This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer File: 3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.cer (raw, json) Hash identifier: Wr3E1oImUyjdtm5TNs52/I37oqe/DCeNbFmUG37i4tA= Subject key identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5F8B6DB557A9F2033246526A238F73AF70C71B67 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft caRepository: rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 22 Jan 2026 15:10:18 +0000 Certificate not after: Thu 21 Jan 2027 15:15:18 +0000 Subordinate resources: IP: 120.29.224.0/21 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 28 Jan 2026 14:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:8b:6d:b5:57:a9:f2:03:32:46:52:6a:23:8f:73:af:70:c7:1b:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 22 15:10:18 2026 GMT Not After : Jan 21 15:15:18 2027 GMT Subject: CN=3E66628C03CAB8C6D6FCDEDBE0700557A35B0251 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:79:54:dc:07:68:c4:cc:99:6d:85:47:ea:bd: fa:29:f0:30:57:d5:81:14:3e:9f:27:81:be:64:27: aa:7d:45:f4:99:c8:e3:5a:4f:18:71:b4:84:54:b5: a9:5e:7a:12:44:cb:50:5b:93:23:33:10:13:d4:8f: 9c:81:8a:21:8d:6c:aa:52:e9:e8:ea:19:a5:bf:20: b2:07:c2:12:3c:dc:55:f4:75:5c:8b:4f:40:95:62: 59:14:52:2c:80:bb:7f:5b:ad:57:af:75:fd:a8:df: 70:e3:22:dc:c6:08:32:43:ed:36:23:dd:66:ba:0d: 0f:89:94:bc:73:b5:d7:55:a0:1f:7f:ae:94:26:81: 89:80:22:18:a3:45:73:09:3a:4e:ea:c9:c7:25:bf: df:1b:71:48:ae:f9:bc:55:06:8c:c8:ac:47:52:98: e5:ac:c5:85:70:b5:6e:30:51:63:12:95:68:a1:fe: ba:47:ad:03:8e:fd:89:b9:73:7a:4a:c8:d0:a9:22: d6:6a:0b:90:31:94:81:af:52:ce:13:4d:99:c8:b5: dd:72:aa:35:02:29:37:ed:96:72:60:09:43:73:e3: 7a:c5:f3:97:71:a9:c5:5e:85:3c:78:94:fb:9d:f2: fc:4a:29:46:d4:b1:0e:73:9c:42:2c:a6:a6:0a:a9: 27:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3E:66:62:8C:03:CA:B8:C6:D6:FC:DE:DB:E0:70:05:57:A3:5B:02:51 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/221c9cad-c3b9-45a0-beb6-bce48e2b2272/0/3E66628C03CAB8C6D6FCDEDBE0700557A35B0251.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 120.29.224.0/21 Signature Algorithm: sha256WithRSAEncryption 53:9d:0c:68:7a:99:bc:63:23:db:78:d2:9c:b8:aa:a7:22:0c: 50:ec:8d:e2:22:8f:19:20:96:ca:d4:ae:57:3b:a9:8e:a5:18: cf:d3:2c:10:2b:78:24:7d:26:5a:80:75:05:03:63:44:f2:f6: dc:d5:67:38:30:a2:f3:45:eb:f3:9b:be:65:00:49:9b:52:0f: 77:ef:8c:30:93:36:19:fc:60:c0:39:1d:92:a4:d5:60:ba:ee: 40:f4:94:8e:eb:fb:b5:14:1b:c1:dd:be:20:2a:ce:1a:59:78: 1c:54:61:95:b3:86:62:60:80:db:3f:9c:41:29:4e:85:38:80: cb:f8:60:82:cd:06:61:f7:18:7e:32:49:a6:7b:6c:cd:f9:ca: 1c:62:a6:55:b2:cf:0b:b1:98:2b:8d:7d:fa:15:b8:0f:80:e8: ab:94:bb:20:80:e2:45:16:53:7b:f1:9d:16:55:c6:14:c4:16: 78:20:06:9e:93:be:4b:0a:19:e9:35:93:ea:42:4b:d2:ef:ee: 1a:6c:f8:dc:60:a3:10:61:92:bd:40:98:12:c1:2b:36:e0:3a: cf:55:3f:6e:7e:94:08:72:14:06:35:f4:95:29:b9:9b:bd:ba: ca:e7:a3:31:7e:1e:18:3e:b7:02:91:77:ea:07:2c:2d:7d:3e: 09:74:15:61 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUX4tttVep8gMyRlJqI49zr3DHG2cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDEyMjE1MTAxOFoX DTI3MDEyMTE1MTUxOFowMzExMC8GA1UEAxMoM0U2NjYyOEMwM0NBQjhDNkQ2RkNE RURCRTA3MDA1NTdBMzVCMDI1MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANF5VNwHaMTMmW2FR+q9+inwMFfVgRQ+nyeBvmQnqn1F9JnI41pPGHG0hFS1 qV56EkTLUFuTIzMQE9SPnIGKIY1sqlLp6OoZpb8gsgfCEjzcVfR1XItPQJViWRRS LIC7f1utV691/ajfcOMi3MYIMkPtNiPdZroND4mUvHO111WgH3+ulCaBiYAiGKNF cwk6TurJxyW/3xtxSK75vFUGjMisR1KY5azFhXC1bjBRYxKVaKH+uketA479iblz ekrI0Kki1moLkDGUga9SzhNNmci13XKqNQIpN+2WcmAJQ3PjesXzl3GpxV6FPHiU +53y/EopRtSxDnOcQiympgqpJwECAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFD5mYowDyrjG1vze2+BwBVejWwJRMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8yMjFjOWNhZC1jM2I5LTQ1YTAtYmViNi1iY2U0OGUyYjIyNzIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIyMWM5Y2Fk LWMzYjktNDVhMC1iZWI2LWJjZTQ4ZTJiMjI3Mi8wLzNFNjY2MjhDMDNDQUI4QzZE NkZDREVEQkUwNzAwNTU3QTM1QjAyNTEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAN4HeAwDQYJKoZIhvcNAQELBQADggEBAFOdDGh6mbxjI9t40py4qqciDFDsjeIi jxkglsrUrlc7qY6lGM/TLBAreCR9JlqAdQUDY0Ty9tzVZzgwovNF6/ObvmUASZtS D3fvjDCTNhn8YMA5HZKk1WC67kD0lI7r+7UUG8HdviAqzhpZeBxUYZWzhmJggNs/ nEEpToU4gMv4YILNBmH3GH4ySaZ7bM35yhxiplWyzwuxmCuNffoVuA+A6KuUuyCA 4kUWU3vxnRZVxhTEFnggBp6TvksKGek1k+pCS9Lv7hps+NxgoxBhkr1AmBLBKzbg Os9VP25+lAhyFAY19JUpuZu9usrnozF+Hhg+twKRd+oHLC19Pgl0FWE= -----END CERTIFICATE-----Generated at Sun Jan 25 15:54:58 2026 by rpki-client