$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AF15FD8CB4E452C76B55709743614F9B5448CCDB.cer File: AF15FD8CB4E452C76B55709743614F9B5448CCDB.cer (raw, json) Hash identifier: e3KQzf90PHpec6CD4TiqNA0WbLCJ6NwCHlyjX0zQe6U= Subject key identifier: AF:15:FD:8C:B4:E4:52:C7:6B:55:70:97:43:61:4F:9B:54:48:CC:DB Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 412C873F7974A4FA4449358C69F285B036895A4E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/760e6a2d-84dc-48df-9b77-720853f47c6d/0/AF15FD8CB4E452C76B55709743614F9B5448CCDB.mft caRepository: rsync://repo-rpki.idnic.net/repo/760e6a2d-84dc-48df-9b77-720853f47c6d/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 08 Jan 2024 08:04:41 +0000 Certificate not after: Mon 06 Jan 2025 08:09:41 +0000 Subordinate resources: IP: 202.14.92.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 03:25:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:2c:87:3f:79:74:a4:fa:44:49:35:8c:69:f2:85:b0:36:89:5a:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 8 08:04:41 2024 GMT Not After : Jan 6 08:09:41 2025 GMT Subject: CN=AF15FD8CB4E452C76B55709743614F9B5448CCDB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:57:5e:2b:3a:bb:82:45:66:63:c0:ec:d3:87: 63:a4:c5:09:47:22:64:4d:74:42:47:15:eb:a9:ea: 16:13:66:4e:89:43:af:0c:ae:3f:fd:96:61:47:7e: 06:1e:e4:ad:f4:ae:48:b1:29:95:df:af:47:55:46: f9:1b:20:4c:df:eb:53:41:59:61:5e:c6:d8:d3:b8: 5d:68:45:d6:37:06:3e:14:ba:e9:97:1b:74:0f:2e: 3b:34:15:5f:0e:73:03:68:1a:48:48:58:ec:bb:14: 2c:a6:0f:de:05:03:e4:8f:3a:62:a7:4a:bc:ec:cc: ed:0b:9b:64:d6:3e:49:d6:a2:80:76:f1:67:38:68: 7a:f0:8b:cd:0e:ca:6f:e1:13:35:20:5b:2e:72:3c: 30:5f:bb:cb:10:8b:b6:eb:28:15:ee:4e:5e:cc:4c: 43:b7:90:a5:ce:af:c4:4d:0d:d5:85:20:cf:c5:a0: 7a:7c:ac:a4:06:b5:86:0a:10:d7:29:0e:24:3a:3e: 2b:83:84:6c:36:6a:c8:4d:8f:6d:ec:f9:be:0b:8e: e3:59:59:44:29:a3:4c:c2:0d:60:b0:69:fe:6b:72: cc:5a:0e:23:5f:6f:b9:f4:6d:3a:84:6a:0b:41:ee: 2b:af:26:d3:6a:38:83:7d:3d:ac:95:2f:6b:8f:0e: 0c:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AF:15:FD:8C:B4:E4:52:C7:6B:55:70:97:43:61:4F:9B:54:48:CC:DB X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/760e6a2d-84dc-48df-9b77-720853f47c6d/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/760e6a2d-84dc-48df-9b77-720853f47c6d/0/AF15FD8CB4E452C76B55709743614F9B5448CCDB.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 202.14.92.0/23 Signature Algorithm: sha256WithRSAEncryption 93:3a:7a:2f:c0:78:7c:4d:f5:dc:54:71:81:d3:20:7b:0d:f2: 8d:d9:d9:06:25:7e:0b:c6:31:aa:46:a7:56:54:8d:6f:ce:25: 5d:ce:2d:57:08:35:a6:59:5b:1f:0d:62:74:5a:ea:1c:8f:ea: 7b:bd:c4:f0:ed:ca:19:de:8b:6f:fc:56:93:95:b6:e6:ff:b6: 8d:5e:02:7d:59:94:5e:14:27:65:b8:dc:e5:d1:6a:ef:a1:c7: 4b:ed:a6:7c:49:92:c0:0c:25:70:cd:e6:8c:a7:ea:e5:4f:20: 5f:f3:ad:2f:56:f5:58:9c:1e:8e:a2:2a:1d:66:5f:bd:2c:c3: e7:2b:08:04:3e:65:10:16:d1:08:68:a8:fe:f9:ba:1f:c6:66: 27:63:23:2f:3b:39:f1:96:ea:35:9f:2c:02:e7:68:99:97:eb: f2:8b:48:79:34:24:55:64:e6:ba:54:f8:01:02:db:9b:d2:f3: a7:f0:74:35:f3:90:04:5a:74:84:04:eb:d2:03:f5:6a:b8:28: c5:ba:81:7d:8a:72:2a:c1:16:d8:bc:3a:56:ca:42:89:83:99: 2a:e9:fd:64:29:c7:fa:06:a6:82:78:f4:4b:c9:3c:81:40:d5: 31:89:8e:1c:42:b4:f8:bc:e5:c8:dc:2d:a0:e8:f7:6a:08:8f: e7:ae:03:a8 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUQSyHP3l0pPpESTWMafKFsDaJWk4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwODA4MDQ0MVoX DTI1MDEwNjA4MDk0MVowMzExMC8GA1UEAxMoQUYxNUZEOENCNEU0NTJDNzZCNTU3 MDk3NDM2MTRGOUI1NDQ4Q0NEQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALtXXis6u4JFZmPA7NOHY6TFCUciZE10QkcV66nqFhNmTolDrwyuP/2WYUd+ Bh7krfSuSLEpld+vR1VG+RsgTN/rU0FZYV7G2NO4XWhF1jcGPhS66ZcbdA8uOzQV Xw5zA2gaSEhY7LsULKYP3gUD5I86YqdKvOzM7QubZNY+SdaigHbxZzhoevCLzQ7K b+ETNSBbLnI8MF+7yxCLtusoFe5OXsxMQ7eQpc6vxE0N1YUgz8WgenyspAa1hgoQ 1ykOJDo+K4OEbDZqyE2Pbez5vguO41lZRCmjTMINYLBp/mtyzFoOI19vufRtOoRq C0HuK68m02o4g309rJUva48ODMcCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFK8V/Yy05FLHa1Vwl0NhT5tUSMzbMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83NjBlNmEyZC04NGRjLTQ4ZGYtOWI3Ny03MjA4NTNmNDdjNmQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzc2MGU2YTJk LTg0ZGMtNDhkZi05Yjc3LTcyMDg1M2Y0N2M2ZC8wL0FGMTVGRDhDQjRFNDUyQzc2 QjU1NzA5NzQzNjE0RjlCNTQ0OENDREIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAHKDlwwDQYJKoZIhvcNAQELBQADggEBAJM6ei/AeHxN9dxUcYHTIHsN8o3Z2QYl fgvGMapGp1ZUjW/OJV3OLVcINaZZWx8NYnRa6hyP6nu9xPDtyhnei2/8VpOVtub/ to1eAn1ZlF4UJ2W43OXRau+hx0vtpnxJksAMJXDN5oyn6uVPIF/zrS9W9VicHo6i Kh1mX70sw+crCAQ+ZRAW0QhoqP75uh/GZidjIy87OfGW6jWfLALnaJmX6/KLSHk0 JFVk5rpU+AEC25vS86fwdDXzkARadIQE69ID9Wq4KMW6gX2KcirBFti8OlbKQomD mSrp/WQpx/oGpoJ49EvJPIFA1TGJjhxCtPi85cjcLaDo92oIj+euA6g= -----END CERTIFICATE-----Generated at Fri May 3 03:08:29 2024 by rpki-client on console-ams.rpki-client.org