$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/2BDFAFA70A11BFBF6C982BBF2C2C084DE80E034E.cer File: 2BDFAFA70A11BFBF6C982BBF2C2C084DE80E034E.cer (raw, json) Hash identifier: bKeQ3HfZelqf6Peth2jkgrpBbf5wtLafV/exxGS69Ug= Subject key identifier: 2B:DF:AF:A7:0A:11:BF:BF:6C:98:2B:BF:2C:2C:08:4D:E8:0E:03:4E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 387549F43A2A83FAC96C5AD7F01BFA1F8DC980EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/52cd9cea-3bf4-4a9c-aee6-00339c06550b/0/2BDFAFA70A11BFBF6C982BBF2C2C084DE80E034E.mft caRepository: rsync://repo-rpki.idnic.net/repo/52cd9cea-3bf4-4a9c-aee6-00339c06550b/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sun 01 Mar 2026 15:28:00 +0000 Certificate not after: Sun 28 Feb 2027 15:33:00 +0000 Subordinate resources: IP: 103.169.2.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 06:31:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:75:49:f4:3a:2a:83:fa:c9:6c:5a:d7:f0:1b:fa:1f:8d:c9:80:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 1 15:28:00 2026 GMT Not After : Feb 28 15:33:00 2027 GMT Subject: CN=2BDFAFA70A11BFBF6C982BBF2C2C084DE80E034E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:ef:e4:d5:f4:b0:13:dd:0f:7a:be:d2:e6:e9: d2:a5:92:91:ca:b7:61:1f:38:03:1d:92:d0:e8:89: 3c:ac:b2:71:fd:76:b1:f8:c7:37:60:e2:8b:fe:ed: ec:ca:a0:24:f6:80:2c:43:1c:ba:6e:56:9b:3a:5b: c0:06:d4:4c:16:1d:59:71:75:23:d8:a9:39:38:b6: 09:d5:0d:aa:97:85:fa:b4:5f:c4:29:a5:53:bc:89: 03:32:b9:f1:7e:23:aa:58:a9:1f:7f:10:6f:cb:35: e1:38:88:92:0a:07:6e:9b:ee:c8:f5:72:c1:5e:4a: ad:e1:da:8c:11:cd:31:09:86:50:15:e9:7c:7e:a5: 6a:c6:9e:d8:64:a0:8c:a0:21:f4:ea:f3:d9:9a:7b: 2a:ab:01:da:b1:2c:68:78:c0:28:ad:8f:29:7c:1f: 56:20:3a:27:ac:cc:a8:29:7b:41:68:11:f1:06:38: 0f:1f:6f:7a:ba:0c:2b:e2:bb:f8:58:97:19:b0:32: 78:ef:29:8b:a8:d4:2c:7e:66:26:86:4b:a4:a6:9c: 97:8f:e4:af:28:a2:54:1a:2f:3d:a9:90:71:79:d0: 91:c1:33:33:32:89:3d:3a:89:cb:5d:04:a8:83:17: f1:d9:d6:23:66:50:7c:78:bd:b1:e0:3f:1e:d1:80: 33:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2B:DF:AF:A7:0A:11:BF:BF:6C:98:2B:BF:2C:2C:08:4D:E8:0E:03:4E X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/52cd9cea-3bf4-4a9c-aee6-00339c06550b/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/52cd9cea-3bf4-4a9c-aee6-00339c06550b/0/2BDFAFA70A11BFBF6C982BBF2C2C084DE80E034E.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.169.2.0/23 Signature Algorithm: sha256WithRSAEncryption 1f:09:b2:70:65:f8:49:87:7b:5d:0e:b9:e1:c5:f7:53:69:71: 13:e7:af:85:d3:aa:0e:0d:d3:6c:b8:60:66:01:d8:74:63:e3: 91:ff:78:40:4b:2b:1e:7b:62:fd:d1:e8:3d:89:e4:3d:d8:27: 3d:6e:46:ce:2f:15:8d:49:13:35:b2:87:d4:bc:0c:86:7d:fc: c1:0e:79:f0:88:68:fa:59:5e:d9:12:cc:31:96:93:17:81:ab: f9:49:10:30:e0:9d:ad:e8:0b:f0:97:85:90:5c:15:15:a5:f1: 14:a9:0c:ae:b0:a6:dd:42:5f:51:6e:16:52:31:be:29:77:a0: 1a:f7:c3:d5:cb:5b:f0:93:f3:27:44:04:bf:3c:99:87:8d:d9: d9:ed:03:03:8d:02:1a:4a:fc:a2:c1:25:0d:91:29:e9:d1:62: 45:16:ff:44:6a:f8:9f:db:69:91:57:be:49:bc:cf:7b:1e:24: 8e:08:3e:d5:6c:af:a7:90:ba:91:83:ee:17:b9:2c:1c:ce:ad: 8d:7b:e2:2e:9c:bc:46:12:65:b8:bf:36:49:70:5c:85:13:96: 4f:4b:73:fe:0d:cd:26:8d:55:e6:6d:6f:0a:bd:01:0e:8e:29: a5:fb:04:98:0b:57:bb:ef:e7:e8:99:0e:15:46:74:6e:d3:2a: 80:71:6b:40 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUOHVJ9Doqg/rJbFrX8Bv6H43JgOswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI2MDMwMTE1MjgwMFoX DTI3MDIyODE1MzMwMFowMzExMC8GA1UEAxMoMkJERkFGQTcwQTExQkZCRjZDOTgy QkJGMkMyQzA4NERFODBFMDM0RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMzv5NX0sBPdD3q+0ubp0qWSkcq3YR84Ax2S0OiJPKyycf12sfjHN2Dii/7t 7MqgJPaALEMcum5WmzpbwAbUTBYdWXF1I9ipOTi2CdUNqpeF+rRfxCmlU7yJAzK5 8X4jqlipH38Qb8s14TiIkgoHbpvuyPVywV5KreHajBHNMQmGUBXpfH6lasae2GSg jKAh9Orz2Zp7KqsB2rEsaHjAKK2PKXwfViA6J6zMqCl7QWgR8QY4Dx9veroMK+K7 +FiXGbAyeO8pi6jULH5mJoZLpKacl4/kryiiVBovPamQcXnQkcEzMzKJPTqJy10E qIMX8dnWI2ZQfHi9seA/HtGAM+UCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCvfr6cKEb+/bJgrvywsCE3oDgNOMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by81MmNkOWNlYS0zYmY0LTRhOWMtYWVlNi0wMDMzOWMwNjU1MGIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzUyY2Q5Y2Vh LTNiZjQtNGE5Yy1hZWU2LTAwMzM5YzA2NTUwYi8wLzJCREZBRkE3MEExMUJGQkY2 Qzk4MkJCRjJDMkMwODRERTgwRTAzNEUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnqQIwDQYJKoZIhvcNAQELBQADggEBAB8JsnBl+EmHe10OueHF91NpcRPnr4XT qg4N02y4YGYB2HRj45H/eEBLKx57Yv3R6D2J5D3YJz1uRs4vFY1JEzWyh9S8DIZ9 /MEOefCIaPpZXtkSzDGWkxeBq/lJEDDgna3oC/CXhZBcFRWl8RSpDK6wpt1CX1Fu FlIxvil3oBr3w9XLW/CT8ydEBL88mYeN2dntAwONAhpK/KLBJQ2RKenRYkUW/0Rq +J/baZFXvkm8z3seJI4IPtVsr6eQupGD7he5LBzOrY174i6cvEYSZbi/NklwXIUT lk9Lc/4NzSaNVeZtbwq9AQ6OKaX7BJgLV7vv5+iZDhVGdG7TKoBxa0A= -----END CERTIFICATE-----Generated at Mon Mar 2 10:54:42 2026 by rpki-client