$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/3C6D7485D61AD54226152E5D8A813D70E34D29AB.cer File: 3C6D7485D61AD54226152E5D8A813D70E34D29AB.cer (raw, json) Hash identifier: m5AW+sHGKikX1eU5qq4zi4DFcFU/gxbBGtv2RKap1aQ= Subject key identifier: 3C:6D:74:85:D6:1A:D5:42:26:15:2E:5D:8A:81:3D:70:E3:4D:29:AB Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 776805E96C8FB05957CFED8A3D41B6E3B86CE587 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/d159a362-950c-45c2-aecc-82b214bce474/0/3C6D7485D61AD54226152E5D8A813D70E34D29AB.mft caRepository: rsync://repo-rpki.idnic.net/repo/d159a362-950c-45c2-aecc-82b214bce474/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 02 Apr 2024 05:54:10 +0000 Certificate not after: Tue 01 Apr 2025 05:59:10 +0000 Subordinate resources: IP: 157.20.158.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 May 2024 00:47:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:68:05:e9:6c:8f:b0:59:57:cf:ed:8a:3d:41:b6:e3:b8:6c:e5:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Apr 2 05:54:10 2024 GMT Not After : Apr 1 05:59:10 2025 GMT Subject: CN=3C6D7485D61AD54226152E5D8A813D70E34D29AB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:81:50:67:ad:85:19:fa:e9:ae:20:c8:74:55: 9b:6c:17:08:16:44:bc:e4:14:79:36:ba:d5:78:df: 6f:44:cd:1e:cb:0d:4b:00:2f:95:29:e7:9a:bd:14: 16:9a:94:89:c0:6d:d1:74:5b:38:95:c6:24:fb:8e: ab:3d:6b:e9:51:bc:4e:12:6e:ad:b2:06:cc:a4:68: 02:03:14:ba:ce:f9:f3:5e:40:29:e4:77:e1:fc:32: bf:79:0a:73:57:30:30:4e:2b:51:fa:65:e9:9e:9d: a3:6f:6b:b1:9e:a3:63:4c:29:df:e3:c9:dc:bc:bf: 29:3c:a1:94:c9:b4:a9:db:3b:d8:24:35:ab:e9:ae: 47:c9:5d:4e:d9:6b:37:75:89:b4:e8:25:61:9e:bf: 76:09:06:bc:7a:1c:92:ee:b7:30:9f:3e:ba:b2:bf: 6e:ba:16:8f:8f:4a:ad:36:43:ef:8e:3c:53:db:73: b7:88:68:91:cc:f4:8e:de:8f:bd:87:9b:95:2d:33: 6c:79:1a:3e:8e:64:53:02:5b:04:62:d3:83:28:bf: 33:b5:1e:53:35:81:64:7a:13:b9:31:71:55:e7:6c: 0d:a2:6e:cf:ec:07:17:ae:f9:63:d2:49:07:7d:02: c6:93:d7:d7:10:eb:14:11:76:55:4d:1a:63:a5:88: b6:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3C:6D:74:85:D6:1A:D5:42:26:15:2E:5D:8A:81:3D:70:E3:4D:29:AB X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/d159a362-950c-45c2-aecc-82b214bce474/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/d159a362-950c-45c2-aecc-82b214bce474/0/3C6D7485D61AD54226152E5D8A813D70E34D29AB.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.20.158.0/23 Signature Algorithm: sha256WithRSAEncryption 54:42:ff:91:56:fd:6f:7b:e2:2a:39:f7:c6:92:47:61:03:d1: f5:8d:39:56:cc:08:4a:ee:fd:39:a2:ad:1c:72:1e:16:f4:dc: e9:90:59:02:9c:f0:e8:a9:4a:6b:dc:52:79:a2:16:6c:ec:5d: f4:7c:1c:20:64:d8:0a:ed:99:56:bd:d4:6c:b2:63:38:e5:0c: 9f:2e:73:1a:4f:ac:b4:76:5d:e0:49:46:be:c9:de:93:84:80: e5:48:e7:98:c0:85:3f:7d:cf:88:a5:4b:ca:de:60:ec:ad:45: 74:31:3d:a6:49:3d:91:99:5b:d1:cc:dd:03:08:6b:b5:9a:b3: 9e:0b:ab:f7:94:d3:52:da:5e:ca:52:61:66:f1:c8:ff:78:e9: bd:2a:ba:0b:9e:2c:70:4e:42:2d:c3:bf:03:50:66:55:a9:40: 54:6c:f6:df:37:7a:3d:b3:8e:e6:58:d2:6f:d8:56:de:40:32: fd:f7:97:48:a4:02:62:42:82:51:04:6a:6b:a6:20:a6:e2:69: 8c:97:11:f5:8f:d1:1d:be:a1:87:28:be:4e:d5:95:cb:7a:c4: 8e:72:99:10:b8:d3:0e:b8:df:4b:05:89:eb:c5:eb:3b:c4:2d: b8:a0:79:99:19:af:19:fe:65:52:f5:e1:c1:d0:f6:02:14:a3: 29:9e:16:66 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUd2gF6WyPsFlXz+2KPUG247hs5YcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDQwMjA1NTQxMFoX DTI1MDQwMTA1NTkxMFowMzExMC8GA1UEAxMoM0M2RDc0ODVENjFBRDU0MjI2MTUy RTVEOEE4MTNENzBFMzREMjlBQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALiBUGethRn66a4gyHRVm2wXCBZEvOQUeTa61Xjfb0TNHssNSwAvlSnnmr0U FpqUicBt0XRbOJXGJPuOqz1r6VG8ThJurbIGzKRoAgMUus75815AKeR34fwyv3kK c1cwME4rUfpl6Z6do29rsZ6jY0wp3+PJ3Ly/KTyhlMm0qds72CQ1q+muR8ldTtlr N3WJtOglYZ6/dgkGvHocku63MJ8+urK/broWj49KrTZD7448U9tzt4hokcz0jt6P vYeblS0zbHkaPo5kUwJbBGLTgyi/M7UeUzWBZHoTuTFxVedsDaJuz+wHF675Y9JJ B30CxpPX1xDrFBF2VU0aY6WItgcCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDxtdIXWGtVCJhUuXYqBPXDjTSmrMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9kMTU5YTM2Mi05NTBjLTQ1YzItYWVjYy04MmIyMTRiY2U0NzQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QxNTlhMzYy LTk1MGMtNDVjMi1hZWNjLTgyYjIxNGJjZTQ3NC8wLzNDNkQ3NDg1RDYxQUQ1NDIy NjE1MkU1RDhBODEzRDcwRTM0RDI5QUIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGdFJ4wDQYJKoZIhvcNAQELBQADggEBAFRC/5FW/W974io598aSR2ED0fWNOVbM CEru/TmirRxyHhb03OmQWQKc8OipSmvcUnmiFmzsXfR8HCBk2ArtmVa91GyyYzjl DJ8ucxpPrLR2XeBJRr7J3pOEgOVI55jAhT99z4ilS8reYOytRXQxPaZJPZGZW9HM 3QMIa7Was54Lq/eU01LaXspSYWbxyP946b0qugueLHBOQi3DvwNQZlWpQFRs9t83 ej2zjuZY0m/YVt5AMv33l0ikAmJCglEEamumIKbiaYyXEfWP0R2+oYcovk7Vlct6 xI5ymRC40w6430sFievF6zvELbigeZkZrxn+ZVL14cHQ9gIUoymeFmY= -----END CERTIFICATE-----Generated at Fri May 17 18:13:31 2024 by rpki-client on console-fra.rpki-client.org