$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AEB32FFA0007C0A067FB8CE9DD77CFEF92310504.cer File: AEB32FFA0007C0A067FB8CE9DD77CFEF92310504.cer (raw, json) Hash identifier: yGsZ74xxqd8P6NBk6/f9YcdHW7ULcFt5ZkJCkw66rIA= Subject key identifier: AE:B3:2F:FA:00:07:C0:A0:67:FB:8C:E9:DD:77:CF:EF:92:31:05:04 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6925AA9D9880AB8FBE91A8AEF4AB44CB0645D994 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/fc6f832b-5a9e-4caa-bdd4-2634727a9ed4/0/AEB32FFA0007C0A067FB8CE9DD77CFEF92310504.mft caRepository: rsync://repo-rpki.idnic.net/repo/fc6f832b-5a9e-4caa-bdd4-2634727a9ed4/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 05 Jul 2025 13:51:52 +0000 Certificate not after: Sat 04 Jul 2026 13:56:52 +0000 Subordinate resources: IP: 43.245.248.0/22 IP: 103.21.224.0/22 IP: 2407:f00::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 07 Nov 2025 00:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:25:aa:9d:98:80:ab:8f:be:91:a8:ae:f4:ab:44:cb:06:45:d9:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 5 13:51:52 2025 GMT Not After : Jul 4 13:56:52 2026 GMT Subject: CN=AEB32FFA0007C0A067FB8CE9DD77CFEF92310504 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:de:74:8d:4e:2d:60:8b:30:e1:ba:c6:a4:38: 07:da:1e:1f:1c:ee:3d:3c:e0:17:1c:cb:0a:d4:22: 64:4c:e1:22:f7:f2:1c:65:fb:74:0f:02:19:a5:03: 77:56:c7:95:3d:c5:95:89:92:50:b0:62:fb:ec:69: 47:7c:6f:4c:58:75:7e:de:17:0e:8c:b5:2d:b0:c8: 4f:62:4a:ad:df:68:12:e7:e2:aa:d2:ea:e6:8a:15: 9d:27:74:df:2b:dd:64:0b:40:66:69:8a:6a:47:51: 88:e0:8f:0d:a5:2c:d5:b4:1f:78:9c:af:ec:ea:76: 5c:78:ba:0c:cf:90:2c:55:e7:e0:99:12:2c:75:cb: f3:fd:db:2e:94:2c:2b:6d:f0:73:25:29:0a:22:fa: 62:b9:f7:98:4e:a3:5d:5e:31:a8:6d:dd:94:01:96: 58:82:87:4f:1b:b5:4f:4f:b1:fd:69:1e:a0:66:16: ce:fb:b0:6e:cd:8b:92:7d:9d:50:c7:b1:b0:d6:d4: 55:f9:e0:f8:03:04:23:fd:51:4c:58:5b:19:de:b6: ba:bc:0e:a8:ec:5f:1a:dd:71:73:25:7a:5d:b9:06: e5:d5:de:70:b2:3c:6a:62:ea:a1:61:f3:6a:5a:cc: 5e:e2:28:b2:04:da:c2:59:bb:ba:be:a0:e6:4c:ff: 0a:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AE:B3:2F:FA:00:07:C0:A0:67:FB:8C:E9:DD:77:CF:EF:92:31:05:04 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/fc6f832b-5a9e-4caa-bdd4-2634727a9ed4/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/fc6f832b-5a9e-4caa-bdd4-2634727a9ed4/0/AEB32FFA0007C0A067FB8CE9DD77CFEF92310504.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.245.248.0/22 103.21.224.0/22 IPv6: 2407:f00::/32 Signature Algorithm: sha256WithRSAEncryption 4c:e6:b0:75:ac:ef:76:0e:3e:eb:89:23:af:84:39:36:6d:2e: e3:64:a4:e0:79:58:29:b6:14:07:22:9d:44:3e:d7:59:95:60: 49:7a:fa:4f:cf:81:1a:2c:ab:59:b8:08:38:13:1d:9b:1e:cd: 3b:fb:a3:13:53:b1:10:c0:05:fd:94:4e:50:d2:b0:84:97:fe: 80:55:c7:7d:46:9f:37:6e:dc:25:57:73:5f:a8:b6:12:bf:29: 2d:02:09:2f:40:73:d2:72:a7:90:e8:9c:be:dd:08:0d:27:15: 2c:40:b6:a3:c0:46:65:64:11:27:fb:f9:a6:bc:26:f6:bb:54: 70:aa:f7:b7:0c:76:a7:df:fd:e8:9b:6c:02:31:33:34:47:ec: 8f:9a:ed:cb:10:6a:f1:4a:c2:5c:2b:99:1b:21:8d:85:c7:fc: 6a:30:57:a2:82:10:b2:10:3e:77:83:8c:2d:2d:23:12:2d:23: 9c:31:f7:56:47:e6:00:21:86:65:4d:0b:33:d5:5e:4f:b4:7a: ce:db:06:8a:b1:92:58:0f:0f:a1:3a:dc:de:03:ff:d1:16:05: 87:f5:23:c5:f1:3b:8f:9d:54:12:9f:2b:ba:16:3d:e9:4f:2d: bf:05:d1:37:72:e2:cd:8b:98:cb:af:e4:0d:c0:1e:19:c0:ae: 3c:7a:47:9d -----BEGIN CERTIFICATE----- MIIF2jCCBMKgAwIBAgIUaSWqnZiAq4++kaiu9KtEywZF2ZQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDcwNTEzNTE1MloX DTI2MDcwNDEzNTY1MlowMzExMC8GA1UEAxMoQUVCMzJGRkEwMDA3QzBBMDY3RkI4 Q0U5REQ3N0NGRUY5MjMxMDUwNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL3edI1OLWCLMOG6xqQ4B9oeHxzuPTzgFxzLCtQiZEzhIvfyHGX7dA8CGaUD d1bHlT3FlYmSULBi++xpR3xvTFh1ft4XDoy1LbDIT2JKrd9oEufiqtLq5ooVnSd0 3yvdZAtAZmmKakdRiOCPDaUs1bQfeJyv7Op2XHi6DM+QLFXn4JkSLHXL8/3bLpQs K23wcyUpCiL6Yrn3mE6jXV4xqG3dlAGWWIKHTxu1T0+x/WkeoGYWzvuwbs2Lkn2d UMexsNbUVfng+AMEI/1RTFhbGd62urwOqOxfGt1xcyV6XbkG5dXecLI8amLqoWHz alrMXuIosgTawlm7ur6g5kz/CikCAwEAAaOCAs0wggLJMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFK6zL/oAB8CgZ/uM6d13z++SMQUEMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9mYzZmODMyYi01YTllLTRjYWEtYmRkNC0yNjM0NzI3YTllZDQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ZjNmY4MzJi LTVhOWUtNGNhYS1iZGQ0LTI2MzQ3MjdhOWVkNC8wL0FFQjMyRkZBMDAwN0MwQTA2 N0ZCOENFOURENzdDRkVGOTIzMTA1MDQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwD BAIr9fgDBAJnFeAwDQQCAAIwBwMFACQHDwAwDQYJKoZIhvcNAQELBQADggEBAEzm sHWs73YOPuuJI6+EOTZtLuNkpOB5WCm2FAcinUQ+11mVYEl6+k/PgRosq1m4CDgT HZsezTv7oxNTsRDABf2UTlDSsISX/oBVx31Gnzdu3CVXc1+othK/KS0CCS9Ac9Jy p5DonL7dCA0nFSxAtqPARmVkESf7+aa8Jva7VHCq97cMdqff/eibbAIxMzRH7I+a 7csQavFKwlwrmRshjYXH/GowV6KCELIQPneDjC0tIxItI5wx91ZH5gAhhmVNCzPV Xk+0es7bBoqxklgPD6E63N4D/9EWBYf1I8XxO4+dVBKfK7oWPelPLb8F0Tdy4s2L mMuv5A3AHhnArjx6R50= -----END CERTIFICATE-----Generated at Mon Nov 3 19:35:37 2025 by rpki-client