:bd:a1:d4:4c:f1:e3:3e:14: 20:50:b9:33 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUZ7FuASnCXgEqB9Qx5wJvd1dGuoQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTEwNjE4MDAyM1oX DTI2MTEwNTE4MDUyM1owMzExMC8GA1UEAxMoQ0JCNUU4RDg3OTk2QzQ4OTdDOUY1 REMwQ0IzMjg2NEY0RjBDNUE3QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMq7H32fFFCgVNcl1I8Rp3/vm5BshwmKu1QuIeK3+An4juNysHjhwvnzqaes VghKnRWYJZ5LXxT3/s47yvE7wrkSLy/iH6Eet/dMGVEZ984CqOlpQHvfCqLgFbGM 0DNR7JRCxH9kVkjlUll5ruxeQ2Ij7FJRT1yOC4ABwjXHyg2v2BIGejiZHPVZyqIy 5056RlPx1Xtj7mc5QbS/LKd7aP2n00ekwLNKeEcdK1ZkLllXP1hGvqFVUEjidR/f yn1dAHi2PRgDFkcuOY3LGo7GPNneQhxJZ6hkHTW95L+hg3JKG5OXNui0rUbMpNZf 6PJFWZr2MQdUr0BXvwYLUQYQd+kCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFMu16Nh5lsSJfJ9dwMsyhk9PDFp6MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by81N2Y2ZTU3Yi00YzI2LTQ0MmItOGFmYy0wMzI5ZWVkYWZiNzIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU3ZjZlNTdi LTRjMjYtNDQyYi04YWZjLTAzMjllZWRhZmI3Mi8wL0NCQjVFOEQ4Nzk5NkM0ODk3 QzlGNURDMENCMzI4NjRGNEYwQzVBN0EubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJngUQwDQYJKoZIhvcNAQELBQADggEBAIU0HBYil1LSNzyscTKOwhh1JyQGkXRp Re4s4uhtF8JQH10hvDVFp489+LYxHlnNoLOwzo+EsvQkrUrg98JvujthwHy0yxRI PWo2lk6oMJktEReI2VO4EU6DtKIXiLwsUc86997V8LwfCGhPTjuhpZYEZ8B32Pa+ Dp+iaJAbJavufUMN7HcIhJcZl2OtQB9ajp9wIE5ie3FSYDx7t5x2kth076/2Ggin iq0An4sADFYVlxHmVvLveIKmRRZdWXcdhy6FXxCRAaJYKHJpIvDw3b9VLasWRhmH ziElECcGirNSrlGQHEvpMHtF1e5k9Jcuk28IPj+9odRM8eM+FCBQuTM= -----END CERTIFICATE-----Generated at Wed Dec 3 12:45:03 2025 by rpki-client