$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/2A62B964EC86447DC22DDE70DC3517F0CF7C9ACD.cer File: 2A62B964EC86447DC22DDE70DC3517F0CF7C9ACD.cer (raw, json) Hash identifier: mrIodD0GU4th+R0DVwDQ01+aU03n4xlhonKE58B45YY= Subject key identifier: 2A:62:B9:64:EC:86:44:7D:C2:2D:DE:70:DC:35:17:F0:CF:7C:9A:CD Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 40E00F44ECB42EE29739D8EBEF23A1183BB019A6 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/c1b08845-df82-44c2-976d-6d74b81166f4/0/2A62B964EC86447DC22DDE70DC3517F0CF7C9ACD.mft caRepository: rsync://repo-rpki.idnic.net/repo/c1b08845-df82-44c2-976d-6d74b81166f4/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 14 Jun 2024 07:52:29 +0000 Certificate not after: Fri 13 Jun 2025 07:57:29 +0000 Subordinate resources: IP: 157.66.123.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 25 Jun 2024 03:51:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:e0:0f:44:ec:b4:2e:e2:97:39:d8:eb:ef:23:a1:18:3b:b0:19:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 14 07:52:29 2024 GMT Not After : Jun 13 07:57:29 2025 GMT Subject: CN=2A62B964EC86447DC22DDE70DC3517F0CF7C9ACD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:fe:75:41:58:70:47:36:a8:d1:06:0d:c4:62: a1:c6:d8:5f:da:6a:cf:66:e2:fe:6b:9d:83:d7:51: b0:84:ec:63:52:0b:7c:8b:fb:c2:d5:6d:60:78:26: d7:9a:a0:cb:fe:2f:7d:f4:3f:04:4e:9d:5e:64:3d: 85:50:38:45:bd:96:21:08:59:00:24:79:e8:2c:38: e7:3e:7f:a8:7a:b3:08:1c:18:9b:7e:14:10:24:42: 03:da:a0:8a:b8:ab:a5:4e:ab:7b:51:ab:67:f0:3b: 10:34:f0:42:8a:5d:01:59:87:ea:ad:ba:9f:f5:49: a4:94:cb:c0:b9:95:b1:0b:c9:cf:25:5a:3f:da:ad: 87:e5:3c:60:c1:d5:3f:0c:51:7f:c9:51:18:4a:28: 35:d3:30:8f:fe:b0:44:20:eb:28:bd:68:ee:aa:e7: 3c:dd:b2:31:b7:e1:a6:2a:bd:42:89:0b:2c:d4:2d: 8c:51:47:16:b6:96:07:c7:35:bc:5f:9d:e5:7b:2f: 29:0b:ca:6f:e4:04:5d:d9:8e:03:51:47:02:ee:eb: fa:78:1d:39:27:cc:bf:02:5a:ba:4e:c4:16:b4:ae: 88:11:bb:f7:fe:0d:1b:fe:ce:2d:bb:fa:0c:21:66: d6:df:08:a5:3d:b7:40:86:04:a3:96:85:b9:44:27: d1:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2A:62:B9:64:EC:86:44:7D:C2:2D:DE:70:DC:35:17:F0:CF:7C:9A:CD X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/c1b08845-df82-44c2-976d-6d74b81166f4/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/c1b08845-df82-44c2-976d-6d74b81166f4/0/2A62B964EC86447DC22DDE70DC3517F0CF7C9ACD.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.123.0/24 Signature Algorithm: sha256WithRSAEncryption 09:cc:6d:a5:8a:80:20:5d:e7:a8:b7:a8:a9:8f:5a:8c:76:c4: b6:cc:01:0b:6e:02:b9:41:df:d5:41:ec:e5:e4:ae:7c:80:ad: b1:77:87:53:c2:71:bf:b8:ca:8e:57:a5:0d:9e:68:86:d7:3e: a6:9f:a2:76:1a:b7:5a:28:30:35:9b:9e:fe:5b:10:d5:b2:e2: 46:28:b2:bd:87:8e:d0:82:ab:9d:1c:29:53:28:d3:5b:57:08: bf:16:0d:fb:8b:14:54:19:dc:f7:49:39:c0:8b:01:b2:5e:c3: 62:d9:37:85:f1:8c:4e:07:cb:86:9e:16:8b:6b:4e:da:45:6b: db:85:03:69:3e:d2:d2:5d:f0:c7:52:b1:14:54:fa:ee:2e:0c: a6:5e:a2:b0:d5:ef:36:29:8b:6e:8b:e8:38:f4:b3:7e:33:a3: 78:b6:33:6f:28:91:ba:9d:da:53:55:50:06:62:df:ec:00:94: 10:3a:50:6f:95:5c:3b:fd:2a:cc:f5:9c:c8:77:15:01:f5:3d: ef:ee:ac:36:7e:c0:ee:54:8f:47:b1:9d:57:fd:b5:36:0a:61: 7f:73:8e:6d:c4:2c:d4:17:68:71:72:7d:d9:af:82:5b:7c:e5: ce:f3:74:b5:e1:a6:40:8e:70:af:61:1c:13:41:b4:78:74:28: fc:9f:53:a1 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUQOAPROy0LuKXOdjr7yOhGDuwGaYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDYxNDA3NTIyOVoX DTI1MDYxMzA3NTcyOVowMzExMC8GA1UEAxMoMkE2MkI5NjRFQzg2NDQ3REMyMkRE RTcwREMzNTE3RjBDRjdDOUFDRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALb+dUFYcEc2qNEGDcRiocbYX9pqz2bi/mudg9dRsITsY1ILfIv7wtVtYHgm 15qgy/4vffQ/BE6dXmQ9hVA4Rb2WIQhZACR56Cw45z5/qHqzCBwYm34UECRCA9qg irirpU6re1GrZ/A7EDTwQopdAVmH6q26n/VJpJTLwLmVsQvJzyVaP9qth+U8YMHV PwxRf8lRGEooNdMwj/6wRCDrKL1o7qrnPN2yMbfhpiq9QokLLNQtjFFHFraWB8c1 vF+d5XsvKQvKb+QEXdmOA1FHAu7r+ngdOSfMvwJauk7EFrSuiBG79/4NG/7OLbv6 DCFm1t8IpT23QIYEo5aFuUQn0csCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCpiuWTshkR9wi3ecNw1F/DPfJrNMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9jMWIwODg0NS1kZjgyLTQ0YzItOTc2ZC02ZDc0YjgxMTY2ZjQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2MxYjA4ODQ1 LWRmODItNDRjMi05NzZkLTZkNzRiODExNjZmNC8wLzJBNjJCOTY0RUM4NjQ0N0RD MjJEREU3MERDMzUxN0YwQ0Y3QzlBQ0QubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACdQnswDQYJKoZIhvcNAQELBQADggEBAAnMbaWKgCBd56i3qKmPWox2xLbMAQtu ArlB39VB7OXkrnyArbF3h1PCcb+4yo5XpQ2eaIbXPqafonYat1ooMDWbnv5bENWy 4kYosr2HjtCCq50cKVMo01tXCL8WDfuLFFQZ3PdJOcCLAbJew2LZN4XxjE4Hy4ae FotrTtpFa9uFA2k+0tJd8MdSsRRU+u4uDKZeorDV7zYpi26L6Dj0s34zo3i2M28o kbqd2lNVUAZi3+wAlBA6UG+VXDv9Ksz1nMh3FQH1Pe/urDZ+wO5Uj0exnVf9tTYK YX9zjm3ELNQXaHFyfdmvglt85c7zdLXhpkCOcK9hHBNBtHh0KPyfU6E= -----END CERTIFICATE-----Generated at Fri Jun 21 22:04:31 2024 by rpki-client on console-fra.rpki-client.org