$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/C4FCDC424C5B4B2A563F0D072573A5492ACF8E36.cer File: C4FCDC424C5B4B2A563F0D072573A5492ACF8E36.cer (raw, json) Hash identifier: pAvF4NuGTrRFdagV6HSR6OMTBXYA1VX0qnaHaZfe4Mk= Subject key identifier: C4:FC:DC:42:4C:5B:4B:2A:56:3F:0D:07:25:73:A5:49:2A:CF:8E:36 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 55EDB039AAA648EEC9DFE28BE7DA67350E620853 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/f1b267a4-5030-4a4f-bb86-71fd230f53d1/0/C4FCDC424C5B4B2A563F0D072573A5492ACF8E36.mft caRepository: rsync://repo-rpki.idnic.net/repo/f1b267a4-5030-4a4f-bb86-71fd230f53d1/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 14 May 2024 07:19:47 +0000 Certificate not after: Tue 13 May 2025 07:24:47 +0000 Subordinate resources: IP: 157.66.38.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 25 Jun 2024 03:51:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:ed:b0:39:aa:a6:48:ee:c9:df:e2:8b:e7:da:67:35:0e:62:08:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 14 07:19:47 2024 GMT Not After : May 13 07:24:47 2025 GMT Subject: CN=C4FCDC424C5B4B2A563F0D072573A5492ACF8E36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:2a:41:0c:b2:f0:8c:ee:4f:8d:c2:09:0d:76: 5f:9b:57:2e:f7:87:d1:99:ab:fb:08:ec:f0:17:19: 9c:42:f5:c6:e4:3c:cb:74:a1:ad:e7:bb:59:d8:4c: fa:d5:24:5f:bf:1b:5b:54:5a:8a:00:bf:f3:ca:1f: 51:6f:6f:d4:51:90:5b:b0:ae:d9:e4:9b:58:0f:bf: f0:35:de:b4:8a:e0:53:a3:88:ff:dc:ed:4c:80:f5: a3:36:69:f2:52:a2:7f:e9:e2:db:62:cf:00:7e:bf: 17:6d:1b:7d:fd:05:38:40:b1:1d:91:45:cb:3b:93: 9a:5b:68:ca:04:aa:11:9c:5f:5b:f7:df:7f:c3:fe: 67:a4:3e:d4:66:44:93:c7:8f:99:6a:1e:9a:22:2a: e0:89:b1:20:e3:02:0b:3a:cf:32:da:bf:a3:7e:d1: a8:39:9a:af:c5:d7:6a:a5:bc:ea:d8:dd:46:8e:11: 93:8b:74:8c:3f:ca:4c:99:15:a5:21:3a:0c:a0:e5: 49:35:1b:f9:cc:fb:69:7f:a5:43:00:55:61:7d:8a: 2a:fb:e1:74:8e:c1:fb:1d:95:a8:8f:d7:5f:3c:51: 33:ae:a7:1f:ed:9d:a8:39:89:78:a6:2a:03:99:0a: 64:ac:4b:bb:15:25:e5:06:c7:b0:b5:5c:80:a3:5e: 93:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: C4:FC:DC:42:4C:5B:4B:2A:56:3F:0D:07:25:73:A5:49:2A:CF:8E:36 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/f1b267a4-5030-4a4f-bb86-71fd230f53d1/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/f1b267a4-5030-4a4f-bb86-71fd230f53d1/0/C4FCDC424C5B4B2A563F0D072573A5492ACF8E36.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.38.0/23 Signature Algorithm: sha256WithRSAEncryption 81:1b:5f:97:b0:7d:db:73:71:61:0d:6e:01:60:8c:4f:2b:98: 17:ac:77:b3:bb:06:bd:68:aa:2c:9a:4b:27:53:10:45:3d:61: f3:fa:73:29:7a:e8:d5:82:84:a5:7c:25:84:6f:1e:3a:90:0e: 06:9c:1d:11:90:1d:44:32:e3:96:7b:f3:5c:a7:ae:fb:6b:b9: f9:69:49:74:97:d0:52:f0:2c:9d:61:0f:6b:1d:e9:b8:4b:37: 97:ac:d6:bc:c0:60:9c:20:1e:b0:02:a7:1c:06:e8:b5:4f:66: 1e:31:ef:3d:cf:c8:63:72:fa:c3:ec:98:80:46:02:00:84:f6: c8:c2:95:92:26:ad:46:f9:96:22:3d:10:3a:4f:22:6e:73:75: d4:9c:70:41:53:73:e2:b1:47:e6:db:b2:70:53:ad:8b:d9:54: 39:7d:f4:ed:60:d7:1e:91:f1:39:db:fe:51:7a:4f:e6:ca:f8: b3:38:33:81:d2:b6:7d:a0:04:48:e1:44:c2:42:59:1d:0a:7b: bf:f8:32:78:fe:cd:c5:73:a5:3b:71:30:2f:b6:02:72:51:5e: e2:11:55:0f:20:fe:6a:f8:ea:8d:91:6a:d2:1d:bc:5c:2b:69: e5:04:cb:f6:1b:00:e8:d0:9f:f3:e1:dd:f5:58:a2:79:fd:28: 9c:6f:67:f6 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUVe2wOaqmSO7J3+KL59pnNQ5iCFMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDUxNDA3MTk0N1oX DTI1MDUxMzA3MjQ0N1owMzExMC8GA1UEAxMoQzRGQ0RDNDI0QzVCNEIyQTU2M0Yw RDA3MjU3M0E1NDkyQUNGOEUzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOUqQQyy8IzuT43CCQ12X5tXLveH0Zmr+wjs8BcZnEL1xuQ8y3Shree7WdhM +tUkX78bW1RaigC/88ofUW9v1FGQW7Cu2eSbWA+/8DXetIrgU6OI/9ztTID1ozZp 8lKif+ni22LPAH6/F20bff0FOECxHZFFyzuTmltoygSqEZxfW/fff8P+Z6Q+1GZE k8ePmWoemiIq4ImxIOMCCzrPMtq/o37RqDmar8XXaqW86tjdRo4Rk4t0jD/KTJkV pSE6DKDlSTUb+cz7aX+lQwBVYX2KKvvhdI7B+x2VqI/XXzxRM66nH+2dqDmJeKYq A5kKZKxLuxUl5QbHsLVcgKNekxkCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFMT83EJMW0sqVj8NByVzpUkqz442MB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9mMWIyNjdhNC01MDMwLTRhNGYtYmI4Ni03MWZkMjMwZjUzZDEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2YxYjI2N2E0 LTUwMzAtNGE0Zi1iYjg2LTcxZmQyMzBmNTNkMS8wL0M0RkNEQzQyNEM1QjRCMkE1 NjNGMEQwNzI1NzNBNTQ5MkFDRjhFMzYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGdQiYwDQYJKoZIhvcNAQELBQADggEBAIEbX5ewfdtzcWENbgFgjE8rmBesd7O7 Br1oqiyaSydTEEU9YfP6cyl66NWChKV8JYRvHjqQDgacHRGQHUQy45Z781ynrvtr uflpSXSX0FLwLJ1hD2sd6bhLN5es1rzAYJwgHrACpxwG6LVPZh4x7z3PyGNy+sPs mIBGAgCE9sjClZImrUb5liI9EDpPIm5zddSccEFTc+KxR+bbsnBTrYvZVDl99O1g 1x6R8Tnb/lF6T+bK+LM4M4HStn2gBEjhRMJCWR0Ke7/4Mnj+zcVzpTtxMC+2AnJR XuIRVQ8g/mr46o2RatIdvFwraeUEy/YbAOjQn/Ph3fVYonn9KJxvZ/Y= -----END CERTIFICATE-----Generated at Fri Jun 21 21:25:33 2024 by rpki-client on console-ams.rpki-client.org