This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/D7F23D7B54890F0EECF550FFA42799B64D9BD4C9.cer File: D7F23D7B54890F0EECF550FFA42799B64D9BD4C9.cer (raw, json) Hash identifier: Kq2RNBtnXb155ASiPVvBeiDzkiBllEK3Jy1Zf6GrsQg= Subject key identifier: D7:F2:3D:7B:54:89:0F:0E:EC:F5:50:FF:A4:27:99:B6:4D:9B:D4:C9 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5B228000B0AFED844375F97A5984F264716D7EFF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/bb9851b1-5a6d-4e75-9fff-c03a9c49cf69/0/D7F23D7B54890F0EECF550FFA42799B64D9BD4C9.mft caRepository: rsync://repo-rpki.idnic.net/repo/bb9851b1-5a6d-4e75-9fff-c03a9c49cf69/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sun 21 Dec 2025 01:34:53 +0000 Certificate not after: Sun 20 Dec 2026 01:39:53 +0000 Subordinate resources: IP: 103.222.255.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 27 Dec 2025 09:29:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:22:80:00:b0:af:ed:84:43:75:f9:7a:59:84:f2:64:71:6d:7e:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Dec 21 01:34:53 2025 GMT Not After : Dec 20 01:39:53 2026 GMT Subject: CN=D7F23D7B54890F0EECF550FFA42799B64D9BD4C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:38:02:f1:c0:19:7c:99:5e:7a:43:c5:61:3b: bf:6a:03:f0:44:68:ac:d9:cf:69:98:1c:f6:17:34: 8d:17:77:d9:60:d1:59:b3:54:9e:6c:e9:f0:d2:55: c1:a4:82:d8:d6:6d:aa:9c:f1:d9:27:e9:0b:48:2c: 04:a5:32:72:52:f2:77:9f:06:a3:68:71:8d:24:15: 23:f2:64:d8:88:2f:41:3d:c0:dd:4d:54:dd:cc:6e: 4c:39:ca:e7:b5:25:d6:c8:39:bf:a1:e2:81:81:63: 03:44:23:8b:02:44:94:4e:62:15:65:a3:58:e0:24: 22:bd:ba:1b:14:56:27:cd:93:4b:bf:1b:a5:d0:23: f8:35:a7:aa:c2:cc:d8:97:17:66:83:ec:d5:59:53: ec:f2:90:48:64:4f:38:8d:da:e4:26:57:71:cb:81: d4:86:12:3c:ee:d1:22:df:70:f4:fd:a9:01:d5:a5: c6:83:55:0f:5e:13:47:af:66:6c:58:f7:23:38:4d: 52:27:b4:74:76:a4:47:04:24:d8:ed:2c:cd:32:fa: 3a:4b:a7:ea:82:98:db:e8:2d:c2:c2:ac:f5:43:0a: ab:f0:c0:f9:25:67:7c:80:58:87:9c:a6:53:33:92: df:42:ad:09:67:78:b5:de:d2:d0:a7:27:86:6e:6e: bf:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D7:F2:3D:7B:54:89:0F:0E:EC:F5:50:FF:A4:27:99:B6:4D:9B:D4:C9 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/bb9851b1-5a6d-4e75-9fff-c03a9c49cf69/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/bb9851b1-5a6d-4e75-9fff-c03a9c49cf69/0/D7F23D7B54890F0EECF550FFA42799B64D9BD4C9.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.222.255.0/24 Signature Algorithm: sha256WithRSAEncryption 2c:52:ae:cb:3d:a9:9e:f7:12:3c:96:96:52:4e:17:11:7d:83: be:7e:5f:26:39:f6:63:4e:3d:b8:7c:b9:42:a2:f6:53:f6:b9: 5a:ca:fa:a5:e6:cd:9f:70:48:b8:9a:57:aa:af:5b:da:3b:dd: a1:58:25:fe:79:9c:ca:be:b5:4d:06:cd:a0:b9:24:45:da:b7: 5c:a9:53:ef:12:c0:54:eb:4c:91:b4:45:ce:9a:e5:ce:2e:bb: 4a:24:00:b1:d4:d5:49:9b:ed:0c:20:22:a5:55:31:6e:b8:73: 97:bc:85:3d:69:6c:d5:de:64:40:fa:ac:fa:c8:28:a4:f8:c5: be:f1:57:0a:54:3a:a4:ed:8b:6c:15:2a:e2:44:ab:7c:fa:1d: 67:66:86:5d:21:73:2d:c3:b7:d2:c6:27:30:ec:89:05:a8:89: 34:33:d3:9c:fa:e8:f9:b8:23:a5:f2:ef:bf:92:fc:83:13:35: c3:ab:04:57:39:de:57:65:23:90:f5:7d:c0:e0:69:95:e5:f7: 87:85:e2:c5:72:2f:76:ce:63:0e:6f:33:11:2f:73:0c:3b:b5: 89:22:98:63:c9:4e:4c:10:9b:e8:97:77:e8:e5:45:d4:e7:4f: 30:94:fb:8f:e5:74:58:38:c8:28:27:0d:28:65:44:ef:99:9b: 45:52:a4:c3 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUWyKAALCv7YRDdfl6WYTyZHFtfv8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAwwMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MTIyMTAxMzQ1M1oX DTI2MTIyMDAxMzk1M1owMzExMC8GA1UEAxMoRDdGMjNEN0I1NDg5MEYwRUVDRjU1 MEZGQTQyNzk5QjY0RDlCRDRDOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOE4AvHAGXyZXnpDxWE7v2oD8ERorNnPaZgc9hc0jRd32WDRWbNUnmzp8NJV waSC2NZtqpzx2SfpC0gsBKUyclLyd58Go2hxjSQVI/Jk2IgvQT3A3U1U3cxuTDnK 57Ul1sg5v6HigYFjA0QjiwJElE5iFWWjWOAkIr26GxRWJ82TS78bpdAj+DWnqsLM 2JcXZoPs1VlT7PKQSGRPOI3a5CZXccuB1IYSPO7RIt9w9P2pAdWlxoNVD14TR69m bFj3IzhNUie0dHakRwQk2O0szTL6Okun6oKY2+gtwsKs9UMKq/DA+SVnfIBYh5ym UzOS30KtCWd4td7S0Kcnhm5uv20CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNfyPXtUiQ8O7PVQ/6QnmbZNm9TJMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9iYjk4NTFiMS01YTZkLTRlNzUtOWZmZi1jMDNhOWM0OWNmNjkvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JiOTg1MWIx LTVhNmQtNGU3NS05ZmZmLWMwM2E5YzQ5Y2Y2OS8wL0Q3RjIzRDdCNTQ4OTBGMEVF Q0Y1NTBGRkE0Mjc5OUI2NEQ5QkQ0QzkubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3v8wDQYJKoZIhvcNAQELBQADggEBACxSrss9qZ73EjyWllJOFxF9g75+XyY5 9mNOPbh8uUKi9lP2uVrK+qXmzZ9wSLiaV6qvW9o73aFYJf55nMq+tU0GzaC5JEXa t1ypU+8SwFTrTJG0Rc6a5c4uu0okALHU1Umb7QwgIqVVMW64c5e8hT1pbNXeZED6 rPrIKKT4xb7xVwpUOqTti2wVKuJEq3z6HWdmhl0hcy3Dt9LGJzDsiQWoiTQz05z6 6Pm4I6Xy77+S/IMTNcOrBFc53ldlI5D1fcDgaZXl94eF4sVyL3bOYw5vMxEvcww7 tYkimGPJTkwQm+iXd+jlRdTnTzCU+4/ldFg4yCgnDShlRO+Zm0VSpMM= -----END CERTIFICATE-----Generated at Wed Dec 24 10:04:05 2025 by rpki-client