$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.cer File: 95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.cer (raw, json) Hash identifier: 8YRjQB9Hs+2au4XJ9vOoIpb0ir7T89FLA7r8kbFkR/Q= Subject key identifier: 95:FA:C3:8A:5C:B2:CE:A3:E5:FF:E2:49:56:26:A7:BE:A3:28:D6:89 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 353ACB4455E027D51FB71AE9715158A437105A4F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft caRepository: rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 06 Jun 2024 05:41:05 +0000 Certificate not after: Thu 05 Jun 2025 05:46:05 +0000 Subordinate resources: IP: 160.19.88.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 25 Jun 2024 03:51:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:3a:cb:44:55:e0:27:d5:1f:b7:1a:e9:71:51:58:a4:37:10:5a:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 6 05:41:05 2024 GMT Not After : Jun 5 05:46:05 2025 GMT Subject: CN=95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:2e:de:d8:d6:a3:fd:6b:2a:24:1f:76:15:f4: c7:a3:0f:d8:6a:8b:44:d3:af:cd:c6:75:78:1f:7b: 17:f9:7c:4f:12:cd:ff:4d:55:3f:72:68:fa:6c:aa: e3:e5:83:49:a0:65:f8:df:41:61:a8:89:c8:30:c6: c6:4b:22:43:08:27:aa:f9:be:19:b9:c1:86:18:75: b3:3c:18:5e:c8:4c:a0:0d:b7:ba:4a:90:2d:aa:e0: 94:57:dd:01:4d:31:ba:0e:57:d6:a8:29:48:0e:27: 22:2e:96:b0:9d:8e:be:70:c7:0d:fe:27:da:8c:ba: 41:f3:1e:b1:39:ff:ae:55:d5:69:88:40:b1:83:f0: 9e:78:18:96:90:82:ce:c9:34:13:16:26:a2:bf:3f: cf:8c:0d:32:bb:78:dd:e6:b4:d5:64:b9:0e:9b:1d: e1:70:82:f3:9c:70:69:66:b2:fa:7c:1c:30:f5:d8: 5a:2f:10:79:d4:2c:5e:62:8f:0a:e8:50:88:94:63: 26:40:82:de:fe:d5:9f:77:33:88:66:45:6d:b6:90: 5f:0c:32:f5:bc:39:31:02:94:45:f6:e6:43:ca:3d: 10:f3:0c:81:1d:50:48:c5:bd:f5:03:28:13:21:b3: 18:06:82:47:1d:1c:5e:cc:bf:9e:6f:24:cf:05:97: 7d:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 95:FA:C3:8A:5C:B2:CE:A3:E5:FF:E2:49:56:26:A7:BE:A3:28:D6:89 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/84da415b-5f17-4602-9bd9-fd84ac2cae86/0/95FAC38A5CB2CEA3E5FFE2495626A7BEA328D689.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.19.88.0/24 Signature Algorithm: sha256WithRSAEncryption 58:71:cf:bb:86:61:62:a1:20:7b:a4:1f:04:86:7f:62:9f:ec: d5:35:9f:f7:61:cb:e5:f6:0b:da:7b:e7:9d:ab:a7:fb:2f:25: be:89:0b:88:eb:fe:1b:78:78:32:3c:b4:f7:48:3a:cc:dc:f8: 5c:fb:f6:c0:c1:3e:36:ee:25:53:15:53:5f:96:4f:9b:3c:02: cb:1e:ed:b4:29:3d:af:94:e6:09:67:47:0e:66:56:2f:75:13: 79:01:68:87:48:0e:02:ad:8b:03:45:a8:81:e6:f7:bb:b8:5f: e3:2e:6c:ef:94:06:10:9a:61:f3:2f:34:12:a0:18:94:bf:61: d6:33:ec:3d:a0:eb:ec:35:c9:fb:ae:aa:b9:04:8f:5a:ab:4b: 15:a4:d6:46:40:0d:37:8f:86:4e:29:b3:54:6b:5c:eb:3d:9c: 79:23:d3:4e:e4:d8:8c:25:0e:24:89:3f:74:42:1c:31:0d:d6: 9b:7a:80:e3:ba:73:ae:fd:5f:8f:e4:d7:87:8f:75:1d:6b:94: bf:7a:82:2c:d1:dd:50:15:2e:a8:1d:17:f5:a3:25:e4:cc:ce: 42:77:12:bb:95:95:8d:da:d7:d0:38:e7:fa:bb:0e:66:3b:ae: e7:ba:49:9f:85:12:e6:9b:ac:77:7e:ed:cd:64:2d:18:cb:cd: da:31:2e:28 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUNTrLRFXgJ9UftxrpcVFYpDcQWk8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDYwNjA1NDEwNVoX DTI1MDYwNTA1NDYwNVowMzExMC8GA1UEAxMoOTVGQUMzOEE1Q0IyQ0VBM0U1RkZF MjQ5NTYyNkE3QkVBMzI4RDY4OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJwu3tjWo/1rKiQfdhX0x6MP2GqLRNOvzcZ1eB97F/l8TxLN/01VP3Jo+myq 4+WDSaBl+N9BYaiJyDDGxksiQwgnqvm+GbnBhhh1szwYXshMoA23ukqQLarglFfd AU0xug5X1qgpSA4nIi6WsJ2OvnDHDf4n2oy6QfMesTn/rlXVaYhAsYPwnngYlpCC zsk0ExYmor8/z4wNMrt43ea01WS5Dpsd4XCC85xwaWay+nwcMPXYWi8QedQsXmKP CuhQiJRjJkCC3v7Vn3cziGZFbbaQXwwy9bw5MQKURfbmQ8o9EPMMgR1QSMW99QMo EyGzGAaCRx0cXsy/nm8kzwWXfRsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFJX6w4pcss6j5f/iSVYmp76jKNaJMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by84NGRhNDE1Yi01ZjE3LTQ2MDItOWJkOS1mZDg0YWMyY2FlODYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzg0ZGE0MTVi LTVmMTctNDYwMi05YmQ5LWZkODRhYzJjYWU4Ni8wLzk1RkFDMzhBNUNCMkNFQTNF NUZGRTI0OTU2MjZBN0JFQTMyOEQ2ODkubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACgE1gwDQYJKoZIhvcNAQELBQADggEBAFhxz7uGYWKhIHukHwSGf2Kf7NU1n/dh y+X2C9p7552rp/svJb6JC4jr/ht4eDI8tPdIOszc+Fz79sDBPjbuJVMVU1+WT5s8 Asse7bQpPa+U5glnRw5mVi91E3kBaIdIDgKtiwNFqIHm97u4X+MubO+UBhCaYfMv NBKgGJS/YdYz7D2g6+w1yfuuqrkEj1qrSxWk1kZADTePhk4ps1RrXOs9nHkj007k 2IwlDiSJP3RCHDEN1pt6gOO6c679X4/k14ePdR1rlL96gizR3VAVLqgdF/WjJeTM zkJ3EruVlY3a19A45/q7DmY7rue6SZ+FEuabrHd+7c1kLRjLzdoxLig= -----END CERTIFICATE-----Generated at Fri Jun 21 21:25:33 2024 by rpki-client on console-ams.rpki-client.org