$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3008AF948C4742A525201F3FDA7EFB1800D52D64.cer File: 3008AF948C4742A525201F3FDA7EFB1800D52D64.cer (raw, json) Hash identifier: vzj7BP4k2Z/OPbmIhSoKgkCW/KIgEj2vUmqChh29lTQ= Subject key identifier: 30:08:AF:94:8C:47:42:A5:25:20:1F:3F:DA:7E:FB:18:00:D5:2D:64 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 091B294F6244C32906049F1F9FFD3EE13DA6721D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/dc34eed9-187e-4f46-a5bb-0ea8f669ae90/0/3008AF948C4742A525201F3FDA7EFB1800D52D64.mft caRepository: rsync://repo-rpki.idnic.net/repo/dc34eed9-187e-4f46-a5bb-0ea8f669ae90/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 17 Jan 2025 16:28:06 +0000 Certificate not after: Fri 16 Jan 2026 16:33:06 +0000 Subordinate resources: IP: 157.15.46.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 21:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:1b:29:4f:62:44:c3:29:06:04:9f:1f:9f:fd:3e:e1:3d:a6:72:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Jan 17 16:28:06 2025 GMT Not After : Jan 16 16:33:06 2026 GMT Subject: CN=3008AF948C4742A525201F3FDA7EFB1800D52D64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:ea:d5:ba:c8:eb:dd:49:9f:ac:bb:ca:37:78: 04:1f:e3:fb:f6:d9:d1:d2:75:2e:03:d4:3b:7c:31: 3b:5f:96:9b:d4:3e:a6:17:6f:f3:0f:40:7d:85:11: 17:75:dd:36:e5:58:bb:2c:1a:b6:1c:92:bb:ad:66: a8:95:65:bf:ae:19:24:75:e5:0e:0b:1f:85:d3:5a: 6a:fd:e9:86:df:06:0e:f2:67:e3:08:ff:30:c9:eb: 2d:69:b6:58:54:ba:b8:88:ed:df:22:b7:86:08:c0: a6:3a:a6:82:30:f3:10:12:4c:0a:9e:b0:b2:2a:c2: 0e:63:81:12:92:fc:a8:d4:ac:fe:bc:5f:3c:f4:79: 9e:32:de:96:70:2c:50:60:e2:09:1a:60:dd:93:81: 10:c5:72:6b:23:0d:ce:54:0f:3d:10:14:d0:f2:28: 32:38:6d:94:fd:ae:ef:86:e8:e8:3c:85:d1:ea:f5: d9:05:83:cb:76:34:4b:89:0e:3d:62:bb:47:d3:2d: 02:b7:ac:ff:63:4d:d6:0e:c1:69:de:c6:8c:1a:57: 39:86:77:02:f7:87:65:7a:47:21:38:e8:0e:35:65: 56:5d:89:2b:d8:32:63:b7:f0:5e:89:da:83:77:81: 4e:1a:09:3f:10:db:20:13:cf:12:af:6e:7f:b9:6e: 86:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 30:08:AF:94:8C:47:42:A5:25:20:1F:3F:DA:7E:FB:18:00:D5:2D:64 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/dc34eed9-187e-4f46-a5bb-0ea8f669ae90/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/dc34eed9-187e-4f46-a5bb-0ea8f669ae90/0/3008AF948C4742A525201F3FDA7EFB1800D52D64.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.46.0/23 Signature Algorithm: sha256WithRSAEncryption 19:13:d6:a8:07:97:0f:4d:05:1b:3e:f3:7b:25:9f:f2:c1:6f: 1a:1f:1b:08:e0:6b:81:c6:37:e9:4f:89:20:da:49:98:63:4d: 64:1f:b5:3c:3d:72:38:45:4e:b0:d9:d0:a3:df:72:02:a9:d7: 48:94:2b:59:cb:fa:25:01:8c:7f:2b:03:c6:86:34:de:bb:97: 76:5f:8c:8f:25:7e:bf:58:78:79:63:f4:92:0b:6d:27:23:6e: b2:86:c1:36:dd:f6:43:e6:20:1e:b0:dc:4c:c1:8d:4c:9a:03: f8:49:c2:02:0a:1c:6e:9c:1c:f2:01:fa:7d:0a:c3:47:e6:ef: df:3c:63:4a:09:ce:13:83:03:79:89:53:b1:7d:69:11:0a:ae: 10:f3:bf:13:29:e4:bf:78:07:96:aa:97:60:7f:9f:9f:f1:d0: 1f:ac:11:38:cf:e0:39:b0:5e:14:08:ec:28:35:1b:67:6d:48: 2e:37:a8:c5:ac:a7:5a:c1:ca:df:5f:4a:39:6f:34:50:7f:1a: 35:7f:85:4e:e4:48:76:63:34:9d:7c:e7:18:2d:86:db:95:80: cb:e3:6f:79:f9:80:d4:3a:6f:3b:70:9d:2b:f6:64:8d:f1:dd: 5e:6d:98:42:1b:40:13:b6:e2:42:cf:4d:41:6a:5f:5b:1d:58: 62:23:91:60 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUCRspT2JEwykGBJ8fn/0+4T2mch0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDExNzE2MjgwNloX DTI2MDExNjE2MzMwNlowMzExMC8GA1UEAxMoMzAwOEFGOTQ4QzQ3NDJBNTI1MjAx RjNGREE3RUZCMTgwMEQ1MkQ2NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN/q1brI691Jn6y7yjd4BB/j+/bZ0dJ1LgPUO3wxO1+Wm9Q+phdv8w9AfYUR F3XdNuVYuywathySu61mqJVlv64ZJHXlDgsfhdNaav3pht8GDvJn4wj/MMnrLWm2 WFS6uIjt3yK3hgjApjqmgjDzEBJMCp6wsirCDmOBEpL8qNSs/rxfPPR5njLelnAs UGDiCRpg3ZOBEMVyayMNzlQPPRAU0PIoMjhtlP2u74bo6DyF0er12QWDy3Y0S4kO PWK7R9MtAres/2NN1g7Bad7GjBpXOYZ3AveHZXpHITjoDjVlVl2JK9gyY7fwXona g3eBThoJPxDbIBPPEq9uf7luhrECAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDAIr5SMR0KlJSAfP9p++xgA1S1kMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9kYzM0ZWVkOS0xODdlLTRmNDYtYTViYi0wZWE4ZjY2OWFlOTAvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2RjMzRlZWQ5 LTE4N2UtNGY0Ni1hNWJiLTBlYThmNjY5YWU5MC8wLzMwMDhBRjk0OEM0NzQyQTUy NTIwMUYzRkRBN0VGQjE4MDBENTJENjQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGdDy4wDQYJKoZIhvcNAQELBQADggEBABkT1qgHlw9NBRs+83sln/LBbxofGwjg a4HGN+lPiSDaSZhjTWQftTw9cjhFTrDZ0KPfcgKp10iUK1nL+iUBjH8rA8aGNN67 l3ZfjI8lfr9YeHlj9JILbScjbrKGwTbd9kPmIB6w3EzBjUyaA/hJwgIKHG6cHPIB +n0Kw0fm7988Y0oJzhODA3mJU7F9aREKrhDzvxMp5L94B5aql2B/n5/x0B+sETjP 4DmwXhQI7Cg1G2dtSC43qMWsp1rByt9fSjlvNFB/GjV/hU7kSHZjNJ185xgthtuV gMvjb3n5gNQ6bztwnSv2ZI3x3V5tmEIbQBO24kLPTUFqX1sdWGIjkWA= -----END CERTIFICATE-----Generated at Mon Apr 7 16:19:53 2025 by rpki-client