$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.cer File: D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.cer (raw, json) Hash identifier: UqGJREAsgsKUM+Ky0nAIcPGwvhk+8t10UQ5kenDwO1U= Subject key identifier: D2:8B:A9:D5:E3:21:93:DE:E2:9E:B4:C1:94:4F:35:FC:32:D8:B1:9B Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 73F064FD623651F7FEBC456A1E280871855D769F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/25e2415c-7d4f-4427-832d-59b4c79aae5a/0/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.mft caRepository: rsync://repo-rpki.idnic.net/repo/25e2415c-7d4f-4427-832d-59b4c79aae5a/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 16 Jun 2025 00:28:08 +0000 Certificate not after: Mon 15 Jun 2026 00:33:08 +0000 Subordinate resources: IP: 103.84.200.0/23 IP: 2001:df0:3700::/48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 02 Jul 2025 07:23:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:f0:64:fd:62:36:51:f7:fe:bc:45:6a:1e:28:08:71:85:5d:76:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 16 00:28:08 2025 GMT Not After : Jun 15 00:33:08 2026 GMT Subject: CN=D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:35:d9:77:b3:14:40:ad:66:41:b4:b9:58:8d: a5:cb:4b:75:ff:2f:f8:41:d5:f2:f9:52:38:18:92: e6:37:ad:ce:fe:c5:29:ca:e0:84:0a:86:10:b6:eb: 27:64:f9:82:dd:2b:bc:f5:eb:81:e2:09:35:44:61: c1:de:95:45:fb:6a:e6:62:ed:df:b0:a8:99:7b:f5: 8b:58:84:fb:ec:a0:0b:4e:f7:b4:e4:71:68:e6:e6: c4:f0:50:a6:56:4f:ae:6e:4e:10:2c:5b:f1:e7:e7: 27:2f:ad:e2:12:a6:41:b2:44:d1:5c:f1:cd:19:4e: 18:62:76:48:f1:81:1c:c2:88:45:e6:4f:8d:43:33: f3:30:29:73:ce:3a:73:fd:7e:39:c8:ce:6f:4d:a1: 14:b9:bb:3b:e2:bd:f8:98:58:25:d0:b6:95:a6:2c: 03:7e:ef:82:88:36:8c:56:fe:98:67:85:1e:07:61: 41:51:8f:28:62:05:ac:b4:ce:56:f0:44:fd:0e:17: 41:45:c8:d7:b3:b9:43:46:1a:96:32:c9:de:df:c4: fd:4e:cd:49:73:b8:c6:ab:81:65:45:1c:dc:1b:e7: 48:11:24:93:9f:79:a0:25:13:44:8b:60:df:57:b5: dc:ac:58:cf:dd:b9:87:fc:72:c8:4f:b4:e5:e1:63: 6c:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D2:8B:A9:D5:E3:21:93:DE:E2:9E:B4:C1:94:4F:35:FC:32:D8:B1:9B X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/25e2415c-7d4f-4427-832d-59b4c79aae5a/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/25e2415c-7d4f-4427-832d-59b4c79aae5a/0/D28BA9D5E32193DEE29EB4C1944F35FC32D8B19B.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.84.200.0/23 IPv6: 2001:df0:3700::/48 Signature Algorithm: sha256WithRSAEncryption 10:d4:09:47:e3:94:78:f6:4b:d2:2d:85:1f:54:20:8e:19:db: ae:84:95:d4:a0:82:08:44:e0:10:36:c7:72:c2:41:ba:cf:c1: 0e:52:fb:34:4b:0d:2c:34:5d:c8:fd:3c:f9:5b:2d:70:ba:43: ba:ee:40:35:7b:06:ec:27:f4:93:2e:34:43:8a:90:9e:56:8a: 74:ee:65:25:57:ec:7f:d2:d6:cc:24:39:f6:d9:eb:d2:15:af: c4:d0:53:9f:25:a6:f8:76:89:96:f2:0b:e3:f7:e7:e9:01:a3: cc:0c:dc:28:c3:1b:d3:07:d3:8d:58:7e:6a:a7:64:ee:31:d9: 23:95:a4:fc:f3:b3:c9:b0:0e:d9:90:5e:57:c1:b9:bc:b6:d2: 15:59:d7:94:f5:da:4a:84:a0:bd:a5:68:33:15:67:c3:52:25: 36:0f:c3:16:82:46:40:ad:30:1d:0b:9f:d8:48:53:d9:a5:98: 4d:0a:d5:cf:55:cd:44:4f:c7:ba:e1:df:1b:0e:9c:b1:af:b2: 61:90:b8:aa:d0:ff:18:4f:26:c6:f6:14:6b:34:ea:9c:21:d9: 33:db:71:6d:3e:80:d6:5c:4b:6a:f3:9d:4d:e5:5c:70:f5:cf: fe:84:19:f4:09:5e:54:f2:1b:51:91:e6:37:95:08:33:31:3c: 67:ed:d7:81 -----BEGIN CERTIFICATE----- MIIF1jCCBL6gAwIBAgIUc/Bk/WI2Uff+vEVqHigIcYVddp8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYxNjAwMjgwOFoX DTI2MDYxNTAwMzMwOFowMzExMC8GA1UEAxMoRDI4QkE5RDVFMzIxOTNERUUyOUVC NEMxOTQ0RjM1RkMzMkQ4QjE5QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOs12XezFECtZkG0uViNpctLdf8v+EHV8vlSOBiS5jetzv7FKcrghAqGELbr J2T5gt0rvPXrgeIJNURhwd6VRftq5mLt37ComXv1i1iE++ygC073tORxaObmxPBQ plZPrm5OECxb8efnJy+t4hKmQbJE0VzxzRlOGGJ2SPGBHMKIReZPjUMz8zApc846 c/1+OcjOb02hFLm7O+K9+JhYJdC2laYsA37vgog2jFb+mGeFHgdhQVGPKGIFrLTO VvBE/Q4XQUXI17O5Q0YaljLJ3t/E/U7NSXO4xquBZUUc3BvnSBEkk595oCUTRItg 31e13KxYz925h/xyyE+05eFjbKkCAwEAAaOCAskwggLFMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNKLqdXjIZPe4p60wZRPNfwy2LGbMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8yNWUyNDE1Yy03ZDRmLTQ0MjctODMyZC01OWI0Yzc5YWFlNWEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzI1ZTI0MTVj LTdkNGYtNDQyNy04MzJkLTU5YjRjNzlhYWU1YS8wL0QyOEJBOUQ1RTMyMTkzREVF MjlFQjRDMTk0NEYzNUZDMzJEOEIxOUIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYD BAFnVMgwDwQCAAIwCQMHACABDfA3ADANBgkqhkiG9w0BAQsFAAOCAQEAENQJR+OU ePZL0i2FH1QgjhnbroSV1KCCCETgEDbHcsJBus/BDlL7NEsNLDRdyP08+VstcLpD uu5ANXsG7Cf0ky40Q4qQnlaKdO5lJVfsf9LWzCQ59tnr0hWvxNBTnyWm+HaJlvIL 4/fn6QGjzAzcKMMb0wfTjVh+aqdk7jHZI5Wk/POzybAO2ZBeV8G5vLbSFVnXlPXa SoSgvaVoMxVnw1IlNg/DFoJGQK0wHQuf2EhT2aWYTQrVz1XNRE/HuuHfGw6csa+y YZC4qtD/GE8mxvYUazTqnCHZM9txbT6A1lxLavOdTeVccPXP/oQZ9AleVPIbUZHm N5UIMzE8Z+3XgQ== -----END CERTIFICATE-----Generated at Sun Jun 29 19:12:36 2025 by rpki-client