$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/575614534DD1047EA1BA290176D96470FCBA1ECA.cer File: 575614534DD1047EA1BA290176D96470FCBA1ECA.cer (raw, json) Hash identifier: fQNjA60ZHwzPbsgpIrpJ4S2fVtl4rPqNBAW8BTEpZs4= Subject key identifier: 57:56:14:53:4D:D1:04:7E:A1:BA:29:01:76:D9:64:70:FC:BA:1E:CA Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 103C703474CAB7B120953469CF42F507FFEA51B5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/f17f79b0-b9e3-4c3d-a113-b6c6a18af4d1/0/575614534DD1047EA1BA290176D96470FCBA1ECA.mft caRepository: rsync://repo-rpki.idnic.net/repo/f17f79b0-b9e3-4c3d-a113-b6c6a18af4d1/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 25 Jun 2024 13:01:46 +0000 Certificate not after: Tue 24 Jun 2025 13:06:46 +0000 Subordinate resources: IP: 160.22.90.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 14:24:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:3c:70:34:74:ca:b7:b1:20:95:34:69:cf:42:f5:07:ff:ea:51:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 25 13:01:46 2024 GMT Not After : Jun 24 13:06:46 2025 GMT Subject: CN=575614534DD1047EA1BA290176D96470FCBA1ECA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:d1:0f:45:ed:e4:e4:23:12:97:11:89:65:77: 5a:4b:c5:40:d3:c9:95:d2:c3:7f:bc:2e:9e:73:d5: 55:92:79:fc:21:2c:48:85:b9:ad:4a:84:45:34:a3: a3:8e:d2:e8:ad:0d:d7:5a:8a:12:c1:d9:35:76:35: 66:86:08:db:32:19:de:c7:d5:3b:c7:b6:6d:60:1e: 04:64:51:1d:9a:41:2b:92:0a:7c:de:6d:0f:e7:41: 9f:17:21:68:5f:30:19:74:f5:2a:39:53:87:cb:84: 63:ad:99:d4:71:ea:8f:fd:84:67:3a:65:55:99:5a: 6d:15:3d:53:78:84:40:e3:8a:f4:6a:fb:78:b3:44: 0b:de:a5:a6:90:07:f7:96:ce:3d:74:4d:f9:be:e1: fb:9b:25:b2:2e:c6:5c:40:78:f4:1d:09:62:69:cc: 41:35:07:ab:ea:17:b2:a1:77:7b:0a:f0:97:c0:76: 95:67:d0:f9:91:3a:c7:4a:cb:e9:3a:dc:6b:a7:53: 42:36:1c:db:f8:89:8c:2d:ee:88:49:6b:29:5f:ea: ab:9e:7c:b8:91:ea:56:fd:c8:4e:9c:ca:fb:1b:86: 9b:f7:10:f0:62:a0:c8:7a:bb:f0:fa:a4:a8:b6:ff: 5a:ba:18:a9:be:45:1e:e6:7e:3c:d6:6f:7c:cb:ea: bb:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 57:56:14:53:4D:D1:04:7E:A1:BA:29:01:76:D9:64:70:FC:BA:1E:CA X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/f17f79b0-b9e3-4c3d-a113-b6c6a18af4d1/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/f17f79b0-b9e3-4c3d-a113-b6c6a18af4d1/0/575614534DD1047EA1BA290176D96470FCBA1ECA.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.90.0/24 Signature Algorithm: sha256WithRSAEncryption 72:ec:21:13:9e:4a:05:4a:cd:22:48:62:56:27:6f:7e:4d:2f: fa:f6:35:6f:9b:da:eb:70:65:e3:e7:20:86:4f:81:cd:24:14: 04:98:a9:18:db:68:39:8b:62:0c:62:fe:f1:ed:85:5f:8f:10: 93:80:aa:b1:85:e0:e0:ff:ba:65:5d:bb:c8:bb:a1:65:34:86: e5:25:01:ae:5a:48:d3:6f:db:15:dc:c1:27:4c:08:93:01:1b: 38:2e:64:e9:f1:7c:e2:1c:e3:73:70:7c:da:b1:ca:eb:d4:86: 97:40:ff:44:a8:4c:1b:fe:9f:2a:2e:85:ee:d2:c3:a8:f2:7b: c8:44:10:f7:6e:08:e3:8a:d5:3a:9d:8e:7c:56:06:89:a0:9d: d6:32:2f:0d:95:21:9c:1d:c0:26:a9:f4:7b:ab:c8:27:0a:81: e9:51:7e:cd:6f:5a:a5:4e:a6:c6:3c:ab:2e:05:e0:cd:69:4d: a2:2c:13:26:3a:88:fe:34:b1:bf:6b:1d:02:ef:53:0c:10:05: cb:3f:7e:0e:22:95:d3:a7:82:26:8a:07:b3:ef:9d:db:e8:6d: 6b:2c:44:60:9e:cc:5c:9b:a5:2c:07:7e:84:55:c6:a4:6a:9a: 46:9e:23:c4:4a:7e:02:b4:c3:0a:99:62:65:7a:7f:58:62:48: a2:c1:a2:0d -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUEDxwNHTKt7EglTRpz0L1B//qUbUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDYyNTEzMDE0NloX DTI1MDYyNDEzMDY0NlowMzExMC8GA1UEAxMoNTc1NjE0NTM0REQxMDQ3RUExQkEy OTAxNzZEOTY0NzBGQ0JBMUVDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKjRD0Xt5OQjEpcRiWV3WkvFQNPJldLDf7wunnPVVZJ5/CEsSIW5rUqERTSj o47S6K0N11qKEsHZNXY1ZoYI2zIZ3sfVO8e2bWAeBGRRHZpBK5IKfN5tD+dBnxch aF8wGXT1KjlTh8uEY62Z1HHqj/2EZzplVZlabRU9U3iEQOOK9Gr7eLNEC96lppAH 95bOPXRN+b7h+5slsi7GXEB49B0JYmnMQTUHq+oXsqF3ewrwl8B2lWfQ+ZE6x0rL 6Trca6dTQjYc2/iJjC3uiElrKV/qq558uJHqVv3ITpzK+xuGm/cQ8GKgyHq78Pqk qLb/WroYqb5FHuZ+PNZvfMvqu6sCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFdWFFNN0QR+obopAXbZZHD8uh7KMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9mMTdmNzliMC1iOWUzLTRjM2QtYTExMy1iNmM2YTE4YWY0ZDEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2YxN2Y3OWIw LWI5ZTMtNGMzZC1hMTEzLWI2YzZhMThhZjRkMS8wLzU3NTYxNDUzNEREMTA0N0VB MUJBMjkwMTc2RDk2NDcwRkNCQTFFQ0EubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACgFlowDQYJKoZIhvcNAQELBQADggEBAHLsIROeSgVKzSJIYlYnb35NL/r2NW+b 2utwZePnIIZPgc0kFASYqRjbaDmLYgxi/vHthV+PEJOAqrGF4OD/umVdu8i7oWU0 huUlAa5aSNNv2xXcwSdMCJMBGzguZOnxfOIc43NwfNqxyuvUhpdA/0SoTBv+nyou he7Sw6jye8hEEPduCOOK1TqdjnxWBomgndYyLw2VIZwdwCap9HuryCcKgelRfs1v WqVOpsY8qy4F4M1pTaIsEyY6iP40sb9rHQLvUwwQBcs/fg4ildOngiaKB7Pvndvo bWssRGCezFybpSwHfoRVxqRqmkaeI8RKfgK0wwqZYmV6f1hiSKLBog0= -----END CERTIFICATE-----Generated at Wed Nov 20 06:21:51 2024 by rpki-client on console-ams.rpki-client.org