$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/5F22D2084F774B68D9DE9763397B5657A96F36CE.cer File: 5F22D2084F774B68D9DE9763397B5657A96F36CE.cer (raw, json) Hash identifier: H9tTfzcPOz06N2uXpcE4HNAcalDtlb24HdeGNH+24Uc= Subject key identifier: 5F:22:D2:08:4F:77:4B:68:D9:DE:97:63:39:7B:56:57:A9:6F:36:CE Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 34ED275BC05EF7FE996A31E9DB680D0F18DEE6A0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/3ab1a790-dced-464a-895d-9035a0cc5f2f/0/5F22D2084F774B68D9DE9763397B5657A96F36CE.mft caRepository: rsync://repo-rpki.idnic.net/repo/3ab1a790-dced-464a-895d-9035a0cc5f2f/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 29 Sep 2025 03:47:52 +0000 Certificate not after: Mon 28 Sep 2026 03:52:52 +0000 Subordinate resources: IP: 43.251.96.0/22 IP: 103.19.108.0/22 IP: 103.83.172.0/22 IP: 103.84.4.0/22 IP: 103.132.140.0/22 IP: 103.253.112.0/22 IP: 2406:a500::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 00:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:ed:27:5b:c0:5e:f7:fe:99:6a:31:e9:db:68:0d:0f:18:de:e6:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 29 03:47:52 2025 GMT Not After : Sep 28 03:52:52 2026 GMT Subject: CN=5F22D2084F774B68D9DE9763397B5657A96F36CE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:45:bc:5c:bd:5a:ba:54:8f:46:1f:ac:4f:a7: 60:ff:cb:f1:ce:d1:14:63:b8:94:a7:db:14:bd:a3: 2e:55:f3:21:58:f9:4f:2f:c3:c0:f5:29:b6:b8:0b: 88:1d:e7:7e:6f:ae:af:a3:89:50:ee:9e:79:a0:91: 55:d9:43:c8:4f:63:3e:b1:ef:2f:06:59:0c:49:d0: 5d:6b:01:5c:35:eb:47:0e:ee:68:8b:e0:a7:6a:97: 4a:5e:56:31:1b:bc:da:45:5f:7f:66:62:21:ce:2c: e1:a9:76:61:44:6e:c6:21:02:18:99:33:4f:46:df: c8:ac:41:c3:dd:8a:0f:3f:0f:14:ad:39:50:a2:ea: f8:8c:ca:f5:06:5c:99:3c:eb:bf:01:2f:72:34:65: 9b:1c:79:80:55:83:f5:f6:ec:26:85:ae:70:fe:86: 34:9e:89:bd:2f:a5:96:2b:b1:da:8a:5b:d2:b5:78: a8:e4:92:96:60:1f:bc:7a:e0:d2:72:4c:59:f6:b3: eb:b9:a3:49:f9:65:6d:ae:44:14:8e:26:3e:ae:dc: 94:25:bf:a5:b4:0a:d0:d0:15:69:2d:47:c6:0c:96: 9d:19:b2:08:80:14:e5:d2:9e:b9:3f:78:92:96:ea: ae:ab:dd:d8:1e:94:c1:59:09:04:a9:79:a9:a9:3d: e8:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 5F:22:D2:08:4F:77:4B:68:D9:DE:97:63:39:7B:56:57:A9:6F:36:CE X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/3ab1a790-dced-464a-895d-9035a0cc5f2f/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/3ab1a790-dced-464a-895d-9035a0cc5f2f/0/5F22D2084F774B68D9DE9763397B5657A96F36CE.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.251.96.0/22 103.19.108.0/22 103.83.172.0/22 103.84.4.0/22 103.132.140.0/22 103.253.112.0/22 IPv6: 2406:a500::/32 Signature Algorithm: sha256WithRSAEncryption 7a:25:4d:fd:01:13:23:cc:19:17:b5:6a:a8:bb:81:89:43:db: bf:74:dc:6c:44:fa:2f:ec:b3:cf:97:6b:ba:99:55:5d:72:54: 46:48:f4:f9:17:b1:ca:b3:95:f7:44:de:96:6b:2e:a0:c1:7a: 48:90:c7:15:e4:fe:65:77:fc:19:2c:84:ae:fb:6f:5b:16:50: 95:4c:e1:5e:89:b0:68:1f:95:72:33:1a:f8:cc:b3:01:c1:ec: 54:e7:55:1f:46:a2:ef:8f:be:aa:bc:60:6d:d3:52:ed:e5:55: 68:89:4e:2d:06:b7:cb:4a:2f:57:7a:45:88:fd:44:3f:c2:a0: 01:c9:da:94:45:4e:af:61:f4:4c:b8:f2:55:f4:ba:63:67:41: 61:28:0d:7d:01:43:f8:e8:2d:f5:38:2d:fe:64:cb:ad:7f:e1: 92:42:d0:b5:ce:17:a2:43:bb:f2:d8:b3:0c:e9:88:ee:10:ba: 4a:fc:ed:3e:af:50:1e:84:58:76:27:26:ed:66:36:08:2a:37: ab:cb:97:12:d6:03:3a:5c:d3:57:6f:55:ff:ed:2b:bf:c0:e9: ac:3c:cb:bb:2d:7e:56:04:b0:29:8e:26:c7:0a:d2:b8:b4:3f: 1a:f2:f3:b8:86:32:42:8e:a5:01:af:1e:ee:4e:72:4d:c4:a4: 2e:13:d3:0f -----BEGIN CERTIFICATE----- MIIF8jCCBNqgAwIBAgIUNO0nW8Be9/6ZajHp22gNDxje5qAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDkyOTAzNDc1MloX DTI2MDkyODAzNTI1MlowMzExMC8GA1UEAxMoNUYyMkQyMDg0Rjc3NEI2OEQ5REU5 NzYzMzk3QjU2NTdBOTZGMzZDRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMJFvFy9WrpUj0YfrE+nYP/L8c7RFGO4lKfbFL2jLlXzIVj5Ty/DwPUptrgL iB3nfm+ur6OJUO6eeaCRVdlDyE9jPrHvLwZZDEnQXWsBXDXrRw7uaIvgp2qXSl5W MRu82kVff2ZiIc4s4al2YURuxiECGJkzT0bfyKxBw92KDz8PFK05UKLq+IzK9QZc mTzrvwEvcjRlmxx5gFWD9fbsJoWucP6GNJ6JvS+lliux2opb0rV4qOSSlmAfvHrg 0nJMWfaz67mjSfllba5EFI4mPq7clCW/pbQK0NAVaS1HxgyWnRmyCIAU5dKeuT94 kpbqrqvd2B6UwVkJBKl5qak96BcCAwEAAaOCAuUwggLhMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFF8i0ghPd0to2d6XYzl7VlepbzbOMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zYWIxYTc5MC1kY2VkLTQ2NGEtODk1ZC05MDM1YTBjYzVmMmYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNhYjFhNzkw LWRjZWQtNDY0YS04OTVkLTkwMzVhMGNjNWYyZi8wLzVGMjJEMjA4NEY3NzRCNjhE OURFOTc2MzM5N0I1NjU3QTk2RjM2Q0UubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwTAYIKwYBBQUHAQcBAf8EPTA7MCoEAgABMCQD BAIr+2ADBAJnE2wDBAJnU6wDBAJnVAQDBAJnhIwDBAJn/XAwDQQCAAIwBwMFACQG pQAwDQYJKoZIhvcNAQELBQADggEBAHolTf0BEyPMGRe1aqi7gYlD27903GxE+i/s s8+Xa7qZVV1yVEZI9PkXscqzlfdE3pZrLqDBekiQxxXk/mV3/BkshK77b1sWUJVM 4V6JsGgflXIzGvjMswHB7FTnVR9Gou+Pvqq8YG3TUu3lVWiJTi0Gt8tKL1d6RYj9 RD/CoAHJ2pRFTq9h9Ey48lX0umNnQWEoDX0BQ/joLfU4Lf5ky61/4ZJC0LXOF6JD u/LYswzpiO4Qukr87T6vUB6EWHYnJu1mNggqN6vLlxLWAzpc01dvVf/tK7/A6aw8 y7stflYEsCmOJscK0ri0Pxry87iGMkKOpQGvHu5Ock3EpC4T0w8= -----END CERTIFICATE-----Generated at Mon Nov 3 19:31:20 2025 by rpki-client