$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/676E12EDA912B67493E88316A428CFDBCAB51941.cer File: 676E12EDA912B67493E88316A428CFDBCAB51941.cer (raw, json) Hash identifier: 5N3SgZ4v7c5TleP3F+FO2Fvw+2MihceKuvsoJ05Bdug= Subject key identifier: 67:6E:12:ED:A9:12:B6:74:93:E8:83:16:A4:28:CF:DB:CA:B5:19:41 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 3FC31CFD5D43BD201A597511F8499ECDFF4A4CB1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/b264bfb2-d41d-4317-b92d-bb9441fd0dcf/0/676E12EDA912B67493E88316A428CFDBCAB51941.mft caRepository: rsync://repo-rpki.idnic.net/repo/b264bfb2-d41d-4317-b92d-bb9441fd0dcf/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 03 May 2025 12:54:36 +0000 Certificate not after: Sat 02 May 2026 12:59:36 +0000 Subordinate resources: IP: 157.66.4.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 14 May 2025 21:28:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:c3:1c:fd:5d:43:bd:20:1a:59:75:11:f8:49:9e:cd:ff:4a:4c:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 3 12:54:36 2025 GMT Not After : May 2 12:59:36 2026 GMT Subject: CN=676E12EDA912B67493E88316A428CFDBCAB51941 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:29:9e:74:3d:75:c7:52:7f:a5:cd:6c:e6:be: a8:77:f0:26:4e:7f:60:c5:e0:74:ac:8e:9c:81:a9: 42:07:e9:3a:a3:15:8b:78:89:42:a8:06:b9:d4:38: db:15:35:96:a9:88:c1:b5:01:e8:ee:5c:8e:23:f6: 7e:db:6c:16:0a:a6:c0:0b:ea:87:3c:8c:64:8e:5a: 94:20:f9:0e:7f:4a:64:11:49:55:1b:a2:af:a2:d1: de:57:35:ab:db:c8:2a:20:be:a1:3b:33:0c:92:78: ee:71:e2:b0:83:85:04:2c:30:99:65:bc:23:13:76: bd:de:1e:b9:a5:4f:b6:25:91:ec:64:20:a7:57:d4: 48:be:94:f5:9b:6e:8e:fa:8b:84:23:57:5d:73:79: 0d:51:64:3d:36:77:89:ab:4f:e0:be:ce:71:74:a6: e5:ef:7f:7f:44:97:95:2f:ff:6b:9e:dc:eb:0c:f4: 4c:55:61:3f:15:7b:ad:c6:1f:7a:6c:0e:3e:9f:40: 48:d3:ca:da:6c:c6:c1:11:14:38:f3:70:8d:16:c6: 8d:c9:55:81:72:ab:f7:5e:eb:9c:5b:c3:3e:95:b1: 89:fc:80:71:97:02:d4:b1:28:56:ed:42:9a:84:ee: 88:01:7e:92:b0:87:12:c3:8e:ff:48:40:ae:b9:a4: e1:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 67:6E:12:ED:A9:12:B6:74:93:E8:83:16:A4:28:CF:DB:CA:B5:19:41 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/b264bfb2-d41d-4317-b92d-bb9441fd0dcf/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/b264bfb2-d41d-4317-b92d-bb9441fd0dcf/0/676E12EDA912B67493E88316A428CFDBCAB51941.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.4.0/23 Signature Algorithm: sha256WithRSAEncryption 3b:cc:3c:4f:0f:8d:18:f0:e1:7e:1b:ed:55:9d:2a:4d:b3:0e: 95:c8:84:eb:a9:25:f0:43:74:12:01:62:88:0b:68:ab:8c:49: 04:55:1e:6c:01:b1:9c:da:47:6b:33:16:e0:b7:07:2a:28:86: 75:92:da:f0:e6:c8:4c:20:31:a6:3e:ff:d6:c6:d7:1e:17:fe: dc:b4:0b:68:5a:bb:59:d5:8a:ba:de:b1:d4:d0:b3:50:53:f7: 2c:30:73:73:17:80:16:ca:f7:38:86:af:6a:0f:4b:af:a0:1a: fb:36:2b:27:aa:9d:02:11:45:e6:f2:80:e2:05:a8:ee:42:be: 6e:86:d5:bf:88:82:a3:48:6c:3f:a8:23:6a:27:47:48:be:ef: 97:5b:46:91:a3:6d:71:59:95:60:e5:22:63:cc:fc:02:ef:97: fd:f0:56:e0:7e:aa:85:33:0b:df:17:73:58:fa:a1:cb:56:33: b6:21:2e:56:52:83:8e:6c:04:15:da:f3:d6:b4:f2:e2:6c:2d: 77:e6:a6:88:d3:5b:6e:86:f5:0a:c5:dd:d8:9d:36:f2:b9:ff: 2e:01:d5:03:46:72:37:9c:53:52:b8:d1:b7:a6:f9:43:eb:fc: 45:46:1b:6e:45:af:40:2c:27:e6:e7:a5:4c:e2:9a:e8:c4:47: 30:7c:45:ba -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUP8Mc/V1DvSAaWXUR+Emezf9KTLEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDUwMzEyNTQzNloX DTI2MDUwMjEyNTkzNlowMzExMC8GA1UEAxMoNjc2RTEyRURBOTEyQjY3NDkzRTg4 MzE2QTQyOENGREJDQUI1MTk0MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALwpnnQ9dcdSf6XNbOa+qHfwJk5/YMXgdKyOnIGpQgfpOqMVi3iJQqgGudQ4 2xU1lqmIwbUB6O5cjiP2fttsFgqmwAvqhzyMZI5alCD5Dn9KZBFJVRuir6LR3lc1 q9vIKiC+oTszDJJ47nHisIOFBCwwmWW8IxN2vd4euaVPtiWR7GQgp1fUSL6U9Ztu jvqLhCNXXXN5DVFkPTZ3iatP4L7OcXSm5e9/f0SXlS//a57c6wz0TFVhPxV7rcYf emwOPp9ASNPK2mzGwREUOPNwjRbGjclVgXKr917rnFvDPpWxifyAcZcC1LEoVu1C moTuiAF+krCHEsOO/0hArrmk4aUCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFGduEu2pErZ0k+iDFqQoz9vKtRlBMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9iMjY0YmZiMi1kNDFkLTQzMTctYjkyZC1iYjk0NDFmZDBkY2YvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2IyNjRiZmIy LWQ0MWQtNDMxNy1iOTJkLWJiOTQ0MWZkMGRjZi8wLzY3NkUxMkVEQTkxMkI2NzQ5 M0U4ODMxNkE0MjhDRkRCQ0FCNTE5NDEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGdQgQwDQYJKoZIhvcNAQELBQADggEBADvMPE8PjRjw4X4b7VWdKk2zDpXIhOup JfBDdBIBYogLaKuMSQRVHmwBsZzaR2szFuC3ByoohnWS2vDmyEwgMaY+/9bG1x4X /ty0C2hau1nVirresdTQs1BT9ywwc3MXgBbK9ziGr2oPS6+gGvs2KyeqnQIRReby gOIFqO5Cvm6G1b+IgqNIbD+oI2onR0i+75dbRpGjbXFZlWDlImPM/ALvl/3wVuB+ qoUzC98Xc1j6octWM7YhLlZSg45sBBXa89a08uJsLXfmpojTW26G9QrF3didNvK5 /y4B1QNGcjecU1K40bem+UPr/EVGG25Fr0AsJ+bnpUzimujERzB8Rbo= -----END CERTIFICATE-----Generated at Mon May 12 07:23:36 2025 by rpki-client