$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.cer File: 95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.cer (raw, json) Hash identifier: WTgsXJ27YkcMbS5TbgHEMwRURb6Og0Iz0wVheCv6u/g= Subject key identifier: 95:FA:C3:8A:5C:B2:CE:A3:E5:FF:E2:49:56:26:A7:BE:A3:28:D6:89 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 73BBF64F8189A4C10F911887D657542B56F2D343 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft caRepository: rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 08 May 2025 18:51:40 +0000 Certificate not after: Thu 07 May 2026 18:56:40 +0000 Subordinate resources: IP: 160.19.88.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 16 May 2025 04:09:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:bb:f6:4f:81:89:a4:c1:0f:91:18:87:d6:57:54:2b:56:f2:d3:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 8 18:51:40 2025 GMT Not After : May 7 18:56:40 2026 GMT Subject: CN=95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:2e:de:d8:d6:a3:fd:6b:2a:24:1f:76:15:f4: c7:a3:0f:d8:6a:8b:44:d3:af:cd:c6:75:78:1f:7b: 17:f9:7c:4f:12:cd:ff:4d:55:3f:72:68:fa:6c:aa: e3:e5:83:49:a0:65:f8:df:41:61:a8:89:c8:30:c6: c6:4b:22:43:08:27:aa:f9:be:19:b9:c1:86:18:75: b3:3c:18:5e:c8:4c:a0:0d:b7:ba:4a:90:2d:aa:e0: 94:57:dd:01:4d:31:ba:0e:57:d6:a8:29:48:0e:27: 22:2e:96:b0:9d:8e:be:70:c7:0d:fe:27:da:8c:ba: 41:f3:1e:b1:39:ff:ae:55:d5:69:88:40:b1:83:f0: 9e:78:18:96:90:82:ce:c9:34:13:16:26:a2:bf:3f: cf:8c:0d:32:bb:78:dd:e6:b4:d5:64:b9:0e:9b:1d: e1:70:82:f3:9c:70:69:66:b2:fa:7c:1c:30:f5:d8: 5a:2f:10:79:d4:2c:5e:62:8f:0a:e8:50:88:94:63: 26:40:82:de:fe:d5:9f:77:33:88:66:45:6d:b6:90: 5f:0c:32:f5:bc:39:31:02:94:45:f6:e6:43:ca:3d: 10:f3:0c:81:1d:50:48:c5:bd:f5:03:28:13:21:b3: 18:06:82:47:1d:1c:5e:cc:bf:9e:6f:24:cf:05:97: 7d:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 95:FA:C3:8A:5C:B2:CE:A3:E5:FF:E2:49:56:26:A7:BE:A3:28:D6:89 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.19.88.0/24 Signature Algorithm: sha256WithRSAEncryption 3f:83:8c:c5:70:92:24:dc:8e:13:44:59:c1:51:b3:28:49:ad: 0a:e7:a5:58:4f:46:8c:f3:48:59:ef:df:f3:fb:ed:aa:c6:77: 99:47:bb:31:ee:1a:64:c3:0b:d1:40:2d:1b:b6:12:6c:3f:ab: e4:77:fb:2d:40:8d:78:79:68:0f:e9:31:d4:43:44:6f:f4:e7: 11:67:56:ea:a4:cf:77:8c:2f:0f:5c:21:cf:d7:80:1d:5d:93: 01:54:29:bc:bf:54:51:d6:36:5a:bd:5d:6a:5d:19:c4:88:93: 79:67:46:e5:83:8d:3d:7a:d8:f9:4d:b9:87:48:fa:a8:05:b2: fd:02:bd:49:a2:f7:3c:57:7c:09:db:3b:1f:36:c6:32:e7:8c: 5a:94:85:9a:e2:1b:30:e2:96:2f:25:8d:53:b2:5b:8c:85:3f: e8:1e:e0:a7:26:00:46:44:e0:77:b1:57:b6:53:51:76:85:19: 45:a2:0f:aa:50:28:f9:67:e1:55:53:02:51:81:40:89:31:5e: d0:13:a7:d0:a6:fa:71:01:88:ca:2e:88:84:a1:33:aa:d5:f6: 26:b0:d4:d0:c8:45:14:0f:98:73:63:ff:4b:48:6f:21:f5:68: 55:b4:d5:a0:95:e6:1c:54:a1:7f:4f:ce:0c:c3:c6:8b:53:20: a9:c9:70:f3 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUc7v2T4GJpMEPkRiH1ldUK1by00MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDUwODE4NTE0MFoX DTI2MDUwNzE4NTY0MFowMzExMC8GA1UEAxMoOTVGQUMzOEE1Q0IyQ0VBM0U1RkZF MjQ5NTYyNkE3QkVBMzI4RDY4OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJwu3tjWo/1rKiQfdhX0x6MP2GqLRNOvzcZ1eB97F/l8TxLN/01VP3Jo+myq 4+WDSaBl+N9BYaiJyDDGxksiQwgnqvm+GbnBhhh1szwYXshMoA23ukqQLarglFfd AU0xug5X1qgpSA4nIi6WsJ2OvnDHDf4n2oy6QfMesTn/rlXVaYhAsYPwnngYlpCC zsk0ExYmor8/z4wNMrt43ea01WS5Dpsd4XCC85xwaWay+nwcMPXYWi8QedQsXmKP CuhQiJRjJkCC3v7Vn3cziGZFbbaQXwwy9bw5MQKURfbmQ8o9EPMMgR1QSMW99QMo EyGzGAaCRx0cXsy/nm8kzwWXfRsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFJX6w4pcss6j5f/iSVYmp76jKNaJMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by84NGRhNDE1Yi01ZjE3LTQ2MDItOWJkOS1mZDg0YWMyY2FlODYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzg0ZGE0MTVi LTVmMTctNDYwMi05YmQ5LWZkODRhYzJjYWU4Ni8wLzk1RkFDMzhBNUNCMkNFQTNF NUZGRTI0OTU2MjZBN0JFQTMyOEQ2ODkubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACgE1gwDQYJKoZIhvcNAQELBQADggEBAD+DjMVwkiTcjhNEWcFRsyhJrQrnpVhP RozzSFnv3/P77arGd5lHuzHuGmTDC9FALRu2Emw/q+R3+y1AjXh5aA/pMdRDRG/0 5xFnVuqkz3eMLw9cIc/XgB1dkwFUKby/VFHWNlq9XWpdGcSIk3lnRuWDjT162PlN uYdI+qgFsv0CvUmi9zxXfAnbOx82xjLnjFqUhZriGzDili8ljVOyW4yFP+ge4Kcm AEZE4HexV7ZTUXaFGUWiD6pQKPln4VVTAlGBQIkxXtATp9Cm+nEBiMouiIShM6rV 9iaw1NDIRRQPmHNj/0tIbyH1aFW01aCV5hxUoX9PzgzDxotTIKnJcPM= -----END CERTIFICATE-----Generated at Tue May 13 21:03:26 2025 by rpki-client