$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C.cer File: 23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C.cer (raw, json) Hash identifier: zMsWfFCFx1XSp4S3xle3RM2ihwxo8XfRfxW+YWMZ4n8= Subject key identifier: 23:BE:8C:EA:61:94:06:F9:D8:60:B1:F9:7E:E8:F7:ED:77:E8:EE:7C Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 5FCDFAA388FA8B5795BB9CF890E0FF9AB767CAD5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/bbed6dc4-d38b-44ba-9f0b-428455b276ee/0/23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C.mft caRepository: rsync://repo-rpki.idnic.net/repo/bbed6dc4-d38b-44ba-9f0b-428455b276ee/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 23 Sep 2025 16:48:17 +0000 Certificate not after: Tue 22 Sep 2026 16:53:17 +0000 Subordinate resources: IP: 160.20.250.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 03:04:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:cd:fa:a3:88:fa:8b:57:95:bb:9c:f8:90:e0:ff:9a:b7:67:ca:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Sep 23 16:48:17 2025 GMT Not After : Sep 22 16:53:17 2026 GMT Subject: CN=23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:8c:20:3c:be:fd:3a:1f:0b:a7:75:88:52:09: 05:8e:8c:e2:6a:d0:16:c7:1f:9b:a0:07:8d:7a:c4: 09:4c:74:1d:7a:ee:d4:32:ee:00:69:69:d5:f8:cc: d1:47:bf:54:71:65:90:c1:57:98:7a:64:ff:ec:08: e3:32:6d:ae:1c:ba:35:0c:e0:3e:a9:dd:a0:84:90: 8b:5d:cd:fb:8a:6d:7a:8a:29:64:1c:b9:d0:d6:f0: 8a:9d:45:79:b3:97:07:e1:67:ed:db:7f:2f:28:e1: bf:90:e4:04:5a:b0:23:5e:1d:de:54:ed:74:f4:97: c3:66:12:3c:a7:90:72:78:c8:81:a2:8e:75:4a:db: ec:79:53:58:7d:bc:25:d5:f5:1b:10:64:49:e3:e9: d1:f7:66:ba:63:0c:b6:f4:ff:a9:66:78:fe:cd:96: f1:af:ba:be:2c:c0:37:4d:59:22:e4:70:b1:aa:77: 87:f8:af:0e:12:88:79:d4:11:32:79:18:1a:0e:30: f9:f5:ca:cd:a5:99:af:99:ab:59:c4:a1:33:dd:80: fe:05:72:e3:e9:3b:b6:a4:e7:cd:9e:f7:b9:a1:4c: e6:69:c7:82:df:08:2b:e2:30:37:ad:62:6a:97:55: 95:42:c2:14:b9:21:62:81:c6:a5:d8:84:5c:6e:d3: 19:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 23:BE:8C:EA:61:94:06:F9:D8:60:B1:F9:7E:E8:F7:ED:77:E8:EE:7C X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/bbed6dc4-d38b-44ba-9f0b-428455b276ee/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/bbed6dc4-d38b-44ba-9f0b-428455b276ee/0/23BE8CEA619406F9D860B1F97EE8F7ED77E8EE7C.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.20.250.0/24 Signature Algorithm: sha256WithRSAEncryption 44:3d:9b:8b:70:44:20:57:5d:af:d8:41:83:25:d1:ea:5d:88: ea:f4:45:7b:67:40:11:17:f3:7b:6c:a2:7b:81:5a:ef:f1:11: bd:67:0d:ac:eb:fa:c6:bd:03:b3:d5:f2:12:45:a6:ce:73:99: 84:5a:34:a4:6c:b4:5f:77:ba:d9:63:09:d2:af:25:b6:b7:52: 31:93:73:e0:29:15:f0:9e:9f:bb:be:08:48:68:52:5f:fe:14: 86:28:d8:c8:70:18:92:d1:c0:8e:6d:c9:ac:de:57:39:93:db: ae:84:f6:26:5c:10:00:06:99:c9:aa:e3:00:7d:59:f6:9e:e9: 10:99:48:2e:ae:5d:2b:dd:f6:10:7c:98:4a:58:32:f4:5f:b7: 76:80:06:fc:91:4b:35:3f:67:60:e7:89:78:3c:06:0e:0e:11: 09:56:81:41:df:42:79:80:ca:1d:68:6e:54:43:41:97:ee:a1: 15:53:e2:12:12:84:78:2c:a3:2a:07:c4:98:5f:c2:66:bb:f9: df:9e:f3:5b:87:ee:e5:aa:69:a1:92:18:16:fe:aa:14:3f:85: 0d:25:44:98:8b:3e:8a:6c:e3:86:e5:87:08:d8:75:b0:ec:13: f9:78:bb:4d:d5:58:99:f6:0f:0a:8b:21:90:55:b1:75:81:29: b9:3a:4a:23 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUX836o4j6i1eVu5z4kOD/mrdnytUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDkyMzE2NDgxN1oX DTI2MDkyMjE2NTMxN1owMzExMC8GA1UEAxMoMjNCRThDRUE2MTk0MDZGOUQ4NjBC MUY5N0VFOEY3RUQ3N0U4RUU3QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKCMIDy+/TofC6d1iFIJBY6M4mrQFscfm6AHjXrECUx0HXru1DLuAGlp1fjM 0Ue/VHFlkMFXmHpk/+wI4zJtrhy6NQzgPqndoISQi13N+4pteoopZBy50Nbwip1F ebOXB+Fn7dt/Lyjhv5DkBFqwI14d3lTtdPSXw2YSPKeQcnjIgaKOdUrb7HlTWH28 JdX1GxBkSePp0fdmumMMtvT/qWZ4/s2W8a+6vizAN01ZIuRwsap3h/ivDhKIedQR MnkYGg4w+fXKzaWZr5mrWcShM92A/gVy4+k7tqTnzZ73uaFM5mnHgt8IK+IwN61i apdVlULCFLkhYoHGpdiEXG7TGVcCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCO+jOphlAb52GCx+X7o9+136O58MB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9iYmVkNmRjNC1kMzhiLTQ0YmEtOWYwYi00Mjg0NTViMjc2ZWUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JiZWQ2ZGM0 LWQzOGItNDRiYS05ZjBiLTQyODQ1NWIyNzZlZS8wLzIzQkU4Q0VBNjE5NDA2RjlE ODYwQjFGOTdFRThGN0VENzdFOEVFN0MubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACgFPowDQYJKoZIhvcNAQELBQADggEBAEQ9m4twRCBXXa/YQYMl0epdiOr0RXtn QBEX83tsonuBWu/xEb1nDazr+sa9A7PV8hJFps5zmYRaNKRstF93utljCdKvJba3 UjGTc+ApFfCen7u+CEhoUl/+FIYo2MhwGJLRwI5tyazeVzmT266E9iZcEAAGmcmq 4wB9Wfae6RCZSC6uXSvd9hB8mEpYMvRft3aABvyRSzU/Z2DniXg8Bg4OEQlWgUHf QnmAyh1oblRDQZfuoRVT4hIShHgsoyoHxJhfwma7+d+e81uH7uWqaaGSGBb+qhQ/ hQ0lRJiLPops44blhwjYdbDsE/l4u03VWJn2DwqLIZBVsXWBKbk6SiM= -----END CERTIFICATE-----Generated at Mon Oct 20 05:26:59 2025 by rpki-client