$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3DDCC4CA43B492F40C8CB06E49934EC5F89BAB9A.cer File: 3DDCC4CA43B492F40C8CB06E49934EC5F89BAB9A.cer (raw, json) Hash identifier: O7CYBUshA7pPEpXxg+oxZBQRFjWNBlJzIzBV2J3MMCI= Subject key identifier: 3D:DC:C4:CA:43:B4:92:F4:0C:8C:B0:6E:49:93:4E:C5:F8:9B:AB:9A Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 2763DC56020BA1E46DAD5F2FBA37504A18FEECD6 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/69b53420-8c59-49cf-b3b2-f55e9890ddcd/0/3DDCC4CA43B492F40C8CB06E49934EC5F89BAB9A.mft caRepository: rsync://repo-rpki.idnic.net/repo/69b53420-8c59-49cf-b3b2-f55e9890ddcd/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 24 Jun 2025 13:37:56 +0000 Certificate not after: Tue 23 Jun 2026 13:42:56 +0000 Subordinate resources: IP: 160.22.234.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 09:58:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:63:dc:56:02:0b:a1:e4:6d:ad:5f:2f:ba:37:50:4a:18:fe:ec:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 24 13:37:56 2025 GMT Not After : Jun 23 13:42:56 2026 GMT Subject: CN=3DDCC4CA43B492F40C8CB06E49934EC5F89BAB9A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:0f:ad:10:71:e1:80:42:d8:4e:47:8c:e9:5d: 55:75:4c:dc:0a:03:35:62:63:a9:f2:41:03:29:3f: 0e:e8:76:80:c4:e0:68:f1:b2:92:7e:00:af:9f:98: ff:88:95:44:af:99:3c:b6:c5:38:6f:50:07:98:99: 05:aa:57:af:48:c6:ea:1f:ff:ab:5a:e3:ae:d9:70: c6:98:63:16:96:71:70:76:96:7a:18:d1:9e:6a:52: d4:d7:49:d8:83:80:98:e7:7b:13:d6:4c:14:72:48: 8c:1a:38:08:fc:74:54:81:a9:a8:a3:15:cd:b7:73: c0:22:5a:13:bb:98:0a:75:18:be:b3:05:f3:75:9a: 7a:c5:06:0a:d3:55:89:83:65:3d:20:b5:59:ab:35: 23:fa:b3:a0:ca:b3:11:4e:27:08:16:1f:2d:02:71: 70:ec:26:c4:4c:bf:d9:e3:65:78:54:27:99:f5:c7: 6f:1d:c4:5c:aa:14:a8:89:dd:47:35:65:c6:1c:db: 50:4f:1c:78:e4:ca:27:ce:ad:1d:51:11:59:54:28: 37:ba:a2:06:aa:12:85:8c:fc:0b:79:06:b0:bf:d3: 0b:46:8b:3f:b7:15:33:60:61:27:18:45:0c:e8:30: 0f:e1:ab:0e:93:4d:09:ae:e9:5c:d5:7d:a4:49:03: 63:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3D:DC:C4:CA:43:B4:92:F4:0C:8C:B0:6E:49:93:4E:C5:F8:9B:AB:9A X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/69b53420-8c59-49cf-b3b2-f55e9890ddcd/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/69b53420-8c59-49cf-b3b2-f55e9890ddcd/0/3DDCC4CA43B492F40C8CB06E49934EC5F89BAB9A.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.234.0/24 Signature Algorithm: sha256WithRSAEncryption 52:59:ac:3a:75:44:78:4b:42:df:21:9f:bb:69:e8:cc:5f:07: 57:25:08:0c:72:d8:f8:0a:27:95:45:6d:34:af:86:f4:79:ee: 4a:a4:1f:df:37:2c:2f:b5:d3:a2:bc:72:1a:fe:67:dd:ef:68: 46:e1:cb:d4:46:33:ba:eb:fe:0a:73:02:8a:be:bd:18:bf:3b: af:f3:b4:a6:4b:81:cc:5a:56:22:97:03:39:7b:eb:24:e0:cb: d9:d1:14:4a:7b:0e:a8:7c:2b:9e:46:b2:63:17:60:50:42:a5: e2:b2:e9:8c:c9:25:9b:f8:c3:06:bc:ce:6d:a3:51:38:d8:f8: 15:a6:9b:f1:8c:ed:0a:af:64:1f:24:69:27:b1:57:48:b3:70: bf:d9:bd:82:49:e4:a1:da:5b:2f:ab:5d:5b:63:eb:b2:11:95: 52:cb:58:c1:67:bd:6a:dd:68:81:24:6f:bb:51:b3:9b:4a:ba: 66:da:42:45:86:f6:b0:56:5b:19:89:53:1d:6e:46:f9:b9:5a: 7f:7f:e0:51:36:76:f0:75:78:26:75:e4:c3:9e:ea:48:31:6d: 50:3e:15:a9:e2:05:f4:75:61:cc:16:0b:85:71:57:f8:c9:3c: bd:80:fa:e9:31:e1:0f:70:3a:01:c5:e8:16:52:6d:8d:fc:7a: 1c:2d:73:43 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUJ2PcVgILoeRtrV8vujdQShj+7NYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDYyNDEzMzc1NloX DTI2MDYyMzEzNDI1NlowMzExMC8GA1UEAxMoM0REQ0M0Q0E0M0I0OTJGNDBDOENC MDZFNDk5MzRFQzVGODlCQUI5QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALYPrRBx4YBC2E5HjOldVXVM3AoDNWJjqfJBAyk/Duh2gMTgaPGykn4Ar5+Y /4iVRK+ZPLbFOG9QB5iZBapXr0jG6h//q1rjrtlwxphjFpZxcHaWehjRnmpS1NdJ 2IOAmOd7E9ZMFHJIjBo4CPx0VIGpqKMVzbdzwCJaE7uYCnUYvrMF83WaesUGCtNV iYNlPSC1Was1I/qzoMqzEU4nCBYfLQJxcOwmxEy/2eNleFQnmfXHbx3EXKoUqInd RzVlxhzbUE8ceOTKJ86tHVERWVQoN7qiBqoShYz8C3kGsL/TC0aLP7cVM2BhJxhF DOgwD+GrDpNNCa7pXNV9pEkDY08CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFD3cxMpDtJL0DIywbkmTTsX4m6uaMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by82OWI1MzQyMC04YzU5LTQ5Y2YtYjNiMi1mNTVlOTg5MGRkY2QvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY5YjUzNDIw LThjNTktNDljZi1iM2IyLWY1NWU5ODkwZGRjZC8wLzNERENDNENBNDNCNDkyRjQw QzhDQjA2RTQ5OTM0RUM1Rjg5QkFCOUEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACgFuowDQYJKoZIhvcNAQELBQADggEBAFJZrDp1RHhLQt8hn7tp6MxfB1clCAxy 2PgKJ5VFbTSvhvR57kqkH983LC+106K8chr+Z93vaEbhy9RGM7rr/gpzAoq+vRi/ O6/ztKZLgcxaViKXAzl76yTgy9nRFEp7Dqh8K55GsmMXYFBCpeKy6YzJJZv4wwa8 zm2jUTjY+BWmm/GM7QqvZB8kaSexV0izcL/ZvYJJ5KHaWy+rXVtj67IRlVLLWMFn vWrdaIEkb7tRs5tKumbaQkWG9rBWWxmJUx1uRvm5Wn9/4FE2dvB1eCZ15MOe6kgx bVA+FaniBfR1YcwWC4VxV/jJPL2A+ukx4Q9wOgHF6BZSbY38ehwtc0M= -----END CERTIFICATE-----Generated at Mon Jun 30 05:16:11 2025 by rpki-client