$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/9D23189F67CA669A4612567DD77CC645E3AFDF71.cer File: 9D23189F67CA669A4612567DD77CC645E3AFDF71.cer (raw, json) Hash identifier: lHrbSljmTxx1tpayxSWVRxgRWriLnNCFZEglj+3Hnz8= Subject key identifier: 9D:23:18:9F:67:CA:66:9A:46:12:56:7D:D7:7C:C6:45:E3:AF:DF:71 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 3CC7B9426BEED9AD4995F178D1D2AD92EF4D2B0E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/935acb07-9d5f-497f-9932-33a434d3aa32/0/9D23189F67CA669A4612567DD77CC645E3AFDF71.mft caRepository: rsync://repo-rpki.idnic.net/repo/935acb07-9d5f-497f-9932-33a434d3aa32/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 04 Mar 2025 19:54:24 +0000 Certificate not after: Tue 03 Mar 2026 19:59:24 +0000 Subordinate resources: IP: 157.15.76.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 21:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:c7:b9:42:6b:ee:d9:ad:49:95:f1:78:d1:d2:ad:92:ef:4d:2b:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Mar 4 19:54:24 2025 GMT Not After : Mar 3 19:59:24 2026 GMT Subject: CN=9D23189F67CA669A4612567DD77CC645E3AFDF71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:bd:1e:f5:f8:29:80:40:53:51:93:c6:27:bd: 82:16:ea:b1:45:48:95:d5:9c:81:27:b2:b3:e4:35: a0:c5:6f:d1:e6:c5:3a:14:77:22:1d:7a:bc:7e:f0: 90:e0:4d:66:54:d6:59:d7:09:67:4e:5b:61:c7:f6: 95:dc:2a:2c:6b:2b:79:fc:cd:73:f9:bf:25:5c:5f: ad:f1:8b:97:07:64:72:84:84:7f:dd:c2:d4:16:31: cb:1c:8b:60:69:74:92:5b:e7:47:7c:a6:a9:4c:63: 6d:36:9a:87:22:df:22:9e:4c:88:b6:8e:ef:68:3d: 30:b7:f2:71:d9:5c:07:74:e8:e7:56:71:6d:c1:2a: be:56:ab:11:df:35:b6:ef:ce:a6:1d:c7:55:f6:f5: b0:24:32:a5:3a:ec:d7:d4:4b:6e:0f:06:45:66:e8: cd:a6:b9:d0:06:ff:33:bd:be:44:47:55:8e:a0:53: 19:40:ab:92:7d:dc:ef:c8:ef:5f:03:01:20:d2:99: b7:45:fb:c1:17:fa:0b:a3:96:51:9d:39:de:bf:1c: ea:8e:2d:4e:90:38:16:df:d1:13:70:c4:b2:3b:f7: 00:6e:24:32:64:a3:b9:3f:05:58:7c:17:7e:7a:21: b1:d2:0f:61:86:29:73:9a:fe:56:96:bf:72:47:73: 41:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 9D:23:18:9F:67:CA:66:9A:46:12:56:7D:D7:7C:C6:45:E3:AF:DF:71 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/935acb07-9d5f-497f-9932-33a434d3aa32/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/935acb07-9d5f-497f-9932-33a434d3aa32/0/9D23189F67CA669A4612567DD77CC645E3AFDF71.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.76.0/24 Signature Algorithm: sha256WithRSAEncryption 47:17:c5:31:95:d6:6b:1f:6d:f5:52:80:7a:0b:11:55:ca:cc: cd:10:da:70:df:ba:c6:04:48:e9:da:72:85:a1:64:d4:e6:21: 91:65:96:61:79:7a:1f:68:5d:35:1b:fd:99:df:72:d7:f9:3e: 0a:75:3c:bc:23:80:c1:32:bb:61:20:a3:2e:69:42:d8:3c:c8: 2d:ba:b2:f6:13:3b:c8:c5:7f:20:ae:32:9d:3b:0c:38:a1:b9: de:2e:83:3d:c3:7c:d4:ac:8d:b8:0c:94:ee:e6:36:2c:32:e1: 33:1f:f8:a0:51:b0:34:ad:87:20:6c:d6:3b:87:09:9c:9c:17: 37:11:89:81:05:27:ea:86:9f:00:52:b4:04:27:3e:5b:7d:18: e0:d3:8a:8d:c2:ff:ed:ea:48:72:3a:98:57:ac:fe:da:9c:10: e0:f0:4d:7a:e0:02:b6:48:c6:38:91:4e:47:06:ba:cc:67:dd: 4c:45:61:25:30:a6:59:cd:b8:af:14:fd:98:10:09:57:d6:02: f6:6b:23:a0:46:50:6e:6c:f3:f4:e7:d3:1e:a8:a6:19:63:4f: 10:9e:6b:48:52:ee:a7:75:b0:c5:77:59:5d:7a:24:ed:05:3a: fa:70:a3:4e:3d:e3:fc:13:22:39:0e:15:34:02:bb:3e:5e:78: c9:bd:1e:a6 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUPMe5Qmvu2a1JlfF40dKtku9NKw4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDMwNDE5NTQyNFoX DTI2MDMwMzE5NTkyNFowMzExMC8GA1UEAxMoOUQyMzE4OUY2N0NBNjY5QTQ2MTI1 NjdERDc3Q0M2NDVFM0FGREY3MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAN+9HvX4KYBAU1GTxie9ghbqsUVIldWcgSeys+Q1oMVv0ebFOhR3Ih16vH7w kOBNZlTWWdcJZ05bYcf2ldwqLGsrefzNc/m/JVxfrfGLlwdkcoSEf93C1BYxyxyL YGl0klvnR3ymqUxjbTaahyLfIp5MiLaO72g9MLfycdlcB3To51ZxbcEqvlarEd81 tu/Oph3HVfb1sCQypTrs19RLbg8GRWbozaa50Ab/M72+REdVjqBTGUCrkn3c78jv XwMBINKZt0X7wRf6C6OWUZ053r8c6o4tTpA4Ft/RE3DEsjv3AG4kMmSjuT8FWHwX fnohsdIPYYYpc5r+Vpa/ckdzQesCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFJ0jGJ9nymaaRhJWfdd8xkXjr99xMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by85MzVhY2IwNy05ZDVmLTQ5N2YtOTkzMi0zM2E0MzRkM2FhMzIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzkzNWFjYjA3 LTlkNWYtNDk3Zi05OTMyLTMzYTQzNGQzYWEzMi8wLzlEMjMxODlGNjdDQTY2OUE0 NjEyNTY3REQ3N0NDNjQ1RTNBRkRGNzEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACdD0wwDQYJKoZIhvcNAQELBQADggEBAEcXxTGV1msfbfVSgHoLEVXKzM0Q2nDf usYESOnacoWhZNTmIZFllmF5eh9oXTUb/Znfctf5Pgp1PLwjgMEyu2Egoy5pQtg8 yC26svYTO8jFfyCuMp07DDihud4ugz3DfNSsjbgMlO7mNiwy4TMf+KBRsDSthyBs 1juHCZycFzcRiYEFJ+qGnwBStAQnPlt9GODTio3C/+3qSHI6mFes/tqcEODwTXrg ArZIxjiRTkcGusxn3UxFYSUwplnNuK8U/ZgQCVfWAvZrI6BGUG5s8/Tn0x6ophlj TxCea0hS7qd1sMV3WV16JO0FOvpwo0494/wTIjkOFTQCuz5eeMm9HqY= -----END CERTIFICATE-----Generated at Mon Apr 7 09:41:48 2025 by rpki-client