This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.cer File: 0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.cer (raw, json) Hash identifier: Cv9Egt59aZ8kBnbOJgkU8DYSLGDLoKXS1NfQxkuyUHk= Subject key identifier: 03:21:C8:92:A6:AA:C0:A6:EA:4A:30:35:D8:8C:A6:BC:68:67:BF:79 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 21C1AF020A6C339EC4A41D4D9E3EFBE0CEFF54D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/7a1c4c1f-7141-47d6-a7f8-e35ffe117404/0/0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.mft caRepository: rsync://repo-rpki.idnic.net/repo/7a1c4c1f-7141-47d6-a7f8-e35ffe117404/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 11 Dec 2025 08:50:34 +0000 Certificate not after: Thu 10 Dec 2026 08:55:34 +0000 Subordinate resources: IP: 103.96.52.0/23 IP: 2001:df2:f40::/48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Dec 2025 13:29:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:c1:af:02:0a:6c:33:9e:c4:a4:1d:4d:9e:3e:fb:e0:ce:ff:54:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Dec 11 08:50:34 2025 GMT Not After : Dec 10 08:55:34 2026 GMT Subject: CN=0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:fe:4a:f2:31:41:49:7e:db:c5:e4:ff:07:5a: 1f:65:aa:83:8d:02:8a:9a:d5:5b:58:db:31:19:48: a1:be:0a:c0:7e:07:71:cb:fd:4e:d5:88:9e:0e:28: aa:10:be:e5:ed:0a:e9:78:5e:ef:69:a9:42:30:1e: a2:06:e5:c5:ea:fd:23:bc:8a:cc:d7:0e:7e:e2:e4: bd:79:e2:16:fd:b1:68:01:d2:e6:5c:e0:82:88:5b: 77:b1:a7:5b:1d:fe:c6:f8:7b:89:a1:2b:8a:9d:9c: a9:96:21:ae:b0:9f:5e:0a:6f:28:0d:cc:bd:a4:8d: 30:85:49:f4:ea:4f:9b:10:23:8d:11:3c:9a:73:80: 0b:70:00:dc:bc:d5:60:2f:15:6f:2a:34:bc:fc:08: b6:32:5b:97:4d:b4:94:62:20:f1:e7:2e:a5:ee:8e: 4b:fa:a7:ac:c1:7d:cd:9e:95:ce:50:84:3e:1e:ae: e1:83:d2:7d:51:95:65:ac:77:69:91:e5:07:45:b7: e0:14:6f:71:07:1c:4c:cf:0d:6e:db:ad:d2:87:2c: 6a:13:95:b9:78:f7:20:07:10:46:ef:d9:ca:57:02: 4f:73:4b:f5:94:3b:c2:07:ec:f0:b0:06:c8:8a:37: 8d:36:5b:b0:22:ed:35:b1:79:99:55:fb:f7:48:c2: 40:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 03:21:C8:92:A6:AA:C0:A6:EA:4A:30:35:D8:8C:A6:BC:68:67:BF:79 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/7a1c4c1f-7141-47d6-a7f8-e35ffe117404/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/7a1c4c1f-7141-47d6-a7f8-e35ffe117404/0/0321C892A6AAC0A6EA4A3035D88CA6BC6867BF79.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.96.52.0/23 IPv6: 2001:df2:f40::/48 Signature Algorithm: sha256WithRSAEncryption 89:eb:6e:23:01:0f:92:6c:6f:29:d3:c5:d6:82:77:41:38:a5: 53:9c:67:3d:65:b6:eb:77:0d:30:0e:ef:76:2b:a1:fb:9f:35: 65:a8:10:80:e8:3c:5c:9e:5a:e9:9d:34:e5:67:43:36:d1:e0: ab:a5:dc:de:be:c7:9e:8d:9a:74:2c:4a:24:8a:35:53:e3:4f: 45:0e:ad:24:9b:ac:85:f1:54:30:ae:d4:cf:8f:6a:71:22:9f: 64:17:e0:de:99:64:57:d9:e7:33:3d:d0:12:18:d6:57:9e:bb: db:6b:37:1b:22:52:54:dd:8c:82:7e:f9:6e:b3:92:89:39:21: a3:10:ff:76:4c:4c:56:b9:1d:f4:21:87:c3:ee:89:21:4e:d1: a5:a3:94:d3:5e:93:d8:63:4c:bf:46:ca:4c:36:a0:45:21:25: eb:67:8c:b8:f8:d6:20:31:93:80:35:9c:04:1a:81:15:6e:bb: 81:11:1f:3a:40:4e:1c:55:ba:6f:7c:b4:86:3e:64:b6:2c:cf: b6:00:fc:0c:79:b8:9e:20:3f:83:90:7c:1d:cc:37:6a:22:08: 76:d5:ef:5e:85:9a:6b:6f:33:45:b1:f4:34:8f:d5:8f:98:15: b3:e6:52:10:f2:83:7c:c7:d9:d9:f5:82:26:a2:ac:67:a9:cf: ad:c6:0a:3f -----BEGIN CERTIFICATE----- MIIF1jCCBL6gAwIBAgIUIcGvAgpsM57EpB1Nnj774M7/VNIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTIxMTA4NTAzNFoX DTI2MTIxMDA4NTUzNFowMzExMC8GA1UEAxMoMDMyMUM4OTJBNkFBQzBBNkVBNEEz MDM1RDg4Q0E2QkM2ODY3QkY3OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALP+SvIxQUl+28Xk/wdaH2Wqg40CiprVW1jbMRlIob4KwH4Hccv9TtWIng4o qhC+5e0K6Xhe72mpQjAeogblxer9I7yKzNcOfuLkvXniFv2xaAHS5lzggohbd7Gn Wx3+xvh7iaErip2cqZYhrrCfXgpvKA3MvaSNMIVJ9OpPmxAjjRE8mnOAC3AA3LzV YC8Vbyo0vPwItjJbl020lGIg8ecupe6OS/qnrMF9zZ6VzlCEPh6u4YPSfVGVZax3 aZHlB0W34BRvcQccTM8Nbtut0ocsahOVuXj3IAcQRu/ZylcCT3NL9ZQ7wgfs8LAG yIo3jTZbsCLtNbF5mVX790jCQB0CAwEAAaOCAskwggLFMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFAMhyJKmqsCm6kowNdiMprxoZ795MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83YTFjNGMxZi03MTQxLTQ3ZDYtYTdmOC1lMzVmZmUxMTc0MDQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdhMWM0YzFm LTcxNDEtNDdkNi1hN2Y4LWUzNWZmZTExNzQwNC8wLzAzMjFDODkyQTZBQUMwQTZF QTRBMzAzNUQ4OENBNkJDNjg2N0JGNzkubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYD BAFnYDQwDwQCAAIwCQMHACABDfIPQDANBgkqhkiG9w0BAQsFAAOCAQEAietuIwEP kmxvKdPF1oJ3QTilU5xnPWW263cNMA7vdiuh+581ZagQgOg8XJ5a6Z005WdDNtHg q6Xc3r7Hno2adCxKJIo1U+NPRQ6tJJushfFUMK7Uz49qcSKfZBfg3plkV9nnMz3Q EhjWV56722s3GyJSVN2Mgn75brOSiTkhoxD/dkxMVrkd9CGHw+6JIU7RpaOU016T 2GNMv0bKTDagRSEl62eMuPjWIDGTgDWcBBqBFW67gREfOkBOHFW6b3y0hj5ktizP tgD8DHm4niA/g5B8Hcw3aiIIdtXvXoWaa28zRbH0NI/Vj5gVs+ZSEPKDfMfZ2fWC JqKsZ6nPrcYKPw== -----END CERTIFICATE-----Generated at Fri Dec 19 01:24:45 2025 by rpki-client