$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/2858C74CC23A557C73F59051B7FE8638AA491C94.cer File: 2858C74CC23A557C73F59051B7FE8638AA491C94.cer (raw, json) Hash identifier: vCGnWCeO0U+JsyDJo7mKgt869kNy6S0SylpFqPz5dwg= Subject key identifier: 28:58:C7:4C:C2:3A:55:7C:73:F5:90:51:B7:FE:86:38:AA:49:1C:94 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1A50F5815B27DA4AA94C749FE20350AFFE028A96 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft caRepository: rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 28 Jul 2025 01:36:31 +0000 Certificate not after: Mon 27 Jul 2026 01:41:31 +0000 Subordinate resources: IP: 103.50.128.0/22 IP: 2400:6f20::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Aug 2025 11:16:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:50:f5:81:5b:27:da:4a:a9:4c:74:9f:e2:03:50:af:fe:02:8a:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 28 01:36:31 2025 GMT Not After : Jul 27 01:41:31 2026 GMT Subject: CN=2858C74CC23A557C73F59051B7FE8638AA491C94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:1a:84:45:e4:5f:a2:4d:49:43:05:0a:2f:b7: 9a:02:0a:4a:7f:53:8b:bb:14:bc:2c:ac:c6:af:db: d6:56:fb:33:05:b2:f8:95:a9:58:15:43:61:b6:b3: 4d:e0:db:fc:11:20:cb:55:fe:04:a3:98:cc:4e:fb: 25:76:d8:2c:92:3e:79:c2:d0:b1:ed:ac:3e:32:05: 4b:cc:20:07:ef:3a:c6:a0:bc:01:24:20:37:b9:9c: 36:3a:da:60:6a:b0:fc:5f:b4:56:d8:fa:9c:7c:7c: 38:22:77:29:84:2f:35:ab:3a:19:bb:a3:79:d6:40: 78:ef:5e:7e:22:3b:81:40:74:53:2f:18:4e:e4:17: 69:ca:16:a1:4f:a5:99:26:af:3f:2d:c5:59:d4:04: fd:f5:96:99:ce:27:42:e6:fb:40:36:d6:94:0c:f8: 10:58:71:71:a4:b5:d5:98:5e:95:2c:a0:72:9b:86: 66:e3:96:8f:5d:56:d9:87:7c:24:2a:a8:c7:31:7d: b5:04:77:30:5c:1a:10:28:63:47:14:b6:d4:79:54: 58:01:6b:8e:f4:a1:c8:ad:cf:e7:26:2e:39:f8:82: 5d:04:25:77:8b:34:ba:a3:d3:97:f2:6f:ed:00:e7: 09:93:98:b0:10:bf:17:89:a8:dc:4a:d5:13:99:f7: 1c:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 28:58:C7:4C:C2:3A:55:7C:73:F5:90:51:B7:FE:86:38:AA:49:1C:94 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/59cef8b0-ba64-4c0c-8de8-1f50a85d5fde/0/2858C74CC23A557C73F59051B7FE8638AA491C94.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.50.128.0/22 IPv6: 2400:6f20::/32 Signature Algorithm: sha256WithRSAEncryption 7c:b7:44:dd:20:5f:be:45:0f:a1:d1:04:c9:ff:fd:68:59:64: 9d:96:da:89:61:b7:ed:07:19:ea:2c:a0:5e:85:6b:f6:44:99: 00:5e:33:1f:44:e7:5e:e3:d7:bb:64:a9:63:38:c0:f9:a7:db: c4:a9:fd:26:72:30:e0:93:32:6f:2e:75:e5:14:39:64:4b:d4: 54:62:57:86:cd:24:cb:c0:3b:76:f0:9d:33:f0:80:0e:50:ba: ef:c1:67:92:e9:d7:24:49:20:e3:86:2e:73:33:13:14:cd:d8: 6d:0c:c7:2f:6f:60:5f:83:6b:14:52:44:4a:61:11:e5:72:30: 72:ce:31:ba:cd:fe:8e:d2:0d:20:2d:cf:44:1b:83:ab:5e:44: be:47:4c:19:5f:38:e9:eb:29:4e:f6:cc:58:00:78:a0:e6:3d: 3a:5b:98:fd:60:8d:f8:b9:80:32:13:3b:65:12:f6:08:de:81: 4e:4c:f1:98:20:98:de:63:bf:4b:5e:22:2d:87:c1:fc:6f:2c: 50:18:a5:44:22:e3:7f:4d:ab:b3:1b:a5:e4:68:a2:75:04:10: 3e:db:0d:71:4e:56:32:ba:77:a7:75:d4:f0:3b:6e:8a:90:58: 4d:5c:78:3b:56:42:d9:b5:08:ea:c1:54:a7:8c:b6:02:51:6d: 71:7f:26:1b -----BEGIN CERTIFICATE----- MIIF1DCCBLygAwIBAgIUGlD1gVsn2kqpTHSf4gNQr/4CipYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcyODAxMzYzMVoX DTI2MDcyNzAxNDEzMVowMzExMC8GA1UEAxMoMjg1OEM3NENDMjNBNTU3QzczRjU5 MDUxQjdGRTg2MzhBQTQ5MUM5NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKsahEXkX6JNSUMFCi+3mgIKSn9Ti7sUvCysxq/b1lb7MwWy+JWpWBVDYbaz TeDb/BEgy1X+BKOYzE77JXbYLJI+ecLQse2sPjIFS8wgB+86xqC8ASQgN7mcNjra YGqw/F+0Vtj6nHx8OCJ3KYQvNas6GbujedZAeO9efiI7gUB0Uy8YTuQXacoWoU+l mSavPy3FWdQE/fWWmc4nQub7QDbWlAz4EFhxcaS11ZhelSygcpuGZuOWj11W2Yd8 JCqoxzF9tQR3MFwaEChjRxS21HlUWAFrjvShyK3P5yYuOfiCXQQld4s0uqPTl/Jv 7QDnCZOYsBC/F4mo3ErVE5n3HIMCAwEAAaOCAscwggLDMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFChYx0zCOlV8c/WQUbf+hjiqSRyUMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by81OWNlZjhiMC1iYTY0LTRjMGMtOGRlOC0xZjUwYTg1ZDVmZGUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU5Y2VmOGIw LWJhNjQtNGMwYy04ZGU4LTFmNTBhODVkNWZkZS8wLzI4NThDNzRDQzIzQTU1N0M3 M0Y1OTA1MUI3RkU4NjM4QUE0OTFDOTQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYD BAJnMoAwDQQCAAIwBwMFACQAbyAwDQYJKoZIhvcNAQELBQADggEBAHy3RN0gX75F D6HRBMn//WhZZJ2W2olht+0HGeosoF6Fa/ZEmQBeMx9E517j17tkqWM4wPmn28Sp /SZyMOCTMm8udeUUOWRL1FRiV4bNJMvAO3bwnTPwgA5Quu/BZ5Lp1yRJIOOGLnMz ExTN2G0Mxy9vYF+DaxRSREphEeVyMHLOMbrN/o7SDSAtz0Qbg6teRL5HTBlfOOnr KU72zFgAeKDmPTpbmP1gjfi5gDITO2US9gjegU5M8ZggmN5jv0teIi2HwfxvLFAY pUQi439Nq7MbpeRoonUEED7bDXFOVjK6d6d11PA7boqQWE1ceDtWQtm1COrBVKeM tgJRbXF/Jhs= -----END CERTIFICATE-----Generated at Sat Aug 23 07:17:13 2025 by rpki-client