$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/84D5328962D0ADCA772ECA2A427E097F281CCEB4.cer File: 84D5328962D0ADCA772ECA2A427E097F281CCEB4.cer (raw, json) Hash identifier: Z/2po11+jzrR7l4VUzMA5sDBCwjAksIhAFsyxrkBLYw= Subject key identifier: 84:D5:32:89:62:D0:AD:CA:77:2E:CA:2A:42:7E:09:7F:28:1C:CE:B4 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 48C10E62F09E3A8D61E4EC8B16B0F07BF6A27627 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/0f8d824d-d6a1-4543-9cf0-d9926832f29f/0/84D5328962D0ADCA772ECA2A427E097F281CCEB4.mft caRepository: rsync://repo-rpki.idnic.net/repo/0f8d824d-d6a1-4543-9cf0-d9926832f29f/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 12 Jun 2024 06:53:25 +0000 Certificate not after: Wed 11 Jun 2025 06:58:25 +0000 Subordinate resources: IP: 157.66.131.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 25 Jun 2024 03:51:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:c1:0e:62:f0:9e:3a:8d:61:e4:ec:8b:16:b0:f0:7b:f6:a2:76:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 12 06:53:25 2024 GMT Not After : Jun 11 06:58:25 2025 GMT Subject: CN=84D5328962D0ADCA772ECA2A427E097F281CCEB4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:68:bf:09:50:3b:3c:cf:83:22:dd:3b:40:bd: 57:02:03:79:ae:66:ba:cf:70:e2:46:34:b0:3e:39: 1c:69:06:16:7e:ac:99:0f:71:1d:27:fd:86:e2:9a: 01:64:6b:19:a6:25:27:69:d3:1d:ec:14:8c:61:f9: 5d:a7:9b:14:b5:8a:26:76:19:55:60:b8:bf:16:7b: e5:6a:ed:d3:f8:5f:7e:27:c3:4a:4d:c2:c9:6a:b4: 4a:14:ad:f7:f3:f0:01:3a:d6:4d:c4:eb:f4:35:3a: 6b:2f:0b:b0:56:ca:35:a1:62:2c:17:4e:56:48:6f: f0:a4:56:39:b3:51:1d:76:32:ad:e6:a3:45:e4:ed: cb:63:5d:37:8a:39:03:6c:07:a6:88:49:93:8e:92: 37:60:df:7a:3b:74:73:92:ce:e9:ea:cf:b7:f0:70: 61:5a:53:cc:69:89:2f:5b:ec:6f:08:c4:9b:69:bb: 5c:de:dd:85:0a:87:f9:a0:d7:b7:79:f4:e7:10:4c: dc:54:cd:fa:74:13:0a:6b:4d:8f:bb:37:53:56:a4: f8:05:f2:e8:22:a1:b3:b6:93:0d:d9:1b:db:4d:de: 41:6e:3b:6b:a9:fa:93:99:1c:97:bd:ac:a3:99:23: 83:b2:0c:8d:6d:76:7d:88:59:c8:72:0e:51:9e:1c: ed:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 84:D5:32:89:62:D0:AD:CA:77:2E:CA:2A:42:7E:09:7F:28:1C:CE:B4 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/0f8d824d-d6a1-4543-9cf0-d9926832f29f/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/0f8d824d-d6a1-4543-9cf0-d9926832f29f/0/84D5328962D0ADCA772ECA2A427E097F281CCEB4.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.131.0/24 Signature Algorithm: sha256WithRSAEncryption 25:a1:61:07:41:8b:03:64:d7:38:2c:c1:2f:f1:8b:65:b0:41: 05:91:a8:79:e6:77:91:14:36:e8:17:c1:46:f1:dd:25:28:34: 98:94:47:2e:d2:34:bc:3e:cb:14:6e:22:c6:f7:ef:24:08:50: 33:90:1d:a4:d0:24:c2:ee:4f:7b:1b:b5:d4:60:bc:00:47:e9: 87:2d:91:bb:91:45:98:dd:f7:cf:85:5d:01:7e:34:86:43:5f: 0a:c0:92:03:aa:38:a0:10:1c:ac:8d:ee:94:dc:93:2e:64:e1: 78:b3:0e:14:9c:02:ac:92:35:be:87:7f:df:d4:af:48:29:00: d0:28:04:e6:31:2b:44:ab:b7:ea:b1:10:f6:c5:9c:a0:33:4d: 92:e5:51:ed:e4:88:09:31:8e:09:81:ae:45:4c:f4:54:e2:ab: 70:6e:12:bf:9a:93:e4:57:70:2c:82:01:30:e4:40:06:c4:4b: d2:29:9d:ed:58:b3:8a:c9:c9:25:5e:b9:79:32:d3:4a:ae:8a: 4d:0f:3e:4c:e0:19:a5:ad:32:d6:df:af:05:56:68:35:29:cf: 42:44:59:aa:9d:73:01:a2:47:43:aa:38:8f:7f:33:9c:d6:3e: 2d:dc:25:da:46:73:2d:9f:62:a8:77:d5:ea:5d:5a:99:94:aa: 3c:c3:e6:83 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUSMEOYvCeOo1h5OyLFrDwe/aidicwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDYxMjA2NTMyNVoX DTI1MDYxMTA2NTgyNVowMzExMC8GA1UEAxMoODRENTMyODk2MkQwQURDQTc3MkVD QTJBNDI3RTA5N0YyODFDQ0VCNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALpovwlQOzzPgyLdO0C9VwIDea5mus9w4kY0sD45HGkGFn6smQ9xHSf9huKa AWRrGaYlJ2nTHewUjGH5XaebFLWKJnYZVWC4vxZ75Wrt0/hffifDSk3CyWq0ShSt 9/PwATrWTcTr9DU6ay8LsFbKNaFiLBdOVkhv8KRWObNRHXYyreajReTty2NdN4o5 A2wHpohJk46SN2Dfejt0c5LO6erPt/BwYVpTzGmJL1vsbwjEm2m7XN7dhQqH+aDX t3n05xBM3FTN+nQTCmtNj7s3U1ak+AXy6CKhs7aTDdkb203eQW47a6n6k5kcl72s o5kjg7IMjW12fYhZyHIOUZ4c7UMCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFITVMoli0K3Kdy7KKkJ+CX8oHM60MB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8wZjhkODI0ZC1kNmExLTQ1NDMtOWNmMC1kOTkyNjgzMmYyOWYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBmOGQ4MjRk LWQ2YTEtNDU0My05Y2YwLWQ5OTI2ODMyZjI5Zi8wLzg0RDUzMjg5NjJEMEFEQ0E3 NzJFQ0EyQTQyN0UwOTdGMjgxQ0NFQjQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACdQoMwDQYJKoZIhvcNAQELBQADggEBACWhYQdBiwNk1zgswS/xi2WwQQWRqHnm d5EUNugXwUbx3SUoNJiURy7SNLw+yxRuIsb37yQIUDOQHaTQJMLuT3sbtdRgvABH 6YctkbuRRZjd98+FXQF+NIZDXwrAkgOqOKAQHKyN7pTcky5k4XizDhScAqySNb6H f9/Ur0gpANAoBOYxK0Srt+qxEPbFnKAzTZLlUe3kiAkxjgmBrkVM9FTiq3BuEr+a k+RXcCyCATDkQAbES9Ipne1Ys4rJySVeuXky00quik0PPkzgGaWtMtbfrwVWaDUp z0JEWaqdcwGiR0OqOI9/M5zWPi3cJdpGcy2fYqh31epdWpmUqjzD5oM= -----END CERTIFICATE-----Generated at Fri Jun 21 22:04:32 2024 by rpki-client on console-fra.rpki-client.org