$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer File: D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.cer (raw, json) Hash identifier: HRAZVKrnuZmF0CRACHr6Q4ztudLBXubEgpuEEOm4f+o= Subject key identifier: D3:B0:DD:BB:8E:07:FC:D9:8A:39:9C:90:C5:B3:FC:32:B4:FA:28:F0 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 2735060E6237E718C164B7AF8F74F2E4D41B98EE Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft caRepository: rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 12 Nov 2024 11:11:06 +0000 Certificate not after: Tue 11 Nov 2025 11:16:06 +0000 Subordinate resources: IP: 160.22.187.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 14:24:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:35:06:0e:62:37:e7:18:c1:64:b7:af:8f:74:f2:e4:d4:1b:98:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Nov 12 11:11:06 2024 GMT Not After : Nov 11 11:16:06 2025 GMT Subject: CN=D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:20:d9:a0:e8:a0:f6:12:7d:1f:c9:31:20:2b: b8:44:92:ce:f2:83:95:82:75:68:06:1c:8e:aa:41: f1:d3:97:2f:60:54:9f:da:f7:bb:04:c0:da:09:56: 84:cc:ef:aa:9c:72:64:06:15:01:36:5a:c9:f6:b2: 13:54:a3:af:d3:46:56:27:b9:9c:df:7a:21:37:ae: 94:af:58:f1:ca:84:ad:5c:7e:3e:6f:85:ef:97:c8: 5c:d2:ec:1f:13:a0:d7:f5:b5:9e:97:63:2a:cf:17: b2:dd:54:83:2f:db:37:8e:68:6a:73:3e:4a:e5:51: a6:3b:ce:20:c2:4c:f8:4a:b7:0a:bc:4b:fc:8a:80: 50:df:0a:ab:d8:03:51:84:c4:4d:49:29:ba:86:ea: b4:39:38:43:ab:19:ce:6d:6b:aa:1e:3f:5f:cf:af: 7d:83:a6:be:ad:59:40:a0:55:38:a4:9b:21:5b:21: 86:47:ed:d9:9b:2c:23:46:a5:3a:82:02:9b:ae:be: 9e:52:6a:bf:d5:87:7f:f0:6e:1c:ab:3b:aa:83:e9: 8d:5c:65:be:05:27:6b:d8:77:af:c7:4c:0a:55:f0: eb:82:fa:f9:a2:49:96:39:54:6a:ff:28:80:d6:0c: a5:96:26:56:6d:91:9f:25:97:d2:23:b0:25:4e:fd: 09:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D3:B0:DD:BB:8E:07:FC:D9:8A:39:9C:90:C5:B3:FC:32:B4:FA:28:F0 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/7d9f98f3-72f0-4006-be99-b9a9e8d9d2bf/0/D3B0DDBB8E07FCD98A399C90C5B3FC32B4FA28F0.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.187.0/24 Signature Algorithm: sha256WithRSAEncryption 67:72:29:db:d2:39:9b:6c:d9:be:5b:77:f4:95:a2:ac:62:4b: 8d:7e:ad:a8:38:f6:db:09:1b:67:7a:e7:ac:60:d8:8c:6e:30: 3a:c0:1f:53:05:98:10:eb:87:08:75:d0:3f:56:1b:11:4b:1f: fd:84:8e:11:13:e5:be:9d:de:f6:5b:e2:67:31:bb:ce:7b:b7: 31:d3:48:a7:d5:1a:bd:24:20:f4:10:87:50:5d:3f:2d:b8:68: 48:de:98:13:00:8e:f5:10:d3:e4:fb:9a:4b:bf:bd:c5:3d:e3: 04:11:2c:af:a8:27:5e:75:c5:93:c4:c6:70:3f:7e:ce:67:e1: 40:02:18:28:0c:95:b7:6f:74:9c:43:08:37:07:06:e7:7b:59: 07:74:90:66:3c:6d:0c:2d:26:7e:17:ab:3a:bc:4d:60:3c:24: 6f:42:cb:07:9d:7d:02:87:16:3f:64:57:b9:f2:d5:25:49:3a: 37:70:38:28:e5:7c:d5:55:4c:9a:7b:82:dd:13:d8:cc:95:78: d6:08:70:f8:5b:98:9a:98:43:c8:10:2c:34:3f:8b:6b:8e:8e: b8:da:d6:29:b8:7f:c5:53:2e:8c:78:fb:c5:87:04:13:ce:e5: 78:9d:2e:2d:b5:82:e1:9c:4c:97:98:1c:e4:81:16:9f:b6:8c: 17:2f:4c:04 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUJzUGDmI35xjBZLevj3Ty5NQbmO4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MTExMjExMTEwNloX DTI1MTExMTExMTYwNlowMzExMC8GA1UEAxMoRDNCMEREQkI4RTA3RkNEOThBMzk5 QzkwQzVCM0ZDMzJCNEZBMjhGMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL4g2aDooPYSfR/JMSAruESSzvKDlYJ1aAYcjqpB8dOXL2BUn9r3uwTA2glW hMzvqpxyZAYVATZayfayE1Sjr9NGVie5nN96ITeulK9Y8cqErVx+Pm+F75fIXNLs HxOg1/W1npdjKs8Xst1Ugy/bN45oanM+SuVRpjvOIMJM+Eq3CrxL/IqAUN8Kq9gD UYTETUkpuobqtDk4Q6sZzm1rqh4/X8+vfYOmvq1ZQKBVOKSbIVshhkft2ZssI0al OoICm66+nlJqv9WHf/BuHKs7qoPpjVxlvgUna9h3r8dMClXw64L6+aJJljlUav8o gNYMpZYmVm2RnyWX0iOwJU79Ca0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNOw3buOB/zZijmckMWz/DK0+ijwMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83ZDlmOThmMy03MmYwLTQwMDYtYmU5OS1iOWE5ZThkOWQyYmYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdkOWY5OGYz LTcyZjAtNDAwNi1iZTk5LWI5YTllOGQ5ZDJiZi8wL0QzQjBEREJCOEUwN0ZDRDk4 QTM5OUM5MEM1QjNGQzMyQjRGQTI4RjAubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACgFrswDQYJKoZIhvcNAQELBQADggEBAGdyKdvSOZts2b5bd/SVoqxiS41+rag4 9tsJG2d656xg2IxuMDrAH1MFmBDrhwh10D9WGxFLH/2EjhET5b6d3vZb4mcxu857 tzHTSKfVGr0kIPQQh1BdPy24aEjemBMAjvUQ0+T7mku/vcU94wQRLK+oJ151xZPE xnA/fs5n4UACGCgMlbdvdJxDCDcHBud7WQd0kGY8bQwtJn4Xqzq8TWA8JG9Cywed fQKHFj9kV7ny1SVJOjdwOCjlfNVVTJp7gt0T2MyVeNYIcPhbmJqYQ8gQLDQ/i2uO jrja1im4f8VTLox4+8WHBBPO5XidLi21guGcTJeYHOSBFp+2jBcvTAQ= -----END CERTIFICATE-----Generated at Wed Nov 20 06:21:51 2024 by rpki-client on console-ams.rpki-client.org