$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer File: D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer (raw, json) Hash identifier: yNbOR4phHToftkj/FKpcpw+rnAfywzlwz35xvH6sQlU= Subject key identifier: D3:B0:DD:BB:8E:07:FC:D9:8A:39:9C:90:C5:B3:FC:32:B4:FA:28:F0 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 5FEAC914C999E84608131C53B790BCC312BB87CC Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft caRepository: rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 14 Oct 2025 15:12:02 +0000 Certificate not after: Tue 13 Oct 2026 15:17:02 +0000 Subordinate resources: IP: 160.22.187.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 23 Oct 2025 03:04:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:ea:c9:14:c9:99:e8:46:08:13:1c:53:b7:90:bc:c3:12:bb:87:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Oct 14 15:12:02 2025 GMT Not After : Oct 13 15:17:02 2026 GMT Subject: CN=D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:20:d9:a0:e8:a0:f6:12:7d:1f:c9:31:20:2b: b8:44:92:ce:f2:83:95:82:75:68:06:1c:8e:aa:41: f1:d3:97:2f:60:54:9f:da:f7:bb:04:c0:da:09:56: 84:cc:ef:aa:9c:72:64:06:15:01:36:5a:c9:f6:b2: 13:54:a3:af:d3:46:56:27:b9:9c:df:7a:21:37:ae: 94:af:58:f1:ca:84:ad:5c:7e:3e:6f:85:ef:97:c8: 5c:d2:ec:1f:13:a0:d7:f5:b5:9e:97:63:2a:cf:17: b2:dd:54:83:2f:db:37:8e:68:6a:73:3e:4a:e5:51: a6:3b:ce:20:c2:4c:f8:4a:b7:0a:bc:4b:fc:8a:80: 50:df:0a:ab:d8:03:51:84:c4:4d:49:29:ba:86:ea: b4:39:38:43:ab:19:ce:6d:6b:aa:1e:3f:5f:cf:af: 7d:83:a6:be:ad:59:40:a0:55:38:a4:9b:21:5b:21: 86:47:ed:d9:9b:2c:23:46:a5:3a:82:02:9b:ae:be: 9e:52:6a:bf:d5:87:7f:f0:6e:1c:ab:3b:aa:83:e9: 8d:5c:65:be:05:27:6b:d8:77:af:c7:4c:0a:55:f0: eb:82:fa:f9:a2:49:96:39:54:6a:ff:28:80:d6:0c: a5:96:26:56:6d:91:9f:25:97:d2:23:b0:25:4e:fd: 09:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D3:B0:DD:BB:8E:07:FC:D9:8A:39:9C:90:C5:B3:FC:32:B4:FA:28:F0 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.187.0/24 Signature Algorithm: sha256WithRSAEncryption 97:f0:28:d3:b9:08:c1:d2:f4:3c:8f:97:f8:d0:8e:80:f6:fb: 5d:23:af:ca:4f:55:a5:ec:a4:a5:bf:8a:c9:55:ea:9e:76:0f: e2:65:23:68:0d:69:ff:88:1e:e0:10:80:3f:8e:cf:a0:39:8c: 33:89:3d:6d:aa:29:3e:64:a8:dd:71:e6:84:1a:61:29:2b:0f: 37:a9:b5:7c:d8:4a:41:2e:25:98:26:69:77:41:bb:26:05:d3: b6:4e:55:7f:41:6f:6a:a5:f9:be:2b:7d:50:62:e5:be:10:57: ef:b1:b9:ca:a5:ea:50:39:e1:74:a4:9e:9b:d0:0c:bf:20:14: 9e:d0:a4:13:0c:0e:ea:0f:7c:a9:d4:1f:11:13:c3:20:ea:4c: 95:c8:9a:b2:52:a9:57:4b:cd:81:51:45:0b:c6:87:45:37:d0: 9d:29:f9:3a:81:fc:bb:25:cc:9f:b8:9b:a5:f6:09:45:e5:a9: 42:0d:37:e8:b9:6c:2f:02:66:bc:f2:91:eb:c8:9a:a3:5d:90: 25:cd:a8:86:47:0d:c2:f0:b1:fe:a9:4f:ec:02:27:8b:b7:f6: 28:4b:78:85:79:91:b2:8f:b0:00:61:d1:0f:fc:af:e8:18:0a: 23:0b:fc:1c:3e:b2:52:34:79:14:04:ee:55:69:0b:8c:ac:f8: 0c:43:ac:53 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUX+rJFMmZ6EYIExxTt5C8wxK7h8wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MTAxNDE1MTIwMloX DTI2MTAxMzE1MTcwMlowMzExMC8GA1UEAxMoRDNCMEREQkI4RTA3RkNEOThBMzk5 QzkwQzVCM0ZDMzJCNEZBMjhGMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL4g2aDooPYSfR/JMSAruESSzvKDlYJ1aAYcjqpB8dOXL2BUn9r3uwTA2glW hMzvqpxyZAYVATZayfayE1Sjr9NGVie5nN96ITeulK9Y8cqErVx+Pm+F75fIXNLs HxOg1/W1npdjKs8Xst1Ugy/bN45oanM+SuVRpjvOIMJM+Eq3CrxL/IqAUN8Kq9gD UYTETUkpuobqtDk4Q6sZzm1rqh4/X8+vfYOmvq1ZQKBVOKSbIVshhkft2ZssI0al OoICm66+nlJqv9WHf/BuHKs7qoPpjVxlvgUna9h3r8dMClXw64L6+aJJljlUav8o gNYMpZYmVm2RnyWX0iOwJU79Ca0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNOw3buOB/zZijmckMWz/DK0+ijwMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83ZDlmOThmMy03MmYwLTQwMDYtYmU5OS1iOWE5ZThkOWQyYmYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdkOWY5OGYz LTcyZjAtNDAwNi1iZTk5LWI5YTllOGQ5ZDJiZi8wL0QzQjBEREJCOEUwN0ZDRDk4 QTM5OUM5MEM1QjNGQzMyQjRGQTI4RjAubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACgFrswDQYJKoZIhvcNAQELBQADggEBAJfwKNO5CMHS9DyPl/jQjoD2+10jr8pP VaXspKW/islV6p52D+JlI2gNaf+IHuAQgD+Oz6A5jDOJPW2qKT5kqN1x5oQaYSkr DzeptXzYSkEuJZgmaXdBuyYF07ZOVX9Bb2ql+b4rfVBi5b4QV++xucql6lA54XSk npvQDL8gFJ7QpBMMDuoPfKnUHxETwyDqTJXImrJSqVdLzYFRRQvGh0U30J0p+TqB /LslzJ+4m6X2CUXlqUINN+i5bC8CZrzykevImqNdkCXNqIZHDcLwsf6pT+wCJ4u3 9ihLeIV5kbKPsABh0Q/8r+gYCiML/Bw+slI0eRQE7lVpC4ys+AxDrFM= -----END CERTIFICATE-----Generated at Mon Oct 20 10:39:32 2025 by rpki-client