$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/D0DD5404781ABEE3CF6A74ADA8E93F41ED4B5F85.cer File: D0DD5404781ABEE3CF6A74ADA8E93F41ED4B5F85.cer (raw, json) Hash identifier: v/R7qZm2uQ5tDWoASf8H5d95wejYbbG17JsgcJlOQt8= Subject key identifier: D0:DD:54:04:78:1A:BE:E3:CF:6A:74:AD:A8:E9:3F:41:ED:4B:5F:85 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 68EBF29048073E2A8649188C6B46E79EC229FA11 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/b12bf863-a1f0-42d0-9e3a-3f9ff69a2d15/0/D0DD5404781ABEE3CF6A74ADA8E93F41ED4B5F85.mft caRepository: rsync://repo-rpki.idnic.net/repo/b12bf863-a1f0-42d0-9e3a-3f9ff69a2d15/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 05 Jul 2024 02:29:10 +0000 Certificate not after: Fri 04 Jul 2025 02:34:10 +0000 Subordinate resources: IP: 157.66.250.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 14:24:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:eb:f2:90:48:07:3e:2a:86:49:18:8c:6b:46:e7:9e:c2:29:fa:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Jul 5 02:29:10 2024 GMT Not After : Jul 4 02:34:10 2025 GMT Subject: CN=D0DD5404781ABEE3CF6A74ADA8E93F41ED4B5F85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:13:66:02:45:11:70:eb:8a:91:3d:a7:b6:5b: 83:46:b4:78:4f:f7:4b:7c:ab:8c:3e:a9:a9:16:2f: 77:e4:6e:1e:e7:d4:f8:e7:97:23:c2:ba:a6:8b:d1: 2d:7f:57:bc:3a:33:27:8e:20:42:2f:e3:4f:20:78: 5f:4a:7f:4c:f6:45:5b:4f:82:ba:03:1d:6e:37:3c: 57:c1:ee:32:58:62:df:6f:28:99:8e:92:72:3d:4f: 47:00:b6:c7:f5:73:1a:ae:59:12:40:f8:41:a5:a0: 48:2d:c3:bd:f5:de:ac:98:9d:f2:36:a0:b8:a4:7d: 18:b6:50:f4:52:4f:cb:c3:01:9f:e3:37:38:cb:43: 36:6e:89:1c:bb:de:67:bf:07:cf:41:79:76:6a:15: 90:56:b0:9c:bf:a3:9c:f5:ae:8a:f8:2f:3c:cd:2a: 6a:b1:ee:35:62:67:b3:e2:ae:a3:7a:72:2a:33:a2: c7:33:b1:c4:37:08:f8:06:08:0b:7d:f6:28:e5:6e: 39:b1:e5:9c:84:09:49:b9:80:56:95:0b:25:a9:76: a8:d0:86:9f:71:fa:8b:bc:9c:97:26:7d:61:de:53: 17:79:5f:47:2a:a3:70:7a:57:e8:e5:e6:03:f3:87: 51:42:59:ce:48:e7:c2:54:3f:2c:b1:15:02:af:b9: 7f:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D0:DD:54:04:78:1A:BE:E3:CF:6A:74:AD:A8:E9:3F:41:ED:4B:5F:85 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/b12bf863-a1f0-42d0-9e3a-3f9ff69a2d15/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/b12bf863-a1f0-42d0-9e3a-3f9ff69a2d15/0/D0DD5404781ABEE3CF6A74ADA8E93F41ED4B5F85.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.250.0/23 Signature Algorithm: sha256WithRSAEncryption 96:93:8d:f3:e8:1d:5b:47:06:9b:ff:3e:1d:8c:c8:c8:44:a0: 97:a7:88:41:43:25:14:1d:80:17:51:4d:c9:e2:80:b9:da:65: 69:fc:7b:9a:6c:10:ce:ec:42:83:c3:0c:91:e8:98:e0:29:e1: 5a:28:3c:55:fe:b1:4b:c2:22:dd:7b:5a:27:17:fe:4e:d2:0c: ee:e1:cd:e6:66:96:73:77:be:d5:85:23:92:a7:15:34:b5:6b: a8:40:2b:bc:8d:81:ec:20:34:c1:2f:1a:36:91:64:0a:1d:87: d9:36:03:26:de:ce:c9:64:32:b8:a0:1b:91:92:fe:ea:29:49: cb:c8:3b:65:99:08:b6:9f:f8:2e:36:43:1d:a9:0a:28:31:30: 7d:0a:ad:ae:a7:89:43:88:2b:4f:a0:b4:7b:b2:bc:c4:2f:b7: ab:96:bc:ce:76:6f:45:54:73:de:f8:d0:6c:c6:f0:53:9e:d5: a3:b8:41:ee:d4:c3:90:a2:36:87:b8:81:80:2f:e6:86:fe:c5: 70:7e:ae:0b:4c:c0:f2:43:41:2b:7b:2d:06:61:77:ba:84:c7: c5:03:48:f9:87:95:e9:79:30:6a:f3:54:c9:04:45:a1:a2:a3: 09:26:ea:4d:e4:8e:d0:ca:03:46:3d:25:92:3f:f2:0b:cb:18: 10:05:e1:1a -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUaOvykEgHPiqGSRiMa0bnnsIp+hEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDcwNTAyMjkxMFoX DTI1MDcwNDAyMzQxMFowMzExMC8GA1UEAxMoRDBERDU0MDQ3ODFBQkVFM0NGNkE3 NEFEQThFOTNGNDFFRDRCNUY4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKwTZgJFEXDripE9p7Zbg0a0eE/3S3yrjD6pqRYvd+RuHufU+OeXI8K6povR LX9XvDozJ44gQi/jTyB4X0p/TPZFW0+CugMdbjc8V8HuMlhi328omY6Scj1PRwC2 x/VzGq5ZEkD4QaWgSC3DvfXerJid8jaguKR9GLZQ9FJPy8MBn+M3OMtDNm6JHLve Z78Hz0F5dmoVkFawnL+jnPWuivgvPM0qarHuNWJns+Kuo3pyKjOixzOxxDcI+AYI C332KOVuObHlnIQJSbmAVpULJal2qNCGn3H6i7yclyZ9Yd5TF3lfRyqjcHpX6OXm A/OHUUJZzkjnwlQ/LLEVAq+5f3sCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNDdVAR4Gr7jz2p0rajpP0HtS1+FMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9iMTJiZjg2My1hMWYwLTQyZDAtOWUzYS0zZjlmZjY5YTJkMTUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2IxMmJmODYz LWExZjAtNDJkMC05ZTNhLTNmOWZmNjlhMmQxNS8wL0QwREQ1NDA0NzgxQUJFRTND RjZBNzRBREE4RTkzRjQxRUQ0QjVGODUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGdQvowDQYJKoZIhvcNAQELBQADggEBAJaTjfPoHVtHBpv/Ph2MyMhEoJeniEFD JRQdgBdRTcnigLnaZWn8e5psEM7sQoPDDJHomOAp4VooPFX+sUvCIt17WicX/k7S DO7hzeZmlnN3vtWFI5KnFTS1a6hAK7yNgewgNMEvGjaRZAodh9k2AybezslkMrig G5GS/uopScvIO2WZCLaf+C42Qx2pCigxMH0Kra6niUOIK0+gtHuyvMQvt6uWvM52 b0VUc9740GzG8FOe1aO4Qe7Uw5CiNoe4gYAv5ob+xXB+rgtMwPJDQSt7LQZhd7qE x8UDSPmHlel5MGrzVMkERaGiowkm6k3kjtDKA0Y9JZI/8gvLGBAF4Ro= -----END CERTIFICATE-----Generated at Wed Nov 20 06:21:51 2024 by rpki-client on console-ams.rpki-client.org