$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/41071AAF0C0E6BD84877680334B4F604B4B4E786.cer File: 41071AAF0C0E6BD84877680334B4F604B4B4E786.cer (raw, json) Hash identifier: vJFeHzyCUa3O+dKuEAXhrR5DjQwTgpU2wf3jSPMVHao= Subject key identifier: 41:07:1A:AF:0C:0E:6B:D8:48:77:68:03:34:B4:F6:04:B4:B4:E7:86 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 65E1ADDA4AEA2789225D4F3E9E1F0D6DF47C20DA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/7e27b3e1-f611-4afe-9a49-5fa4fd557653/0/41071AAF0C0E6BD84877680334B4F604B4B4E786.mft caRepository: rsync://repo-rpki.idnic.net/repo/7e27b3e1-f611-4afe-9a49-5fa4fd557653/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 03 May 2025 04:32:12 +0000 Certificate not after: Sat 02 May 2026 04:37:12 +0000 Subordinate resources: IP: 103.167.2.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 07:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:e1:ad:da:4a:ea:27:89:22:5d:4f:3e:9e:1f:0d:6d:f4:7c:20:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 3 04:32:12 2025 GMT Not After : May 2 04:37:12 2026 GMT Subject: CN=41071AAF0C0E6BD84877680334B4F604B4B4E786 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:11:13:6e:56:87:b6:35:aa:53:65:4f:77:77: 1b:e6:da:1c:b1:72:37:a7:aa:23:a3:43:1c:f2:26: 3b:46:ab:1b:48:b5:05:61:02:18:18:fb:de:27:9f: e0:1d:61:27:f5:38:72:4b:d9:40:9a:d6:5d:75:41: b9:31:92:46:1b:75:6f:6d:4e:2c:9a:49:3d:a3:93: 00:df:ff:92:b8:04:5c:02:42:15:bf:c7:7a:be:90: bb:a5:fb:7a:31:71:c3:1e:60:a8:50:f8:56:d8:46: 61:5b:16:94:b4:70:1e:4f:9c:8f:ea:a2:21:dc:44: 0c:d7:0c:79:5c:22:ca:82:24:73:d3:17:34:7c:f0: 82:10:4c:0f:b5:4b:cc:4a:d8:96:68:2d:bb:1b:40: 6f:5e:47:fe:20:2a:77:11:ed:aa:df:b1:8e:e8:26: 38:4a:08:1e:65:43:3b:8e:98:02:04:f7:60:ab:24: 13:d0:7f:fa:3b:d4:bf:dc:69:3e:ca:2c:f5:80:ec: 6e:60:78:e6:b1:c6:f8:c2:77:cd:c2:f0:c9:38:29: e8:df:f0:79:f4:2f:ae:3f:db:b0:23:e4:33:a0:c2: c4:48:ea:43:e2:94:74:ab:40:d8:0c:ee:41:69:ee: c4:59:02:f6:29:a5:6b:c3:15:39:76:0b:be:93:e8: 99:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 41:07:1A:AF:0C:0E:6B:D8:48:77:68:03:34:B4:F6:04:B4:B4:E7:86 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/7e27b3e1-f611-4afe-9a49-5fa4fd557653/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/7e27b3e1-f611-4afe-9a49-5fa4fd557653/0/41071AAF0C0E6BD84877680334B4F604B4B4E786.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.167.2.0/24 Signature Algorithm: sha256WithRSAEncryption 5a:8c:db:a5:e3:4e:09:55:7e:cb:12:81:77:74:51:71:23:24: 13:7a:61:07:73:f9:70:3f:7b:5f:c2:71:c5:c9:fa:81:6a:53: da:50:0f:f1:6b:56:b9:7b:17:e2:a2:5a:fa:05:41:8c:8d:80: bb:4a:5a:b9:f4:2f:4c:16:18:0f:06:9a:b6:e1:8d:e7:4d:36: 66:0d:ad:d9:de:8a:5e:3c:4d:40:33:ca:d4:62:c9:d1:c1:f0: a4:a4:66:62:7b:8f:67:f2:87:9a:28:90:ee:a8:66:11:21:18: 1d:95:de:63:41:20:a7:ba:d8:1d:a5:e9:ab:40:6d:10:e8:5e: 0b:d8:d6:8a:1c:26:0f:f7:43:78:fa:15:4b:05:ad:0c:7c:38: 07:6d:5c:d3:81:9a:f0:e7:86:e6:8c:86:02:9f:d0:4d:ad:11: e2:1c:e4:50:96:38:d2:13:72:02:69:68:7a:8a:7f:de:57:2d: ec:27:a1:4b:eb:4d:05:f9:d4:62:07:29:6c:b9:81:c3:9f:12: c6:a8:31:eb:a9:04:b0:58:c5:88:92:e1:21:ac:61:cf:1b:36: 83:bc:16:18:6e:9c:26:c4:e4:47:43:d0:7e:cd:32:80:5c:75: 84:34:20:56:b7:05:cc:08:97:5f:45:52:1f:46:45:04:a2:9c: 14:87:37:9c -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUZeGt2krqJ4kiXU8+nh8NbfR8INowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDUwMzA0MzIxMloX DTI2MDUwMjA0MzcxMlowMzExMC8GA1UEAxMoNDEwNzFBQUYwQzBFNkJEODQ4Nzc2 ODAzMzRCNEY2MDRCNEI0RTc4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMARE25Wh7Y1qlNlT3d3G+baHLFyN6eqI6NDHPImO0arG0i1BWECGBj73ief 4B1hJ/U4ckvZQJrWXXVBuTGSRht1b21OLJpJPaOTAN//krgEXAJCFb/Her6Qu6X7 ejFxwx5gqFD4VthGYVsWlLRwHk+cj+qiIdxEDNcMeVwiyoIkc9MXNHzwghBMD7VL zErYlmgtuxtAb15H/iAqdxHtqt+xjugmOEoIHmVDO46YAgT3YKskE9B/+jvUv9xp Psos9YDsbmB45rHG+MJ3zcLwyTgp6N/wefQvrj/bsCPkM6DCxEjqQ+KUdKtA2Azu QWnuxFkC9imla8MVOXYLvpPomc0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEEHGq8MDmvYSHdoAzS09gS0tOeGMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83ZTI3YjNlMS1mNjExLTRhZmUtOWE0OS01ZmE0ZmQ1NTc2NTMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdlMjdiM2Ux LWY2MTEtNGFmZS05YTQ5LTVmYTRmZDU1NzY1My8wLzQxMDcxQUFGMEMwRTZCRDg0 ODc3NjgwMzM0QjRGNjA0QjRCNEU3ODYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnpwIwDQYJKoZIhvcNAQELBQADggEBAFqM26XjTglVfssSgXd0UXEjJBN6YQdz +XA/e1/CccXJ+oFqU9pQD/FrVrl7F+KiWvoFQYyNgLtKWrn0L0wWGA8GmrbhjedN NmYNrdneil48TUAzytRiydHB8KSkZmJ7j2fyh5ookO6oZhEhGB2V3mNBIKe62B2l 6atAbRDoXgvY1oocJg/3Q3j6FUsFrQx8OAdtXNOBmvDnhuaMhgKf0E2tEeIc5FCW ONITcgJpaHqKf95XLewnoUvrTQX51GIHKWy5gcOfEsaoMeupBLBYxYiS4SGsYc8b NoO8FhhunCbE5EdD0H7NMoBcdYQ0IFa3BcwIl19FUh9GRQSinBSHN5w= -----END CERTIFICATE-----Generated at Tue Nov 4 02:19:01 2025 by rpki-client