$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/DF77061CAEF30A8DAF6B52D8A3D9FD80F3720F11.cer File: DF77061CAEF30A8DAF6B52D8A3D9FD80F3720F11.cer (raw, json) Hash identifier: cQ5cG1YH8G31C9jid3MM45WbQ5ubaQ0gp+evtahR6co= Subject key identifier: DF:77:06:1C:AE:F3:0A:8D:AF:6B:52:D8:A3:D9:FD:80:F3:72:0F:11 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 34C69EA28CA9BE399A006B24788D2146D4BED155 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/7a0210b3-cca2-43c5-89f9-5a9086a60703/1/DF77061CAEF30A8DAF6B52D8A3D9FD80F3720F11.mft caRepository: rsync://repo-rpki.idnic.net/repo/7a0210b3-cca2-43c5-89f9-5a9086a60703/1/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 29 May 2025 12:42:41 +0000 Certificate not after: Thu 28 May 2026 12:47:41 +0000 Subordinate resources: IP: 2001:df3:f840::/48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:09:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:c6:9e:a2:8c:a9:be:39:9a:00:6b:24:78:8d:21:46:d4:be:d1:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 29 12:42:41 2025 GMT Not After : May 28 12:47:41 2026 GMT Subject: CN=DF77061CAEF30A8DAF6B52D8A3D9FD80F3720F11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:16:87:c7:2a:04:f4:de:a6:79:6f:47:b9:05: 42:a8:b2:14:55:24:5a:5f:84:14:fb:fd:ab:41:76: e2:75:aa:0b:89:14:e1:77:87:61:58:ca:91:a0:9b: 21:9b:6e:89:37:1c:ae:b7:54:d1:0e:17:cc:70:9e: 7c:2b:bf:db:62:3f:b1:50:57:98:54:0a:61:72:f4: 5f:41:c4:81:d5:0e:2a:06:1f:fc:44:e1:aa:72:10: 31:7f:fe:d0:62:5a:2d:0f:9d:d8:de:54:44:5f:a9: f7:6d:37:af:39:5f:e7:9a:73:c5:0d:e3:88:2a:67: 74:c6:d2:00:5e:f6:a7:93:b1:eb:8e:b0:fe:68:2a: 2b:a4:12:04:4d:fb:02:5b:2d:9c:2c:fc:23:b4:47: d0:36:6d:94:51:1f:6d:e6:57:dd:d7:da:e8:b3:8c: 65:20:5e:c9:8b:65:ef:c9:d5:66:af:7f:d3:0d:6c: 10:6d:29:dd:2f:1d:fc:99:af:c6:de:1d:d1:40:b2: 3b:9d:f8:8e:d7:10:e8:cf:dc:f0:26:ac:6d:20:7b: f5:c2:5a:5e:ab:49:38:5a:db:0f:a3:45:35:12:7d: 7f:9f:fa:17:3a:f1:d9:9c:c2:98:30:cc:0c:bd:20: c4:21:e3:3c:1f:ca:7b:3f:56:8a:19:83:c8:62:13: b3:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: DF:77:06:1C:AE:F3:0A:8D:AF:6B:52:D8:A3:D9:FD:80:F3:72:0F:11 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/7a0210b3-cca2-43c5-89f9-5a9086a60703/1 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/7a0210b3-cca2-43c5-89f9-5a9086a60703/1/DF77061CAEF30A8DAF6B52D8A3D9FD80F3720F11.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:f840::/48 Signature Algorithm: sha256WithRSAEncryption 8b:40:5a:40:be:cc:65:28:27:7f:fb:08:6a:27:60:d4:d6:ed: ce:0c:b3:1f:fb:97:8b:9a:c5:9c:01:87:94:8a:52:e4:9e:af: e6:21:8f:08:3d:7e:3c:12:06:c9:e6:2d:ef:cd:0d:f8:47:be: 57:d2:60:11:77:c8:f0:eb:93:a1:41:78:d7:9e:6e:01:da:a9: d0:2f:89:c8:7a:aa:50:e4:c9:6f:ca:7a:71:24:de:5a:24:90: 98:c3:d7:32:57:bc:63:09:39:33:6a:c9:6f:6e:6f:36:1e:0c: 1d:62:3f:a3:6f:23:ed:12:57:2c:cf:28:21:34:be:fc:40:c9: 87:ee:d5:cd:43:bc:48:a6:13:9f:c1:5c:2d:fe:d1:6d:3c:78: 83:bd:68:d5:a7:a2:79:6c:77:21:54:72:8a:40:c7:0d:8c:97: 99:ff:33:fc:f8:bc:dc:9f:07:ad:83:47:91:0a:5a:e1:3b:69: e0:bd:17:d8:50:78:f2:ba:a6:58:c1:c0:65:51:8b:ec:58:28: 54:05:4f:5f:68:f6:4c:14:4d:ab:62:f5:bc:f9:11:e1:12:00: 76:62:90:ed:83:41:58:a2:cd:eb:c9:b5:ee:b5:7f:ca:75:3a: 53:19:9a:e6:56:bd:26:df:ea:e8:b9:76:5c:22:82:ec:34:19: a2:46:b8:3c -----BEGIN CERTIFICATE----- MIIFyDCCBLCgAwIBAgIUNMaeooypvjmaAGskeI0hRtS+0VUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUyOTEyNDI0MVoX DTI2MDUyODEyNDc0MVowMzExMC8GA1UEAxMoREY3NzA2MUNBRUYzMEE4REFGNkI1 MkQ4QTNEOUZEODBGMzcyMEYxMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMIWh8cqBPTepnlvR7kFQqiyFFUkWl+EFPv9q0F24nWqC4kU4XeHYVjKkaCb IZtuiTccrrdU0Q4XzHCefCu/22I/sVBXmFQKYXL0X0HEgdUOKgYf/EThqnIQMX/+ 0GJaLQ+d2N5URF+p9203rzlf55pzxQ3jiCpndMbSAF72p5Ox646w/mgqK6QSBE37 AlstnCz8I7RH0DZtlFEfbeZX3dfa6LOMZSBeyYtl78nVZq9/0w1sEG0p3S8d/Jmv xt4d0UCyO534jtcQ6M/c8CasbSB79cJaXqtJOFrbD6NFNRJ9f5/6Fzrx2ZzCmDDM DL0gxCHjPB/Kez9WihmDyGITsyECAwEAAaOCArswggK3MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFN93Bhyu8wqNr2tS2KPZ/YDzcg8RMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83YTAyMTBiMy1jY2EyLTQzYzUtODlmOS01YTkwODZhNjA3MDMvMTCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdhMDIxMGIz LWNjYTItNDNjNS04OWY5LTVhOTA4NmE2MDcwMy8xL0RGNzcwNjFDQUVGMzBBOERB RjZCNTJEOEEzRDlGRDgwRjM3MjBGMTEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD BwAgAQ3z+EAwDQYJKoZIhvcNAQELBQADggEBAItAWkC+zGUoJ3/7CGonYNTW7c4M sx/7l4uaxZwBh5SKUuSer+Yhjwg9fjwSBsnmLe/NDfhHvlfSYBF3yPDrk6FBeNee bgHaqdAvich6qlDkyW/KenEk3lokkJjD1zJXvGMJOTNqyW9ubzYeDB1iP6NvI+0S VyzPKCE0vvxAyYfu1c1DvEimE5/BXC3+0W08eIO9aNWnonlsdyFUcopAxw2Ml5n/ M/z4vNyfB62DR5EKWuE7aeC9F9hQePK6pljBwGVRi+xYKFQFT19o9kwUTati9bz5 EeESAHZikO2DQViizevJte61f8p1OlMZmuZWvSbf6ui5dlwiguw0GaJGuDw= -----END CERTIFICATE-----Generated at Tue Jun 3 23:34:41 2025 by rpki-client