$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.cer File: F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.cer (raw, json) Hash identifier: hLptOdDoSWwN0Hau4SNVqBDhEF939X1Qj4BnMCgh6Hw= Subject key identifier: F3:99:A1:A0:C1:8F:E8:DB:DA:23:CE:21:75:E0:CB:23:D6:7D:65:11 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 74ADFB9F01F91D06C142F842471BB9A2677D2EBA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.mft caRepository: rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 12 Aug 2025 14:03:17 +0000 Certificate not after: Tue 11 Aug 2026 14:08:17 +0000 Subordinate resources: IP: 27.131.248.0/22 IP: 103.80.92.0/22 IP: 110.35.80.0/21 IP: 116.254.96.0/22 IP: 119.110.112.0/20 IP: 202.59.160.0/20 IP: 202.125.100.0/23 IP: 2402:2fc0::/32 IP: 2404:c000::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Oct 2025 22:26:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:ad:fb:9f:01:f9:1d:06:c1:42:f8:42:47:1b:b9:a2:67:7d:2e:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 12 14:03:17 2025 GMT Not After : Aug 11 14:08:17 2026 GMT Subject: CN=F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:57:3b:09:77:d6:ce:63:d1:ab:38:3e:b6:c9: e1:c3:44:f8:7a:7f:4b:d3:79:f7:e7:ae:04:67:a0: 4e:6d:f6:dc:c2:9e:62:ba:c8:fa:7f:85:8c:5b:8a: e2:b6:b2:83:d4:99:41:c8:5d:4a:4c:d6:04:53:d5: d8:c6:40:82:45:41:6b:46:3b:c9:15:22:1c:c7:97: 41:51:73:99:aa:1f:5f:24:dd:dc:b3:6f:cc:97:d1: 3d:ad:fc:31:c1:37:76:df:80:16:a8:b4:ac:84:88: 38:9a:8f:c6:71:85:35:22:af:49:49:87:2f:7c:12: 46:3e:22:d5:6d:e1:34:0c:a0:fb:f4:3d:ba:d5:13: f8:f2:c4:3a:09:8e:b1:3c:5e:e6:54:c8:51:4d:d9: 26:51:97:35:84:ef:4a:7e:5d:88:58:aa:d2:29:ea: c1:cb:54:e6:ac:46:eb:d5:06:c9:2b:4a:7e:f7:21: ba:33:94:ef:2d:ea:a9:ed:89:c1:c1:e5:c8:f4:d1: 74:3c:11:6b:c2:61:f8:f7:3a:b6:88:1b:f0:91:05: 84:73:16:91:2c:33:b1:15:4a:ca:d7:9d:aa:a7:5f: 37:9a:74:a4:eb:d4:bd:38:7c:75:b1:df:42:7b:6e: 98:49:bd:19:1f:4d:7a:5a:f2:c3:0c:05:ae:79:90: 1a:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: F3:99:A1:A0:C1:8F:E8:DB:DA:23:CE:21:75:E0:CB:23:D6:7D:65:11 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 27.131.248.0/22 103.80.92.0/22 110.35.80.0/21 116.254.96.0/22 119.110.112.0/20 202.59.160.0/20 202.125.100.0/23 IPv6: 2402:2fc0::/32 2404:c000::/32 Signature Algorithm: sha256WithRSAEncryption 41:59:54:7c:58:e0:d0:c3:73:2b:13:c0:f0:74:4a:8c:58:3a: c3:cb:28:c6:22:99:0e:b3:85:f4:ab:d0:10:15:0b:ab:eb:9d: 64:39:1c:af:57:79:5b:aa:cd:09:0b:d2:54:01:9b:2e:36:88: d5:0d:55:2b:0a:6a:73:7c:4c:8e:3e:51:70:f4:76:10:e4:22: d6:8c:ec:45:ec:d3:61:13:01:e9:8b:1f:f4:38:42:60:fb:5d: b5:7b:5c:99:7c:74:23:35:f9:85:87:07:93:df:f5:30:b6:d7: 70:55:37:cc:f6:51:f1:78:c7:38:7f:c7:9a:61:d6:89:d6:d2: 2a:bf:f8:b5:ce:fa:c3:6d:cf:6b:6a:a2:35:27:45:3d:58:37: 68:2f:27:bb:eb:84:ae:2c:a3:b5:d4:19:bb:a6:7c:48:52:25: 26:70:43:95:10:63:53:21:fe:c9:30:94:47:ea:bb:0b:0b:35: e8:1f:94:9c:9f:84:f7:45:d7:99:92:0c:02:16:53:e3:25:1e: 8a:95:6e:38:1a:5b:7f:7c:be:89:fb:12:52:0a:cd:3e:b9:80: b1:d3:28:0a:d5:1e:25:cc:7f:9c:7f:3b:52:66:63:a2:51:5b: 92:65:a1:a7:90:08:ee:02:95:62:52:07:43:95:40:cd:31:61: 24:d4:0e:c4 -----BEGIN CERTIFICATE----- MIIF/zCCBOegAwIBAgIUdK37nwH5HQbBQvhCRxu5omd9LrowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDgxMjE0MDMxN1oX DTI2MDgxMTE0MDgxN1owMzExMC8GA1UEAxMoRjM5OUExQTBDMThGRThEQkRBMjND RTIxNzVFMENCMjNENjdENjUxMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM1XOwl31s5j0as4PrbJ4cNE+Hp/S9N59+euBGegTm323MKeYrrI+n+FjFuK 4rayg9SZQchdSkzWBFPV2MZAgkVBa0Y7yRUiHMeXQVFzmaofXyTd3LNvzJfRPa38 McE3dt+AFqi0rISIOJqPxnGFNSKvSUmHL3wSRj4i1W3hNAyg+/Q9utUT+PLEOgmO sTxe5lTIUU3ZJlGXNYTvSn5diFiq0inqwctU5qxG69UGyStKfvchujOU7y3qqe2J wcHlyPTRdDwRa8Jh+Pc6togb8JEFhHMWkSwzsRVKytedqqdfN5p0pOvUvTh8dbHf QntumEm9GR9NelrywwwFrnmQGtkCAwEAAaOCAvIwggLuMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFPOZoaDBj+jb2iPOIXXgyyPWfWURMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by82MzVmN2EyZi03MjVlLTQzOTktODY5YS00YjFmY2YyYzZhMGMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzYzNWY3YTJm LTcyNWUtNDM5OS04NjlhLTRiMWZjZjJjNmEwYy8wL0YzOTlBMUEwQzE4RkU4REJE QTIzQ0UyMTc1RTBDQjIzRDY3RDY1MTEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwWQYIKwYBBQUHAQcBAf8ESjBIMDAEAgABMCoD BAIbg/gDBAJnUFwDBANuI1ADBAJ0/mADBAR3bnADBATKO6ADBAHKfWQwFAQCAAIw DgMFACQCL8ADBQAkBMAAMA0GCSqGSIb3DQEBCwUAA4IBAQBBWVR8WODQw3MrE8Dw dEqMWDrDyyjGIpkOs4X0q9AQFQur651kORyvV3lbqs0JC9JUAZsuNojVDVUrCmpz fEyOPlFw9HYQ5CLWjOxF7NNhEwHpix/0OEJg+121e1yZfHQjNfmFhweT3/Uwttdw VTfM9lHxeMc4f8eaYdaJ1tIqv/i1zvrDbc9raqI1J0U9WDdoLye764SuLKO11Bm7 pnxIUiUmcEOVEGNTIf7JMJRH6rsLCzXoH5Scn4T3RdeZkgwCFlPjJR6KlW44Glt/ fL6J+xJSCs0+uYCx0ygK1R4lzH+cfztSZmOiUVuSZaGnkAjuApViUgdDlUDNMWEk 1A7E -----END CERTIFICATE-----Generated at Sun Oct 26 10:17:41 2025 by rpki-client