$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/F38B6752412BBA5BA6A00E0BD400D0920CA01E22.cer File: F38B6752412BBA5BA6A00E0BD400D0920CA01E22.cer (raw, json) Hash identifier: hfWDn0mJjVyYHUgAiXuLp+MPlnc21S33gMP5ULF7lTo= Subject key identifier: F3:8B:67:52:41:2B:BA:5B:A6:A0:0E:0B:D4:00:D0:92:0C:A0:1E:22 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 1C48F1A94D65016D208C1DDA90262E8D90CDB340 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/fd1fc1a2-ee77-405f-9e31-adc6dfc9b74c/0/F38B6752412BBA5BA6A00E0BD400D0920CA01E22.mft caRepository: rsync://repo-rpki.idnic.net/repo/fd1fc1a2-ee77-405f-9e31-adc6dfc9b74c/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 02 Apr 2024 07:12:53 +0000 Certificate not after: Tue 01 Apr 2025 07:17:53 +0000 Subordinate resources: IP: 157.15.212.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 May 2024 00:47:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:48:f1:a9:4d:65:01:6d:20:8c:1d:da:90:26:2e:8d:90:cd:b3:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Apr 2 07:12:53 2024 GMT Not After : Apr 1 07:17:53 2025 GMT Subject: CN=F38B6752412BBA5BA6A00E0BD400D0920CA01E22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:9a:e1:37:9b:7c:54:ed:c1:b4:7f:4d:a0:a7: 4b:b4:cf:dd:36:88:97:aa:0c:e1:ea:36:da:69:18: 4f:94:e2:a2:5e:57:d7:ce:fc:23:20:a8:6b:06:78: 4c:54:31:66:aa:34:4e:92:89:00:47:0d:75:d1:d8: d8:72:04:1c:d9:77:1e:ca:49:05:b4:e8:de:ea:2b: 2f:69:99:dc:20:f7:17:f5:0a:4b:79:93:24:31:d9: 53:81:36:bd:79:aa:60:f6:98:67:f8:83:19:f6:a9: d2:19:d9:49:49:22:f3:82:49:5a:80:50:d9:c5:5c: 71:d1:79:90:8a:cf:d1:70:9d:3e:3f:eb:31:5d:ec: e5:47:bd:5d:0a:cc:67:e3:d3:73:88:4c:5b:e0:17: 65:aa:1e:a4:b7:5b:59:f2:eb:00:72:91:74:28:85: ca:89:39:51:05:85:b8:71:c6:cc:b2:a7:12:98:13: 25:4d:f4:60:c7:e8:5f:23:10:68:2f:1d:fa:94:72: 12:32:b7:5b:13:7d:ed:33:56:30:14:2e:ef:d7:5e: cf:b9:f3:91:2f:3a:1e:79:15:98:fb:ec:ff:29:5e: 2a:de:ef:50:77:6c:d6:c4:54:3e:fe:a1:e7:90:89: 6f:29:53:d6:c3:a2:ce:ea:01:23:80:8c:d3:c5:74: 4b:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: F3:8B:67:52:41:2B:BA:5B:A6:A0:0E:0B:D4:00:D0:92:0C:A0:1E:22 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/fd1fc1a2-ee77-405f-9e31-adc6dfc9b74c/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/fd1fc1a2-ee77-405f-9e31-adc6dfc9b74c/0/F38B6752412BBA5BA6A00E0BD400D0920CA01E22.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.212.0/24 Signature Algorithm: sha256WithRSAEncryption 26:d6:d9:3d:44:f4:64:54:ee:b1:01:52:6f:47:d1:48:84:d6: f5:db:a5:cf:82:41:b5:9d:a5:17:d0:61:08:d6:b6:c8:d2:bf: ed:77:89:84:6c:fb:4f:38:27:f1:0c:19:5a:2c:f5:74:1a:e7: 3e:ce:77:20:48:89:ab:f4:a3:ea:46:ea:3b:8c:34:45:9a:ed: 1d:bc:2a:73:ff:33:27:67:0c:2e:e2:68:7b:5e:07:b7:20:66: 13:3d:d0:83:2a:1d:9d:00:99:99:8d:f3:2e:c0:96:0c:a4:52: 93:ec:c5:e3:d3:8a:20:d3:a8:34:3f:cb:97:3a:ee:02:6a:7f: ff:4a:6a:3d:f4:da:fa:9c:19:4b:9d:68:78:20:4d:a2:9d:8b: f7:4a:cd:a3:4b:75:13:a2:33:a2:34:67:25:b1:9a:2f:b9:31: f9:f2:fd:2b:4b:da:fd:27:49:6d:66:81:ed:79:f6:8e:11:65: 40:b0:06:d2:b6:70:db:a5:1b:a4:7c:82:8c:bb:46:fd:c3:20: 6e:bd:fa:1e:ae:8a:65:e8:36:90:cd:a2:46:0e:a0:33:09:59: e0:4f:a6:08:21:81:17:6e:db:41:ff:3c:51:c7:a7:98:66:56: e4:94:e7:19:de:52:68:ec:76:32:17:ee:0c:8e:bf:11:61:e9: f7:8a:0e:04 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUHEjxqU1lAW0gjB3akCYujZDNs0AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDQwMjA3MTI1M1oX DTI1MDQwMTA3MTc1M1owMzExMC8GA1UEAxMoRjM4QjY3NTI0MTJCQkE1QkE2QTAw RTBCRDQwMEQwOTIwQ0EwMUUyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKSa4TebfFTtwbR/TaCnS7TP3TaIl6oM4eo22mkYT5Tiol5X1878IyCoawZ4 TFQxZqo0TpKJAEcNddHY2HIEHNl3HspJBbTo3uorL2mZ3CD3F/UKS3mTJDHZU4E2 vXmqYPaYZ/iDGfap0hnZSUki84JJWoBQ2cVccdF5kIrP0XCdPj/rMV3s5Ue9XQrM Z+PTc4hMW+AXZaoepLdbWfLrAHKRdCiFyok5UQWFuHHGzLKnEpgTJU30YMfoXyMQ aC8d+pRyEjK3WxN97TNWMBQu79dez7nzkS86HnkVmPvs/yleKt7vUHds1sRUPv6h 55CJbylT1sOizuoBI4CM08V0S2sCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFPOLZ1JBK7pbpqAOC9QA0JIMoB4iMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9mZDFmYzFhMi1lZTc3LTQwNWYtOWUzMS1hZGM2ZGZjOWI3NGMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ZkMWZjMWEy LWVlNzctNDA1Zi05ZTMxLWFkYzZkZmM5Yjc0Yy8wL0YzOEI2NzUyNDEyQkJBNUJB NkEwMEUwQkQ0MDBEMDkyMENBMDFFMjIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BACdD9QwDQYJKoZIhvcNAQELBQADggEBACbW2T1E9GRU7rEBUm9H0UiE1vXbpc+C QbWdpRfQYQjWtsjSv+13iYRs+084J/EMGVos9XQa5z7OdyBIiav0o+pG6juMNEWa 7R28KnP/MydnDC7iaHteB7cgZhM90IMqHZ0AmZmN8y7AlgykUpPsxePTiiDTqDQ/ y5c67gJqf/9Kaj302vqcGUudaHggTaKdi/dKzaNLdROiM6I0ZyWxmi+5Mfny/StL 2v0nSW1mge159o4RZUCwBtK2cNulG6R8goy7Rv3DIG69+h6uimXoNpDNokYOoDMJ WeBPpgghgRdu20H/PFHHp5hmVuSU5xneUmjsdjIX7gyOvxFh6feKDgQ= -----END CERTIFICATE-----Generated at Fri May 17 17:47:04 2024 by rpki-client on console-ams.rpki-client.org