$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/EFAF3DBC84578E586EA4A04FC35E6A46FA0E28EA.cer File: EFAF3DBC84578E586EA4A04FC35E6A46FA0E28EA.cer (raw, json) Hash identifier: t8G3irwnkbE82BIc/mzHza/hmmyV6BqnB5ptWl0vDO4= Subject key identifier: EF:AF:3D:BC:84:57:8E:58:6E:A4:A0:4F:C3:5E:6A:46:FA:0E:28:EA Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 7054538824666542D77491E597886206CB1E1982 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/5f9e1a8a-39f1-4fe2-832a-bb2f2092fbf6/0/EFAF3DBC84578E586EA4A04FC35E6A46FA0E28EA.mft caRepository: rsync://repo-rpki.idnic.net/repo/5f9e1a8a-39f1-4fe2-832a-bb2f2092fbf6/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 14 May 2024 06:58:20 +0000 Certificate not after: Tue 13 May 2025 07:03:20 +0000 Subordinate resources: IP: 157.66.36.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 14:24:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:54:53:88:24:66:65:42:d7:74:91:e5:97:88:62:06:cb:1e:19:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 14 06:58:20 2024 GMT Not After : May 13 07:03:20 2025 GMT Subject: CN=EFAF3DBC84578E586EA4A04FC35E6A46FA0E28EA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:46:5f:c7:b8:b0:6a:28:63:08:0d:5c:03:e9: aa:53:fb:a1:d6:14:c3:aa:15:73:cc:01:16:ba:e1: 37:c6:c3:bd:c3:fc:4a:77:14:f6:4c:1d:c4:5a:bd: 15:46:a1:26:85:4f:fa:cf:2d:f8:e0:09:94:29:9f: 57:53:c0:36:0d:63:2d:57:4e:26:79:13:64:cf:fd: f4:fd:a2:44:5f:6c:88:97:68:07:46:03:36:5c:ea: a8:cf:5c:15:5f:0d:b9:1a:04:29:45:86:0e:93:a0: d2:38:51:7c:7d:95:59:2e:1d:da:44:eb:eb:74:43: 4e:10:2a:c0:6a:b1:ce:97:f7:53:b4:4c:c7:ef:cf: b3:f2:11:50:89:22:bc:0f:d5:cf:ae:ad:3b:6f:63: 7f:b6:6b:b8:f2:4c:b5:27:80:be:11:b5:6e:cf:cc: 19:a5:b0:69:85:fc:85:6c:80:0f:ec:b5:c6:e9:83: cf:c7:7c:0b:5c:71:f3:03:5c:5c:d4:72:e9:67:82: 31:f0:ed:68:15:87:fa:2c:20:1c:0d:17:f6:9d:7d: 6f:d4:8e:c4:41:e6:0d:84:8d:ac:0f:0b:54:22:1c: c7:35:84:c5:b6:cb:22:1e:72:4b:66:3a:dd:21:f6: 85:4b:01:a7:25:50:dd:e5:17:09:b8:48:db:cf:06: bf:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: EF:AF:3D:BC:84:57:8E:58:6E:A4:A0:4F:C3:5E:6A:46:FA:0E:28:EA X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/5f9e1a8a-39f1-4fe2-832a-bb2f2092fbf6/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/5f9e1a8a-39f1-4fe2-832a-bb2f2092fbf6/0/EFAF3DBC84578E586EA4A04FC35E6A46FA0E28EA.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.36.0/24 Signature Algorithm: sha256WithRSAEncryption 21:25:7f:e4:f8:b8:ed:34:4b:7f:35:b1:46:31:e1:0b:af:15: 32:da:d6:ce:3b:54:a4:27:7c:fa:ce:e4:29:a5:b6:af:a9:80: 7e:0b:bb:4a:af:69:72:3b:c3:26:3f:cf:27:41:c2:06:1a:c4: 60:0d:f4:26:26:48:58:17:5d:ba:0a:25:ea:31:da:e0:0f:c1: d7:e0:8b:e0:8b:29:e0:dd:7a:fe:cf:0f:fa:8b:87:cd:c1:07: 2b:67:0a:ea:6d:88:27:2a:97:3b:e6:17:10:4e:dc:db:12:eb: b6:63:03:bc:f5:0d:a2:65:98:7f:3b:e4:0c:2b:2c:6c:b8:24: 64:0a:e7:eb:b6:2c:97:0d:6a:4b:64:5e:73:e6:3a:20:34:f6: f5:0e:40:92:bf:c1:1c:e1:41:aa:f6:11:19:d0:2c:07:f5:f3: e1:5d:24:2a:38:52:f5:bf:6e:f8:c8:e2:da:a9:ca:31:ad:d5: 99:13:5a:fb:d8:38:97:69:27:0c:4d:f6:4f:ef:8e:d3:85:b1: 9f:7d:7e:75:75:f8:a2:70:ce:5e:5d:f3:73:4a:e1:9e:e1:5b: 34:61:17:a2:a3:15:5b:86:5f:23:6a:a3:79:27:5a:51:23:08: 0c:5a:ad:a3:5f:63:29:8c:be:1c:90:27:2c:e6:09:6d:99:04: c1:ae:1e:e3 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUcFRTiCRmZULXdJHll4hiBsseGYIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDUxNDA2NTgyMFoX DTI1MDUxMzA3MDMyMFowMzExMC8GA1UEAxMoRUZBRjNEQkM4NDU3OEU1ODZFQTRB MDRGQzM1RTZBNDZGQTBFMjhFQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAORGX8e4sGooYwgNXAPpqlP7odYUw6oVc8wBFrrhN8bDvcP8SncU9kwdxFq9 FUahJoVP+s8t+OAJlCmfV1PANg1jLVdOJnkTZM/99P2iRF9siJdoB0YDNlzqqM9c FV8NuRoEKUWGDpOg0jhRfH2VWS4d2kTr63RDThAqwGqxzpf3U7RMx+/Ps/IRUIki vA/Vz66tO29jf7ZruPJMtSeAvhG1bs/MGaWwaYX8hWyAD+y1xumDz8d8C1xx8wNc XNRy6WeCMfDtaBWH+iwgHA0X9p19b9SOxEHmDYSNrA8LVCIcxzWExbbLIh5yS2Y6 3SH2hUsBpyVQ3eUXCbhI288Gv9MCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFO+vPbyEV45YbqSgT8Neakb6DijqMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by81ZjllMWE4YS0zOWYxLTRmZTItODMyYS1iYjJmMjA5MmZiZjYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVmOWUxYThh LTM5ZjEtNGZlMi04MzJhLWJiMmYyMDkyZmJmNi8wL0VGQUYzREJDODQ1NzhFNTg2 RUE0QTA0RkMzNUU2QTQ2RkEwRTI4RUEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACdQiQwDQYJKoZIhvcNAQELBQADggEBACElf+T4uO00S381sUYx4QuvFTLa1s47 VKQnfPrO5Cmltq+pgH4Lu0qvaXI7wyY/zydBwgYaxGAN9CYmSFgXXboKJeox2uAP wdfgi+CLKeDdev7PD/qLh83BBytnCuptiCcqlzvmFxBO3NsS67ZjA7z1DaJlmH87 5AwrLGy4JGQK5+u2LJcNaktkXnPmOiA09vUOQJK/wRzhQar2ERnQLAf18+FdJCo4 UvW/bvjI4tqpyjGt1ZkTWvvYOJdpJwxN9k/vjtOFsZ99fnV1+KJwzl5d83NK4Z7h WzRhF6KjFVuGXyNqo3knWlEjCAxaraNfYymMvhyQJyzmCW2ZBMGuHuM= -----END CERTIFICATE-----Generated at Wed Nov 20 06:21:51 2024 by rpki-client on console-ams.rpki-client.org