$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/D0C90407CCD53717DFEA21D51A8921F20564AB25.cer File: D0C90407CCD53717DFEA21D51A8921F20564AB25.cer (raw, json) Hash identifier: X7HIDHKnb/+6kOi5fzoiSYlf0ecHz78m0J5btrhSgA8= Subject key identifier: D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 37528E567AB5E68876D917055A4EBB8DF2E7968A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/D0C90407CCD53717DFEA21D51A8921F20564AB25.mft caRepository: rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sun 18 May 2025 03:27:08 +0000 Certificate not after: Sun 17 May 2026 03:32:08 +0000 Subordinate resources: IP: 103.10.136.0/22 IP: 114.199.80.0/20 IP: 202.47.64.0/20 IP: 202.52.8.0/22 IP: 202.58.216.0/21 IP: 2402:fc00::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 06:20:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:52:8e:56:7a:b5:e6:88:76:d9:17:05:5a:4e:bb:8d:f2:e7:96:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 18 03:27:08 2025 GMT Not After : May 17 03:32:08 2026 GMT Subject: CN=D0C90407CCD53717DFEA21D51A8921F20564AB25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:33:75:25:53:b0:00:78:46:6a:0d:cb:7f:b6: f7:4d:72:71:fa:e5:a9:2f:e4:d2:8b:95:e2:02:ed: fc:57:c5:e1:bb:be:8a:ed:3e:46:b9:14:9e:81:d4: 33:b2:ff:ea:a8:ad:f2:d6:bf:40:8c:74:97:33:7c: b1:d3:9e:bb:c3:92:62:7c:5e:20:31:d3:3f:12:b3: 8c:b6:9e:e0:b5:cb:f4:e8:2c:d5:d4:30:70:f2:f6: eb:d9:64:16:47:fb:87:12:af:db:d0:a0:a7:31:cc: 10:b5:c2:ac:96:ff:d4:a7:ee:3f:74:24:3d:cb:0e: 62:00:dd:6a:99:0e:05:99:5a:d6:15:2d:0a:65:f7: d2:b1:bc:03:85:74:c3:14:0f:a5:78:aa:04:bf:64: bf:63:63:77:0b:32:47:bf:0d:1f:1e:4a:da:b3:cc: 3b:37:6e:0a:38:f0:7b:03:4c:bf:c7:88:1b:bc:fc: fc:22:15:f0:6d:39:6f:76:2e:27:e6:69:a9:bc:7f: 73:45:63:f3:eb:71:8b:f3:70:d2:fa:4e:e0:f0:00: a7:5d:40:ab:22:a0:79:75:df:25:c8:9b:0a:5d:b8: 2f:19:dc:77:e2:46:a8:94:1d:f8:98:a5:a0:35:f9: 31:00:19:29:56:4a:56:be:0a:1e:5e:a5:51:5e:fe: 78:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D0:C9:04:07:CC:D5:37:17:DF:EA:21:D5:1A:89:21:F2:05:64:AB:25 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/8cebf116-fe2a-491b-aac8-220ead0b54e2/0/D0C90407CCD53717DFEA21D51A8921F20564AB25.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.10.136.0/22 114.199.80.0/20 202.47.64.0/20 202.52.8.0/22 202.58.216.0/21 IPv6: 2402:fc00::/32 Signature Algorithm: sha256WithRSAEncryption 5d:20:05:9c:ff:58:e6:e1:19:60:a7:38:a3:a4:6c:2f:e8:97: 6e:88:31:86:09:64:ee:2c:df:3f:a0:b3:5d:96:22:0d:47:e1: 3c:36:91:1f:ad:97:0e:43:ce:d1:d4:f4:24:d3:32:89:7b:77: 55:41:d6:7d:7f:2b:68:4c:28:57:83:68:36:86:25:a2:12:7a: 3c:ef:ad:6c:bf:27:a6:56:45:5c:49:18:bf:d9:95:e3:ce:de: 9d:50:84:b9:7d:4c:00:30:c4:bc:26:cc:56:b2:74:ff:1e:0c: 17:65:c4:76:25:0c:f9:df:7e:91:af:fd:98:1e:64:e1:76:1a: 4e:a4:83:b4:94:6a:70:15:92:a9:7f:29:aa:f4:4e:0b:67:ef: 8d:da:c7:c1:82:69:72:8a:ad:aa:9a:cd:54:45:43:0b:6a:68: d1:fa:35:92:69:87:fe:f7:62:e9:10:ec:33:fc:d7:d3:6c:31: 0f:87:ba:c5:fd:9c:65:a4:14:4e:0e:2f:2e:15:66:62:4b:ea: 38:f3:26:7a:d9:7e:9a:98:91:56:35:5b:dc:1d:92:55:dc:5b: 76:0c:e4:7b:d9:d8:6c:3e:11:25:27:9d:e8:06:b5:f4:7e:33: 0c:a5:ec:4a:de:a8:05:12:fa:2d:f0:e0:6e:14:5c:e0:69:89: f3:45:2d:01 -----BEGIN CERTIFICATE----- MIIF7DCCBNSgAwIBAgIUN1KOVnq15oh22RcFWk67jfLnloowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUxODAzMjcwOFoX DTI2MDUxNzAzMzIwOFowMzExMC8GA1UEAxMoRDBDOTA0MDdDQ0Q1MzcxN0RGRUEy MUQ1MUE4OTIxRjIwNTY0QUIyNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL4zdSVTsAB4RmoNy3+2901ycfrlqS/k0ouV4gLt/FfF4bu+iu0+RrkUnoHU M7L/6qit8ta/QIx0lzN8sdOeu8OSYnxeIDHTPxKzjLae4LXL9Ogs1dQwcPL269lk Fkf7hxKv29CgpzHMELXCrJb/1KfuP3QkPcsOYgDdapkOBZla1hUtCmX30rG8A4V0 wxQPpXiqBL9kv2NjdwsyR78NHx5K2rPMOzduCjjwewNMv8eIG7z8/CIV8G05b3Yu J+Zpqbx/c0Vj8+txi/Nw0vpO4PAAp11AqyKgeXXfJcibCl24Lxncd+JGqJQd+Jil oDX5MQAZKVZKVr4KHl6lUV7+eF0CAwEAAaOCAt8wggLbMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNDJBAfM1TcX3+oh1RqJIfIFZKslMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by84Y2ViZjExNi1mZTJhLTQ5MWItYWFjOC0yMjBlYWQwYjU0ZTIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhjZWJmMTE2 LWZlMmEtNDkxYi1hYWM4LTIyMGVhZDBiNTRlMi8wL0QwQzkwNDA3Q0NENTM3MTdE RkVBMjFENTFBODkyMUYyMDU2NEFCMjUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4D BAJnCogDBARyx1ADBATKL0ADBALKNAgDBAPKOtgwDQQCAAIwBwMFACQC/AAwDQYJ KoZIhvcNAQELBQADggEBAF0gBZz/WObhGWCnOKOkbC/ol26IMYYJZO4s3z+gs12W Ig1H4Tw2kR+tlw5DztHU9CTTMol7d1VB1n1/K2hMKFeDaDaGJaISejzvrWy/J6ZW RVxJGL/ZlePO3p1QhLl9TAAwxLwmzFaydP8eDBdlxHYlDPnffpGv/ZgeZOF2Gk6k g7SUanAVkql/Kar0Tgtn743ax8GCaXKKraqazVRFQwtqaNH6NZJph/73YukQ7DP8 19NsMQ+HusX9nGWkFE4OLy4VZmJL6jjzJnrZfpqYkVY1W9wdklXcW3YM5HvZ2Gw+ ESUnnegGtfR+Mwyl7EreqAUS+i3w4G4UXOBpifNFLQE= -----END CERTIFICATE-----Generated at Mon Jun 2 06:30:09 2025 by rpki-client