$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/9C948BB5F7C6539DB5D4585DBEEAF35AE23DDCA5.cer File: 9C948BB5F7C6539DB5D4585DBEEAF35AE23DDCA5.cer (raw, json) Hash identifier: DxookNCHcseqiF1uZuJpofJox+6j1ntMDWot+lxnZkQ= Subject key identifier: 9C:94:8B:B5:F7:C6:53:9D:B5:D4:58:5D:BE:EA:F3:5A:E2:3D:DC:A5 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 021D968ACCDDC3F6AC8538609DA7CE74EE73A58E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/356e42e6-c6cd-4ccd-bda7-5ae9a246044a/0/9C948BB5F7C6539DB5D4585DBEEAF35AE23DDCA5.mft caRepository: rsync://repo-rpki.idnic.net/repo/356e42e6-c6cd-4ccd-bda7-5ae9a246044a/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 02 Jul 2024 17:19:46 +0000 Certificate not after: Tue 01 Jul 2025 17:24:46 +0000 Subordinate resources: IP: 160.22.206.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 14:24:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:1d:96:8a:cc:dd:c3:f6:ac:85:38:60:9d:a7:ce:74:ee:73:a5:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jul 2 17:19:46 2024 GMT Not After : Jul 1 17:24:46 2025 GMT Subject: CN=9C948BB5F7C6539DB5D4585DBEEAF35AE23DDCA5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:c3:e0:cc:29:e7:be:a2:65:82:39:d1:7b:d6: 21:91:79:f1:23:ea:1f:30:ae:0b:d8:f9:2b:6b:ee: 68:6e:ea:de:0b:e4:e9:24:f4:6b:19:35:4e:f5:e8: 68:da:9c:4c:ca:4f:58:0e:e1:a0:de:1b:c9:b5:b8: a3:66:d1:59:cf:6a:e3:f6:8b:be:4a:df:05:b8:d1: cc:21:75:94:4d:cb:fa:ca:2d:f7:dc:80:31:b6:18: f4:bd:85:71:0c:be:71:02:36:f9:6b:ba:10:ac:71: 67:53:66:51:63:10:9c:48:5d:cf:a6:0c:d5:20:b5: 37:36:78:0f:6b:a4:67:39:41:36:8a:6d:f6:2b:00: fe:c7:3e:1d:63:9c:8d:8a:e4:31:75:cc:fe:3a:77: e9:f8:f8:d3:36:0d:b0:8a:b8:3a:f3:c6:6a:e2:bc: 71:c4:a7:e6:e1:a9:da:f3:0f:a7:08:a8:c6:28:86: 08:98:d5:cb:15:d6:7c:5c:76:62:18:5a:dc:38:f9: c7:c0:65:a5:e3:a6:2a:5b:99:e3:3b:f7:0c:dc:86: c0:ca:72:f9:39:c3:f3:bc:95:aa:e0:b6:00:72:9e: 74:a2:37:67:32:a0:71:bf:53:3d:d1:bf:b9:73:98: 12:0a:b7:80:0d:cd:e9:57:3d:96:33:8c:4d:97:88: 02:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 9C:94:8B:B5:F7:C6:53:9D:B5:D4:58:5D:BE:EA:F3:5A:E2:3D:DC:A5 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/356e42e6-c6cd-4ccd-bda7-5ae9a246044a/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/356e42e6-c6cd-4ccd-bda7-5ae9a246044a/0/9C948BB5F7C6539DB5D4585DBEEAF35AE23DDCA5.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.206.0/23 Signature Algorithm: sha256WithRSAEncryption 20:0c:72:1a:40:f3:49:d5:9e:0a:32:8a:2f:ae:2c:a0:d4:bc: be:f2:2a:a9:41:48:de:f6:1a:3f:bf:8b:a3:22:bf:d2:0b:de: 12:d8:a0:ce:fa:38:b7:c0:b5:25:9c:25:36:9e:e0:27:cf:f9: d5:45:3d:c2:f6:07:88:99:df:ca:97:65:03:39:0d:c5:5c:75: 83:0c:52:07:e0:4d:f1:8c:b6:ae:ed:5d:d3:d2:f8:d0:aa:0f: 94:9d:9f:ba:2d:37:66:9f:6b:03:8a:bb:4a:43:6e:58:3d:46: bb:76:fb:3a:68:db:77:a1:20:e5:81:83:0f:16:86:02:20:51: df:0b:f3:41:8b:7c:2d:af:5e:00:fd:3f:93:f9:62:7e:7d:79: ca:ba:b4:e2:e4:6e:c8:72:b9:64:4f:08:08:ea:53:d9:51:02: 27:7b:c5:32:24:f3:33:e8:b6:e6:fc:9c:3f:0b:ba:3b:a5:cc: d6:69:96:55:86:6c:b2:24:1b:9f:61:04:96:d5:f8:0d:2a:57: 30:83:9a:1d:8a:41:13:00:05:d3:49:e4:82:9a:cc:9e:a4:ea: 03:cb:74:aa:e0:40:6b:57:df:24:51:4f:d3:14:fd:69:d8:de: 53:47:e2:70:2d:7b:b6:3f:d5:b9:e6:27:80:d4:73:cd:88:90: 6a:1a:b9:49 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUAh2Wiszdw/ashThgnafOdO5zpY4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDcwMjE3MTk0NloX DTI1MDcwMTE3MjQ0NlowMzExMC8GA1UEAxMoOUM5NDhCQjVGN0M2NTM5REI1RDQ1 ODVEQkVFQUYzNUFFMjNERENBNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALPD4Mwp576iZYI50XvWIZF58SPqHzCuC9j5K2vuaG7q3gvk6ST0axk1TvXo aNqcTMpPWA7hoN4bybW4o2bRWc9q4/aLvkrfBbjRzCF1lE3L+sot99yAMbYY9L2F cQy+cQI2+Wu6EKxxZ1NmUWMQnEhdz6YM1SC1NzZ4D2ukZzlBNopt9isA/sc+HWOc jYrkMXXM/jp36fj40zYNsIq4OvPGauK8ccSn5uGp2vMPpwioxiiGCJjVyxXWfFx2 Yhha3Dj5x8BlpeOmKluZ4zv3DNyGwMpy+TnD87yVquC2AHKedKI3ZzKgcb9TPdG/ uXOYEgq3gA3N6Vc9ljOMTZeIAv0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFJyUi7X3xlOdtdRYXb7q81riPdylMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zNTZlNDJlNi1jNmNkLTRjY2QtYmRhNy01YWU5YTI0NjA0NGEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzM1NmU0MmU2 LWM2Y2QtNGNjZC1iZGE3LTVhZTlhMjQ2MDQ0YS8wLzlDOTQ4QkI1RjdDNjUzOURC NUQ0NTg1REJFRUFGMzVBRTIzRERDQTUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgFs4wDQYJKoZIhvcNAQELBQADggEBACAMchpA80nVngoyii+uLKDUvL7yKqlB SN72Gj+/i6Miv9IL3hLYoM76OLfAtSWcJTae4CfP+dVFPcL2B4iZ38qXZQM5DcVc dYMMUgfgTfGMtq7tXdPS+NCqD5Sdn7otN2afawOKu0pDblg9Rrt2+zpo23ehIOWB gw8WhgIgUd8L80GLfC2vXgD9P5P5Yn59ecq6tOLkbshyuWRPCAjqU9lRAid7xTIk 8zPotub8nD8LujulzNZpllWGbLIkG59hBJbV+A0qVzCDmh2KQRMABdNJ5IKazJ6k 6gPLdKrgQGtX3yRRT9MU/WnY3lNH4nAte7Y/1bnmJ4DUc82IkGoauUk= -----END CERTIFICATE-----Generated at Wed Nov 20 05:42:54 2024 by rpki-client on console-fra.rpki-client.org