$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer File: AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer (raw, json) Hash identifier: ifl5mSnwnZ/v01oL/QYvWN5TlA+718PJT1aa5FloUdY= Subject key identifier: AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 3D2C2DC6FF7A8959BF90CCABD5E21CAA26CB3312 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft caRepository: rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 13 Aug 2024 09:58:19 +0000 Certificate not after: Tue 12 Aug 2025 10:03:19 +0000 Subordinate resources: IP: 160.25.152.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 14:24:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:2c:2d:c6:ff:7a:89:59:bf:90:cc:ab:d5:e2:1c:aa:26:cb:33:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Aug 13 09:58:19 2024 GMT Not After : Aug 12 10:03:19 2025 GMT Subject: CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:78:f6:a7:18:81:05:ff:24:6e:2f:de:6a:6c: 65:0a:b1:af:3b:1f:7c:d0:f0:a4:74:98:7b:79:56: 3b:eb:5c:f4:e0:e7:aa:f5:59:58:99:05:71:06:25: 0f:82:73:7f:1e:3c:65:5a:8d:f3:67:ce:1f:cd:2b: cb:e8:a4:b6:64:7c:fd:c6:1d:7d:b4:44:df:58:6f: 15:cc:00:b8:80:16:52:94:3c:12:ef:81:fa:e0:b4: 11:53:cb:80:2d:6f:9e:33:41:46:73:4b:27:36:2a: fd:dd:97:0a:44:b8:1c:25:b7:f1:9d:ad:dd:cd:79: 7d:64:eb:91:fc:32:ff:6c:2c:cc:9e:4d:48:80:52: 1a:90:f0:42:40:e7:67:7f:cb:77:af:f2:e7:b5:81: 10:83:ba:c1:42:fd:8d:c9:f1:07:91:5c:78:98:a8: da:de:c8:75:1e:f6:e7:59:1f:24:0a:7c:47:34:81: ed:97:18:1a:1c:6b:cf:50:83:4d:c4:99:10:12:b6: c8:df:de:d1:86:f6:00:35:90:8a:ad:f4:1f:26:4c: fd:7d:e3:ea:e5:6b:8b:60:58:f2:d3:fe:55:0f:5e: ce:c1:46:ea:46:75:27:e3:8b:0e:4e:3b:d2:74:aa: cb:ff:aa:ab:82:31:37:c7:6c:9b:f5:a1:ef:e7:a3: 4e:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.25.152.0/24 Signature Algorithm: sha256WithRSAEncryption 97:10:71:46:7a:ba:a6:d2:29:88:36:ec:aa:3a:d1:16:b7:b5: 98:44:b8:25:d0:81:96:4e:ae:da:4d:b6:ae:a4:c6:4a:0e:c7: cf:a5:7d:45:83:7b:9b:04:cf:9c:e3:e2:b4:3e:ff:57:de:81: 3e:3f:70:56:bb:32:f5:25:04:b6:62:10:d2:3f:dd:6a:47:e9: 61:a5:b1:e8:5c:58:71:51:98:cd:86:92:b3:0f:d9:92:6d:dc: 10:cf:b9:d2:a9:22:76:64:b0:26:b5:c0:14:f3:49:40:f9:68: 45:60:b9:bc:d4:9d:28:05:96:8e:8c:bc:e6:98:4c:b4:de:c0: 70:4f:aa:66:ad:ad:f7:cf:13:8b:67:df:54:ef:ee:28:35:db: 81:b8:77:00:92:f1:f4:e7:8c:e7:94:47:98:a1:6a:52:6b:3e: 3b:bd:b0:61:0e:92:da:c1:f2:51:1f:b4:d3:26:c2:01:4b:8a: 0d:da:32:82:fb:3a:47:d9:37:a1:48:ed:3e:37:92:ec:fb:20: 99:f6:43:b5:1d:23:5e:c2:1f:1b:8b:fe:a2:0f:56:52:a1:86: ae:50:b7:2c:91:88:21:f1:69:c7:95:2e:ea:36:2e:74:4a:dc: fa:9d:6f:4a:86:b6:2b:92:9e:24:22:3a:5d:12:28:f1:3d:23: db:d1:a2:cc -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUPSwtxv96iVm/kMyr1eIcqibLMxIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDgxMzA5NTgxOVoX DTI1MDgxMjEwMDMxOVowMzExMC8GA1UEAxMoQUEzRDdGNTAzQzk5QzBBQjYzMEQ1 NEM1MjgzODNDMzQwMkQ2QUYyMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMV49qcYgQX/JG4v3mpsZQqxrzsffNDwpHSYe3lWO+tc9ODnqvVZWJkFcQYl D4Jzfx48ZVqN82fOH80ry+iktmR8/cYdfbRE31hvFcwAuIAWUpQ8Eu+B+uC0EVPL gC1vnjNBRnNLJzYq/d2XCkS4HCW38Z2t3c15fWTrkfwy/2wszJ5NSIBSGpDwQkDn Z3/Ld6/y57WBEIO6wUL9jcnxB5FceJio2t7IdR7251kfJAp8RzSB7ZcYGhxrz1CD TcSZEBK2yN/e0Yb2ADWQiq30HyZM/X3j6uVri2BY8tP+VQ9ezsFG6kZ1J+OLDk47 0nSqy/+qq4IxN8dsm/Wh7+ejTl0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKo9f1A8mcCrYw1UxSg4PDQC1q8hMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by85NmNkMDMyNS0zMWFmLTRmZmUtOGJlYi1lNzc5OTdlNmMzZTEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk2Y2QwMzI1 LTMxYWYtNGZmZS04YmViLWU3Nzk5N2U2YzNlMS8wL0FBM0Q3RjUwM0M5OUMwQUI2 MzBENTRDNTI4MzgzQzM0MDJENkFGMjEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACgGZgwDQYJKoZIhvcNAQELBQADggEBAJcQcUZ6uqbSKYg27Ko60Ra3tZhEuCXQ gZZOrtpNtq6kxkoOx8+lfUWDe5sEz5zj4rQ+/1fegT4/cFa7MvUlBLZiENI/3WpH 6WGlsehcWHFRmM2GkrMP2ZJt3BDPudKpInZksCa1wBTzSUD5aEVgubzUnSgFlo6M vOaYTLTewHBPqmatrffPE4tn31Tv7ig124G4dwCS8fTnjOeUR5ihalJrPju9sGEO ktrB8lEftNMmwgFLig3aMoL7OkfZN6FI7T43kuz7IJn2Q7UdI17CHxuL/qIPVlKh hq5QtyyRiCHxaceVLuo2LnRK3Pqdb0qGtiuSniQiOl0SKPE9I9vRosw= -----END CERTIFICATE-----Generated at Wed Nov 20 05:42:54 2024 by rpki-client on console-fra.rpki-client.org