$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/29CF00DB5C2109C4B5090935368C9AC57C5BD2A4.cer File: 29CF00DB5C2109C4B5090935368C9AC57C5BD2A4.cer (raw, json) Hash identifier: ffB/5ussoYlNzx3KKiU3GRplf90H3xUIaTaLYGW37XE= Subject key identifier: 29:CF:00:DB:5C:21:09:C4:B5:09:09:35:36:8C:9A:C5:7C:5B:D2:A4 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 20B3CECC69B0BDB3CF57FA32EB3600C5D5234F9D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/7a22b4e2-26f6-41e8-8910-206bea783db9/0/29CF00DB5C2109C4B5090935368C9AC57C5BD2A4.mft caRepository: rsync://repo-rpki.idnic.net/repo/7a22b4e2-26f6-41e8-8910-206bea783db9/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 29 Apr 2025 06:29:29 +0000 Certificate not after: Tue 28 Apr 2026 06:34:29 +0000 Subordinate resources: IP: 103.191.176.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 14 May 2025 21:08:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:b3:ce:cc:69:b0:bd:b3:cf:57:fa:32:eb:36:00:c5:d5:23:4f:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Apr 29 06:29:29 2025 GMT Not After : Apr 28 06:34:29 2026 GMT Subject: CN=29CF00DB5C2109C4B5090935368C9AC57C5BD2A4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:fd:e1:6a:4a:46:c9:ca:b1:fe:24:3e:d6:1e: cd:89:50:ff:ce:ba:bd:df:24:de:6c:eb:f3:ff:5d: b2:c1:4b:da:de:ff:cc:8b:a2:ac:11:90:46:dc:16: e9:86:7d:0b:f6:1b:09:89:df:6a:34:54:ee:df:9e: 06:0d:0d:a3:88:40:54:ad:8c:d5:9c:fd:e3:e9:3c: 0d:8a:c3:a9:37:3b:10:d4:46:e1:07:8a:16:7f:18: c6:96:e6:d2:fa:88:b3:46:76:ea:ee:88:e8:ca:72: ef:a0:be:34:3e:d8:95:ff:b4:e7:07:5e:99:61:bf: 20:8c:79:61:2f:9d:95:26:1e:51:6a:0f:5e:c9:03: 56:45:d7:f2:79:a9:3e:57:f3:bf:17:ff:5f:06:6f: 73:b8:d1:6b:5b:a7:5b:9b:d7:21:78:50:ba:99:c2: 3a:27:8d:e5:16:2e:29:a0:1a:9b:e1:2e:d7:3e:06: 0b:57:d9:2e:3e:d1:ed:54:8a:ad:92:da:c1:cf:14: e4:dc:3c:f9:fb:05:62:a4:c6:6a:58:1f:7e:7b:65: 57:99:ff:75:d6:5c:fe:0b:a1:65:5d:0c:12:4e:d2: dc:6b:94:f0:da:ae:82:e8:a5:4f:1a:1f:74:0f:ba: 5a:7e:92:0a:b0:8b:22:e6:c5:dd:f8:d6:54:b8:95: 93:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 29:CF:00:DB:5C:21:09:C4:B5:09:09:35:36:8C:9A:C5:7C:5B:D2:A4 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/7a22b4e2-26f6-41e8-8910-206bea783db9/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/7a22b4e2-26f6-41e8-8910-206bea783db9/0/29CF00DB5C2109C4B5090935368C9AC57C5BD2A4.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.191.176.0/23 Signature Algorithm: sha256WithRSAEncryption 2f:11:db:84:46:b1:df:02:2f:15:e2:89:db:3b:f9:fe:ad:21: 74:f6:74:67:e6:ac:9d:d8:e1:b7:d0:45:fe:01:27:8b:a0:ab: 20:e0:11:4c:70:e5:44:35:16:56:1d:00:de:c9:53:be:b2:b7: 02:9b:99:7b:b7:e1:1e:53:07:ff:39:ee:2c:88:52:0b:b5:96: 2c:5d:5a:c6:b0:71:75:6f:3e:2b:d8:54:53:9a:a2:1f:f2:21: 4c:d0:9f:0f:6c:70:63:b9:bd:44:ef:34:a5:23:8f:a1:3a:53: 36:8c:81:7a:9d:32:9a:5a:fd:4e:9a:a7:e4:0f:5a:ef:8a:9d: cc:fa:32:e9:2e:e5:e5:81:66:80:c4:81:58:eb:1a:fe:98:a9: bd:9e:1d:0e:54:14:6f:9b:4c:ab:c6:be:2f:c4:68:cf:b9:46: 79:24:c8:8d:76:e2:81:2c:15:1e:14:a6:13:42:7f:40:82:1d: 7b:ef:a8:60:aa:5a:4d:02:df:f9:59:5e:ea:f8:58:1d:44:f5: 22:c8:39:c5:7b:e4:a5:2b:6a:cc:94:bd:6a:6c:ad:a3:88:75: e4:6c:8f:cc:c4:b2:87:ff:2f:78:5a:e6:6e:d6:4e:ea:6f:81: 40:5a:cc:33:f1:27:c4:f3:19:e0:d8:51:c9:80:a8:bc:17:81: 14:76:ed:17 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUILPOzGmwvbPPV/oy6zYAxdUjT50wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDQyOTA2MjkyOVoX DTI2MDQyODA2MzQyOVowMzExMC8GA1UEAxMoMjlDRjAwREI1QzIxMDlDNEI1MDkw OTM1MzY4QzlBQzU3QzVCRDJBNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL394WpKRsnKsf4kPtYezYlQ/866vd8k3mzr8/9dssFL2t7/zIuirBGQRtwW 6YZ9C/YbCYnfajRU7t+eBg0No4hAVK2M1Zz94+k8DYrDqTc7ENRG4QeKFn8Yxpbm 0vqIs0Z26u6I6Mpy76C+ND7Ylf+05wdemWG/IIx5YS+dlSYeUWoPXskDVkXX8nmp Plfzvxf/XwZvc7jRa1unW5vXIXhQupnCOieN5RYuKaAam+Eu1z4GC1fZLj7R7VSK rZLawc8U5Nw8+fsFYqTGalgffntlV5n/ddZc/guhZV0MEk7S3GuU8NquguilTxof dA+6Wn6SCrCLIubF3fjWVLiVk/0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCnPANtcIQnEtQkJNTaMmsV8W9KkMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83YTIyYjRlMi0yNmY2LTQxZTgtODkxMC0yMDZiZWE3ODNkYjkvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdhMjJiNGUy LTI2ZjYtNDFlOC04OTEwLTIwNmJlYTc4M2RiOS8wLzI5Q0YwMERCNUMyMTA5QzRC NTA5MDkzNTM2OEM5QUM1N0M1QkQyQTQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnv7AwDQYJKoZIhvcNAQELBQADggEBAC8R24RGsd8CLxXiids7+f6tIXT2dGfm rJ3Y4bfQRf4BJ4ugqyDgEUxw5UQ1FlYdAN7JU76ytwKbmXu34R5TB/857iyIUgu1 lixdWsawcXVvPivYVFOaoh/yIUzQnw9scGO5vUTvNKUjj6E6UzaMgXqdMppa/U6a p+QPWu+Kncz6Muku5eWBZoDEgVjrGv6Yqb2eHQ5UFG+bTKvGvi/EaM+5RnkkyI12 4oEsFR4UphNCf0CCHXvvqGCqWk0C3/lZXur4WB1E9SLIOcV75KUrasyUvWpsraOI deRsj8zEsof/L3ha5m7WTupvgUBazDPxJ8TzGeDYUcmAqLwXgRR27Rc= -----END CERTIFICATE-----Generated at Sun May 11 22:02:10 2025 by rpki-client