$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/8D4158039A86C34D5D36A83DDC40C959EDA21342.cer File: 8D4158039A86C34D5D36A83DDC40C959EDA21342.cer (raw, json) Hash identifier: 4CuU8DFE0YiOomarOdDVoFKM0Biv4Xrq+tCWm9KqQF8= Subject key identifier: 8D:41:58:03:9A:86:C3:4D:5D:36:A8:3D:DC:40:C9:59:ED:A2:13:42 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1EDC4E327334D245A6D2F034BB5705BD12DDB065 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/1/8D4158039A86C34D5D36A83DDC40C959EDA21342.mft caRepository: rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/1/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 06 Jun 2025 09:49:23 +0000 Certificate not after: Fri 05 Jun 2026 09:54:23 +0000 Subordinate resources: IP: 2001:df3:d3c0::/48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Nov 2025 23:17:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:dc:4e:32:73:34:d2:45:a6:d2:f0:34:bb:57:05:bd:12:dd:b0:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 6 09:49:23 2025 GMT Not After : Jun 5 09:54:23 2026 GMT Subject: CN=8D4158039A86C34D5D36A83DDC40C959EDA21342 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:42:28:09:a0:73:00:19:b1:71:49:c4:cf:ca: 49:e3:ac:45:bb:bf:26:b6:39:f9:41:d8:9a:4b:16: 7b:e2:28:16:89:31:97:78:ad:8c:9a:30:f1:1a:12: 0b:de:fa:07:11:66:cc:8d:19:61:47:4d:87:00:9e: 61:47:58:4f:4b:0f:04:78:ec:dd:5a:32:43:44:0b: aa:71:0d:2f:57:f1:1e:c3:a3:3e:6e:52:0f:00:2d: 51:81:7f:e9:ec:c5:0f:b1:5b:af:0e:f7:7c:51:51: a3:cd:ff:e4:e4:8b:92:0c:2f:e2:9e:4c:a9:7a:ca: 5f:65:ab:7a:d4:c5:4f:d1:5d:75:89:7e:17:8d:fb: 40:cb:a3:01:fe:02:63:29:56:b0:1c:d3:82:31:a7: 21:77:c5:69:75:32:86:f1:0f:20:d7:5a:7d:0d:40: cf:60:e4:98:4d:22:37:36:15:98:25:3f:12:c6:56: 1d:d6:b2:11:cb:ee:3c:5a:2b:9a:2d:40:e5:e1:5e: fe:72:11:e9:5a:74:ee:5b:04:ba:b7:7f:cb:5c:e7: 5f:ff:e5:a2:95:10:2a:eb:55:b9:2d:6c:0d:08:e8: 8e:4f:57:1e:24:57:05:6d:17:33:c9:04:e5:34:f0: e4:1c:6e:96:52:85:ee:e0:78:52:90:e7:c8:88:55: ce:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 8D:41:58:03:9A:86:C3:4D:5D:36:A8:3D:DC:40:C9:59:ED:A2:13:42 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/1 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/fbb5fa4a-bea6-464f-b409-11d9a3761a6c/1/8D4158039A86C34D5D36A83DDC40C959EDA21342.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:d3c0::/48 Signature Algorithm: sha256WithRSAEncryption 46:89:b9:cb:0b:7d:ab:02:1a:a2:75:f8:6a:43:13:8d:26:f0: 25:19:9a:37:8d:41:ac:bb:f9:9f:3b:d9:2a:e6:56:12:be:fb: 86:65:ba:b3:1e:39:1a:35:37:f1:4a:0d:9b:18:23:ce:93:b9: bd:76:d1:54:d8:0d:42:99:06:51:03:f1:1b:88:a3:20:9a:ba: 45:83:28:1a:7c:9a:1e:97:68:69:93:a6:09:81:3e:db:6a:c4: 8a:01:18:25:9c:c8:49:0c:1e:97:1f:de:cb:07:fb:72:31:a5: 68:a5:43:f8:3d:43:24:b6:39:8b:d5:1c:1d:5d:e9:fc:c3:ba: 4e:70:6b:2b:fc:aa:04:46:df:fd:18:68:c4:13:e9:49:27:da: a8:b6:8c:de:db:1d:12:f8:ea:5f:ae:f9:22:37:d9:61:e3:26: 23:9d:6e:00:41:08:3b:19:ed:89:eb:3a:d2:cf:ea:27:47:13: 23:71:d2:fe:d1:ea:55:a4:0b:2a:57:0d:f8:37:81:6b:02:da: 2e:a1:60:8e:4c:2f:53:25:ba:d6:47:76:cc:5b:7f:2c:ae:7e: 5f:43:83:6f:fe:8f:0f:d5:38:0f:a5:03:19:60:3b:10:a5:b2: 68:11:23:51:27:f7:8c:d2:6e:7c:a6:01:eb:ac:e9:b1:92:cb: d4:2d:fa:57 -----BEGIN CERTIFICATE----- MIIFyDCCBLCgAwIBAgIUHtxOMnM00kWm0vA0u1cFvRLdsGUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDYwNjA5NDkyM1oX DTI2MDYwNTA5NTQyM1owMzExMC8GA1UEAxMoOEQ0MTU4MDM5QTg2QzM0RDVEMzZB ODNEREM0MEM5NTlFREEyMTM0MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAORCKAmgcwAZsXFJxM/KSeOsRbu/JrY5+UHYmksWe+IoFokxl3itjJow8RoS C976BxFmzI0ZYUdNhwCeYUdYT0sPBHjs3VoyQ0QLqnENL1fxHsOjPm5SDwAtUYF/ 6ezFD7Fbrw73fFFRo83/5OSLkgwv4p5MqXrKX2WretTFT9FddYl+F437QMujAf4C YylWsBzTgjGnIXfFaXUyhvEPINdafQ1Az2DkmE0iNzYVmCU/EsZWHdayEcvuPFor mi1A5eFe/nIR6Vp07lsEurd/y1znX//lopUQKutVuS1sDQjojk9XHiRXBW0XM8kE 5TTw5BxullKF7uB4UpDnyIhVzlUCAwEAAaOCArswggK3MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFI1BWAOahsNNXTaoPdxAyVntohNCMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9mYmI1ZmE0YS1iZWE2LTQ2NGYtYjQwOS0xMWQ5YTM3NjFhNmMvMTCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ZiYjVmYTRh LWJlYTYtNDY0Zi1iNDA5LTExZDlhMzc2MWE2Yy8xLzhENDE1ODAzOUE4NkMzNEQ1 RDM2QTgzRERDNDBDOTU5RURBMjEzNDIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD BwAgAQ3z08AwDQYJKoZIhvcNAQELBQADggEBAEaJucsLfasCGqJ1+GpDE40m8CUZ mjeNQay7+Z872SrmVhK++4ZlurMeORo1N/FKDZsYI86Tub120VTYDUKZBlED8RuI oyCaukWDKBp8mh6XaGmTpgmBPttqxIoBGCWcyEkMHpcf3ssH+3IxpWilQ/g9QyS2 OYvVHB1d6fzDuk5wayv8qgRG3/0YaMQT6Ukn2qi2jN7bHRL46l+u+SI32WHjJiOd bgBBCDsZ7YnrOtLP6idHEyNx0v7R6lWkCypXDfg3gWsC2i6hYI5ML1MlutZHdsxb fyyufl9Dg2/+jw/VOA+lAxlgOxClsmgRI1En94zSbnymAeus6bGSy9Qt+lc= -----END CERTIFICATE-----Generated at Wed Nov 5 18:05:20 2025 by rpki-client