$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/D237DEA20D73B3F216B98336BA8307D913DDB257.cer File: D237DEA20D73B3F216B98336BA8307D913DDB257.cer (raw, json) Hash identifier: aeZPcg/2FPqvAiPD6kJRgT/U143/OiL0WQg8Jq780OE= Subject key identifier: D2:37:DE:A2:0D:73:B3:F2:16:B9:83:36:BA:83:07:D9:13:DD:B2:57 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 6C24AC38770ACA0D2F0DB4D92AB5DC325F88272F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft caRepository: rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 06 Jun 2025 09:48:30 +0000 Certificate not after: Fri 05 Jun 2026 09:53:30 +0000 Subordinate resources: IP: 160.20.104.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 10:49:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:24:ac:38:77:0a:ca:0d:2f:0d:b4:d9:2a:b5:dc:32:5f:88:27:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 6 09:48:30 2025 GMT Not After : Jun 5 09:53:30 2026 GMT Subject: CN=D237DEA20D73B3F216B98336BA8307D913DDB257 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:9a:be:b4:c1:61:7d:bf:4a:e8:18:24:dc:de: d4:fe:14:0b:fa:7b:93:60:e5:50:28:ce:9f:80:f1: 7f:92:ad:a0:0a:67:90:f4:78:7f:3a:60:82:0a:62: 98:42:87:d0:4b:bb:e5:e5:1e:b4:20:80:7c:ad:82: af:e8:19:a3:f3:72:2d:5d:7b:59:bc:00:87:92:17: 96:04:be:ff:50:61:0a:f6:f5:4c:e5:c6:42:97:1e: 8a:36:08:4b:82:50:cb:0e:2a:d0:df:dc:38:0b:b3: a4:02:be:4e:11:88:14:3f:c6:9e:ba:9e:24:ed:57: 5e:19:3f:f9:ca:94:2a:44:b6:2e:ff:9b:7e:f6:83: ab:ef:4a:12:84:b8:c7:3f:e3:34:57:89:10:43:1f: f6:0c:07:cc:00:d3:7f:0c:3a:90:a6:99:7a:7e:29: 40:7d:9f:0a:63:fc:73:96:9c:3a:8c:79:36:f9:c6: d6:c1:d1:14:d8:7c:79:a6:cc:ff:76:2d:bf:e7:de: 6c:e6:4a:8e:3d:75:b6:90:6b:a7:eb:66:29:50:f7: 4d:91:a0:1f:b3:c3:0d:7c:bf:23:5f:d6:ad:6b:8e: 14:0e:a2:1b:9e:94:fd:76:6e:50:54:e6:2d:2f:14: 3d:3a:05:1d:ab:3b:1c:a7:e5:00:77:06:63:da:9c: ba:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D2:37:DE:A2:0D:73:B3:F2:16:B9:83:36:BA:83:07:D9:13:DD:B2:57 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/0/D237DEA20D73B3F216B98336BA8307D913DDB257.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.20.104.0/23 Signature Algorithm: sha256WithRSAEncryption 64:2b:f9:ae:09:f1:05:26:bb:3f:ca:84:97:21:91:e8:64:6b: 42:4b:88:76:df:b2:d1:34:01:1b:80:30:1d:c9:f2:62:8a:7b: 55:7f:6b:71:e6:b2:e4:6b:c8:6e:c3:41:80:e6:92:92:d3:bf: f0:d9:52:3a:08:4d:a2:6c:1c:a4:19:92:f3:4f:8f:2f:58:6e: 89:f2:f5:fb:6f:ea:ff:a7:20:85:ad:2a:c9:77:d8:20:8f:18: 68:6d:30:b6:78:80:e6:f5:dd:41:ca:67:b8:53:de:fb:ee:32: 59:65:7d:7b:6d:eb:e4:f4:b5:93:c9:18:89:21:7f:af:6f:13: ed:a8:ea:d9:9e:27:ef:8a:09:e7:b1:a4:93:31:12:06:9b:5f: 90:e0:b0:b6:d3:68:d1:fe:06:c4:ab:08:88:a3:e1:07:62:08: 7c:db:10:2b:19:ca:f4:62:6e:ec:cb:62:54:41:5a:81:b8:cb: 6f:54:c4:63:98:fb:b9:b8:aa:c0:ab:d0:92:23:ac:e2:5d:2c: 9f:48:02:1a:19:48:ea:d7:a7:f0:01:21:94:50:c5:96:a3:3d: 3c:16:65:b4:3a:b0:e2:8f:8f:16:9d:ca:fa:64:e3:92:c3:fa: 68:29:98:88:41:98:fa:d3:f1:a5:68:c7:89:3c:a5:ab:1d:0e: 98:b2:f5:41 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUbCSsOHcKyg0vDbTZKrXcMl+IJy8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDYwNjA5NDgzMFoX DTI2MDYwNTA5NTMzMFowMzExMC8GA1UEAxMoRDIzN0RFQTIwRDczQjNGMjE2Qjk4 MzM2QkE4MzA3RDkxM0REQjI1NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALCavrTBYX2/SugYJNze1P4UC/p7k2DlUCjOn4Dxf5KtoApnkPR4fzpgggpi mEKH0Eu75eUetCCAfK2Cr+gZo/NyLV17WbwAh5IXlgS+/1BhCvb1TOXGQpceijYI S4JQyw4q0N/cOAuzpAK+ThGIFD/GnrqeJO1XXhk/+cqUKkS2Lv+bfvaDq+9KEoS4 xz/jNFeJEEMf9gwHzADTfww6kKaZen4pQH2fCmP8c5acOox5NvnG1sHRFNh8eabM /3Ytv+febOZKjj11tpBrp+tmKVD3TZGgH7PDDXy/I1/WrWuOFA6iG56U/XZuUFTm LS8UPToFHas7HKflAHcGY9qcuqUCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNI33qINc7PyFrmDNrqDB9kT3bJXMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9mYmI1ZmE0YS1iZWE2LTQ2NGYtYjQwOS0xMWQ5YTM3NjFhNmMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ZiYjVmYTRh LWJlYTYtNDY0Zi1iNDA5LTExZDlhMzc2MWE2Yy8wL0QyMzdERUEyMEQ3M0IzRjIx NkI5ODMzNkJBODMwN0Q5MTNEREIyNTcubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgFGgwDQYJKoZIhvcNAQELBQADggEBAGQr+a4J8QUmuz/KhJchkehka0JLiHbf stE0ARuAMB3J8mKKe1V/a3HmsuRryG7DQYDmkpLTv/DZUjoITaJsHKQZkvNPjy9Y bony9ftv6v+nIIWtKsl32CCPGGhtMLZ4gOb13UHKZ7hT3vvuMlllfXtt6+T0tZPJ GIkhf69vE+2o6tmeJ++KCeexpJMxEgabX5DgsLbTaNH+BsSrCIij4QdiCHzbECsZ yvRibuzLYlRBWoG4y29UxGOY+7m4qsCr0JIjrOJdLJ9IAhoZSOrXp/ABIZRQxZaj PTwWZbQ6sOKPjxadyvpk45LD+mgpmIhBmPrT8aVox4k8pasdDpiy9UE= -----END CERTIFICATE-----Generated at Tue Nov 4 18:53:49 2025 by rpki-client