$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer File: 21AC220B77A77D0516BC73B4C29C8363DD00911B.cer (raw, json) Hash identifier: xHxzHeOv8MQFpLWTthMijlRRwvLutg+9wlhbP6LLK0I= Subject key identifier: 21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 60F5AB1B3DA0291C941BC8840A21F6666F513B8A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft caRepository: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 20 Aug 2025 03:48:35 +0000 Certificate not after: Wed 19 Aug 2026 03:53:35 +0000 Subordinate resources: IP: 103.94.168.0/22 IP: 103.119.140.0 -- 103.119.147.255 IP: 202.10.56.0/22 IP: 2401:48c0::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 00:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:f5:ab:1b:3d:a0:29:1c:94:1b:c8:84:0a:21:f6:66:6f:51:3b:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 20 03:48:35 2025 GMT Not After : Aug 19 03:53:35 2026 GMT Subject: CN=21AC220B77A77D0516BC73B4C29C8363DD00911B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:eb:38:c7:01:28:91:28:bd:01:1c:a0:98:9c: df:d7:be:6e:a8:9a:02:1f:e4:11:df:b8:42:36:4d: 22:37:85:6d:4c:d8:22:1c:57:78:36:63:88:4c:6e: 86:6e:57:06:91:10:f4:f9:1f:aa:e5:65:46:4e:6e: 88:06:ea:75:c3:5d:b1:96:a2:6a:85:3e:7e:3b:33: 74:33:ff:78:ef:05:9b:d7:28:95:54:3e:d8:62:d8: 58:5b:f3:0e:4f:7f:d0:21:7c:82:6a:96:99:40:12: 07:8c:e7:cd:bd:9b:62:8f:92:ee:01:40:03:72:76: fa:29:59:22:69:1d:a6:31:d8:6a:0b:cd:2e:9f:91: 01:12:83:cb:48:c9:b3:53:54:f1:21:67:87:1a:1d: 14:f1:70:ee:7d:e3:ec:46:99:04:d2:e9:97:ca:34: 0e:4e:8b:ee:62:48:63:22:8d:fd:a1:64:b2:de:ce: 7a:7c:4c:1f:d9:cc:5d:c5:74:7d:ec:b8:cc:ea:0c: 43:1b:28:5e:63:4b:53:83:ac:63:5b:c2:78:a4:99: a1:17:27:b3:88:06:cc:26:64:ae:32:fd:a5:bb:cf: 6a:1b:45:b7:ef:d7:73:96:c4:bf:a1:a6:80:2c:25: 99:f3:03:7a:03:5b:fc:16:3d:e0:59:fc:bb:41:1a: 6e:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.94.168.0/22 103.119.140.0-103.119.147.255 202.10.56.0/22 IPv6: 2401:48c0::/32 Signature Algorithm: sha256WithRSAEncryption 25:51:8d:8d:c2:1e:fa:32:09:ea:d2:58:f0:46:68:17:57:a1: 81:7d:c6:c0:24:95:8e:54:44:52:d3:c7:3d:79:76:24:02:a7: d7:11:6c:db:2d:75:78:75:72:89:90:c3:c4:6b:d0:90:ce:cf: 73:c1:fb:ad:1d:87:c8:51:25:0f:98:0a:2d:6d:b8:54:56:10: 0f:dc:63:d1:f8:4c:28:eb:cc:39:bd:db:47:52:68:a3:11:5a: 94:36:67:97:bc:5b:dd:67:ef:97:89:3b:85:37:3d:1f:6e:a7: b2:9b:ed:c3:fc:4b:00:1b:bf:21:46:15:ab:6c:72:04:29:dd: cb:5f:63:00:a1:a5:6c:df:a0:c6:da:97:a2:54:26:14:b5:7c: 03:e0:91:e7:e4:dc:b6:4f:80:a5:76:95:b6:a8:8e:e9:d0:73: 95:fe:8c:ba:ca:d6:7b:7f:93:4a:1a:af:1c:fd:bf:9e:ba:3a: 13:c6:77:48:89:7b:8f:ee:7f:38:21:c0:e2:3c:21:8c:40:61: 6c:b9:9f:72:c5:1a:8e:ba:77:2b:32:5a:cf:13:80:83:45:6e: 93:f2:ed:3a:25:07:8b:49:c8:96:65:91:8c:5c:ab:40:14:5e: d5:ae:62:20:6f:72:ee:04:bd:f0:c0:26:55:00:75:c7:ae:b8: 46:6f:ee:25 -----BEGIN CERTIFICATE----- MIIF6DCCBNCgAwIBAgIUYPWrGz2gKRyUG8iECiH2Zm9RO4owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDgyMDAzNDgzNVoX DTI2MDgxOTAzNTMzNVowMzExMC8GA1UEAxMoMjFBQzIyMEI3N0E3N0QwNTE2QkM3 M0I0QzI5QzgzNjNERDAwOTExQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKnrOMcBKJEovQEcoJic39e+bqiaAh/kEd+4QjZNIjeFbUzYIhxXeDZjiExu hm5XBpEQ9PkfquVlRk5uiAbqdcNdsZaiaoU+fjszdDP/eO8Fm9colVQ+2GLYWFvz Dk9/0CF8gmqWmUASB4znzb2bYo+S7gFAA3J2+ilZImkdpjHYagvNLp+RARKDy0jJ s1NU8SFnhxodFPFw7n3j7EaZBNLpl8o0Dk6L7mJIYyKN/aFkst7OenxMH9nMXcV0 fey4zOoMQxsoXmNLU4OsY1vCeKSZoRcns4gGzCZkrjL9pbvPahtFt+/Xc5bEv6Gm gCwlmfMDegNb/BY94Fn8u0EabtMCAwEAAaOCAtswggLXMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCGsIgt3p30FFrxztMKcg2PdAJEbMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9iZGFiYzBiYS05MjIyLTRjNDUtODM0Mi1lYjg2NDNjNDk2N2QvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JkYWJjMGJh LTkyMjItNGM0NS04MzQyLWViODY0M2M0OTY3ZC8wLzIxQUMyMjBCNzdBNzdEMDUx NkJDNzNCNEMyOUM4MzYzREQwMDkxMUIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwQgYIKwYBBQUHAQcBAf8EMzAxMCAEAgABMBoD BAJnXqgwDAMEAmd3jAMEAmd3kAMEAsoKODANBAIAAjAHAwUAJAFIwDANBgkqhkiG 9w0BAQsFAAOCAQEAJVGNjcIe+jIJ6tJY8EZoF1ehgX3GwCSVjlREUtPHPXl2JAKn 1xFs2y11eHVyiZDDxGvQkM7Pc8H7rR2HyFElD5gKLW24VFYQD9xj0fhMKOvMOb3b R1JooxFalDZnl7xb3Wfvl4k7hTc9H26nspvtw/xLABu/IUYVq2xyBCndy19jAKGl bN+gxtqXolQmFLV8A+CR5+Tctk+ApXaVtqiO6dBzlf6MusrWe3+TShqvHP2/nro6 E8Z3SIl7j+5/OCHA4jwhjEBhbLmfcsUajrp3KzJazxOAg0Vuk/LtOiUHi0nIlmWR jFyrQBRe1a5iIG9y7gS98MAmVQB1x664Rm/uJQ== -----END CERTIFICATE-----Generated at Mon Nov 3 19:35:37 2025 by rpki-client