$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer File: 2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.cer (raw, json) Hash identifier: NMWswCWEQlz7U3T4uzsFuqkFQ/TDfIVB2UWqv8VcSU8= Subject key identifier: 25:15:D4:BF:9E:F7:AA:E5:AE:BC:22:F5:2C:17:FF:17:DC:D6:FD:C2 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 71647E6880A0F206F9A581F4BCA1FFB28E21E595 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft caRepository: rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 17 May 2024 09:12:31 +0000 Certificate not after: Fri 16 May 2025 09:17:31 +0000 Subordinate resources: IP: 160.19.84.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 25 Jun 2024 03:51:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:64:7e:68:80:a0:f2:06:f9:a5:81:f4:bc:a1:ff:b2:8e:21:e5:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 17 09:12:31 2024 GMT Not After : May 16 09:17:31 2025 GMT Subject: CN=2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:20:34:b4:71:c9:71:fe:2d:92:ce:1a:ee:56: 0c:90:f2:4f:2b:c0:2d:03:a4:22:c0:32:da:85:bb: 9e:c1:b2:2a:3b:cd:f5:4d:6f:3c:ab:ca:15:59:79: cb:86:62:be:6b:1b:fe:16:3a:87:97:9b:bb:8d:10: 85:cf:d3:20:a6:50:9c:b4:c2:07:38:07:82:20:87: 01:3b:59:4e:cd:d8:d9:10:17:cd:0a:30:7b:d0:36: dc:01:74:bd:c9:76:fe:8a:46:bb:b2:b2:48:5f:7f: e5:d4:a4:00:b3:7d:bb:62:af:f1:b4:e3:58:4d:27: 93:8c:66:17:73:48:9c:3e:15:31:0d:bb:90:e9:9d: 2a:26:34:f7:bf:34:4f:76:62:bd:bd:38:2b:79:f6: f7:18:45:a9:f4:24:6e:68:ec:d5:66:d2:71:a1:69: e2:a4:b4:f7:53:bd:4b:5f:a4:36:f5:90:26:1d:f1: f8:eb:b8:f9:6c:88:af:8e:f0:fe:b0:b2:ab:50:a9: fd:bb:55:ee:e1:aa:a3:b1:be:34:5a:b1:a3:d4:25: f9:aa:ed:67:45:4f:e3:40:f4:56:2c:58:a5:a8:97: eb:05:15:b2:51:f1:79:8e:ae:b9:4b:8e:f6:34:8c: a8:0a:50:54:81:39:f1:bc:44:6f:74:ee:ed:c4:e9: df:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 25:15:D4:BF:9E:F7:AA:E5:AE:BC:22:F5:2C:17:FF:17:DC:D6:FD:C2 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/ba098f00-a0a0-4b5c-9e83-606737128cb1/0/2515D4BF9EF7AAE5AEBC22F52C17FF17DCD6FDC2.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.19.84.0/23 Signature Algorithm: sha256WithRSAEncryption 3e:c4:03:10:3c:09:9c:3e:c4:82:6b:b1:ad:f3:34:5e:08:07: 62:92:db:00:80:40:31:92:51:b1:38:27:e6:47:34:e5:98:bc: fd:44:32:1d:5a:f4:24:41:f8:84:4e:3d:83:6d:c9:c8:79:d5: a4:72:06:f4:e9:8f:d7:ce:54:fb:d5:f6:fc:0b:a9:bc:0c:12: 9b:9f:43:89:74:53:ab:db:40:33:f0:a2:3f:8d:a5:64:6f:e5: eb:00:3c:69:7f:05:49:58:75:f5:7a:3a:a3:80:7f:f5:05:bd: 81:96:58:de:95:53:34:57:7a:44:98:35:22:9c:d3:43:61:75: ab:2a:0a:59:d1:7e:da:c7:20:80:bf:dd:83:1c:f0:cb:7c:b2: c5:84:95:f4:b1:72:5a:dc:cc:cb:be:42:c5:5e:08:56:0d:b1: 96:9c:fa:ef:67:f4:59:b9:70:01:d5:52:fe:c5:14:98:20:ff: 46:e2:65:f2:69:c5:80:10:a6:d9:8d:49:12:88:03:66:62:a4: f0:28:60:30:8e:11:af:2f:9c:76:fb:ae:79:18:ad:e3:ef:8e: ba:91:8e:61:71:4b:74:40:ab:b9:04:fd:aa:54:90:e2:27:b6: 26:9c:8c:25:09:37:70:ec:1d:d9:1e:60:8f:77:06:ab:4c:77: 53:93:2f:78 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUcWR+aICg8gb5pYH0vKH/so4h5ZUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDUxNzA5MTIzMVoX DTI1MDUxNjA5MTczMVowMzExMC8GA1UEAxMoMjUxNUQ0QkY5RUY3QUFFNUFFQkMy MkY1MkMxN0ZGMTdEQ0Q2RkRDMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANAgNLRxyXH+LZLOGu5WDJDyTyvALQOkIsAy2oW7nsGyKjvN9U1vPKvKFVl5 y4Zivmsb/hY6h5ebu40Qhc/TIKZQnLTCBzgHgiCHATtZTs3Y2RAXzQowe9A23AF0 vcl2/opGu7KySF9/5dSkALN9u2Kv8bTjWE0nk4xmF3NInD4VMQ27kOmdKiY09780 T3Zivb04K3n29xhFqfQkbmjs1WbScaFp4qS091O9S1+kNvWQJh3x+Ou4+WyIr47w /rCyq1Cp/btV7uGqo7G+NFqxo9Ql+artZ0VP40D0VixYpaiX6wUVslHxeY6uuUuO 9jSMqApQVIE58bxEb3Tu7cTp30kCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCUV1L+e96rlrrwi9SwX/xfc1v3CMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9iYTA5OGYwMC1hMGEwLTRiNWMtOWU4My02MDY3MzcxMjhjYjEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JhMDk4ZjAw LWEwYTAtNGI1Yy05ZTgzLTYwNjczNzEyOGNiMS8wLzI1MTVENEJGOUVGN0FBRTVB RUJDMjJGNTJDMTdGRjE3RENENkZEQzIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgE1QwDQYJKoZIhvcNAQELBQADggEBAD7EAxA8CZw+xIJrsa3zNF4IB2KS2wCA QDGSUbE4J+ZHNOWYvP1EMh1a9CRB+IROPYNtych51aRyBvTpj9fOVPvV9vwLqbwM EpufQ4l0U6vbQDPwoj+NpWRv5esAPGl/BUlYdfV6OqOAf/UFvYGWWN6VUzRXekSY NSKc00NhdasqClnRftrHIIC/3YMc8Mt8ssWElfSxclrczMu+QsVeCFYNsZac+u9n 9Fm5cAHVUv7FFJgg/0biZfJpxYAQptmNSRKIA2ZipPAoYDCOEa8vnHb7rnkYrePv jrqRjmFxS3RAq7kE/apUkOIntiacjCUJN3DsHdkeYI93BqtMd1OTL3g= -----END CERTIFICATE-----Generated at Fri Jun 21 21:25:33 2024 by rpki-client on console-ams.rpki-client.org