$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/B8D444C5B3184A4F8C8F199A432242C44E19EACB.cer File: B8D444C5B3184A4F8C8F199A432242C44E19EACB.cer (raw, json) Hash identifier: esyL7mbuo+Zw5yFLhVruIgSYZ7uUfhHVebTCM0tUlaE= Subject key identifier: B8:D4:44:C5:B3:18:4A:4F:8C:8F:19:9A:43:22:42:C4:4E:19:EA:CB Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 2752D42960D39B60B0DCBAA45E7259E3B9E0EE39 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/7f4b53d8-b2ff-4973-b1ac-6f85faeadbe5/0/B8D444C5B3184A4F8C8F199A432242C44E19EACB.mft caRepository: rsync://repo-rpki.idnic.net/repo/7f4b53d8-b2ff-4973-b1ac-6f85faeadbe5/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 17 Jun 2025 21:28:20 +0000 Certificate not after: Tue 16 Jun 2026 21:33:20 +0000 Subordinate resources: IP: 160.25.36.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Jul 2025 05:09:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:52:d4:29:60:d3:9b:60:b0:dc:ba:a4:5e:72:59:e3:b9:e0:ee:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 17 21:28:20 2025 GMT Not After : Jun 16 21:33:20 2026 GMT Subject: CN=B8D444C5B3184A4F8C8F199A432242C44E19EACB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:cf:da:9e:7b:a6:ac:3b:9c:d3:73:16:17:5d: c7:d2:fb:b5:5a:6b:dd:b7:a5:7e:0f:ab:31:cf:70: 3b:3e:a5:fa:d9:df:15:aa:7c:94:31:9d:1f:b9:a7: fa:d9:da:eb:00:e7:d9:45:6f:9b:4d:94:bb:d9:ac: d4:cd:26:0c:bf:72:4d:e8:d9:44:1e:9b:7c:e6:76: 9e:f2:98:52:55:43:16:30:bc:c6:d4:d6:6e:00:56: 4f:1f:9d:69:62:61:ac:c0:66:1a:4a:59:3d:86:fe: 23:31:64:03:1d:97:e3:c1:51:1e:b1:6c:01:1a:1b: 29:bb:44:7a:50:dd:0f:c4:d5:7f:2b:1c:47:d1:7a: 25:58:70:01:6d:d9:68:49:b8:97:38:c7:01:a4:e0: 4e:09:87:30:84:ca:c3:40:42:aa:58:06:11:16:14: 56:3b:5d:f9:e3:56:cb:8a:fb:89:3b:66:13:f0:9d: 83:2f:f0:c1:c8:3e:99:61:94:27:ff:b7:a2:1e:9c: 81:b3:9c:ed:44:1b:87:f7:26:66:bd:f3:9d:9a:c8: 48:ad:68:38:0a:19:f7:80:2d:cc:a4:a2:a2:25:93: 26:b0:e3:98:f2:85:c0:66:2e:42:ec:88:b5:4e:00: 45:cd:ab:88:5c:42:23:64:85:77:bd:38:ac:05:0c: ac:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: B8:D4:44:C5:B3:18:4A:4F:8C:8F:19:9A:43:22:42:C4:4E:19:EA:CB X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/7f4b53d8-b2ff-4973-b1ac-6f85faeadbe5/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/7f4b53d8-b2ff-4973-b1ac-6f85faeadbe5/0/B8D444C5B3184A4F8C8F199A432242C44E19EACB.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.36.0/23 Signature Algorithm: sha256WithRSAEncryption 96:d0:85:1a:b8:82:ef:f3:44:03:b2:26:5c:8a:6a:ac:81:75: 4b:57:71:05:d9:f5:88:b5:ac:15:a8:6d:35:ef:a0:a2:ed:ff: 15:c0:83:c5:84:c5:59:33:fd:56:5f:93:3a:78:cc:34:71:da: 32:69:78:44:17:3a:b6:d5:ed:b6:a2:ac:52:cc:92:46:d2:89: d7:6f:e1:fd:3a:46:cb:ca:3e:cd:61:c7:99:7c:0e:b4:31:d6: 86:68:45:30:8d:b1:46:60:19:4a:57:19:e9:0e:96:f8:3e:7c: 25:6c:d2:44:6e:60:5a:1e:b6:e2:f0:33:cd:83:6f:6e:36:21: 07:37:91:1f:73:9b:31:8d:53:e5:31:68:f2:57:9d:d2:8e:f6: 86:c7:1c:45:c1:16:68:ef:74:33:fb:2f:59:de:a3:29:0a:7e: f4:a4:8f:d3:32:ed:5a:15:89:e5:71:43:ef:1e:54:f4:d2:ed: 66:09:71:94:2b:12:36:3d:30:21:ea:05:3a:5f:24:7b:09:b2: 67:04:f5:db:25:74:16:f7:e8:56:4a:e6:f3:4f:81:32:71:e0: 99:06:10:b5:7d:89:40:a0:f4:a8:96:6c:41:7b:ae:02:2a:8d: 96:7d:e0:03:8d:0f:b8:ad:53:3d:24:78:bd:b1:81:3c:34:bd: 8f:a4:53:22 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUJ1LUKWDTm2Cw3LqkXnJZ47ng7jkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDYxNzIxMjgyMFoX DTI2MDYxNjIxMzMyMFowMzExMC8GA1UEAxMoQjhENDQ0QzVCMzE4NEE0RjhDOEYx OTlBNDMyMjQyQzQ0RTE5RUFDQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANTP2p57pqw7nNNzFhddx9L7tVpr3belfg+rMc9wOz6l+tnfFap8lDGdH7mn +tna6wDn2UVvm02Uu9ms1M0mDL9yTejZRB6bfOZ2nvKYUlVDFjC8xtTWbgBWTx+d aWJhrMBmGkpZPYb+IzFkAx2X48FRHrFsARobKbtEelDdD8TVfyscR9F6JVhwAW3Z aEm4lzjHAaTgTgmHMITKw0BCqlgGERYUVjtd+eNWy4r7iTtmE/Cdgy/wwcg+mWGU J/+3oh6cgbOc7UQbh/cmZr3znZrISK1oOAoZ94AtzKSioiWTJrDjmPKFwGYuQuyI tU4ARc2riFxCI2SFd704rAUMrAMCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFLjURMWzGEpPjI8ZmkMiQsROGerLMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83ZjRiNTNkOC1iMmZmLTQ5NzMtYjFhYy02Zjg1ZmFlYWRiZTUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdmNGI1M2Q4 LWIyZmYtNDk3My1iMWFjLTZmODVmYWVhZGJlNS8wL0I4RDQ0NEM1QjMxODRBNEY4 QzhGMTk5QTQzMjI0MkM0NEUxOUVBQ0IubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgGSQwDQYJKoZIhvcNAQELBQADggEBAJbQhRq4gu/zRAOyJlyKaqyBdUtXcQXZ 9Yi1rBWobTXvoKLt/xXAg8WExVkz/VZfkzp4zDRx2jJpeEQXOrbV7bairFLMkkbS iddv4f06RsvKPs1hx5l8DrQx1oZoRTCNsUZgGUpXGekOlvg+fCVs0kRuYFoetuLw M82Db242IQc3kR9zmzGNU+UxaPJXndKO9obHHEXBFmjvdDP7L1neoykKfvSkj9My 7VoVieVxQ+8eVPTS7WYJcZQrEjY9MCHqBTpfJHsJsmcE9dsldBb36FZK5vNPgTJx 4JkGELV9iUCg9KiWbEF7rgIqjZZ94AOND7itUz0keL2xgTw0vY+kUyI= -----END CERTIFICATE-----Generated at Tue Jul 1 08:09:01 2025 by rpki-client