$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/DCD5207AC33E109E31052BBB7F811DBF6DA180BB.cer File: DCD5207AC33E109E31052BBB7F811DBF6DA180BB.cer (raw, json) Hash identifier: Sx7BfMw1RlfHFE+dhzGySXQePIxhmWqNhxYC/ALp2rc= Subject key identifier: DC:D5:20:7A:C3:3E:10:9E:31:05:2B:BB:7F:81:1D:BF:6D:A1:80:BB Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 5781CDB6D2403F664C81398224D3CE7FB1B4A63A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/5d8ef119-7ddf-45e5-8634-38b77258cbcc/0/DCD5207AC33E109E31052BBB7F811DBF6DA180BB.mft caRepository: rsync://repo-rpki.idnic.net/repo/5d8ef119-7ddf-45e5-8634-38b77258cbcc/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 09 Jan 2025 13:06:16 +0000 Certificate not after: Thu 08 Jan 2026 13:11:16 +0000 Subordinate resources: IP: 160.22.101.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Apr 2025 21:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:81:cd:b6:d2:40:3f:66:4c:81:39:82:24:d3:ce:7f:b1:b4:a6:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Jan 9 13:06:16 2025 GMT Not After : Jan 8 13:11:16 2026 GMT Subject: CN=DCD5207AC33E109E31052BBB7F811DBF6DA180BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:64:ce:82:9e:7f:52:a9:d6:24:fa:bb:d0:28: 7c:08:3a:ea:84:cf:07:ec:8b:35:c1:d7:bc:88:87: 18:e6:c2:21:ca:91:ab:eb:26:8f:0d:96:df:b1:fb: 44:93:35:2c:2f:91:df:31:b7:49:18:0b:f7:fc:d6: 44:40:98:f8:a2:ad:4a:9a:0f:0b:7c:72:04:0d:fc: 5c:0b:35:e7:7b:15:44:68:e4:4b:5c:45:67:84:d7: 2f:3b:15:d5:c7:fd:c7:3d:32:8f:38:b7:fe:93:43: 1d:82:6d:bf:c1:b7:a9:1d:42:ee:f6:a0:77:b4:b9: 3b:bd:cf:13:79:14:34:f9:ad:87:dd:17:c8:2d:11: 68:51:61:07:1a:50:1b:6d:e1:72:fe:3c:9a:15:b8: 24:4d:1f:bf:53:ac:f3:d8:64:e0:de:3e:3d:43:a6: 45:9e:2b:c4:84:20:f2:4f:d1:69:31:59:be:51:db: 72:fb:b1:ab:6c:8d:6e:65:2b:d2:d7:fb:2a:6d:53: 65:55:18:1f:6f:0e:91:bd:14:ec:dd:49:64:b2:85: 82:c6:c4:c0:6e:43:2b:cb:ed:f9:c7:8c:09:a1:ab: 91:e0:c1:01:10:e9:d1:c0:a8:13:94:c3:ff:7b:46: 13:ba:e9:54:97:dc:60:c7:3e:94:29:86:99:4c:3d: cf:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: DC:D5:20:7A:C3:3E:10:9E:31:05:2B:BB:7F:81:1D:BF:6D:A1:80:BB X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/5d8ef119-7ddf-45e5-8634-38b77258cbcc/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/5d8ef119-7ddf-45e5-8634-38b77258cbcc/0/DCD5207AC33E109E31052BBB7F811DBF6DA180BB.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.22.101.0/24 Signature Algorithm: sha256WithRSAEncryption 11:d2:0e:ec:9d:45:f0:1e:79:b6:98:b6:cc:7e:1d:07:c3:74: b6:bc:fe:c9:b0:17:14:86:c8:3b:b8:71:40:e4:2d:b9:65:78: e6:35:4f:be:c1:f5:9b:01:45:c0:50:34:35:34:be:22:fb:e8: 0a:cd:6d:ec:71:eb:d0:42:12:2a:97:83:ab:af:77:bd:d3:94: 8a:00:94:0e:11:01:fb:9f:f1:f3:59:84:61:ee:3d:e7:a7:49: 79:d5:b5:09:d4:4a:d2:f3:ad:1b:1c:dc:df:ef:47:58:e0:33: 3f:b7:20:3d:e8:62:81:10:9b:2e:6f:a7:d5:63:8a:2e:b9:17: 82:6f:c3:8f:33:a8:25:2b:7d:3c:89:48:02:3c:b1:cd:45:4a: ec:37:9e:58:21:98:e4:24:d3:ce:2f:84:cc:99:a9:3a:53:13: bb:1e:bf:0c:76:c6:bd:f1:cd:dd:83:d6:ad:52:06:5e:0d:1f: cb:3f:d0:fe:26:31:fe:0f:61:b8:81:2d:a1:d4:90:fd:7e:e7: 3f:34:64:69:5e:18:11:bb:f6:38:b5:49:69:f8:4d:a0:55:c3: 95:86:e4:e2:00:1c:cb:a7:96:94:5a:e2:94:ec:d9:6b:4f:57: bd:13:9f:fd:aa:b1:28:41:f4:17:00:53:77:01:5c:0c:8d:fe: ce:de:75:a9 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUV4HNttJAP2ZMgTmCJNPOf7G0pjowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDEwOTEzMDYxNloX DTI2MDEwODEzMTExNlowMzExMC8GA1UEAxMoRENENTIwN0FDMzNFMTA5RTMxMDUy QkJCN0Y4MTFEQkY2REExODBCQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPJkzoKef1Kp1iT6u9AofAg66oTPB+yLNcHXvIiHGObCIcqRq+smjw2W37H7 RJM1LC+R3zG3SRgL9/zWRECY+KKtSpoPC3xyBA38XAs153sVRGjkS1xFZ4TXLzsV 1cf9xz0yjzi3/pNDHYJtv8G3qR1C7vagd7S5O73PE3kUNPmth90XyC0RaFFhBxpQ G23hcv48mhW4JE0fv1Os89hk4N4+PUOmRZ4rxIQg8k/RaTFZvlHbcvuxq2yNbmUr 0tf7Km1TZVUYH28Okb0U7N1JZLKFgsbEwG5DK8vt+ceMCaGrkeDBARDp0cCoE5TD /3tGE7rpVJfcYMc+lCmGmUw9z38CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNzVIHrDPhCeMQUru3+BHb9toYC7MB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by81ZDhlZjExOS03ZGRmLTQ1ZTUtODYzNC0zOGI3NzI1OGNiY2MvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVkOGVmMTE5 LTdkZGYtNDVlNS04NjM0LTM4Yjc3MjU4Y2JjYy8wL0RDRDUyMDdBQzMzRTEwOUUz MTA1MkJCQjdGODExREJGNkRBMTgwQkIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACgFmUwDQYJKoZIhvcNAQELBQADggEBABHSDuydRfAeebaYtsx+HQfDdLa8/smw FxSGyDu4cUDkLblleOY1T77B9ZsBRcBQNDU0viL76ArNbexx69BCEiqXg6uvd73T lIoAlA4RAfuf8fNZhGHuPeenSXnVtQnUStLzrRsc3N/vR1jgMz+3ID3oYoEQmy5v p9Vjii65F4Jvw48zqCUrfTyJSAI8sc1FSuw3nlghmOQk084vhMyZqTpTE7sevwx2 xr3xzd2D1q1SBl4NH8s/0P4mMf4PYbiBLaHUkP1+5z80ZGleGBG79ji1SWn4TaBV w5WG5OIAHMunlpRa4pTs2WtPV70Tn/2qsShB9BcAU3cBXAyN/s7edak= -----END CERTIFICATE-----Generated at Mon Apr 7 03:58:11 2025 by rpki-client