$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/233AF26D7DAE6C359EB03AD5C6FB4B4E05DDF23D.cer File: 233AF26D7DAE6C359EB03AD5C6FB4B4E05DDF23D.cer (raw, json) Hash identifier: kmUCDv41F4wHbN4H8zoxd2ATUQ1DQ70sGJm4tK9guHQ= Subject key identifier: 23:3A:F2:6D:7D:AE:6C:35:9E:B0:3A:D5:C6:FB:4B:4E:05:DD:F2:3D Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1471A306DCB3D31CF34753998CF68A8CF50FD264 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/c55eac97-31b5-4f33-82f4-5241470cbbbe/0/233AF26D7DAE6C359EB03AD5C6FB4B4E05DDF23D.mft caRepository: rsync://repo-rpki.idnic.net/repo/c55eac97-31b5-4f33-82f4-5241470cbbbe/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 02 Jun 2025 23:14:17 +0000 Certificate not after: Mon 01 Jun 2026 23:19:17 +0000 Subordinate resources: IP: 202.165.32.0/20 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 02 Jul 2025 07:23:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:71:a3:06:dc:b3:d3:1c:f3:47:53:99:8c:f6:8a:8c:f5:0f:d2:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 2 23:14:17 2025 GMT Not After : Jun 1 23:19:17 2026 GMT Subject: CN=233AF26D7DAE6C359EB03AD5C6FB4B4E05DDF23D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:c9:d3:24:15:8a:e6:d2:03:80:02:86:71:3f: 75:ed:a6:1c:06:21:8e:43:41:26:2f:2d:79:14:66: b4:d4:48:d4:42:17:e1:76:d2:b5:02:12:44:3c:6a: 74:54:7f:80:11:6d:48:c7:9a:0a:25:fb:20:0f:df: 6b:6c:88:6a:2b:ce:df:7d:3d:30:50:9d:92:e6:9c: 40:e2:44:46:f0:58:fd:92:14:e8:d6:fb:cc:90:b9: c9:14:6b:93:7c:4d:56:17:ec:c2:fc:d0:95:a7:a4: 42:e3:38:d9:58:a2:94:40:bf:14:be:d8:d9:21:21: f4:50:41:29:0a:b8:f7:c4:4b:67:de:17:23:3c:26: 05:fb:01:6c:a8:3f:8a:a6:59:a1:74:e2:ec:2b:dd: 14:61:69:d1:f8:78:6e:7d:ee:07:6c:16:99:a2:76: fc:09:36:0a:1f:7d:71:24:43:de:11:3b:c5:41:ea: 22:83:a5:12:0f:c1:8a:ef:67:45:bd:a3:48:75:24: 32:f2:88:78:bd:ce:33:50:38:35:96:5e:f6:2a:b0: 2f:d4:b3:19:1e:94:0d:d8:73:a5:3b:cd:f0:38:f0: 77:ef:8e:0f:e1:6b:f9:28:e3:cc:85:9a:8b:de:56: 06:6a:03:f9:32:dd:e6:9e:ba:2a:19:b7:67:34:58: 69:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 23:3A:F2:6D:7D:AE:6C:35:9E:B0:3A:D5:C6:FB:4B:4E:05:DD:F2:3D X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/c55eac97-31b5-4f33-82f4-5241470cbbbe/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/c55eac97-31b5-4f33-82f4-5241470cbbbe/0/233AF26D7DAE6C359EB03AD5C6FB4B4E05DDF23D.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.165.32.0/20 Signature Algorithm: sha256WithRSAEncryption 10:9a:8f:87:16:52:b2:65:47:0c:3a:07:7c:74:fd:09:14:94: f3:2f:4c:85:0c:34:9b:ba:3b:41:93:87:13:cd:e2:fd:13:ce: 9d:21:50:0c:66:ad:43:b7:f1:8e:98:22:39:cb:25:fb:ea:11: 7a:15:21:e6:89:30:6b:75:b6:c0:ed:25:94:3e:6c:3e:c1:e3: 2e:9d:bf:7c:e0:52:14:00:0c:ff:fc:1c:bf:86:3d:86:be:6f: 64:e2:79:22:13:24:0f:e4:03:49:0e:65:21:6a:9a:f8:6a:9e: bf:0e:81:db:07:99:16:46:52:1e:3b:d6:07:8b:2d:28:99:6f: 55:6f:18:16:9e:db:d7:0d:0e:90:6f:d2:f2:9d:8e:84:52:af: ca:f2:cc:a0:5e:48:1a:c7:f4:a1:5b:f6:e4:85:78:8c:7b:85: 7f:47:d5:cd:dd:a1:bb:86:d4:69:b7:41:00:db:06:88:f8:c2: 05:c3:55:09:f2:49:18:f3:80:e0:ab:70:de:96:a3:b9:ba:3b: b3:c6:eb:49:a5:77:3a:db:b3:b4:0d:ac:1e:1e:51:33:90:21: df:50:d5:18:b0:de:3b:21:c8:8e:08:d7:74:48:71:23:99:51: b7:72:3b:1c:01:50:c1:61:94:b5:2b:09:68:74:19:bf:b8:15: d4:b7:76:6a -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUFHGjBtyz0xzzR1OZjPaKjPUP0mQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwMjIzMTQxN1oX DTI2MDYwMTIzMTkxN1owMzExMC8GA1UEAxMoMjMzQUYyNkQ3REFFNkMzNTlFQjAz QUQ1QzZGQjRCNEUwNURERjIzRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM7J0yQViubSA4AChnE/de2mHAYhjkNBJi8teRRmtNRI1EIX4XbStQISRDxq dFR/gBFtSMeaCiX7IA/fa2yIaivO3309MFCdkuacQOJERvBY/ZIU6Nb7zJC5yRRr k3xNVhfswvzQlaekQuM42ViilEC/FL7Y2SEh9FBBKQq498RLZ94XIzwmBfsBbKg/ iqZZoXTi7CvdFGFp0fh4bn3uB2wWmaJ2/Ak2Ch99cSRD3hE7xUHqIoOlEg/Biu9n Rb2jSHUkMvKIeL3OM1A4NZZe9iqwL9SzGR6UDdhzpTvN8Djwd++OD+Fr+SjjzIWa i95WBmoD+TLd5p66Khm3ZzRYaWsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCM68m19rmw1nrA61cb7S04F3fI9MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9jNTVlYWM5Ny0zMWI1LTRmMzMtODJmNC01MjQxNDcwY2JiYmUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M1NWVhYzk3 LTMxYjUtNGYzMy04MmY0LTUyNDE0NzBjYmJiZS8wLzIzM0FGMjZEN0RBRTZDMzU5 RUIwM0FENUM2RkI0QjRFMDVEREYyM0QubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BATKpSAwDQYJKoZIhvcNAQELBQADggEBABCaj4cWUrJlRww6B3x0/QkUlPMvTIUM NJu6O0GThxPN4v0Tzp0hUAxmrUO38Y6YIjnLJfvqEXoVIeaJMGt1tsDtJZQ+bD7B 4y6dv3zgUhQADP/8HL+GPYa+b2TieSITJA/kA0kOZSFqmvhqnr8OgdsHmRZGUh47 1geLLSiZb1VvGBae29cNDpBv0vKdjoRSr8ryzKBeSBrH9KFb9uSFeIx7hX9H1c3d obuG1Gm3QQDbBoj4wgXDVQnySRjzgOCrcN6Wo7m6O7PG60mldzrbs7QNrB4eUTOQ Id9Q1Riw3jshyI4I13RIcSOZUbdyOxwBUMFhlLUrCWh0Gb+4FdS3dmo= -----END CERTIFICATE-----Generated at Sun Jun 29 12:51:36 2025 by rpki-client