$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/F389B5570A768F4811B6377427EE5A9710A3078F.cer File: F389B5570A768F4811B6377427EE5A9710A3078F.cer (raw, json) Hash identifier: laFsdwxkYOvk6z/YuLlVuZxV5PbIJ+w988qEO1/OPIY= Subject key identifier: F3:89:B5:57:0A:76:8F:48:11:B6:37:74:27:EE:5A:97:10:A3:07:8F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 326701116C09016E5259478D102114EDB490B38E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/3c8ab3e0-ca68-42f6-98f6-654a252a8648/0/F389B5570A768F4811B6377427EE5A9710A3078F.mft caRepository: rsync://repo-rpki.idnic.net/repo/3c8ab3e0-ca68-42f6-98f6-654a252a8648/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 02 May 2025 13:48:58 +0000 Certificate not after: Fri 01 May 2026 13:53:58 +0000 Subordinate resources: IP: 202.93.24.0/21 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Jun 2025 06:20:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:67:01:11:6c:09:01:6e:52:59:47:8d:10:21:14:ed:b4:90:b3:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 2 13:48:58 2025 GMT Not After : May 1 13:53:58 2026 GMT Subject: CN=F389B5570A768F4811B6377427EE5A9710A3078F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:02:3c:86:2f:3f:4b:e3:a4:27:f7:48:76:02: 7e:5a:e9:49:3d:24:cb:3e:aa:ee:a3:04:ef:56:7c: 65:a1:42:40:7a:87:06:b7:7c:f8:56:d6:ca:92:53: 3c:4b:10:81:00:36:95:81:17:84:d4:2f:8d:47:44: 57:a4:4c:0a:c3:85:90:53:20:3b:f4:2f:99:de:63: ca:24:5b:6e:ce:59:32:f2:be:5f:5c:cf:fc:a5:fe: 35:81:80:db:b5:31:b4:e8:92:6a:68:f3:6b:19:03: 51:7b:5f:98:63:d1:ac:19:68:1d:87:d2:c8:93:c9: 0e:10:6e:d6:dc:a5:42:94:8f:ea:2e:20:7b:dd:42: 13:ef:27:a0:01:ab:0b:b4:ef:22:e8:7a:84:12:2a: 50:cc:6c:a0:b0:31:bf:13:a1:50:e0:87:05:69:56: 83:cc:ec:07:10:4a:f9:ef:89:79:d5:2b:7b:62:36: 28:e2:d8:ab:56:c6:17:a5:81:56:19:e0:2d:19:06: 85:f4:b3:5e:ae:ad:a4:87:23:ff:5f:b5:1a:22:41: 15:a7:3d:bf:79:4e:f5:e1:2b:ed:d0:24:d4:40:1e: 37:4f:8a:64:0e:b8:f2:07:95:47:00:ff:8e:e8:4f: aa:fb:22:d2:9d:41:02:bf:42:91:a4:37:7d:aa:fe: da:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: F3:89:B5:57:0A:76:8F:48:11:B6:37:74:27:EE:5A:97:10:A3:07:8F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/3c8ab3e0-ca68-42f6-98f6-654a252a8648/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/3c8ab3e0-ca68-42f6-98f6-654a252a8648/0/F389B5570A768F4811B6377427EE5A9710A3078F.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.93.24.0/21 Signature Algorithm: sha256WithRSAEncryption 32:e5:d6:2a:84:ea:1d:63:80:ad:fe:86:df:0b:63:a7:fe:18: 8f:17:9e:72:21:a1:50:f4:5f:6d:d4:ef:47:ba:be:d8:d9:d3: d4:1d:c7:64:84:ba:e9:7a:1e:14:87:c8:78:ed:45:be:4a:df: eb:ad:70:37:67:56:f7:06:fe:35:f5:c7:81:2b:2e:71:49:ed: 72:dc:c1:13:e1:cb:08:19:6b:6d:9c:c6:47:93:ef:89:6f:9c: 6d:ce:08:99:15:05:21:d3:39:22:85:7a:f6:21:a6:0b:47:00: 4f:1d:d6:4d:96:39:38:76:a0:5a:31:2c:6a:d5:b8:20:30:73: 5e:60:34:77:df:05:db:c7:99:9e:df:b5:b5:c9:29:c3:c9:4c: 73:12:00:ec:bc:1a:77:dc:07:42:2a:70:5d:97:87:05:9f:c5: 78:c4:24:59:3b:57:a5:66:7c:11:94:60:94:2a:b2:31:41:39: 6b:00:0a:5b:f5:8c:a4:73:5c:73:12:82:bd:3b:78:1d:14:39: 7c:3b:f7:9b:51:52:21:32:68:3f:ee:a7:02:c8:80:4f:e3:87: 7b:3a:f4:53:c5:84:10:cd:10:12:b7:da:de:2e:11:c9:69:79: 32:ad:b1:84:d5:6d:af:71:f5:a3:58:5b:95:9a:2d:78:50:52: 68:e4:b9:0f -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUMmcBEWwJAW5SWUeNECEU7bSQs44wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUwMjEzNDg1OFoX DTI2MDUwMTEzNTM1OFowMzExMC8GA1UEAxMoRjM4OUI1NTcwQTc2OEY0ODExQjYz Nzc0MjdFRTVBOTcxMEEzMDc4RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANYCPIYvP0vjpCf3SHYCflrpST0kyz6q7qME71Z8ZaFCQHqHBrd8+FbWypJT PEsQgQA2lYEXhNQvjUdEV6RMCsOFkFMgO/Qvmd5jyiRbbs5ZMvK+X1zP/KX+NYGA 27UxtOiSamjzaxkDUXtfmGPRrBloHYfSyJPJDhBu1tylQpSP6i4ge91CE+8noAGr C7TvIuh6hBIqUMxsoLAxvxOhUOCHBWlWg8zsBxBK+e+JedUre2I2KOLYq1bGF6WB VhngLRkGhfSzXq6tpIcj/1+1GiJBFac9v3lO9eEr7dAk1EAeN0+KZA648geVRwD/ juhPqvsi0p1BAr9CkaQ3far+2mECAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFPOJtVcKdo9IEbY3dCfuWpcQowePMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zYzhhYjNlMC1jYTY4LTQyZjYtOThmNi02NTRhMjUyYTg2NDgvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNjOGFiM2Uw LWNhNjgtNDJmNi05OGY2LTY1NGEyNTJhODY0OC8wL0YzODlCNTU3MEE3NjhGNDgx MUI2Mzc3NDI3RUU1QTk3MTBBMzA3OEYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAPKXRgwDQYJKoZIhvcNAQELBQADggEBADLl1iqE6h1jgK3+ht8LY6f+GI8XnnIh oVD0X23U70e6vtjZ09Qdx2SEuul6HhSHyHjtRb5K3+utcDdnVvcG/jX1x4ErLnFJ 7XLcwRPhywgZa22cxkeT74lvnG3OCJkVBSHTOSKFevYhpgtHAE8d1k2WOTh2oFox LGrVuCAwc15gNHffBdvHmZ7ftbXJKcPJTHMSAOy8GnfcB0IqcF2XhwWfxXjEJFk7 V6VmfBGUYJQqsjFBOWsAClv1jKRzXHMSgr07eB0UOXw795tRUiEyaD/upwLIgE/j h3s69FPFhBDNEBK32t4uEclpeTKtsYTVba9x9aNYW5WaLXhQUmjkuQ8= -----END CERTIFICATE-----Generated at Mon Jun 2 06:26:51 2025 by rpki-client