$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/5DFC46925E2D4B3FB044F284111222A8B4C78392.cer File: 5DFC46925E2D4B3FB044F284111222A8B4C78392.cer (raw, json) Hash identifier: y5NzH9d3SLYfeizV9wRLv4Q/2LNDh8Bif1Ld6EZt+sI= Subject key identifier: 5D:FC:46:92:5E:2D:4B:3F:B0:44:F2:84:11:12:22:A8:B4:C7:83:92 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 734FB339B84CA9894C9A67F9C43736F04524DDC5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/d701b277-c80c-45d5-8089-a9efa340542a/0/5DFC46925E2D4B3FB044F284111222A8B4C78392.mft caRepository: rsync://repo-rpki.idnic.net/repo/d701b277-c80c-45d5-8089-a9efa340542a/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 29 Oct 2025 22:09:05 +0000 Certificate not after: Wed 28 Oct 2026 22:14:05 +0000 Subordinate resources: IP: 103.22.98.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 00:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:4f:b3:39:b8:4c:a9:89:4c:9a:67:f9:c4:37:36:f0:45:24:dd:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Oct 29 22:09:05 2025 GMT Not After : Oct 28 22:14:05 2026 GMT Subject: CN=5DFC46925E2D4B3FB044F284111222A8B4C78392 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:03:3b:e9:ea:ed:6f:1e:9b:a7:b3:f1:a0:72: 23:59:3b:66:bd:48:d3:75:87:26:8b:c9:b1:a0:22: 1e:e3:fe:05:db:9c:13:b4:aa:82:12:f3:b5:1f:76: 71:e5:97:2c:79:e1:de:4d:3b:a0:f9:bc:eb:94:38: a2:5c:57:0a:a1:8c:d5:ab:3f:46:d9:e1:2f:e8:54: ea:f3:f4:de:c1:1b:30:43:0e:f9:af:d2:e3:b4:30: 6d:2c:88:95:14:69:13:d0:1b:ed:49:76:1c:27:de: 56:30:0b:0a:85:ad:e0:a8:92:a0:be:03:ec:7f:55: 05:14:40:fc:46:70:e6:00:f5:f7:e7:49:92:00:44: d2:d1:30:9a:cc:a1:d3:a5:f9:6b:fe:b8:27:1d:be: cd:37:c9:a5:9b:70:04:94:e0:f2:68:14:2f:13:f2: fd:b2:42:bf:44:2d:1e:89:c8:4e:f8:14:05:e2:94: 27:c1:2e:72:a7:94:a4:39:d3:d1:68:4b:3e:bd:97: a7:b7:eb:03:76:cb:d2:1b:9d:5e:55:d8:15:da:da: 87:f2:ae:78:5c:59:92:80:2f:99:b3:ca:37:9a:e9: 08:fe:e3:4e:32:54:e5:33:e0:e8:57:05:56:7f:6c: f3:97:52:54:e5:0c:14:fe:87:56:3d:24:5a:c2:a6: fc:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 5D:FC:46:92:5E:2D:4B:3F:B0:44:F2:84:11:12:22:A8:B4:C7:83:92 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/d701b277-c80c-45d5-8089-a9efa340542a/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/d701b277-c80c-45d5-8089-a9efa340542a/0/5DFC46925E2D4B3FB044F284111222A8B4C78392.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.22.98.0/23 Signature Algorithm: sha256WithRSAEncryption 47:cc:f5:28:e5:86:35:5e:94:9c:f3:5b:fb:2d:2e:82:79:93: ac:89:7f:ca:a4:6f:ee:fc:bc:e5:7f:ca:d3:2a:cc:17:94:8c: a1:65:6c:f4:a7:47:7b:6b:35:02:f5:55:0c:0d:30:ab:8c:7f: a2:c9:ec:c3:1c:99:f4:5c:7f:98:54:b4:5b:2d:b3:cf:98:f3: 84:01:0e:39:fb:dc:bb:e2:6d:3b:61:d0:6d:cb:8b:f5:2b:4d: 98:6d:09:a7:7d:6b:fa:09:24:a4:e4:9d:eb:d6:74:fa:43:26: d8:25:10:ad:f6:c4:a6:f0:59:4e:ca:53:3a:8a:cf:1c:d2:01: eb:40:63:14:b8:bb:f5:eb:c7:1f:f8:f0:97:56:d3:d3:29:87: 3d:76:05:3d:d7:7d:de:83:40:67:7f:b8:3f:57:aa:9d:2a:29: ca:29:c8:1d:76:de:1d:16:83:a7:bd:b3:e5:8a:c5:4b:28:e5: 26:e5:ce:03:1a:fc:e0:aa:fd:4e:48:05:54:2d:11:52:31:6b: 42:87:4f:b8:59:ec:b0:ae:13:15:62:5b:c7:e9:05:4e:e7:81: b7:6a:dd:b3:4f:69:22:36:47:bd:73:d8:71:b5:dd:05:81:13: bf:e7:65:49:13:a6:01:8f:f1:11:a9:22:e8:a5:46:18:ea:6e: 14:fb:b6:98 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUc0+zObhMqYlMmmf5xDc28EUk3cUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTAyOTIyMDkwNVoX DTI2MTAyODIyMTQwNVowMzExMC8GA1UEAxMoNURGQzQ2OTI1RTJENEIzRkIwNDRG Mjg0MTExMjIyQThCNEM3ODM5MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALoDO+nq7W8em6ez8aByI1k7Zr1I03WHJovJsaAiHuP+BducE7SqghLztR92 ceWXLHnh3k07oPm865Q4olxXCqGM1as/RtnhL+hU6vP03sEbMEMO+a/S47QwbSyI lRRpE9Ab7Ul2HCfeVjALCoWt4KiSoL4D7H9VBRRA/EZw5gD19+dJkgBE0tEwmsyh 06X5a/64Jx2+zTfJpZtwBJTg8mgULxPy/bJCv0QtHonITvgUBeKUJ8EucqeUpDnT 0WhLPr2Xp7frA3bL0hudXlXYFdrah/KueFxZkoAvmbPKN5rpCP7jTjJU5TPg6FcF Vn9s85dSVOUMFP6HVj0kWsKm/D0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFF38RpJeLUs/sETyhBESIqi0x4OSMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9kNzAxYjI3Ny1jODBjLTQ1ZDUtODA4OS1hOWVmYTM0MDU0MmEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Q3MDFiMjc3 LWM4MGMtNDVkNS04MDg5LWE5ZWZhMzQwNTQyYS8wLzVERkM0NjkyNUUyRDRCM0ZC MDQ0RjI4NDExMTIyMkE4QjRDNzgzOTIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnFmIwDQYJKoZIhvcNAQELBQADggEBAEfM9SjlhjVelJzzW/stLoJ5k6yJf8qk b+78vOV/ytMqzBeUjKFlbPSnR3trNQL1VQwNMKuMf6LJ7MMcmfRcf5hUtFsts8+Y 84QBDjn73LvibTth0G3Li/UrTZhtCad9a/oJJKTknevWdPpDJtglEK32xKbwWU7K UzqKzxzSAetAYxS4u/Xrxx/48JdW09Mphz12BT3Xfd6DQGd/uD9Xqp0qKcopyB12 3h0Wg6e9s+WKxUso5SblzgMa/OCq/U5IBVQtEVIxa0KHT7hZ7LCuExViW8fpBU7n gbdq3bNPaSI2R71z2HG13QWBE7/nZUkTpgGP8RGpIuilRhjqbhT7tpg= -----END CERTIFICATE-----Generated at Mon Nov 3 19:34:01 2025 by rpki-client