$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/08683ED5C748B79A346EF705A2DCF809A31C75DF.cer File: 08683ED5C748B79A346EF705A2DCF809A31C75DF.cer (raw, json) Hash identifier: cvS+0GlbErfnBFj14W4v+5k+amKzjNC/2EQ+swNjytI= Subject key identifier: 08:68:3E:D5:C7:48:B7:9A:34:6E:F7:05:A2:DC:F8:09:A3:1C:75:DF Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 7A7A92CFD29C544BB5687C4BD4CF99F387B6E85C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0/08683ED5C748B79A346EF705A2DCF809A31C75DF.mft caRepository: rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 08 May 2024 07:00:04 +0000 Certificate not after: Wed 07 May 2025 07:05:04 +0000 Subordinate resources: IP: 157.20.233.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 25 Jun 2024 03:51:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:7a:92:cf:d2:9c:54:4b:b5:68:7c:4b:d4:cf:99:f3:87:b6:e8:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 8 07:00:04 2024 GMT Not After : May 7 07:05:04 2025 GMT Subject: CN=08683ED5C748B79A346EF705A2DCF809A31C75DF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:04:63:ba:f5:fd:eb:7d:14:da:0c:60:3e:6c: 74:d7:e9:e8:49:c0:53:73:04:c4:74:60:8d:53:52: 59:6d:e2:2a:1a:86:74:06:36:e2:c5:01:f6:ba:ff: f1:8d:a8:97:42:b9:e8:d3:98:bb:17:d8:5b:de:ef: 68:1f:d3:07:89:bd:31:89:31:aa:45:65:9a:42:af: b4:db:67:25:66:d0:b2:03:af:c9:e7:8f:63:f0:be: 36:38:3d:5e:b7:67:0f:97:26:39:90:58:c4:f1:ca: 78:a6:82:7c:b3:5e:82:f2:75:4c:8c:e5:2b:b4:c9: 92:04:7f:aa:0b:bd:5a:a6:41:cc:69:ef:bc:5a:04: 1a:c6:23:77:67:9e:c5:c7:96:4c:a2:39:39:5e:ba: 17:fa:58:5a:01:d0:75:b6:5a:68:a6:eb:36:1e:ce: 41:b7:11:3c:c8:17:d4:1f:d8:1a:ca:c8:b3:61:56: ce:b2:8a:ad:c4:9d:94:88:22:cc:bb:3c:2a:c1:45: 6b:ee:04:c6:c6:76:17:21:64:b2:41:ab:b2:98:d6: dc:e6:f1:6b:02:68:a8:d2:2c:1f:47:e3:b9:a6:df: ac:e1:0f:a2:b4:da:01:39:42:7e:dd:0d:42:29:bb: 3e:f2:c5:46:1d:05:c5:0a:bd:42:c0:98:cb:92:88: 6a:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 08:68:3E:D5:C7:48:B7:9A:34:6E:F7:05:A2:DC:F8:09:A3:1C:75:DF X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/e8ced18d-a7cc-4b44-af4a-85f304f9eb6c/0/08683ED5C748B79A346EF705A2DCF809A31C75DF.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.233.0/24 Signature Algorithm: sha256WithRSAEncryption 39:59:79:1f:e3:cb:38:46:06:25:ce:a7:2f:61:2e:a4:9e:31: b1:09:6c:96:29:62:e6:bd:bc:ed:8d:79:1c:3f:88:04:23:ec: 4c:dd:a7:25:1a:9a:42:ee:c0:47:7f:e2:92:23:5b:c3:b3:2f: dc:31:f7:65:f2:f5:56:b0:c2:c9:27:52:7a:af:c8:1e:31:b7: 5e:70:3c:ae:8b:13:8b:4c:75:bd:c1:16:e2:d8:f1:1b:23:bc: 46:ae:db:aa:1f:1e:48:11:cf:a3:4c:d9:68:3e:8c:5e:86:c4: 52:25:c8:19:1f:08:0b:3e:e1:67:e9:0f:1d:29:83:80:97:65: ab:02:d2:b9:21:29:dc:8a:8e:83:1b:6d:00:8b:47:3f:db:75: d1:28:04:67:e8:1c:b9:1a:a5:a3:61:87:a1:ac:7c:5f:93:6d: c4:9c:b9:04:e5:e3:76:d3:fc:43:d5:cc:da:e5:9f:38:aa:2d: 8b:99:ef:2f:38:ca:df:ea:95:da:9e:c0:cb:d8:42:9a:23:1d: 95:f0:5a:f9:ae:7c:ee:1b:9d:eb:b3:66:3d:18:37:36:9f:98: b7:31:aa:72:bc:00:14:6c:c7:8d:71:cc:19:16:fe:24:dc:7c: 65:31:9c:fd:42:4f:78:ec:82:ce:8c:4c:3f:fe:b4:d3:67:72: b6:8a:db:6d -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUenqSz9KcVEu1aHxL1M+Z84e26FwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDUwODA3MDAwNFoX DTI1MDUwNzA3MDUwNFowMzExMC8GA1UEAxMoMDg2ODNFRDVDNzQ4Qjc5QTM0NkVG NzA1QTJEQ0Y4MDlBMzFDNzVERjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANgEY7r1/et9FNoMYD5sdNfp6EnAU3MExHRgjVNSWW3iKhqGdAY24sUB9rr/ 8Y2ol0K56NOYuxfYW97vaB/TB4m9MYkxqkVlmkKvtNtnJWbQsgOvyeePY/C+Njg9 XrdnD5cmOZBYxPHKeKaCfLNegvJ1TIzlK7TJkgR/qgu9WqZBzGnvvFoEGsYjd2ee xceWTKI5OV66F/pYWgHQdbZaaKbrNh7OQbcRPMgX1B/YGsrIs2FWzrKKrcSdlIgi zLs8KsFFa+4ExsZ2FyFkskGrspjW3ObxawJoqNIsH0fjuabfrOEPorTaATlCft0N Qim7PvLFRh0FxQq9QsCYy5KIaisCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFAhoPtXHSLeaNG73BaLc+AmjHHXfMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9lOGNlZDE4ZC1hN2NjLTRiNDQtYWY0YS04NWYzMDRmOWViNmMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U4Y2VkMThk LWE3Y2MtNGI0NC1hZjRhLTg1ZjMwNGY5ZWI2Yy8wLzA4NjgzRUQ1Qzc0OEI3OUEz NDZFRjcwNUEyRENGODA5QTMxQzc1REYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACdFOkwDQYJKoZIhvcNAQELBQADggEBADlZeR/jyzhGBiXOpy9hLqSeMbEJbJYp Yua9vO2NeRw/iAQj7EzdpyUamkLuwEd/4pIjW8OzL9wx92Xy9VawwsknUnqvyB4x t15wPK6LE4tMdb3BFuLY8RsjvEau26ofHkgRz6NM2Wg+jF6GxFIlyBkfCAs+4Wfp Dx0pg4CXZasC0rkhKdyKjoMbbQCLRz/bddEoBGfoHLkapaNhh6GsfF+TbcScuQTl 43bT/EPVzNrlnziqLYuZ7y84yt/qldqewMvYQpojHZXwWvmufO4bneuzZj0YNzaf mLcxqnK8ABRsx41xzBkW/iTcfGUxnP1CT3jsgs6MTD/+tNNncraK220= -----END CERTIFICATE-----Generated at Fri Jun 21 21:25:33 2024 by rpki-client on console-ams.rpki-client.org