$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/EFA4BF9A0D2DD57446126C57F39AF10838E0C675.cer File: EFA4BF9A0D2DD57446126C57F39AF10838E0C675.cer (raw, json) Hash identifier: Bjgoyfc+xNDmYubWOuPRikCzVTc/zim2g88mwReOvMo= Subject key identifier: EF:A4:BF:9A:0D:2D:D5:74:46:12:6C:57:F3:9A:F1:08:38:E0:C6:75 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 7D93480973219896BCDDEE6A9A089905CDF4ED88 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/d3e27da9-e6e6-44a5-98f4-590eb5a1bd65/0/EFA4BF9A0D2DD57446126C57F39AF10838E0C675.mft caRepository: rsync://repo-rpki.idnic.net/repo/d3e27da9-e6e6-44a5-98f4-590eb5a1bd65/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 26 Mar 2025 07:12:20 +0000 Certificate not after: Wed 25 Mar 2026 07:17:20 +0000 Subordinate resources: IP: 103.253.127.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:93:48:09:73:21:98:96:bc:dd:ee:6a:9a:08:99:05:cd:f4:ed:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Mar 26 07:12:20 2025 GMT Not After : Mar 25 07:17:20 2026 GMT Subject: CN=EFA4BF9A0D2DD57446126C57F39AF10838E0C675 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:b7:17:82:ba:c8:20:74:57:c4:bb:0c:b7:4c: e3:af:c8:fe:2d:ed:3f:bd:e9:ff:53:32:e9:18:5a: c2:f5:8f:65:45:0e:2a:f0:8e:70:8d:70:88:9e:c7: 90:6b:59:53:ab:1f:6d:48:6b:d1:d8:11:58:39:f4: bb:4b:9d:0a:e5:e2:38:a3:75:6b:b2:f8:f5:19:85: 2d:f3:c0:95:28:22:76:c3:ae:1f:a9:1f:37:80:be: 9f:63:51:72:8d:1f:29:e2:5b:db:8b:b0:eb:81:19: 50:4a:68:f9:a8:b3:d5:64:6a:dc:ea:c3:54:f2:7d: 0b:20:72:36:fa:0b:01:08:26:da:0d:72:7c:96:43: b3:40:24:8d:4e:2d:bb:ba:18:5c:5b:9f:82:46:03: cd:bd:a1:fa:ed:86:c1:e1:8c:56:cb:b5:4b:a4:43: 55:24:ec:6d:9e:4e:37:6d:4a:aa:b5:73:e3:d5:b0: a9:5a:ac:3d:9b:d0:a4:0a:f1:67:36:3b:cd:2b:e5: 1e:22:b0:ef:c1:14:1c:a8:78:f9:7d:49:3d:46:f4: ce:b5:6f:11:73:49:78:78:c3:e9:0d:2b:06:be:63: e3:05:84:c5:23:75:d0:f9:0b:0a:ff:57:a2:27:93: b7:90:f8:ba:87:2a:a1:54:13:22:50:7b:ed:64:57: cd:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: EF:A4:BF:9A:0D:2D:D5:74:46:12:6C:57:F3:9A:F1:08:38:E0:C6:75 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/d3e27da9-e6e6-44a5-98f4-590eb5a1bd65/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/d3e27da9-e6e6-44a5-98f4-590eb5a1bd65/0/EFA4BF9A0D2DD57446126C57F39AF10838E0C675.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.253.127.0/24 Signature Algorithm: sha256WithRSAEncryption 08:48:88:09:f7:f1:e4:a6:c8:6e:c8:28:18:d0:f7:57:8a:68: 4b:28:95:2b:51:81:1a:cb:2c:71:d1:4b:cf:b0:96:db:28:be: 56:cb:4b:0a:0e:27:63:6c:e0:9b:77:21:5b:a8:6d:d2:1f:0a: 7b:33:59:c8:4d:6b:cf:c9:13:08:95:31:de:9e:1c:89:2e:32: ee:8f:39:d3:b2:bd:cc:0c:d8:aa:19:23:22:ff:4e:7a:1e:1a: 23:48:9e:7b:f5:5c:dd:c8:e1:4a:71:d3:9a:72:d9:bd:d3:7d: 76:3a:23:28:e2:03:7e:2b:49:f8:96:30:5e:c3:42:6e:ec:85: f4:36:01:9a:9a:8a:a9:3e:5c:40:df:9e:be:dc:32:c5:c8:6d: 87:75:c5:47:66:39:60:3b:92:7b:da:c6:83:02:99:c6:63:2c: b0:8b:ea:bd:22:43:99:bc:ac:41:52:df:b6:4a:a1:b1:93:ef: a4:4f:51:b5:41:da:9b:5b:40:06:f4:c7:33:07:80:2b:c1:bb: 10:c7:e3:0a:e0:61:f0:c3:09:df:4c:9d:39:63:d9:39:d0:5d: d7:73:d2:a1:0b:11:03:ec:be:64:f7:4a:e1:7f:84:b8:44:df: ed:6c:cc:1e:c4:d6:13:82:a4:2b:f5:cd:72:3f:63:2f:7d:23: 47:9c:b8:cb -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUfZNICXMhmJa83e5qmgiZBc307YgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDMyNjA3MTIyMFoX DTI2MDMyNTA3MTcyMFowMzExMC8GA1UEAxMoRUZBNEJGOUEwRDJERDU3NDQ2MTI2 QzU3RjM5QUYxMDgzOEUwQzY3NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJi3F4K6yCB0V8S7DLdM46/I/i3tP73p/1My6RhawvWPZUUOKvCOcI1wiJ7H kGtZU6sfbUhr0dgRWDn0u0udCuXiOKN1a7L49RmFLfPAlSgidsOuH6kfN4C+n2NR co0fKeJb24uw64EZUEpo+aiz1WRq3OrDVPJ9CyByNvoLAQgm2g1yfJZDs0AkjU4t u7oYXFufgkYDzb2h+u2GweGMVsu1S6RDVSTsbZ5ON21KqrVz49WwqVqsPZvQpArx ZzY7zSvlHiKw78EUHKh4+X1JPUb0zrVvEXNJeHjD6Q0rBr5j4wWExSN10PkLCv9X oieTt5D4uocqoVQTIlB77WRXzfUCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFO+kv5oNLdV0RhJsV/Oa8Qg44MZ1MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9kM2UyN2RhOS1lNmU2LTQ0YTUtOThmNC01OTBlYjVhMWJkNjUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QzZTI3ZGE5 LWU2ZTYtNDRhNS05OGY0LTU5MGViNWExYmQ2NS8wL0VGQTRCRjlBMEQyREQ1NzQ0 NjEyNkM1N0YzOUFGMTA4MzhFMEM2NzUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn/X8wDQYJKoZIhvcNAQELBQADggEBAAhIiAn38eSmyG7IKBjQ91eKaEsolStR gRrLLHHRS8+wltsovlbLSwoOJ2Ns4Jt3IVuobdIfCnszWchNa8/JEwiVMd6eHIku Mu6POdOyvcwM2KoZIyL/TnoeGiNInnv1XN3I4Upx05py2b3TfXY6IyjiA34rSfiW MF7DQm7shfQ2AZqaiqk+XEDfnr7cMsXIbYd1xUdmOWA7knvaxoMCmcZjLLCL6r0i Q5m8rEFS37ZKobGT76RPUbVB2ptbQAb0xzMHgCvBuxDH4wrgYfDDCd9MnTlj2TnQ Xddz0qELEQPsvmT3SuF/hLhE3+1szB7E1hOCpCv1zXI/Yy99I0ecuMs= -----END CERTIFICATE-----Generated at Sat Apr 5 10:36:50 2025 by rpki-client