$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer File: 588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer (raw, json) Hash identifier: 2xWb3rajxwApC8oYbS2ESCONOUyBkrWp3McCz4QM26E= Subject key identifier: 58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 4E09EE55CA097F51BB8346583A68B08347647012 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft caRepository: rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 30 Jun 2025 16:58:56 +0000 Certificate not after: Mon 29 Jun 2026 17:03:56 +0000 Subordinate resources: IP: 160.22.12.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 19:22:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:09:ee:55:ca:09:7f:51:bb:83:46:58:3a:68:b0:83:47:64:70:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 30 16:58:56 2025 GMT Not After : Jun 29 17:03:56 2026 GMT Subject: CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:4c:59:ff:f8:7b:d8:46:2c:e6:94:df:c4:a2: 2d:42:eb:98:41:68:02:7f:08:8b:50:c6:d1:74:58: c6:ee:8e:d7:b0:be:15:fc:6b:78:75:1f:f4:18:fa: 18:71:08:4c:cd:38:ff:93:84:d6:5d:fb:93:0d:37: b2:d7:47:4b:74:c8:3a:44:13:19:93:99:e1:3f:aa: 35:e8:3a:50:9f:29:ce:43:28:83:49:2d:f3:39:94: b9:2a:09:58:46:4e:09:28:41:ab:4d:e2:8d:f4:02: 1d:7d:8b:f0:e6:c5:a4:49:d7:24:60:67:89:af:ed: 3e:a7:2c:5b:04:01:20:aa:4c:2f:7b:ef:d1:aa:63: 97:00:61:36:98:5c:e1:7e:80:8f:ae:12:f2:03:fb: cd:85:52:48:14:5b:f1:b0:73:7d:f4:2c:69:a1:b5: 28:ca:6d:c5:05:c0:97:4e:24:99:06:8a:d7:08:8b: 7a:19:54:10:21:62:b4:a0:c5:ee:59:fb:b8:4f:e5: fd:cf:f0:bd:13:5d:92:09:d8:a2:db:cf:b7:00:76: 50:27:e5:6d:c7:09:31:6b:8b:50:32:68:5c:ab:c7: 1f:80:e2:2c:af:68:e6:5d:e9:9f:89:aa:a7:63:fa: de:a9:a4:13:5c:4d:a8:34:7f:0e:d6:71:ee:80:c5: a7:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.12.0/23 Signature Algorithm: sha256WithRSAEncryption 5f:08:90:e4:13:78:fd:c0:27:6c:e4:cb:39:ca:74:94:a7:80: eb:40:a8:7a:3b:59:f1:19:68:a6:95:f5:b3:25:45:31:50:6a: 65:bd:a6:f9:38:9b:90:1e:2a:a4:83:ee:e5:0d:d8:94:dc:33: 58:84:aa:98:50:9d:75:bb:3d:56:a9:fa:64:9d:6e:cb:3f:8e: 66:83:5a:77:3b:10:e4:99:80:88:05:58:c1:4f:52:2f:65:40: 88:0c:96:9b:df:d6:75:ea:85:d0:0d:42:c9:d4:94:be:4f:32: 4c:89:1e:fe:45:4a:d1:ea:96:e5:e0:2a:d6:a4:7e:88:6d:f7: 43:22:9d:e3:49:28:27:0b:53:b8:8a:58:6c:b6:a0:92:8e:08: 69:41:bd:94:87:8e:ea:13:49:c4:9f:9a:b3:d1:bc:fe:d6:10: 5c:b2:5d:48:9b:d8:91:53:75:b7:c6:7b:70:5d:7b:d5:1d:51: 0f:cb:84:80:92:34:a4:bc:25:32:e9:c5:44:47:0e:c5:0c:9c: 4a:a3:13:1c:19:43:6e:8e:70:b6:b5:53:88:22:a4:e9:e7:dc: 77:bd:2c:73:74:18:8c:60:0d:fb:78:47:b3:54:58:8b:ae:9b: 98:8e:6a:aa:b7:af:5c:42:a9:3f:86:5e:b2:75:92:71:40:1f: 97:49:ca:70 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUTgnuVcoJf1G7g0ZYOmiwg0dkcBIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDYzMDE2NTg1NloX DTI2MDYyOTE3MDM1NlowMzExMC8GA1UEAxMoNTg4REQwRkNFNEJDMjQzQ0M5QzZE NjhBRTA0RTg0NjdFMEU0RDA2OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANVMWf/4e9hGLOaU38SiLULrmEFoAn8Ii1DG0XRYxu6O17C+FfxreHUf9Bj6 GHEITM04/5OE1l37kw03stdHS3TIOkQTGZOZ4T+qNeg6UJ8pzkMog0kt8zmUuSoJ WEZOCShBq03ijfQCHX2L8ObFpEnXJGBnia/tPqcsWwQBIKpML3vv0apjlwBhNphc 4X6Aj64S8gP7zYVSSBRb8bBzffQsaaG1KMptxQXAl04kmQaK1wiLehlUECFitKDF 7ln7uE/l/c/wvRNdkgnYotvPtwB2UCflbccJMWuLUDJoXKvHH4DiLK9o5l3pn4mq p2P63qmkE1xNqDR/DtZx7oDFp68CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFiN0PzkvCQ8ycbWiuBOhGfg5NBpMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8wMTk5ZTU0MS0xODYxLTRkNmEtOGUyOC1iMDI4NDU4NjE0OTYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzAxOTllNTQx LTE4NjEtNGQ2YS04ZTI4LWIwMjg0NTg2MTQ5Ni8wLzU4OEREMEZDRTRCQzI0M0ND OUM2RDY4QUUwNEU4NDY3RTBFNEQwNjkubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgFgwwDQYJKoZIhvcNAQELBQADggEBAF8IkOQTeP3AJ2zkyznKdJSngOtAqHo7 WfEZaKaV9bMlRTFQamW9pvk4m5AeKqSD7uUN2JTcM1iEqphQnXW7PVap+mSdbss/ jmaDWnc7EOSZgIgFWMFPUi9lQIgMlpvf1nXqhdANQsnUlL5PMkyJHv5FStHqluXg Ktakfoht90MineNJKCcLU7iKWGy2oJKOCGlBvZSHjuoTScSfmrPRvP7WEFyyXUib 2JFTdbfGe3Bde9UdUQ/LhICSNKS8JTLpxURHDsUMnEqjExwZQ26OcLa1U4gipOnn 3He9LHN0GIxgDft4R7NUWIuum5iOaqq3r1xCqT+GXrJ1knFAH5dJynA= -----END CERTIFICATE-----Generated at Tue Jul 1 17:57:35 2025 by rpki-client