$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/08683ED5C748B79A346EF705A2DCF809A31C75DF.cer File: 08683ED5C748B79A346EF705A2DCF809A31C75DF.cer (raw, json) Hash identifier: mZEd8JSbsJ1ZfMm2db/WSwlZvNNSlDB+1GBeIavxMIo= Subject key identifier: 08:68:3E:D5:C7:48:B7:9A:34:6E:F7:05:A2:DC:F8:09:A3:1C:75:DF Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 24E71B3E4BB8ED5E25516945371846BDFC7087A1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0/08683ED5C748B79A346EF705A2DCF809A31C75DF.mft caRepository: rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 12 Mar 2026 08:09:02 +0000 Certificate not after: Thu 11 Mar 2027 08:14:02 +0000 Subordinate resources: IP: 157.20.233.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 14:23:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:e7:1b:3e:4b:b8:ed:5e:25:51:69:45:37:18:46:bd:fc:70:87:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Mar 12 08:09:02 2026 GMT Not After : Mar 11 08:14:02 2027 GMT Subject: CN=08683ED5C748B79A346EF705A2DCF809A31C75DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:04:63:ba:f5:fd:eb:7d:14:da:0c:60:3e:6c: 74:d7:e9:e8:49:c0:53:73:04:c4:74:60:8d:53:52: 59:6d:e2:2a:1a:86:74:06:36:e2:c5:01:f6:ba:ff: f1:8d:a8:97:42:b9:e8:d3:98:bb:17:d8:5b:de:ef: 68:1f:d3:07:89:bd:31:89:31:aa:45:65:9a:42:af: b4:db:67:25:66:d0:b2:03:af:c9:e7:8f:63:f0:be: 36:38:3d:5e:b7:67:0f:97:26:39:90:58:c4:f1:ca: 78:a6:82:7c:b3:5e:82:f2:75:4c:8c:e5:2b:b4:c9: 92:04:7f:aa:0b:bd:5a:a6:41:cc:69:ef:bc:5a:04: 1a:c6:23:77:67:9e:c5:c7:96:4c:a2:39:39:5e:ba: 17:fa:58:5a:01:d0:75:b6:5a:68:a6:eb:36:1e:ce: 41:b7:11:3c:c8:17:d4:1f:d8:1a:ca:c8:b3:61:56: ce:b2:8a:ad:c4:9d:94:88:22:cc:bb:3c:2a:c1:45: 6b:ee:04:c6:c6:76:17:21:64:b2:41:ab:b2:98:d6: dc:e6:f1:6b:02:68:a8:d2:2c:1f:47:e3:b9:a6:df: ac:e1:0f:a2:b4:da:01:39:42:7e:dd:0d:42:29:bb: 3e:f2:c5:46:1d:05:c5:0a:bd:42:c0:98:cb:92:88: 6a:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 08:68:3E:D5:C7:48:B7:9A:34:6E:F7:05:A2:DC:F8:09:A3:1C:75:DF X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0/08683ED5C748B79A346EF705A2DCF809A31C75DF.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.233.0/24 Signature Algorithm: sha256WithRSAEncryption 55:4d:93:db:7d:c9:40:c1:62:37:a0:0b:a2:5a:fc:f2:2a:31: 9e:89:41:c5:96:4f:cd:d6:4c:64:67:f3:2a:28:cb:e8:aa:ea: 5b:b9:32:b6:2e:ff:0c:7f:37:8c:19:9a:ca:31:fa:52:3f:96: 10:d4:6e:da:90:b6:92:d9:5a:bb:8c:38:f1:0a:c7:a0:dc:ce: c1:34:11:8f:38:ac:71:e6:32:c9:6a:6e:44:79:f5:1e:55:96: 94:6a:42:94:1a:3b:46:b1:51:30:14:a8:86:a0:8a:1b:b7:3e: 50:95:90:ec:f9:aa:62:0b:b4:f3:06:df:2d:3e:74:83:f2:3a: 43:5a:d3:ce:51:f6:08:d6:4e:d1:b4:11:1f:53:2a:01:8e:8a: ca:2a:b6:7b:cc:a0:f5:fb:bf:58:83:47:29:21:6d:a7:55:e2: 39:63:f6:c4:37:16:97:47:b8:fa:c2:1e:e2:56:44:97:b8:32: 13:52:ca:3b:d1:43:60:c5:ca:0f:99:d8:ce:59:6d:6f:ea:3b: 0f:8d:3f:ea:e4:25:9d:04:b4:0a:91:e4:49:c1:55:02:c3:c9: 66:d5:16:c1:3e:9e:e5:4a:23:03:d3:d7:c0:58:c1:73:c6:fa: c6:8a:90:04:80:8d:a8:e3:f9:5f:6d:8a:3b:f2:f8:26:f4:1b: 04:e1:1a:95 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUJOcbPku47V4lUWlFNxhGvfxwh6EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI2MDMxMjA4MDkwMloX DTI3MDMxMTA4MTQwMlowMzExMC8GA1UEAxMoMDg2ODNFRDVDNzQ4Qjc5QTM0NkVG NzA1QTJEQ0Y4MDlBMzFDNzVERjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANgEY7r1/et9FNoMYD5sdNfp6EnAU3MExHRgjVNSWW3iKhqGdAY24sUB9rr/ 8Y2ol0K56NOYuxfYW97vaB/TB4m9MYkxqkVlmkKvtNtnJWbQsgOvyeePY/C+Njg9 XrdnD5cmOZBYxPHKeKaCfLNegvJ1TIzlK7TJkgR/qgu9WqZBzGnvvFoEGsYjd2ee xceWTKI5OV66F/pYWgHQdbZaaKbrNh7OQbcRPMgX1B/YGsrIs2FWzrKKrcSdlIgi zLs8KsFFa+4ExsZ2FyFkskGrspjW3ObxawJoqNIsH0fjuabfrOEPorTaATlCft0N Qim7PvLFRh0FxQq9QsCYy5KIaisCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFAhoPtXHSLeaNG73BaLc+AmjHHXfMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9lOGNlZDE4ZC1hN2NjLTRiNDQtYWY0YS04NWYzMDRmOWViNmMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U4Y2VkMThk LWE3Y2MtNGI0NC1hZjRhLTg1ZjMwNGY5ZWI2Yy8wLzA4NjgzRUQ1Qzc0OEI3OUEz NDZFRjcwNUEyRENGODA5QTMxQzc1REYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACdFOkwDQYJKoZIhvcNAQELBQADggEBAFVNk9t9yUDBYjegC6Ja/PIqMZ6JQcWW T83WTGRn8yooy+iq6lu5MrYu/wx/N4wZmsox+lI/lhDUbtqQtpLZWruMOPEKx6Dc zsE0EY84rHHmMslqbkR59R5VlpRqQpQaO0axUTAUqIagihu3PlCVkOz5qmILtPMG 3y0+dIPyOkNa085R9gjWTtG0ER9TKgGOisoqtnvMoPX7v1iDRykhbadV4jlj9sQ3 FpdHuPrCHuJWRJe4MhNSyjvRQ2DFyg+Z2M5ZbW/qOw+NP+rkJZ0EtAqR5EnBVQLD yWbVFsE+nuVKIwPT18BYwXPG+saKkASAjajj+V9tijvy+Cb0GwThGpU= -----END CERTIFICATE-----Generated at Thu Mar 26 13:59:58 2026 by rpki-client