$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.cer File: D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.cer (raw, json) Hash identifier: B3yWYxEPsEf3FUnNAzpW1+dz7gHG6D5XC5eWX+DyGyY= Subject key identifier: D0:FF:6F:09:3D:0D:EA:FB:5C:B4:2A:93:43:3F:A2:39:C9:03:EA:C0 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 56D7176777DDC026F815CF94001E546F618B2F72 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/67f9f562-7292-44f1-8e2c-440a0531c396/0/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.mft caRepository: rsync://repo-rpki.idnic.net/repo/67f9f562-7292-44f1-8e2c-440a0531c396/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 19 Mar 2026 21:21:27 +0000 Certificate not after: Thu 18 Mar 2027 21:26:27 +0000 Subordinate resources: IP: 103.161.202.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 29 Mar 2026 16:25:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:d7:17:67:77:dd:c0:26:f8:15:cf:94:00:1e:54:6f:61:8b:2f:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 19 21:21:27 2026 GMT Not After : Mar 18 21:26:27 2027 GMT Subject: CN=D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:18:9b:fa:a6:af:f0:85:9a:be:14:6a:2c:d8: c2:45:f3:3b:70:cd:71:8e:ca:d8:57:f0:5d:65:33: ef:60:e3:60:d7:ec:4a:43:5e:c0:1d:bd:70:e7:82: 03:2b:96:44:64:c5:99:ac:b2:5d:5d:99:37:78:ac: ab:05:b9:f7:b8:e2:d1:d6:75:ac:a3:69:c8:11:1e: 9e:b8:4a:cf:f5:8c:a8:55:00:09:66:72:98:98:9f: 97:10:d9:9c:b9:5e:af:4c:7f:c7:45:6b:a9:9a:24: 85:2e:b0:9b:a6:77:4e:b7:fd:0b:8f:47:ca:f6:5f: 90:db:05:c9:67:02:00:05:ad:87:61:b7:2d:54:24: 09:c0:ca:8a:36:97:22:39:a8:83:d4:da:b2:3a:e9: 3a:04:fd:86:fa:63:20:af:cf:cf:60:64:9c:03:ca: e9:6b:c5:6f:11:a9:f0:82:d8:a0:56:27:d1:4b:f7: 6d:ec:55:37:4a:e9:05:3f:89:cc:19:e7:0c:6b:22: 34:df:bd:ca:3b:21:37:5f:43:2e:b1:28:97:38:28: 28:54:f0:8f:46:02:90:e7:44:15:46:f4:1c:ff:eb: 08:87:0b:79:85:d6:41:9c:42:09:25:e4:6a:30:7a: 0a:81:99:21:27:53:90:b6:af:68:ce:4b:00:7c:e4: 17:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D0:FF:6F:09:3D:0D:EA:FB:5C:B4:2A:93:43:3F:A2:39:C9:03:EA:C0 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/67f9f562-7292-44f1-8e2c-440a0531c396/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/67f9f562-7292-44f1-8e2c-440a0531c396/0/D0FF6F093D0DEAFB5CB42A93433FA239C903EAC0.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.161.202.0/23 Signature Algorithm: sha256WithRSAEncryption 21:ff:65:bf:d5:f8:d0:80:28:99:76:85:83:70:47:e5:b0:cd: 72:c9:1a:36:1c:e0:ca:fe:67:c0:a3:15:07:de:ee:c5:1d:29: 70:b4:3a:42:64:49:80:0f:67:68:27:4d:a2:63:ac:39:4d:da: 4b:a6:c5:40:3a:24:7c:89:40:85:03:b3:b3:86:18:17:e0:11: e5:ee:da:4c:20:6e:c1:57:ab:50:83:36:0b:a8:c8:16:6f:13: 39:f6:94:3c:36:7c:53:06:57:55:1b:a3:5c:1f:17:a8:0d:2a: 86:24:12:e9:5d:34:b8:5a:d8:dc:a4:b1:08:b5:ce:90:cc:ca: d5:96:5b:33:7a:dd:ae:01:f8:f1:bf:4b:6e:94:76:c4:12:c7: 54:e2:50:64:cb:95:98:bd:5f:98:16:61:91:cd:ed:60:71:af: 69:1c:8a:b2:a4:16:1f:c0:0c:c6:f7:db:7d:61:f3:25:5f:23: 5e:e8:db:8c:33:8c:9a:53:91:25:30:2e:8e:38:30:d0:0e:c5: bf:7f:f9:6e:fa:fe:7a:a6:da:d6:04:0c:89:b3:17:bb:78:d9: 19:c6:9f:87:a8:61:b8:d9:a8:35:8f:04:45:e6:5f:43:ee:93: af:a4:d3:89:92:4e:61:fc:7a:df:0e:62:51:41:69:14:df:76: 98:24:16:92 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUVtcXZ3fdwCb4Fc+UAB5Ub2GLL3IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDMxOTIxMjEyN1oX DTI3MDMxODIxMjYyN1owMzExMC8GA1UEAxMoRDBGRjZGMDkzRDBERUFGQjVDQjQy QTkzNDMzRkEyMzlDOTAzRUFDMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM0Ym/qmr/CFmr4UaizYwkXzO3DNcY7K2FfwXWUz72DjYNfsSkNewB29cOeC AyuWRGTFmayyXV2ZN3isqwW597ji0dZ1rKNpyBEenrhKz/WMqFUACWZymJiflxDZ nLler0x/x0VrqZokhS6wm6Z3Trf9C49HyvZfkNsFyWcCAAWth2G3LVQkCcDKijaX Ijmog9TasjrpOgT9hvpjIK/Pz2BknAPK6WvFbxGp8ILYoFYn0Uv3bexVN0rpBT+J zBnnDGsiNN+9yjshN19DLrEolzgoKFTwj0YCkOdEFUb0HP/rCIcLeYXWQZxCCSXk ajB6CoGZISdTkLavaM5LAHzkFzMCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFND/bwk9Der7XLQqk0M/ojnJA+rAMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by82N2Y5ZjU2Mi03MjkyLTQ0ZjEtOGUyYy00NDBhMDUzMWMzOTYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY3ZjlmNTYy LTcyOTItNDRmMS04ZTJjLTQ0MGEwNTMxYzM5Ni8wL0QwRkY2RjA5M0QwREVBRkI1 Q0I0MkE5MzQzM0ZBMjM5QzkwM0VBQzAubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnocowDQYJKoZIhvcNAQELBQADggEBACH/Zb/V+NCAKJl2hYNwR+WwzXLJGjYc 4Mr+Z8CjFQfe7sUdKXC0OkJkSYAPZ2gnTaJjrDlN2kumxUA6JHyJQIUDs7OGGBfg EeXu2kwgbsFXq1CDNguoyBZvEzn2lDw2fFMGV1Ubo1wfF6gNKoYkEuldNLha2Nyk sQi1zpDMytWWWzN63a4B+PG/S26UdsQSx1TiUGTLlZi9X5gWYZHN7WBxr2kcirKk Fh/ADMb3231h8yVfI17o24wzjJpTkSUwLo44MNAOxb9/+W76/nqm2tYEDImzF7t4 2RnGn4eoYbjZqDWPBEXmX0Puk6+k04mSTmH8et8OYlFBaRTfdpgkFpI= -----END CERTIFICATE-----Generated at Thu Mar 26 09:57:33 2026 by rpki-client