$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer File: 10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer (raw, json) Hash identifier: RI/lELTS1oLGUv6NpLXCTR3TYn/jzq7Lsi5m1wkEMYs= Subject key identifier: 10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 1D1E153BC54EEB48EF9B16341E67AF80D585FC6E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.mft caRepository: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 04 Nov 2023 11:22:34 +0000 Certificate not after: Sat 02 Nov 2024 11:27:34 +0000 Subordinate resources: IP: 140.213.0.0/16 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 May 2024 10:55:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:1e:15:3b:c5:4e:eb:48:ef:9b:16:34:1e:67:af:80:d5:85:fc:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Nov 4 11:22:34 2023 GMT Not After : Nov 2 11:27:34 2024 GMT Subject: CN=10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:25:7d:61:49:94:bd:93:a2:96:9d:27:95:b6: b1:3c:d3:92:69:16:af:44:dd:03:78:8f:05:d1:a5: e5:72:78:98:ed:93:5d:b4:62:f8:eb:4f:ca:c7:29: 33:d9:1c:b3:fa:74:e0:ec:f4:aa:3f:c3:37:23:99: 28:b2:96:be:a3:72:ba:3d:83:33:67:35:f5:c5:f0: 0d:43:1b:39:8c:a0:f4:ee:49:bf:8e:46:a1:4f:c0: eb:2f:e4:e9:71:06:a7:bf:89:ac:01:c3:0f:2e:1c: d3:f4:f4:c5:55:c9:e1:7a:9c:6d:24:27:6b:25:a3: 9a:48:45:51:50:3c:86:c9:60:0b:17:36:fd:34:b3: 36:cc:fb:3a:1b:b0:08:16:9a:ef:23:ff:c4:fc:5f: 3e:78:5b:15:50:10:e8:a2:7a:0e:51:ac:69:91:4a: 74:ee:b3:9c:da:0b:b7:0d:57:24:8e:27:3a:e5:20: 41:68:ed:59:f3:4c:37:3e:84:16:ca:1b:57:1f:a2: cf:3a:4a:bd:74:d8:d1:94:18:24:2b:b6:21:cb:ff: be:f0:95:25:5f:98:51:e1:01:8f:77:82:85:e5:9b: c6:b2:ab:32:48:d4:d0:ea:9d:df:ae:42:b4:5e:88: 06:3d:5b:e9:d0:46:cc:fc:25:cc:77:68:ef:95:cc: 64:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 140.213.0.0/16 Signature Algorithm: sha256WithRSAEncryption 51:c4:39:2b:c9:3f:06:0b:04:42:cc:ed:23:13:ca:0c:94:d0: fb:95:59:49:be:46:12:c1:2e:a3:30:dd:2c:26:a1:03:65:d0: ad:10:bf:54:d0:53:7c:1c:64:ea:50:7e:47:55:6a:83:b0:76: d3:4d:ac:92:de:6f:0b:4c:d3:3e:20:5e:ed:1f:94:a0:a6:c4: be:be:a8:06:bb:ca:98:04:39:ef:c7:66:5c:2d:71:29:72:c3: 60:5b:cd:ab:f6:eb:c3:dd:f8:6b:fd:98:64:ff:62:c3:93:21: c9:8b:2b:91:35:08:60:a9:f2:81:1c:cc:b2:48:8a:06:6a:f7: a4:24:2c:43:c0:99:4c:14:ef:1d:69:63:93:07:30:9a:bc:ef: 56:cc:52:6b:a3:5c:6b:ab:8b:5c:98:01:d6:e6:d7:53:07:ac: c8:d1:c5:6b:ec:44:cd:4b:b8:20:5a:fa:c9:b6:c6:b6:a4:0a: a9:81:36:17:6c:05:b3:d1:74:9f:84:01:3b:0b:af:50:37:3f: fa:32:3f:01:0c:7e:0e:39:cb:32:e3:b4:5e:8e:76:4e:55:33: 6e:cc:44:37:3d:bf:81:06:9c:1b:e9:5e:fd:b8:a1:cd:c2:4a: 65:23:5c:df:21:ae:a1:c6:34:45:47:1a:93:82:3b:34:b3:52: 2b:79:c9:d3 -----BEGIN CERTIFICATE----- MIIFxDCCBKygAwIBAgIUHR4VO8VO60jvmxY0HmevgNWF/G4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTIzMTEwNDExMjIzNFoX DTI0MTEwMjExMjczNFowMzExMC8GA1UEAxMoMTBCQUI3OTA3RDk1M0EwRDVGREVC NUMyMEM5RjI5QkNGQzY2MEExQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMolfWFJlL2TopadJ5W2sTzTkmkWr0TdA3iPBdGl5XJ4mO2TXbRi+OtPyscp M9kcs/p04Oz0qj/DNyOZKLKWvqNyuj2DM2c19cXwDUMbOYyg9O5Jv45GoU/A6y/k 6XEGp7+JrAHDDy4c0/T0xVXJ4XqcbSQnayWjmkhFUVA8hslgCxc2/TSzNsz7Ohuw CBaa7yP/xPxfPnhbFVAQ6KJ6DlGsaZFKdO6znNoLtw1XJI4nOuUgQWjtWfNMNz6E FsobVx+izzpKvXTY0ZQYJCu2Icv/vvCVJV+YUeEBj3eCheWbxrKrMkjU0Oqd365C tF6IBj1b6dBGzPwlzHdo75XMZNcCAwEAAaOCArcwggKzMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFBC6t5B9lToNX961wgyfKbz8ZgobMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by80YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMTCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBh LWE0ZWMtNDlkYi1iZTg5LThkN2U3ZmMyYzIyNy8xLzEwQkFCNzkwN0Q5NTNBMEQ1 RkRFQjVDMjBDOUYyOUJDRkM2NjBBMUIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwCM1TANBgkqhkiG9w0BAQsFAAOCAQEAUcQ5K8k/BgsEQsztIxPKDJTQ+5VZSb5G EsEuozDdLCahA2XQrRC/VNBTfBxk6lB+R1Vqg7B2002skt5vC0zTPiBe7R+UoKbE vr6oBrvKmAQ578dmXC1xKXLDYFvNq/brw934a/2YZP9iw5MhyYsrkTUIYKnygRzM skiKBmr3pCQsQ8CZTBTvHWljkwcwmrzvVsxSa6Nca6uLXJgB1ubXUwesyNHFa+xE zUu4IFr6ybbGtqQKqYE2F2wFs9F0n4QBOwuvUDc/+jI/AQx+DjnLMuO0Xo52TlUz bsxENz2/gQacG+le/bihzcJKZSNc3yGuocY0RUcak4I7NLNSK3nJ0w== -----END CERTIFICATE-----Generated at Sun May 26 10:56:38 2024 by rpki-client on console-ams.rpki-client.org