$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/432AE9E2B00941EF8925409E82CA40508A4688B1.cer File: 432AE9E2B00941EF8925409E82CA40508A4688B1.cer (raw, json) Hash identifier: MEucKlllJFJZ9XrHnzi+2A8PIZhvRlyDmFOOrYWl1+E= Subject key identifier: 43:2A:E9:E2:B0:09:41:EF:89:25:40:9E:82:CA:40:50:8A:46:88:B1 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 6564B0AD0BAE2D1FF1AD914292830F2161AD4DBE Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft caRepository: rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 12 Jan 2024 02:14:49 +0000 Certificate not after: Fri 10 Jan 2025 02:19:49 +0000 Subordinate resources: IP: 157.10.160.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 19 May 2024 15:49:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:64:b0:ad:0b:ae:2d:1f:f1:ad:91:42:92:83:0f:21:61:ad:4d:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jan 12 02:14:49 2024 GMT Not After : Jan 10 02:19:49 2025 GMT Subject: CN=432AE9E2B00941EF8925409E82CA40508A4688B1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:0e:ea:86:12:f8:82:41:77:43:44:37:99:04: b3:51:fb:c6:35:f3:42:16:a6:ed:7e:18:28:d7:e5: d4:53:1a:1e:f3:67:13:e7:41:e6:3e:1a:41:2a:1d: 3f:88:69:55:5e:38:a0:43:e0:7f:38:b0:fc:8a:ae: c7:ef:8f:ab:66:68:d7:52:18:3c:61:a7:a2:c5:10: 7b:6e:b3:da:29:ab:5e:5d:fe:4b:da:1e:72:83:ff: 59:5c:30:03:94:88:8d:6d:46:26:9d:f4:61:1e:29: 1c:d7:7f:e7:bc:10:d4:0f:29:49:b5:02:9d:c7:71: 73:33:cb:76:53:d7:03:05:0a:39:19:b9:74:47:51: 95:f9:c5:25:55:06:c0:7d:4a:42:3d:ef:6b:2b:1e: 88:ae:ee:2d:e5:b4:ab:0b:67:16:11:5f:81:de:3b: 7a:00:cb:64:8c:58:e0:e5:e2:6d:37:ef:50:f1:f5: ac:e8:9c:2d:2f:74:7a:5b:84:ef:54:71:f2:da:66: 43:32:ac:d1:42:8e:86:0b:c8:35:57:f5:b0:2b:dd: cd:7a:97:9c:70:bd:74:b1:8c:b9:b7:e4:4e:fa:f0: 11:7d:39:43:3b:85:82:c0:62:38:97:05:af:53:7d: 0e:7f:4a:46:c1:15:43:04:4b:a3:c8:d5:89:65:10: 04:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 43:2A:E9:E2:B0:09:41:EF:89:25:40:9E:82:CA:40:50:8A:46:88:B1 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/ec2fc1d4-37a6-4943-b4c6-6d8e9b4e5591/0/432AE9E2B00941EF8925409E82CA40508A4688B1.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.10.160.0/23 Signature Algorithm: sha256WithRSAEncryption 54:0d:4a:56:1c:80:f7:65:88:fa:6d:16:d2:62:b8:b0:09:d0: 13:89:4c:a6:83:89:7a:07:e2:82:29:8f:9c:35:0f:d1:e6:8c: fa:39:d0:01:e3:84:86:85:a4:3f:67:09:63:ac:f2:a2:b7:91: 58:a7:6b:21:c5:90:d4:0c:e5:6d:ea:b1:75:02:c6:70:9c:12: ba:26:5f:bf:27:05:ba:59:b9:f1:19:77:f4:f6:3e:2b:10:81: f3:06:e3:8b:07:e1:6a:54:85:d8:cd:da:9c:fe:8f:67:5a:6e: 15:ff:76:ec:8d:b9:24:7c:b3:ec:86:db:ca:15:fa:7c:7f:c5: 3d:2a:c2:9b:02:88:b3:99:92:ff:2e:0e:c3:8d:44:75:31:10: 7f:6f:11:19:69:ce:44:38:86:2c:5f:94:bd:b8:a1:af:29:a1: da:c8:69:cf:08:4e:1d:91:59:e9:a1:71:ed:3c:d7:72:9b:9d: 28:9c:26:28:3d:98:ed:1f:a6:b0:10:db:6a:b8:e1:31:9d:e0: e5:0e:b0:f8:54:90:ec:3e:b4:5d:d8:df:26:6d:c9:54:bf:5f: e2:a5:08:3b:ce:33:93:c9:9d:14:94:cc:50:9f:60:5e:0f:3e: de:13:45:62:b5:73:cc:c7:da:67:4f:49:0f:d5:10:d0:05:9a: 3d:f2:8c:34 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUZWSwrQuuLR/xrZFCkoMPIWGtTb4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDExMjAyMTQ0OVoX DTI1MDExMDAyMTk0OVowMzExMC8GA1UEAxMoNDMyQUU5RTJCMDA5NDFFRjg5MjU0 MDlFODJDQTQwNTA4QTQ2ODhCMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMwO6oYS+IJBd0NEN5kEs1H7xjXzQham7X4YKNfl1FMaHvNnE+dB5j4aQSod P4hpVV44oEPgfziw/Iqux++Pq2Zo11IYPGGnosUQe26z2imrXl3+S9oecoP/WVww A5SIjW1GJp30YR4pHNd/57wQ1A8pSbUCncdxczPLdlPXAwUKORm5dEdRlfnFJVUG wH1KQj3vayseiK7uLeW0qwtnFhFfgd47egDLZIxY4OXibTfvUPH1rOicLS90eluE 71Rx8tpmQzKs0UKOhgvINVf1sCvdzXqXnHC9dLGMubfkTvrwEX05QzuFgsBiOJcF r1N9Dn9KRsEVQwRLo8jViWUQBG0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEMq6eKwCUHviSVAnoLKQFCKRoixMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9lYzJmYzFkNC0zN2E2LTQ5NDMtYjRjNi02ZDhlOWI0ZTU1OTEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2VjMmZjMWQ0 LTM3YTYtNDk0My1iNGM2LTZkOGU5YjRlNTU5MS8wLzQzMkFFOUUyQjAwOTQxRUY4 OTI1NDA5RTgyQ0E0MDUwOEE0Njg4QjEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGdCqAwDQYJKoZIhvcNAQELBQADggEBAFQNSlYcgPdliPptFtJiuLAJ0BOJTKaD iXoH4oIpj5w1D9HmjPo50AHjhIaFpD9nCWOs8qK3kVinayHFkNQM5W3qsXUCxnCc EromX78nBbpZufEZd/T2PisQgfMG44sH4WpUhdjN2pz+j2dabhX/duyNuSR8s+yG 28oV+nx/xT0qwpsCiLOZkv8uDsONRHUxEH9vERlpzkQ4hixflL24oa8podrIac8I Th2RWemhce0813KbnSicJig9mO0fprAQ22q44TGd4OUOsPhUkOw+tF3Y3yZtyVS/ X+KlCDvOM5PJnRSUzFCfYF4PPt4TRWK1c8zH2mdPSQ/VENAFmj3yjDQ= -----END CERTIFICATE-----Generated at Thu May 16 10:44:08 2024 by rpki-client on console-ams.rpki-client.org