$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/08683ED5C748B79A346EF705A2DCF809A31C75DF.cer File: 08683ED5C748B79A346EF705A2DCF809A31C75DF.cer (raw, json) Hash identifier: tkjRh9mSr2yqc1wjgqaBiB1N8JF+6HugmMDMGzAEp00= Subject key identifier: 08:68:3E:D5:C7:48:B7:9A:34:6E:F7:05:A2:DC:F8:09:A3:1C:75:DF Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 346BA0248BA31BC0F9C0196DB0405FBE9D1DE5A7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0/08683ED5C748B79A346EF705A2DCF809A31C75DF.mft caRepository: rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 09 Apr 2025 21:17:54 +0000 Certificate not after: Wed 08 Apr 2026 21:22:54 +0000 Subordinate resources: IP: 157.20.233.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Apr 2025 03:44:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:6b:a0:24:8b:a3:1b:c0:f9:c0:19:6d:b0:40:5f:be:9d:1d:e5:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Apr 9 21:17:54 2025 GMT Not After : Apr 8 21:22:54 2026 GMT Subject: CN=08683ED5C748B79A346EF705A2DCF809A31C75DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:04:63:ba:f5:fd:eb:7d:14:da:0c:60:3e:6c: 74:d7:e9:e8:49:c0:53:73:04:c4:74:60:8d:53:52: 59:6d:e2:2a:1a:86:74:06:36:e2:c5:01:f6:ba:ff: f1:8d:a8:97:42:b9:e8:d3:98:bb:17:d8:5b:de:ef: 68:1f:d3:07:89:bd:31:89:31:aa:45:65:9a:42:af: b4:db:67:25:66:d0:b2:03:af:c9:e7:8f:63:f0:be: 36:38:3d:5e:b7:67:0f:97:26:39:90:58:c4:f1:ca: 78:a6:82:7c:b3:5e:82:f2:75:4c:8c:e5:2b:b4:c9: 92:04:7f:aa:0b:bd:5a:a6:41:cc:69:ef:bc:5a:04: 1a:c6:23:77:67:9e:c5:c7:96:4c:a2:39:39:5e:ba: 17:fa:58:5a:01:d0:75:b6:5a:68:a6:eb:36:1e:ce: 41:b7:11:3c:c8:17:d4:1f:d8:1a:ca:c8:b3:61:56: ce:b2:8a:ad:c4:9d:94:88:22:cc:bb:3c:2a:c1:45: 6b:ee:04:c6:c6:76:17:21:64:b2:41:ab:b2:98:d6: dc:e6:f1:6b:02:68:a8:d2:2c:1f:47:e3:b9:a6:df: ac:e1:0f:a2:b4:da:01:39:42:7e:dd:0d:42:29:bb: 3e:f2:c5:46:1d:05:c5:0a:bd:42:c0:98:cb:92:88: 6a:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 08:68:3E:D5:C7:48:B7:9A:34:6E:F7:05:A2:DC:F8:09:A3:1C:75:DF X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0/08683ED5C748B79A346EF705A2DCF809A31C75DF.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.233.0/24 Signature Algorithm: sha256WithRSAEncryption 2b:79:06:a0:52:2a:36:f1:53:e2:68:65:23:e2:1e:74:75:7e: cc:76:f4:17:ba:97:e4:dc:f2:65:7a:15:bf:ba:eb:ec:9a:96: 9c:5b:a4:0f:5b:09:56:7d:ed:db:2c:83:94:ec:99:eb:f4:c9: 06:05:a1:4e:2d:a2:63:bc:e5:59:23:19:52:70:2e:85:fa:f3: f4:7e:bf:71:1e:b2:a9:25:80:73:8c:93:b1:f2:a1:d7:66:45: 9c:aa:6f:e5:08:f3:da:92:34:d4:2b:af:60:8a:ea:66:dc:82: a7:1f:d8:50:8b:bc:32:a1:03:f4:a9:f5:93:9d:5e:f6:4f:27: ca:a7:e3:26:29:b4:c2:79:4b:5e:03:cb:5c:39:e9:b1:ba:98: c1:b1:80:7f:44:5c:f0:a4:ae:0c:26:38:bc:27:a2:49:cf:22: bd:e9:bc:f7:82:70:e5:5e:43:0a:d3:39:c4:d9:bc:2c:09:34: c5:9f:56:af:be:18:48:e9:c7:76:42:3f:c0:f1:ce:7d:e4:22: b4:34:bc:60:af:25:22:15:c0:ee:ca:b8:d8:20:59:bf:42:67: 36:a7:a5:6d:49:22:e1:9e:9b:eb:f4:23:d6:d5:3f:85:43:68: 9a:28:59:e8:8e:7f:6e:bf:e1:a9:0d:19:9a:4c:ed:99:40:2c: 7b:e7:b2:68 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUNGugJIujG8D5wBltsEBfvp0d5acwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDQwOTIxMTc1NFoX DTI2MDQwODIxMjI1NFowMzExMC8GA1UEAxMoMDg2ODNFRDVDNzQ4Qjc5QTM0NkVG NzA1QTJEQ0Y4MDlBMzFDNzVERjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANgEY7r1/et9FNoMYD5sdNfp6EnAU3MExHRgjVNSWW3iKhqGdAY24sUB9rr/ 8Y2ol0K56NOYuxfYW97vaB/TB4m9MYkxqkVlmkKvtNtnJWbQsgOvyeePY/C+Njg9 XrdnD5cmOZBYxPHKeKaCfLNegvJ1TIzlK7TJkgR/qgu9WqZBzGnvvFoEGsYjd2ee xceWTKI5OV66F/pYWgHQdbZaaKbrNh7OQbcRPMgX1B/YGsrIs2FWzrKKrcSdlIgi zLs8KsFFa+4ExsZ2FyFkskGrspjW3ObxawJoqNIsH0fjuabfrOEPorTaATlCft0N Qim7PvLFRh0FxQq9QsCYy5KIaisCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFAhoPtXHSLeaNG73BaLc+AmjHHXfMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9lOGNlZDE4ZC1hN2NjLTRiNDQtYWY0YS04NWYzMDRmOWViNmMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U4Y2VkMThk LWE3Y2MtNGI0NC1hZjRhLTg1ZjMwNGY5ZWI2Yy8wLzA4NjgzRUQ1Qzc0OEI3OUEz NDZFRjcwNUEyRENGODA5QTMxQzc1REYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACdFOkwDQYJKoZIhvcNAQELBQADggEBACt5BqBSKjbxU+JoZSPiHnR1fsx29Be6 l+Tc8mV6Fb+66+yalpxbpA9bCVZ97dssg5Tsmev0yQYFoU4tomO85VkjGVJwLoX6 8/R+v3EesqklgHOMk7HyoddmRZyqb+UI89qSNNQrr2CK6mbcgqcf2FCLvDKhA/Sp 9ZOdXvZPJ8qn4yYptMJ5S14Dy1w56bG6mMGxgH9EXPCkrgwmOLwnoknPIr3pvPeC cOVeQwrTOcTZvCwJNMWfVq++GEjpx3ZCP8Dxzn3kIrQ0vGCvJSIVwO7KuNggWb9C ZzanpW1JIuGem+v0I9bVP4VDaJooWeiOf26/4akNGZpM7ZlALHvnsmg= -----END CERTIFICATE-----Generated at Sun Apr 27 03:02:08 2025 by rpki-client