$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/295131167768CC78482F796BB58CF5A01A014393.cer File: 295131167768CC78482F796BB58CF5A01A014393.cer (raw, json) Hash identifier: ZqptvOGP4ljR6ysijzsuxhGPUfSXBperty1vMwyqE1k= Subject key identifier: 29:51:31:16:77:68:CC:78:48:2F:79:6B:B5:8C:F5:A0:1A:01:43:93 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 3E4EF5A3E78AA1931B3FAC6F627441E2EBE7E225 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/49eca50b-5722-4918-8314-859d3c1f55a2/0/295131167768CC78482F796BB58CF5A01A014393.mft caRepository: rsync://repo-rpki.idnic.net/repo/49eca50b-5722-4918-8314-859d3c1f55a2/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 26 Jun 2025 21:08:23 +0000 Certificate not after: Thu 25 Jun 2026 21:13:23 +0000 Subordinate resources: IP: 160.25.50.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 19:22:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:4e:f5:a3:e7:8a:a1:93:1b:3f:ac:6f:62:74:41:e2:eb:e7:e2:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 26 21:08:23 2025 GMT Not After : Jun 25 21:13:23 2026 GMT Subject: CN=295131167768CC78482F796BB58CF5A01A014393 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:46:08:61:88:0e:70:e8:fd:fd:1f:e9:88:7b: 5c:67:c2:e3:89:c8:16:5b:46:a5:df:f2:e7:fd:70: 07:d3:32:53:9e:e5:13:17:71:b0:e6:12:84:5f:84: 29:8e:31:0c:f7:b0:de:31:23:66:da:35:92:ba:bf: 92:a0:c2:7f:11:f5:99:ba:fc:31:df:21:1d:ed:a8: c3:38:03:6a:24:35:ee:ea:a6:db:a1:6c:33:a0:ea: bb:db:c3:d3:e5:72:e6:52:0e:17:80:ea:c1:5f:96: 4b:d1:1c:b7:aa:5d:8e:80:52:20:11:d5:af:25:37: 1f:16:8f:07:a8:c4:af:f3:e9:02:92:6a:7d:a2:f0: 40:f3:32:a9:41:e3:5c:f8:c3:08:47:5d:f1:57:bd: 92:e3:35:83:63:b3:b4:26:49:da:f0:91:c3:4c:05: 11:51:81:78:1a:ef:52:f9:8f:41:fd:24:fc:a7:68: ad:03:9d:16:bd:03:ba:17:aa:4e:ed:b8:4b:10:5e: c8:97:f2:8b:2f:f6:da:4a:72:12:b4:4c:2b:47:27: f3:93:30:8f:ca:6b:46:8e:ba:45:91:59:04:ab:db: 16:93:2a:08:d5:c4:67:c8:7f:1b:e3:b5:ef:5d:70: 7f:70:85:21:da:cd:5e:84:ac:b9:2c:00:6c:50:ea: 1f:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 29:51:31:16:77:68:CC:78:48:2F:79:6B:B5:8C:F5:A0:1A:01:43:93 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/49eca50b-5722-4918-8314-859d3c1f55a2/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/49eca50b-5722-4918-8314-859d3c1f55a2/0/295131167768CC78482F796BB58CF5A01A014393.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.50.0/23 Signature Algorithm: sha256WithRSAEncryption 29:45:e6:76:7e:f1:c7:a9:eb:e8:86:4d:6d:e0:6a:8c:e3:9a: 73:83:ae:0e:ed:aa:cb:30:99:ff:1b:3d:70:30:a1:0e:41:83: 77:4e:53:cd:b5:8b:95:f1:e2:4f:d3:2c:92:2a:6f:7d:c4:17: ca:ce:04:c8:4c:0a:9b:cb:3f:18:cd:b5:4e:4d:fa:68:b7:d8: 1a:49:4d:56:b1:28:bf:22:8b:b6:91:7b:6f:51:c5:3b:54:c7: 97:46:00:f0:50:48:95:dd:2a:36:05:17:2e:88:bf:3f:cf:15: fd:8c:21:3e:f7:b7:65:49:d6:e7:83:82:e7:0c:d4:72:8a:4a: 62:44:a2:e4:a4:b3:e2:97:5f:76:7b:a1:11:fe:60:58:9c:8b: 82:7d:61:32:20:a3:32:ef:bc:d4:c1:e3:cc:a8:ea:51:a5:15: a3:97:d2:32:e9:de:a9:c4:61:6c:47:5c:a3:0a:b2:e6:ca:6b: 6c:0d:09:20:5e:1b:a4:7a:19:f6:60:df:56:7b:3d:d3:b1:61: 14:24:d9:80:29:0d:98:85:54:40:b8:ac:6a:b7:85:2f:7b:a9: ef:28:50:3e:5d:9c:e0:b4:93:51:77:bf:02:96:00:70:90:8f: 98:f9:d0:cb:5a:ef:36:01:02:3b:69:16:df:53:5f:c1:ef:75: c9:4b:b3:e8 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUPk71o+eKoZMbP6xvYnRB4uvn4iUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDYyNjIxMDgyM1oX DTI2MDYyNTIxMTMyM1owMzExMC8GA1UEAxMoMjk1MTMxMTY3NzY4Q0M3ODQ4MkY3 OTZCQjU4Q0Y1QTAxQTAxNDM5MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALZGCGGIDnDo/f0f6Yh7XGfC44nIFltGpd/y5/1wB9MyU57lExdxsOYShF+E KY4xDPew3jEjZto1krq/kqDCfxH1mbr8Md8hHe2owzgDaiQ17uqm26FsM6Dqu9vD 0+Vy5lIOF4DqwV+WS9Ect6pdjoBSIBHVryU3HxaPB6jEr/PpApJqfaLwQPMyqUHj XPjDCEdd8Ve9kuM1g2OztCZJ2vCRw0wFEVGBeBrvUvmPQf0k/KdorQOdFr0Duheq Tu24SxBeyJfyiy/22kpyErRMK0cn85Mwj8prRo66RZFZBKvbFpMqCNXEZ8h/G+O1 711wf3CFIdrNXoSsuSwAbFDqH4UCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFClRMRZ3aMx4SC95a7WM9aAaAUOTMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by80OWVjYTUwYi01NzIyLTQ5MTgtODMxNC04NTlkM2MxZjU1YTIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ5ZWNhNTBi LTU3MjItNDkxOC04MzE0LTg1OWQzYzFmNTVhMi8wLzI5NTEzMTE2Nzc2OENDNzg0 ODJGNzk2QkI1OENGNUEwMUEwMTQzOTMubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgGTIwDQYJKoZIhvcNAQELBQADggEBAClF5nZ+8cep6+iGTW3gaozjmnODrg7t qsswmf8bPXAwoQ5Bg3dOU821i5Xx4k/TLJIqb33EF8rOBMhMCpvLPxjNtU5N+mi3 2BpJTVaxKL8ii7aRe29RxTtUx5dGAPBQSJXdKjYFFy6Ivz/PFf2MIT73t2VJ1ueD gucM1HKKSmJEouSks+KXX3Z7oRH+YFici4J9YTIgozLvvNTB48yo6lGlFaOX0jLp 3qnEYWxHXKMKsubKa2wNCSBeG6R6GfZg31Z7PdOxYRQk2YApDZiFVEC4rGq3hS97 qe8oUD5dnOC0k1F3vwKWAHCQj5j50Mta7zYBAjtpFt9TX8HvdclLs+g= -----END CERTIFICATE-----Generated at Tue Jul 1 22:50:28 2025 by rpki-client