$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer File: 10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.cer (raw, json) Hash identifier: FczyArA0/+Iu9TDtLgOdhfskep2DPNeiXXPvWrSYr64= Subject key identifier: 10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 2521C941049D8AAD3D744C617873974C1C9A4CC6 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.mft caRepository: rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 05 Oct 2024 17:34:06 +0000 Certificate not after: Sat 04 Oct 2025 17:39:06 +0000 Subordinate resources: IP: 140.213.0.0/16 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 14:24:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:21:c9:41:04:9d:8a:ad:3d:74:4c:61:78:73:97:4c:1c:9a:4c:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Oct 5 17:34:06 2024 GMT Not After : Oct 4 17:39:06 2025 GMT Subject: CN=10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:25:7d:61:49:94:bd:93:a2:96:9d:27:95:b6: b1:3c:d3:92:69:16:af:44:dd:03:78:8f:05:d1:a5: e5:72:78:98:ed:93:5d:b4:62:f8:eb:4f:ca:c7:29: 33:d9:1c:b3:fa:74:e0:ec:f4:aa:3f:c3:37:23:99: 28:b2:96:be:a3:72:ba:3d:83:33:67:35:f5:c5:f0: 0d:43:1b:39:8c:a0:f4:ee:49:bf:8e:46:a1:4f:c0: eb:2f:e4:e9:71:06:a7:bf:89:ac:01:c3:0f:2e:1c: d3:f4:f4:c5:55:c9:e1:7a:9c:6d:24:27:6b:25:a3: 9a:48:45:51:50:3c:86:c9:60:0b:17:36:fd:34:b3: 36:cc:fb:3a:1b:b0:08:16:9a:ef:23:ff:c4:fc:5f: 3e:78:5b:15:50:10:e8:a2:7a:0e:51:ac:69:91:4a: 74:ee:b3:9c:da:0b:b7:0d:57:24:8e:27:3a:e5:20: 41:68:ed:59:f3:4c:37:3e:84:16:ca:1b:57:1f:a2: cf:3a:4a:bd:74:d8:d1:94:18:24:2b:b6:21:cb:ff: be:f0:95:25:5f:98:51:e1:01:8f:77:82:85:e5:9b: c6:b2:ab:32:48:d4:d0:ea:9d:df:ae:42:b4:5e:88: 06:3d:5b:e9:d0:46:cc:fc:25:cc:77:68:ef:95:cc: 64:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 10:BA:B7:90:7D:95:3A:0D:5F:DE:B5:C2:0C:9F:29:BC:FC:66:0A:1B X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/4bdb1e0a-a4ec-49db-be89-8d7e7fc2c227/1/10BAB7907D953A0D5FDEB5C20C9F29BCFC660A1B.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 140.213.0.0/16 Signature Algorithm: sha256WithRSAEncryption 25:3b:8a:77:9d:69:dc:f6:60:a3:65:1b:bd:f1:9d:c7:8f:14: ba:53:80:8f:09:5e:9d:68:b4:87:cf:0d:56:a2:ed:8f:de:91: 13:58:19:4a:67:d9:8a:64:19:b6:7e:01:92:6e:5c:9e:59:13: 62:4e:33:28:c7:4b:0e:5e:4b:44:bd:5d:d3:98:4b:9c:68:ca: 84:59:04:04:df:19:27:76:62:79:07:2e:d0:db:77:03:54:66: a9:51:0f:97:a8:c6:56:c6:39:65:3f:01:d5:be:5f:a3:23:7b: 59:5d:3c:42:22:e8:22:4f:ba:51:1f:f1:87:30:5f:92:d3:17: fc:6f:39:a3:a4:a7:f0:6d:35:b6:9f:13:8c:96:31:40:13:24: 27:68:62:8a:e9:9b:19:2c:fe:42:21:22:21:88:b5:ee:9c:6e: 4e:ac:b5:6b:ee:70:19:a9:f5:ad:a4:95:f6:2e:fe:a7:2a:a7: ac:91:9c:2f:c3:94:21:02:43:ad:73:4f:87:63:7f:a3:8c:cb: 4e:81:13:c7:b9:04:95:d4:96:5e:fb:1b:6a:25:6a:69:0e:be: a0:97:b4:b4:38:dc:d9:c7:1e:18:7e:2e:cd:ca:ec:82:99:a0: f1:0e:a6:26:45:47:d7:f2:ec:5f:de:2e:9f:61:c2:1c:fc:bd: 0f:dd:43:b2 -----BEGIN CERTIFICATE----- MIIFxDCCBKygAwIBAgIUJSHJQQSdiq09dExheHOXTByaTMYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MTAwNTE3MzQwNloX DTI1MTAwNDE3MzkwNlowMzExMC8GA1UEAxMoMTBCQUI3OTA3RDk1M0EwRDVGREVC NUMyMEM5RjI5QkNGQzY2MEExQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMolfWFJlL2TopadJ5W2sTzTkmkWr0TdA3iPBdGl5XJ4mO2TXbRi+OtPyscp M9kcs/p04Oz0qj/DNyOZKLKWvqNyuj2DM2c19cXwDUMbOYyg9O5Jv45GoU/A6y/k 6XEGp7+JrAHDDy4c0/T0xVXJ4XqcbSQnayWjmkhFUVA8hslgCxc2/TSzNsz7Ohuw CBaa7yP/xPxfPnhbFVAQ6KJ6DlGsaZFKdO6znNoLtw1XJI4nOuUgQWjtWfNMNz6E FsobVx+izzpKvXTY0ZQYJCu2Icv/vvCVJV+YUeEBj3eCheWbxrKrMkjU0Oqd365C tF6IBj1b6dBGzPwlzHdo75XMZNcCAwEAAaOCArcwggKzMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFBC6t5B9lToNX961wgyfKbz8ZgobMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by80YmRiMWUwYS1hNGVjLTQ5ZGItYmU4OS04ZDdlN2ZjMmMyMjcvMTCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZGIxZTBh LWE0ZWMtNDlkYi1iZTg5LThkN2U3ZmMyYzIyNy8xLzEwQkFCNzkwN0Q5NTNBMEQ1 RkRFQjVDMjBDOUYyOUJDRkM2NjBBMUIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUD AwCM1TANBgkqhkiG9w0BAQsFAAOCAQEAJTuKd51p3PZgo2UbvfGdx48UulOAjwle nWi0h88NVqLtj96RE1gZSmfZimQZtn4Bkm5cnlkTYk4zKMdLDl5LRL1d05hLnGjK hFkEBN8ZJ3ZieQcu0Nt3A1RmqVEPl6jGVsY5ZT8B1b5foyN7WV08QiLoIk+6UR/x hzBfktMX/G85o6Sn8G01tp8TjJYxQBMkJ2hiiumbGSz+QiEiIYi17pxuTqy1a+5w Gan1raSV9i7+pyqnrJGcL8OUIQJDrXNPh2N/o4zLToETx7kEldSWXvsbaiVqaQ6+ oJe0tDjc2cceGH4uzcrsgpmg8Q6mJkVH1/LsX94un2HCHPy9D91Dsg== -----END CERTIFICATE-----Generated at Wed Nov 20 05:42:54 2024 by rpki-client on console-fra.rpki-client.org