$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/B8436ACB7CE8F8C2F57245FFE4E6BA2F52393F4D.cer File: B8436ACB7CE8F8C2F57245FFE4E6BA2F52393F4D.cer (raw, json) Hash identifier: R6lowePjz4o9JbPfgrTeDfs13RwGiUSw8SFvwyW5qGc= Subject key identifier: B8:43:6A:CB:7C:E8:F8:C2:F5:72:45:FF:E4:E6:BA:2F:52:39:3F:4D Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5AFBD360BE71A337AEB472857734F7A9F03B9210 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/ebefbf04-41be-48d7-ac00-8a3c498ca9ae/0/B8436ACB7CE8F8C2F57245FFE4E6BA2F52393F4D.mft caRepository: rsync://repo-rpki.idnic.net/repo/ebefbf04-41be-48d7-ac00-8a3c498ca9ae/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 19 Mar 2026 01:51:49 +0000 Certificate not after: Thu 18 Mar 2027 01:56:49 +0000 Subordinate resources: IP: 103.154.24.0/23 IP: 2406:5240::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 06:12:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:fb:d3:60:be:71:a3:37:ae:b4:72:85:77:34:f7:a9:f0:3b:92:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 19 01:51:49 2026 GMT Not After : Mar 18 01:56:49 2027 GMT Subject: CN=B8436ACB7CE8F8C2F57245FFE4E6BA2F52393F4D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:30:03:c5:02:81:50:a5:78:31:ce:d2:a9:6f: b7:52:82:3b:fb:37:a1:38:6b:1b:73:bd:b0:70:50: 4a:d0:9a:65:18:9e:34:0e:10:f0:c0:45:e6:0b:41: 9b:00:3b:fe:e0:e0:8d:4c:70:23:1b:a4:b8:c8:23: 66:90:da:ad:60:4c:c3:9e:fb:34:4d:3f:65:4b:1d: 42:09:14:95:aa:62:90:18:45:f6:79:d4:65:0b:0d: 0d:a0:71:93:55:09:31:c7:eb:12:77:fa:4e:f8:8f: 07:77:da:6f:b3:22:25:bc:30:87:e0:ef:f9:9c:a6: a6:21:66:4b:db:3f:a0:ca:e3:86:97:b5:8d:59:16: 94:a8:96:db:32:8b:28:e7:c8:d3:18:b2:af:35:01: 9b:f9:f0:70:eb:99:bd:78:2a:64:ce:a2:b9:20:bb: 4b:de:22:67:58:1f:38:6f:0a:51:1d:5a:4e:77:25: 6c:dc:86:66:52:1f:6f:9c:b9:ec:63:60:fa:f8:98: ed:5a:bd:fe:70:0b:86:62:6f:ce:7f:f6:5e:d9:e4: 8f:71:37:02:38:6e:63:cc:c7:c5:98:e9:72:96:1d: da:10:57:00:3f:17:42:c2:33:3d:79:3b:31:66:3e: e8:c6:cc:34:05:f0:7b:f0:b2:83:f5:ce:26:61:95: 33:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: B8:43:6A:CB:7C:E8:F8:C2:F5:72:45:FF:E4:E6:BA:2F:52:39:3F:4D X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/ebefbf04-41be-48d7-ac00-8a3c498ca9ae/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/ebefbf04-41be-48d7-ac00-8a3c498ca9ae/0/B8436ACB7CE8F8C2F57245FFE4E6BA2F52393F4D.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.154.24.0/23 IPv6: 2406:5240::/32 Signature Algorithm: sha256WithRSAEncryption 4e:7e:56:55:a9:e9:9c:32:d2:b5:84:03:57:40:91:c4:db:b5: 0f:a8:f7:1e:03:ec:2b:b6:bb:35:f4:e3:a0:91:51:da:d7:46: c9:d7:66:4a:93:4f:ac:0c:96:e8:f7:63:c0:7e:08:37:5a:89: 14:a1:4a:a2:f3:82:16:e3:2b:9b:5c:18:4b:3a:77:05:62:7e: 61:d6:b3:0f:f9:9b:0e:da:ed:1f:3b:f7:f2:45:68:8a:f1:25: 13:5e:4e:fd:39:e1:09:25:57:af:b1:8e:df:2e:ed:7b:c6:76: b8:b7:88:33:17:cb:78:94:a3:21:16:35:cf:86:35:8a:fd:e7: 5e:54:ca:b9:c3:c8:ca:4c:81:f0:67:26:9c:27:b2:4a:85:ba: c4:17:6b:3d:ae:bc:6e:2d:50:9f:3b:ec:cf:2e:2f:71:4c:fd: 21:b7:ff:0b:35:3c:28:ef:cd:35:49:df:c4:30:a0:92:7b:60: 9d:1e:81:de:dc:5b:d9:1a:b2:a8:5a:7c:42:92:bd:ef:bf:0f: cf:3a:bf:ae:76:ff:48:c6:63:c2:8c:7a:e4:9d:b8:c8:f8:76: be:85:4d:9d:7e:e8:a0:7b:6f:50:a2:2c:f1:66:99:91:e4:4a: dd:96:eb:da:bf:f7:d8:c8:3d:80:28:fc:42:18:ce:3b:81:63: ca:22:14:5d -----BEGIN CERTIFICATE----- MIIF1DCCBLygAwIBAgIUWvvTYL5xozeutHKFdzT3qfA7khAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDMxOTAxNTE0OVoX DTI3MDMxODAxNTY0OVowMzExMC8GA1UEAxMoQjg0MzZBQ0I3Q0U4RjhDMkY1NzI0 NUZGRTRFNkJBMkY1MjM5M0Y0RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALkwA8UCgVCleDHO0qlvt1KCO/s3oThrG3O9sHBQStCaZRieNA4Q8MBF5gtB mwA7/uDgjUxwIxukuMgjZpDarWBMw577NE0/ZUsdQgkUlapikBhF9nnUZQsNDaBx k1UJMcfrEnf6TviPB3fab7MiJbwwh+Dv+ZympiFmS9s/oMrjhpe1jVkWlKiW2zKL KOfI0xiyrzUBm/nwcOuZvXgqZM6iuSC7S94iZ1gfOG8KUR1aTnclbNyGZlIfb5y5 7GNg+viY7Vq9/nALhmJvzn/2Xtnkj3E3AjhuY8zHxZjpcpYd2hBXAD8XQsIzPXk7 MWY+6MbMNAXwe/Cyg/XOJmGVM+8CAwEAAaOCAscwggLDMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFLhDast86PjC9XJF/+Tmui9SOT9NMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9lYmVmYmYwNC00MWJlLTQ4ZDctYWMwMC04YTNjNDk4Y2E5YWUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ViZWZiZjA0 LTQxYmUtNDhkNy1hYzAwLThhM2M0OThjYTlhZS8wL0I4NDM2QUNCN0NFOEY4QzJG NTcyNDVGRkU0RTZCQTJGNTIzOTNGNEQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYD BAFnmhgwDQQCAAIwBwMFACQGUkAwDQYJKoZIhvcNAQELBQADggEBAE5+VlWp6Zwy 0rWEA1dAkcTbtQ+o9x4D7Cu2uzX046CRUdrXRsnXZkqTT6wMluj3Y8B+CDdaiRSh SqLzghbjK5tcGEs6dwVifmHWsw/5mw7a7R879/JFaIrxJRNeTv054QklV6+xjt8u 7XvGdri3iDMXy3iUoyEWNc+GNYr9515UyrnDyMpMgfBnJpwnskqFusQXaz2uvG4t UJ877M8uL3FM/SG3/ws1PCjvzTVJ38QwoJJ7YJ0egd7cW9kasqhafEKSve+/D886 v652/0jGY8KMeuSduMj4dr6FTZ1+6KB7b1CiLPFmmZHkSt2W69q/99jIPYAo/EIY zjuBY8oiFF0= -----END CERTIFICATE-----Generated at Thu Mar 26 04:04:44 2026 by rpki-client