$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/FF3F066A5E9AB8F988B8E17C7A56DD2E00A66AD8.cer File: FF3F066A5E9AB8F988B8E17C7A56DD2E00A66AD8.cer (raw, json) Hash identifier: EeRnKgWTgJVg2UPGDgCaPXGhsDVjJramxHanZFRDW9E= Subject key identifier: FF:3F:06:6A:5E:9A:B8:F9:88:B8:E1:7C:7A:56:DD:2E:00:A6:6A:D8 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 432E435DDA24B66052B65BE0BBC9AA55545E66CD Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/1d011a1c-a0ad-4d93-86af-3f0aadd9684f/0/FF3F066A5E9AB8F988B8E17C7A56DD2E00A66AD8.mft caRepository: rsync://repo-rpki.idnic.net/repo/1d011a1c-a0ad-4d93-86af-3f0aadd9684f/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 01 May 2025 11:23:36 +0000 Certificate not after: Thu 30 Apr 2026 11:28:36 +0000 Subordinate resources: IP: 157.15.82.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 16:52:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:2e:43:5d:da:24:b6:60:52:b6:5b:e0:bb:c9:aa:55:54:5e:66:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 1 11:23:36 2025 GMT Not After : Apr 30 11:28:36 2026 GMT Subject: CN=FF3F066A5E9AB8F988B8E17C7A56DD2E00A66AD8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:0e:48:c8:ac:e6:07:dc:34:b1:72:b5:ae:c1: 2c:4e:0c:7e:51:fc:63:53:42:bc:71:96:74:ce:71: 94:97:36:70:ab:96:93:06:d6:a9:fa:70:15:ed:45: bf:a6:ec:df:ef:de:2e:90:c9:6d:af:37:1c:60:df: 17:0f:67:cb:fb:d3:b5:b4:81:eb:d5:fe:d1:84:19: ec:fa:fc:83:d7:66:99:2e:3b:e5:74:7e:7a:9f:05: e2:6f:0e:19:72:17:e7:ac:b8:aa:82:74:69:1a:66: 1e:90:f7:64:1a:84:a4:04:46:2d:33:a0:be:3a:86: 86:dc:16:56:04:04:eb:c0:26:59:02:8e:f1:c0:db: c5:c8:a7:e5:d7:91:8c:39:ef:5f:dc:a5:3b:1c:06: d5:40:13:a5:1b:5c:c2:a9:d6:0a:9d:ec:44:66:9c: d4:be:27:04:82:62:45:60:fe:03:04:33:41:ad:f2: 55:2d:9b:4e:27:fd:17:3a:cc:68:13:9e:80:2a:85: cb:af:13:bb:7e:a3:2e:ab:17:f1:6a:4f:a9:f4:f0: f1:54:4d:b4:5e:cb:cd:b1:4a:82:1c:99:5c:64:b6: a5:5b:14:ad:21:75:38:ce:60:9f:bc:48:71:c0:71: de:32:e8:89:a4:e8:e6:b7:93:e7:80:55:f7:3c:9d: a6:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: FF:3F:06:6A:5E:9A:B8:F9:88:B8:E1:7C:7A:56:DD:2E:00:A6:6A:D8 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/1d011a1c-a0ad-4d93-86af-3f0aadd9684f/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/1d011a1c-a0ad-4d93-86af-3f0aadd9684f/0/FF3F066A5E9AB8F988B8E17C7A56DD2E00A66AD8.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.82.0/23 Signature Algorithm: sha256WithRSAEncryption 4d:d0:8a:11:59:f8:00:40:dc:23:ea:85:43:03:fb:cb:16:fc: bf:29:41:c5:7e:71:d0:62:dd:74:41:ca:30:c3:15:54:0a:12: a6:34:3e:f3:62:f7:63:30:97:df:7b:7b:86:25:cf:35:51:e2: cb:71:e4:95:36:9e:80:58:92:b1:18:aa:f5:af:0d:dd:f0:a6: d7:4e:70:7e:53:90:52:1d:5b:c7:1c:d1:a7:0d:13:ce:88:05: a2:93:52:b7:6d:ba:7d:db:aa:57:45:ef:3e:f8:31:c3:d0:cd: 41:44:66:33:88:56:b6:04:98:03:a4:96:c3:13:8f:21:71:08: 51:48:b0:85:36:6f:7a:7a:f2:62:c0:07:aa:ed:2c:9a:e9:7e: ed:72:04:1e:43:0e:64:ff:ca:c6:ac:c1:d4:9f:f2:96:92:78: 8b:53:83:0b:48:cc:d1:3d:e0:2f:20:8c:65:ca:0a:1a:c9:dc: e5:41:49:98:56:d9:f7:70:ee:0c:5b:c4:39:1d:4f:7a:e8:59: 89:20:0c:0f:0c:ca:17:19:39:75:d0:1f:97:c1:29:b3:e9:f7: 3b:57:2c:55:9d:b6:05:64:74:c2:28:eb:b4:46:62:d0:7f:d9: 57:11:d9:f4:08:21:97:36:d6:60:5d:d7:7b:24:10:86:fd:8d: 46:25:6d:a2 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUQy5DXdoktmBStlvgu8mqVVReZs0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDUwMTExMjMzNloX DTI2MDQzMDExMjgzNlowMzExMC8GA1UEAxMoRkYzRjA2NkE1RTlBQjhGOTg4QjhF MTdDN0E1NkREMkUwMEE2NkFEODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL4OSMis5gfcNLFyta7BLE4MflH8Y1NCvHGWdM5xlJc2cKuWkwbWqfpwFe1F v6bs3+/eLpDJba83HGDfFw9ny/vTtbSB69X+0YQZ7Pr8g9dmmS475XR+ep8F4m8O GXIX56y4qoJ0aRpmHpD3ZBqEpARGLTOgvjqGhtwWVgQE68AmWQKO8cDbxcin5deR jDnvX9ylOxwG1UATpRtcwqnWCp3sRGac1L4nBIJiRWD+AwQzQa3yVS2bTif9FzrM aBOegCqFy68Tu36jLqsX8WpPqfTw8VRNtF7LzbFKghyZXGS2pVsUrSF1OM5gn7xI ccBx3jLoiaTo5reT54BV9zydpmsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFP8/Bmpemrj5iLjhfHpW3S4ApmrYMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8xZDAxMWExYy1hMGFkLTRkOTMtODZhZi0zZjBhYWRkOTY4NGYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFkMDExYTFj LWEwYWQtNGQ5My04NmFmLTNmMGFhZGQ5Njg0Zi8wL0ZGM0YwNjZBNUU5QUI4Rjk4 OEI4RTE3QzdBNTZERDJFMDBBNjZBRDgubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGdD1IwDQYJKoZIhvcNAQELBQADggEBAE3QihFZ+ABA3CPqhUMD+8sW/L8pQcV+ cdBi3XRByjDDFVQKEqY0PvNi92Mwl997e4YlzzVR4stx5JU2noBYkrEYqvWvDd3w ptdOcH5TkFIdW8cc0acNE86IBaKTUrdtun3bqldF7z74McPQzUFEZjOIVrYEmAOk lsMTjyFxCFFIsIU2b3p68mLAB6rtLJrpfu1yBB5DDmT/ysaswdSf8paSeItTgwtI zNE94C8gjGXKChrJ3OVBSZhW2fdw7gxbxDkdT3roWYkgDA8MyhcZOXXQH5fBKbPp 9ztXLFWdtgVkdMIo67RGYtB/2VcR2fQIIZc21mBd13skEIb9jUYlbaI= -----END CERTIFICATE-----Generated at Sun Jun 15 16:02:52 2025 by rpki-client