This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/432AE9E2B00941EF8925409E82CA40508A4688B1.cer File: 432AE9E2B00941EF8925409E82CA40508A4688B1.cer (raw, json) Hash identifier: u3tWu4gX+zx5iYm5mjlacA/z6ryM6XcnPY1UDMQoNlM= Subject key identifier: 43:2A:E9:E2:B0:09:41:EF:89:25:40:9E:82:CA:40:50:8A:46:88:B1 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 010640BD14B35A89C42E06734992A91F6A36A711 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft caRepository: rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 15 Nov 2025 02:16:57 +0000 Certificate not after: Sat 14 Nov 2026 02:21:57 +0000 Subordinate resources: IP: 157.10.160.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 09 Dec 2025 06:55:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:06:40:bd:14:b3:5a:89:c4:2e:06:73:49:92:a9:1f:6a:36:a7:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Nov 15 02:16:57 2025 GMT Not After : Nov 14 02:21:57 2026 GMT Subject: CN=432AE9E2B00941EF8925409E82CA40508A4688B1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:0e:ea:86:12:f8:82:41:77:43:44:37:99:04: b3:51:fb:c6:35:f3:42:16:a6:ed:7e:18:28:d7:e5: d4:53:1a:1e:f3:67:13:e7:41:e6:3e:1a:41:2a:1d: 3f:88:69:55:5e:38:a0:43:e0:7f:38:b0:fc:8a:ae: c7:ef:8f:ab:66:68:d7:52:18:3c:61:a7:a2:c5:10: 7b:6e:b3:da:29:ab:5e:5d:fe:4b:da:1e:72:83:ff: 59:5c:30:03:94:88:8d:6d:46:26:9d:f4:61:1e:29: 1c:d7:7f:e7:bc:10:d4:0f:29:49:b5:02:9d:c7:71: 73:33:cb:76:53:d7:03:05:0a:39:19:b9:74:47:51: 95:f9:c5:25:55:06:c0:7d:4a:42:3d:ef:6b:2b:1e: 88:ae:ee:2d:e5:b4:ab:0b:67:16:11:5f:81:de:3b: 7a:00:cb:64:8c:58:e0:e5:e2:6d:37:ef:50:f1:f5: ac:e8:9c:2d:2f:74:7a:5b:84:ef:54:71:f2:da:66: 43:32:ac:d1:42:8e:86:0b:c8:35:57:f5:b0:2b:dd: cd:7a:97:9c:70:bd:74:b1:8c:b9:b7:e4:4e:fa:f0: 11:7d:39:43:3b:85:82:c0:62:38:97:05:af:53:7d: 0e:7f:4a:46:c1:15:43:04:4b:a3:c8:d5:89:65:10: 04:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 43:2A:E9:E2:B0:09:41:EF:89:25:40:9E:82:CA:40:50:8A:46:88:B1 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.10.160.0/23 Signature Algorithm: sha256WithRSAEncryption 16:bd:62:63:fc:58:82:51:c1:e4:93:8b:74:ee:9a:a9:46:67: ca:8a:90:a2:e6:2d:06:49:c6:d1:98:f5:ba:5d:85:30:d9:93: c1:75:6e:41:46:db:aa:47:24:6c:eb:cd:58:89:89:40:8b:72: 8d:6b:46:4e:3a:13:10:c9:8f:bd:3f:d2:82:40:f5:93:3d:c7: 2a:6e:fe:b0:08:ec:ae:c8:1b:97:0c:a0:9a:a0:1a:68:d3:be: 10:13:80:00:3f:b5:45:72:a6:13:57:2b:1f:d6:a0:4a:f9:d7: 71:f0:ba:19:c5:69:8e:ed:70:dc:c6:40:5c:45:37:12:9b:50: d7:a5:4c:39:dc:84:f8:63:3e:10:05:74:fc:e3:05:23:b8:87: 61:f1:63:90:d6:ba:ec:45:f6:32:7b:32:6a:b4:9a:d8:66:50: 7e:98:5e:cb:d3:09:11:a7:f8:b9:c4:7d:f0:69:43:fd:36:56: c5:31:14:0e:b8:a8:b2:c1:f9:1f:6a:69:fa:a7:5b:7a:79:40: 16:60:38:63:be:76:ac:5e:3b:9b:28:e7:83:56:e3:14:98:56: 2a:c7:ad:43:10:36:22:d2:78:96:e8:56:ec:f7:5b:1d:27:83: 02:28:65:16:05:cb:ba:ed:e1:73:7a:84:0d:57:21:18:68:ea: 7c:9e:59:c4 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUAQZAvRSzWonELgZzSZKpH2o2pxEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTExNTAyMTY1N1oX DTI2MTExNDAyMjE1N1owMzExMC8GA1UEAxMoNDMyQUU5RTJCMDA5NDFFRjg5MjU0 MDlFODJDQTQwNTA4QTQ2ODhCMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMwO6oYS+IJBd0NEN5kEs1H7xjXzQham7X4YKNfl1FMaHvNnE+dB5j4aQSod P4hpVV44oEPgfziw/Iqux++Pq2Zo11IYPGGnosUQe26z2imrXl3+S9oecoP/WVww A5SIjW1GJp30YR4pHNd/57wQ1A8pSbUCncdxczPLdlPXAwUKORm5dEdRlfnFJVUG wH1KQj3vayseiK7uLeW0qwtnFhFfgd47egDLZIxY4OXibTfvUPH1rOicLS90eluE 71Rx8tpmQzKs0UKOhgvINVf1sCvdzXqXnHC9dLGMubfkTvrwEX05QzuFgsBiOJcF r1N9Dn9KRsEVQwRLo8jViWUQBG0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEMq6eKwCUHviSVAnoLKQFCKRoixMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9lYzJmYzFkNC0zN2E2LTQ5NDMtYjRjNi02ZDhlOWI0ZTU1OTEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2VjMmZjMWQ0 LTM3YTYtNDk0My1iNGM2LTZkOGU5YjRlNTU5MS8wLzQzMkFFOUUyQjAwOTQxRUY4 OTI1NDA5RTgyQ0E0MDUwOEE0Njg4QjEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGdCqAwDQYJKoZIhvcNAQELBQADggEBABa9YmP8WIJRweSTi3TumqlGZ8qKkKLm LQZJxtGY9bpdhTDZk8F1bkFG26pHJGzrzViJiUCLco1rRk46ExDJj70/0oJA9ZM9 xypu/rAI7K7IG5cMoJqgGmjTvhATgAA/tUVyphNXKx/WoEr513HwuhnFaY7tcNzG QFxFNxKbUNelTDnchPhjPhAFdPzjBSO4h2HxY5DWuuxF9jJ7Mmq0mthmUH6YXsvT CRGn+LnEffBpQ/02VsUxFA64qLLB+R9qafqnW3p5QBZgOGO+dqxeO5so54NW4xSY VirHrUMQNiLSeJboVuz3Wx0ngwIoZRYFy7rt4XN6hA1XIRho6nyeWcQ= -----END CERTIFICATE-----Generated at Sat Dec 6 18:33:30 2025 by rpki-client