$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/353E665549A5A245D363BD0DCEA20282E562E909.cer File: 353E665549A5A245D363BD0DCEA20282E562E909.cer (raw, json) Hash identifier: bl7n96zTjBSXfLqzl3oDOmaFFe28SnxKt1dUgBN7XPk= Subject key identifier: 35:3E:66:55:49:A5:A2:45:D3:63:BD:0D:CE:A2:02:82:E5:62:E9:09 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 36B09A91BD1E26820833B3729C3CD26F70F615D1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/7b411b05-c58a-4206-b7ab-c250c1465550/0/353E665549A5A245D363BD0DCEA20282E562E909.mft caRepository: rsync://repo-rpki.idnic.net/repo/7b411b05-c58a-4206-b7ab-c250c1465550/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 22 Sep 2025 12:01:28 +0000 Certificate not after: Mon 21 Sep 2026 12:06:28 +0000 Subordinate resources: IP: 160.25.153.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 03:04:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:b0:9a:91:bd:1e:26:82:08:33:b3:72:9c:3c:d2:6f:70:f6:15:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Sep 22 12:01:28 2025 GMT Not After : Sep 21 12:06:28 2026 GMT Subject: CN=353E665549A5A245D363BD0DCEA20282E562E909 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:a0:73:55:ea:66:6f:f8:66:a1:26:ca:3d:0f: 70:6a:7e:39:b4:c8:33:1b:be:83:96:5f:8a:0f:9e: f0:9c:bd:1c:50:32:78:e3:39:9e:8d:b3:41:b0:41: 12:69:72:88:f8:0a:ed:c0:9b:14:c0:b2:d5:e6:f3: df:82:61:25:e5:b8:4f:99:e5:dd:2f:f1:70:90:bc: 47:60:bc:e7:99:63:fe:93:51:0c:9c:af:43:2f:e9: 33:1f:4e:35:93:c5:57:d7:26:eb:05:f7:28:8d:46: 7c:26:ac:e3:f5:75:d9:6e:aa:d1:bf:d8:1c:03:23: 18:2e:c1:c3:1c:3e:ee:74:3d:b9:0e:f6:a8:22:75: 8a:04:1e:41:af:c4:11:c0:2d:0c:6b:f7:6e:95:99: c3:63:ff:ff:f9:5e:7f:e7:1e:2e:68:87:38:a5:cd: c7:fe:69:46:5c:4f:e3:c1:e7:c6:91:7a:30:db:3a: e6:02:14:e4:25:6a:d6:75:cb:b7:a3:24:dc:7b:c2: d1:75:d0:18:55:6e:bd:52:40:5f:16:78:3b:8f:72: 4c:06:6e:bd:b2:fb:2f:53:7f:7d:b9:03:7d:2b:d3: a5:61:29:e6:07:f7:0e:9c:50:37:61:e4:82:b1:98: 41:99:27:e3:3d:2d:5c:f0:c3:38:cb:17:25:72:b3: 9e:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 35:3E:66:55:49:A5:A2:45:D3:63:BD:0D:CE:A2:02:82:E5:62:E9:09 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/7b411b05-c58a-4206-b7ab-c250c1465550/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/7b411b05-c58a-4206-b7ab-c250c1465550/0/353E665549A5A245D363BD0DCEA20282E562E909.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.153.0/24 Signature Algorithm: sha256WithRSAEncryption 32:99:dd:dd:f5:5e:75:62:5d:34:dd:3f:95:ff:1c:83:5d:2b: a1:84:30:5a:bb:42:8a:8b:e9:55:f7:7a:0c:46:d9:06:df:6b: 35:f6:d5:ab:22:e2:42:be:f7:d8:c0:98:04:c5:a5:d2:45:a2: 09:ec:38:09:2b:c0:6b:5e:ad:2e:7a:4d:51:89:e9:c1:0f:1a: 4c:88:28:74:9e:62:9c:d9:5a:bf:38:37:a9:ec:df:e9:4d:b8: cb:f7:1c:1b:62:2b:b1:93:ac:0a:33:e9:15:2c:67:16:58:0e: 1d:e1:8a:22:d8:a0:81:06:cd:5a:b3:df:7b:49:d5:77:a6:a6: 2f:3e:ca:0f:4f:22:4d:7d:fd:48:da:c3:e4:78:12:8a:80:db: 7d:6e:e9:7e:22:7e:01:f5:9c:65:f8:dc:c6:d3:92:9a:d0:eb: 69:40:06:ea:60:33:0b:c9:4b:e1:78:9b:10:2a:83:5d:25:72: 7a:ec:18:eb:29:cf:8b:33:9c:f2:e4:10:f5:b8:47:4a:dc:1d: a1:7b:d0:2c:fc:77:28:2a:e6:9f:8d:b7:51:46:f9:c4:e0:36: f4:74:56:70:d3:fb:a5:56:ae:f3:6d:3d:02:df:07:5c:18:03: 27:07:c3:5b:cf:d8:2f:33:f4:ce:8d:d8:3f:39:63:ef:22:ea: db:9d:99:e9 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUNrCakb0eJoIIM7NynDzSb3D2FdEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDkyMjEyMDEyOFoX DTI2MDkyMTEyMDYyOFowMzExMC8GA1UEAxMoMzUzRTY2NTU0OUE1QTI0NUQzNjNC RDBEQ0VBMjAyODJFNTYyRTkwOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOegc1XqZm/4ZqEmyj0PcGp+ObTIMxu+g5Zfig+e8Jy9HFAyeOM5no2zQbBB EmlyiPgK7cCbFMCy1ebz34JhJeW4T5nl3S/xcJC8R2C855lj/pNRDJyvQy/pMx9O NZPFV9cm6wX3KI1GfCas4/V12W6q0b/YHAMjGC7Bwxw+7nQ9uQ72qCJ1igQeQa/E EcAtDGv3bpWZw2P///lef+ceLmiHOKXNx/5pRlxP48HnxpF6MNs65gIU5CVq1nXL t6Mk3HvC0XXQGFVuvVJAXxZ4O49yTAZuvbL7L1N/fbkDfSvTpWEp5gf3DpxQN2Hk grGYQZkn4z0tXPDDOMsXJXKznq8CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDU+ZlVJpaJF02O9Dc6iAoLlYukJMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83YjQxMWIwNS1jNThhLTQyMDYtYjdhYi1jMjUwYzE0NjU1NTAvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdiNDExYjA1 LWM1OGEtNDIwNi1iN2FiLWMyNTBjMTQ2NTU1MC8wLzM1M0U2NjU1NDlBNUEyNDVE MzYzQkQwRENFQTIwMjgyRTU2MkU5MDkubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACgGZkwDQYJKoZIhvcNAQELBQADggEBADKZ3d31XnViXTTdP5X/HINdK6GEMFq7 QoqL6VX3egxG2QbfazX21asi4kK+99jAmATFpdJFognsOAkrwGterS56TVGJ6cEP GkyIKHSeYpzZWr84N6ns3+lNuMv3HBtiK7GTrAoz6RUsZxZYDh3hiiLYoIEGzVqz 33tJ1Xempi8+yg9PIk19/Ujaw+R4EoqA231u6X4ifgH1nGX43MbTkprQ62lABupg MwvJS+F4mxAqg10lcnrsGOspz4sznPLkEPW4R0rcHaF70Cz8dygq5p+Nt1FG+cTg NvR0VnDT+6VWrvNtPQLfB1wYAycHw1vP2C8z9M6N2D85Y+8i6tudmek= -----END CERTIFICATE-----Generated at Mon Oct 20 19:02:54 2025 by rpki-client