$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/FA62D828544F70BEAD8B3C04A86175E4FB07C4B6.cer File: FA62D828544F70BEAD8B3C04A86175E4FB07C4B6.cer (raw, json) Hash identifier: 09E8yfA14j6W0maUJ3VkG9LrgwhEWFVnvXdpC6I3e3M= Subject key identifier: FA:62:D8:28:54:4F:70:BE:AD:8B:3C:04:A8:61:75:E4:FB:07:C4:B6 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 1A5F475677F95124430F7CC7661019E1ED5043E4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/1c04ded8-b0f5-4594-8e0e-911ecb77ee73/0/FA62D828544F70BEAD8B3C04A86175E4FB07C4B6.mft caRepository: rsync://repo-rpki.idnic.net/repo/1c04ded8-b0f5-4594-8e0e-911ecb77ee73/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 29 May 2025 11:57:57 +0000 Certificate not after: Thu 28 May 2026 12:02:57 +0000 Subordinate resources: IP: 157.66.37.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 10:49:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:5f:47:56:77:f9:51:24:43:0f:7c:c7:66:10:19:e1:ed:50:43:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 29 11:57:57 2025 GMT Not After : May 28 12:02:57 2026 GMT Subject: CN=FA62D828544F70BEAD8B3C04A86175E4FB07C4B6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:02:d8:36:e7:fd:65:c4:50:4c:92:c5:95:dc: 40:89:79:04:8f:f2:e8:a4:c0:e1:a4:13:ea:37:38: af:c8:f1:a4:1e:0b:18:ee:cc:3f:30:4b:7c:7e:6c: b7:b9:4c:de:24:8d:e4:da:4a:98:8c:cb:ff:d0:32: a8:1d:c1:b3:4b:16:35:55:4b:8f:a3:73:6e:6b:9d: 25:02:c8:d7:23:86:e5:70:e5:d3:dc:2e:b1:23:fd: a2:7d:88:cc:e1:0e:14:6a:34:e6:8f:8a:74:48:79: 19:3b:0e:88:e4:1b:65:59:94:ea:99:51:1f:1f:35: 11:16:cd:b7:dd:09:da:d3:84:b2:d5:1b:e5:59:5d: 24:12:60:3e:cc:8b:bb:58:da:83:de:d7:5f:e3:f7: 3f:70:d2:37:a3:9a:47:fa:df:d4:06:fb:a3:eb:a7: c9:81:2c:59:b3:db:0b:4e:7b:8b:c7:31:04:7f:34: a0:b4:3f:8b:95:56:55:48:2b:94:41:1b:d4:6d:bd: fb:9b:86:ba:46:67:be:39:4c:d7:22:fd:1c:79:93: d4:0f:05:21:9e:8a:ee:53:ff:73:4a:22:5a:ea:f8: ef:38:87:1c:18:f7:03:82:23:e8:a8:4c:09:a3:bf: 61:2c:10:86:0f:21:e7:d2:a1:39:36:5d:df:78:5d: 5e:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: FA:62:D8:28:54:4F:70:BE:AD:8B:3C:04:A8:61:75:E4:FB:07:C4:B6 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/1c04ded8-b0f5-4594-8e0e-911ecb77ee73/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/1c04ded8-b0f5-4594-8e0e-911ecb77ee73/0/FA62D828544F70BEAD8B3C04A86175E4FB07C4B6.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.37.0/24 Signature Algorithm: sha256WithRSAEncryption 8d:bb:ae:b3:65:b5:08:41:14:40:c9:d8:8b:85:81:00:1e:be: 60:55:86:46:b2:77:b2:26:6b:a6:d3:fc:30:27:8a:45:27:c9: 33:8e:25:65:1a:aa:96:08:2f:86:97:80:5b:d1:7a:60:9a:7c: 7c:56:23:eb:c0:6c:18:b8:7e:49:25:11:f5:2a:d3:f4:d5:9b: 37:fd:e2:1f:0e:ec:83:ae:a9:c8:68:ba:59:9a:24:20:a5:b6: 46:10:5f:a8:d5:fc:c3:a7:2b:f4:a4:cd:27:5b:14:fc:ee:18: 2f:5c:c6:46:4d:38:ad:14:43:37:70:0a:c8:37:e1:2e:7a:a1: 03:1d:f9:4b:26:3a:b8:2c:37:fd:38:b7:b3:fc:ae:29:f9:6d: 8e:96:d6:04:a2:9c:18:d3:2e:7b:59:1f:9f:a7:4e:5a:b4:91: 25:2c:88:bd:ed:f4:86:08:f9:35:51:00:28:a4:98:2f:28:9e: 6b:cf:0a:fa:3f:99:08:8e:47:da:80:47:d4:64:1e:36:ff:26: 06:0b:10:07:51:ad:5f:af:4e:b6:86:76:f0:f2:57:75:d8:74: 84:d1:66:c5:2a:5b:44:41:25:dc:b3:4b:e4:c5:7d:54:31:9a: ac:68:df:96:6f:9d:5c:0a:17:52:36:38:df:51:ae:cb:52:8f: 90:0a:3f:ea -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUGl9HVnf5USRDD3zHZhAZ4e1QQ+QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDUyOTExNTc1N1oX DTI2MDUyODEyMDI1N1owMzExMC8GA1UEAxMoRkE2MkQ4Mjg1NDRGNzBCRUFEOEIz QzA0QTg2MTc1RTRGQjA3QzRCNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOMC2Dbn/WXEUEySxZXcQIl5BI/y6KTA4aQT6jc4r8jxpB4LGO7MPzBLfH5s t7lM3iSN5NpKmIzL/9AyqB3Bs0sWNVVLj6NzbmudJQLI1yOG5XDl09wusSP9on2I zOEOFGo05o+KdEh5GTsOiOQbZVmU6plRHx81ERbNt90J2tOEstUb5VldJBJgPsyL u1jag97XX+P3P3DSN6OaR/rf1Ab7o+unyYEsWbPbC057i8cxBH80oLQ/i5VWVUgr lEEb1G29+5uGukZnvjlM1yL9HHmT1A8FIZ6K7lP/c0oiWur47ziHHBj3A4Ij6KhM CaO/YSwQhg8h59KhOTZd33hdXlcCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFPpi2ChUT3C+rYs8BKhhdeT7B8S2MB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8xYzA0ZGVkOC1iMGY1LTQ1OTQtOGUwZS05MTFlY2I3N2VlNzMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFjMDRkZWQ4 LWIwZjUtNDU5NC04ZTBlLTkxMWVjYjc3ZWU3My8wL0ZBNjJEODI4NTQ0RjcwQkVB RDhCM0MwNEE4NjE3NUU0RkIwN0M0QjYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACdQiUwDQYJKoZIhvcNAQELBQADggEBAI27rrNltQhBFEDJ2IuFgQAevmBVhkay d7Ima6bT/DAnikUnyTOOJWUaqpYIL4aXgFvRemCafHxWI+vAbBi4fkklEfUq0/TV mzf94h8O7IOuqchoulmaJCCltkYQX6jV/MOnK/SkzSdbFPzuGC9cxkZNOK0UQzdw Csg34S56oQMd+UsmOrgsN/04t7P8rin5bY6W1gSinBjTLntZH5+nTlq0kSUsiL3t 9IYI+TVRACikmC8onmvPCvo/mQiOR9qAR9RkHjb/JgYLEAdRrV+vTraGdvDyV3XY dITRZsUqW0RBJdyzS+TFfVQxmqxo35ZvnVwKF1I2ON9RrstSj5AKP+o= -----END CERTIFICATE-----Generated at Tue Nov 4 16:32:36 2025 by rpki-client