$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer File: 2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer (raw, json) Hash identifier: C5BACHeMLjd1fK9L2lU92olu9NakgzMJTQutlhwaQsI= Subject key identifier: 25:15:D4:BF:9E:F7:AA:E5:AE:BC:22:F5:2C:17:FF:17:DC:D6:FD:C2 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 56C98A2B6D85DE9C5629DA4D6D0E66CDDD1D86DD Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft caRepository: rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 18 Apr 2025 12:49:58 +0000 Certificate not after: Fri 17 Apr 2026 12:54:58 +0000 Subordinate resources: IP: 160.19.84.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 10:49:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:c9:8a:2b:6d:85:de:9c:56:29:da:4d:6d:0e:66:cd:dd:1d:86:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Apr 18 12:49:58 2025 GMT Not After : Apr 17 12:54:58 2026 GMT Subject: CN=2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:20:34:b4:71:c9:71:fe:2d:92:ce:1a:ee:56: 0c:90:f2:4f:2b:c0:2d:03:a4:22:c0:32:da:85:bb: 9e:c1:b2:2a:3b:cd:f5:4d:6f:3c:ab:ca:15:59:79: cb:86:62:be:6b:1b:fe:16:3a:87:97:9b:bb:8d:10: 85:cf:d3:20:a6:50:9c:b4:c2:07:38:07:82:20:87: 01:3b:59:4e:cd:d8:d9:10:17:cd:0a:30:7b:d0:36: dc:01:74:bd:c9:76:fe:8a:46:bb:b2:b2:48:5f:7f: e5:d4:a4:00:b3:7d:bb:62:af:f1:b4:e3:58:4d:27: 93:8c:66:17:73:48:9c:3e:15:31:0d:bb:90:e9:9d: 2a:26:34:f7:bf:34:4f:76:62:bd:bd:38:2b:79:f6: f7:18:45:a9:f4:24:6e:68:ec:d5:66:d2:71:a1:69: e2:a4:b4:f7:53:bd:4b:5f:a4:36:f5:90:26:1d:f1: f8:eb:b8:f9:6c:88:af:8e:f0:fe:b0:b2:ab:50:a9: fd:bb:55:ee:e1:aa:a3:b1:be:34:5a:b1:a3:d4:25: f9:aa:ed:67:45:4f:e3:40:f4:56:2c:58:a5:a8:97: eb:05:15:b2:51:f1:79:8e:ae:b9:4b:8e:f6:34:8c: a8:0a:50:54:81:39:f1:bc:44:6f:74:ee:ed:c4:e9: df:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 25:15:D4:BF:9E:F7:AA:E5:AE:BC:22:F5:2C:17:FF:17:DC:D6:FD:C2 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.19.84.0/23 Signature Algorithm: sha256WithRSAEncryption 82:af:6a:3f:e0:9b:33:15:34:9b:e6:f7:c5:5a:94:f7:b7:71: 97:57:1a:11:c9:19:33:bf:95:fc:df:35:64:37:75:27:45:4b: df:dc:65:7a:0f:a0:0e:47:34:36:3e:b3:48:ca:3d:7b:d6:fb: 6c:55:59:1d:d8:ba:1b:17:a3:89:33:cd:fa:d6:df:86:85:bb: b2:e5:f0:4f:90:25:85:a4:10:8b:58:64:33:cd:9e:ea:cf:54: b3:1e:52:42:51:b8:aa:00:8b:47:c4:5e:e0:da:29:25:be:4d: d8:8d:9d:4a:87:33:6e:fc:fa:fb:3b:ad:b9:76:20:f3:74:13: a3:3e:9a:0d:80:7b:1c:e7:02:44:06:89:bd:91:46:44:cb:52: 2b:63:1a:d2:89:f6:b4:57:99:2c:d4:6d:85:eb:3f:bf:dd:27: fe:73:06:1f:20:8f:03:46:ae:dc:b3:6a:f7:c2:3a:fe:0e:a1: 26:35:8e:c7:f6:00:b4:c0:54:c9:4a:23:23:09:83:8f:1c:99: b4:99:f9:f9:c7:99:85:0c:ee:2a:67:73:ab:e5:ec:e4:7f:19: 11:53:69:6e:10:92:e4:75:c7:17:91:02:d6:df:18:18:38:23: ab:15:d9:39:73:19:c5:e6:70:7f:7b:20:ce:1b:73:f7:86:e2: 75:4f:09:e3 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUVsmKK22F3pxWKdpNbQ5mzd0dht0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDQxODEyNDk1OFoX DTI2MDQxNzEyNTQ1OFowMzExMC8GA1UEAxMoMjUxNUQ0QkY5RUY3QUFFNUFFQkMy MkY1MkMxN0ZGMTdEQ0Q2RkRDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANAgNLRxyXH+LZLOGu5WDJDyTyvALQOkIsAy2oW7nsGyKjvN9U1vPKvKFVl5 y4Zivmsb/hY6h5ebu40Qhc/TIKZQnLTCBzgHgiCHATtZTs3Y2RAXzQowe9A23AF0 vcl2/opGu7KySF9/5dSkALN9u2Kv8bTjWE0nk4xmF3NInD4VMQ27kOmdKiY09780 T3Zivb04K3n29xhFqfQkbmjs1WbScaFp4qS091O9S1+kNvWQJh3x+Ou4+WyIr47w /rCyq1Cp/btV7uGqo7G+NFqxo9Ql+artZ0VP40D0VixYpaiX6wUVslHxeY6uuUuO 9jSMqApQVIE58bxEb3Tu7cTp30kCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCUV1L+e96rlrrwi9SwX/xfc1v3CMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9iYTA5OGYwMC1hMGEwLTRiNWMtOWU4My02MDY3MzcxMjhjYjEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JhMDk4ZjAw LWEwYTAtNGI1Yy05ZTgzLTYwNjczNzEyOGNiMS8wLzI1MTVENEJGOUVGN0FBRTVB RUJDMjJGNTJDMTdGRjE3RENENkZEQzIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgE1QwDQYJKoZIhvcNAQELBQADggEBAIKvaj/gmzMVNJvm98ValPe3cZdXGhHJ GTO/lfzfNWQ3dSdFS9/cZXoPoA5HNDY+s0jKPXvW+2xVWR3YuhsXo4kzzfrW34aF u7Ll8E+QJYWkEItYZDPNnurPVLMeUkJRuKoAi0fEXuDaKSW+TdiNnUqHM278+vs7 rbl2IPN0E6M+mg2AexznAkQGib2RRkTLUitjGtKJ9rRXmSzUbYXrP7/dJ/5zBh8g jwNGrtyzavfCOv4OoSY1jsf2ALTAVMlKIyMJg48cmbSZ+fnHmYUM7ipnc6vl7OR/ GRFTaW4QkuR1xxeRAtbfGBg4I6sV2TlzGcXmcH97IM4bc/eG4nVPCeM= -----END CERTIFICATE-----Generated at Tue Nov 4 18:39:16 2025 by rpki-client