$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.cer File: BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.cer (raw, json) Hash identifier: UcVTo5zEWZM4qosi1sb7dnFJ4XdNPgAhPcl3jeEmvv0= Subject key identifier: BC:A0:C1:EF:5A:4A:B3:AE:F4:25:E1:5A:B8:9A:19:CD:E5:68:82:44 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 602762804D44F6750219B884F41613089E65259C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.mft caRepository: rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 15 Jun 2024 05:28:13 +0000 Certificate not after: Sat 14 Jun 2025 05:33:13 +0000 Subordinate resources: IP: 160.20.38.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 25 Jun 2024 03:51:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:27:62:80:4d:44:f6:75:02:19:b8:84:f4:16:13:08:9e:65:25:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jun 15 05:28:13 2024 GMT Not After : Jun 14 05:33:13 2025 GMT Subject: CN=BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:48:33:40:e6:e8:c6:82:4e:0f:38:42:6b:53: de:8d:66:5f:51:da:ac:a6:34:5d:d6:a9:49:db:9b: 23:67:1f:97:02:03:5c:c2:19:75:ca:05:99:a0:4b: 74:d2:f7:4a:65:ba:de:c0:49:33:51:7c:4a:7d:ec: 91:bd:b3:6f:93:b1:8d:97:65:84:13:40:0a:53:e1: 85:4f:33:07:59:c2:2b:8a:43:39:9e:12:4b:57:2d: 83:2b:32:ab:11:4f:5b:e7:44:15:35:ea:b4:5a:c3: ca:7f:0b:e3:c9:ba:35:d3:22:41:ca:36:c9:89:f3: 49:89:43:de:0c:3a:67:d1:8a:f3:b4:65:2e:5c:86: ab:07:79:7d:e2:e3:a5:fe:e6:fc:a5:36:6b:7c:81: e8:cd:45:88:75:de:af:f1:78:1f:3d:31:76:15:93: e4:90:ec:50:15:d8:df:06:d8:6b:20:20:9a:8b:5b: 57:50:db:08:eb:9b:6a:8d:a0:fd:cb:fc:98:a7:71: e7:b8:f7:3b:c8:b5:5d:c9:b3:e8:e1:34:ff:be:95: 40:55:68:b3:04:d4:3d:2c:a5:26:d4:30:07:be:45: ec:2e:b1:6c:f0:5b:17:85:3e:60:ac:0d:a8:cd:a9: fb:c0:eb:bb:09:51:88:3f:22:fb:ba:b3:6e:87:2e: 0c:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: BC:A0:C1:EF:5A:4A:B3:AE:F4:25:E1:5A:B8:9A:19:CD:E5:68:82:44 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/dfe7dacc-2b45-4141-9775-f1bb9f052396/0/BCA0C1EF5A4AB3AEF425E15AB89A19CDE5688244.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.20.38.0/23 Signature Algorithm: sha256WithRSAEncryption 09:c6:1e:29:d6:e5:5e:73:e0:21:88:a4:60:68:36:4f:f9:45: c3:01:dd:11:ee:58:dc:40:da:c4:ea:af:67:79:ed:4d:4b:31: b7:15:95:6f:f7:fc:c6:b0:37:8d:35:43:97:48:ed:12:aa:e5: 04:b2:a8:f3:df:8e:30:1b:5e:b1:3a:e8:31:89:4f:b9:b6:93: a9:bf:14:fd:ef:f4:d4:c1:17:1c:42:e4:06:fb:c1:9b:a9:67: 14:cd:16:08:6d:0a:6c:e7:39:16:52:87:8e:64:bd:ac:5a:23: 07:50:f9:ab:8d:f1:0d:81:e5:c2:06:f9:5d:84:77:d6:91:9d: a4:3b:49:2e:60:e5:9a:59:2e:5a:7f:76:04:d5:5b:b1:26:60: fe:da:4d:22:52:fb:c4:fb:a0:b3:d5:f2:ce:60:f7:5c:9c:23: a0:71:97:7f:66:d8:62:5d:19:3d:77:d9:17:e6:21:c0:17:90: 07:38:bc:67:e1:e9:73:7a:aa:f0:af:b3:4d:40:c4:8c:06:fc: f2:2c:42:82:65:57:2f:a4:44:cd:35:dc:7e:22:58:5e:d2:eb: 7c:c6:6d:e4:46:55:29:85:a5:05:f7:ab:06:d0:7b:00:21:f4: 5a:90:7b:e6:fd:03:b5:d3:eb:61:e9:d3:a3:ec:1e:dd:65:02: f9:96:55:ae -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUYCdigE1E9nUCGbiE9BYTCJ5lJZwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDYxNTA1MjgxM1oX DTI1MDYxNDA1MzMxM1owMzExMC8GA1UEAxMoQkNBMEMxRUY1QTRBQjNBRUY0MjVF MTVBQjg5QTE5Q0RFNTY4ODI0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALFIM0Dm6MaCTg84QmtT3o1mX1HarKY0XdapSdubI2cflwIDXMIZdcoFmaBL dNL3SmW63sBJM1F8Sn3skb2zb5OxjZdlhBNAClPhhU8zB1nCK4pDOZ4SS1ctgysy qxFPW+dEFTXqtFrDyn8L48m6NdMiQco2yYnzSYlD3gw6Z9GK87RlLlyGqwd5feLj pf7m/KU2a3yB6M1FiHXer/F4Hz0xdhWT5JDsUBXY3wbYayAgmotbV1DbCOubao2g /cv8mKdx57j3O8i1Xcmz6OE0/76VQFVoswTUPSylJtQwB75F7C6xbPBbF4U+YKwN qM2p+8DruwlRiD8i+7qzbocuDPkCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFLygwe9aSrOu9CXhWriaGc3laIJEMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9kZmU3ZGFjYy0yYjQ1LTQxNDEtOTc3NS1mMWJiOWYwNTIzOTYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2RmZTdkYWNj LTJiNDUtNDE0MS05Nzc1LWYxYmI5ZjA1MjM5Ni8wL0JDQTBDMUVGNUE0QUIzQUVG NDI1RTE1QUI4OUExOUNERTU2ODgyNDQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGgFCYwDQYJKoZIhvcNAQELBQADggEBAAnGHinW5V5z4CGIpGBoNk/5RcMB3RHu WNxA2sTqr2d57U1LMbcVlW/3/MawN401Q5dI7RKq5QSyqPPfjjAbXrE66DGJT7m2 k6m/FP3v9NTBFxxC5Ab7wZupZxTNFghtCmznORZSh45kvaxaIwdQ+auN8Q2B5cIG +V2Ed9aRnaQ7SS5g5ZpZLlp/dgTVW7EmYP7aTSJS+8T7oLPV8s5g91ycI6Bxl39m 2GJdGT132RfmIcAXkAc4vGfh6XN6qvCvs01AxIwG/PIsQoJlVy+kRM013H4iWF7S 63zGbeRGVSmFpQX3qwbQewAh9FqQe+b9A7XT62Hp06PsHt1lAvmWVa4= -----END CERTIFICATE-----Generated at Fri Jun 21 21:25:33 2024 by rpki-client on console-ams.rpki-client.org