$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/F4D9C6C3E2653E53E4549ECD7B0E4326FE956B4C.cer File: F4D9C6C3E2653E53E4549ECD7B0E4326FE956B4C.cer (raw, json) Hash identifier: d/vAwuDtsgzk+g0nQ2JHotMLeZAnKFIQ1sguHxp6jRs= Subject key identifier: F4:D9:C6:C3:E2:65:3E:53:E4:54:9E:CD:7B:0E:43:26:FE:95:6B:4C Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 54446CD36DBD8897E3FD8ED2DFEB13827993B69C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/e97c682a-448b-40e2-a88f-16df83dd3337/0/F4D9C6C3E2653E53E4549ECD7B0E4326FE956B4C.mft caRepository: rsync://repo-rpki.idnic.net/repo/e97c682a-448b-40e2-a88f-16df83dd3337/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 17 May 2024 08:21:14 +0000 Certificate not after: Fri 16 May 2025 08:26:14 +0000 Subordinate resources: IP: 157.66.84.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 14:24:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:44:6c:d3:6d:bd:88:97:e3:fd:8e:d2:df:eb:13:82:79:93:b6:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 17 08:21:14 2024 GMT Not After : May 16 08:26:14 2025 GMT Subject: CN=F4D9C6C3E2653E53E4549ECD7B0E4326FE956B4C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:5d:8a:5d:8b:72:01:3b:69:3a:6f:3c:f0:87: 7d:35:57:fd:2d:54:d4:47:34:12:ab:ab:e0:1e:37: 7e:98:3e:53:49:48:e8:48:8c:72:df:5b:24:42:32: da:a7:59:85:ff:16:3f:8c:e9:27:d9:3f:92:19:b9: 5f:8f:c6:95:0e:62:cc:c7:30:a7:22:ce:9c:a3:62: 5e:e5:f7:a3:aa:f8:68:bd:63:9e:a2:bf:2a:16:f3: e8:a4:78:fc:29:2e:b5:e8:03:17:ff:81:c5:f3:57: 71:10:d4:e4:c9:15:ca:53:37:8d:e5:f0:cd:d7:ec: cc:b4:8f:ac:8e:f0:31:44:2b:d5:73:36:f5:c5:73: 6e:c0:7b:ce:07:73:6a:f3:38:f4:c2:4e:03:4e:8b: 2f:95:33:72:80:12:06:65:39:ec:84:43:5b:95:19: 57:3b:62:6a:5d:26:3e:98:12:3c:4e:f9:20:14:32: 34:e3:80:a9:cd:05:ef:15:23:1b:60:4d:ff:e6:b0: 09:c4:ba:11:9d:bb:47:4a:8b:d9:19:07:c4:b3:bf: c4:42:f6:75:cb:7a:b1:ac:7a:d7:12:c0:ce:a8:12: ae:ca:a9:e9:ed:a7:d7:d6:fc:8e:b9:b8:e2:7b:01: 4a:9f:2b:36:f8:59:24:14:d4:f5:2e:ac:d3:09:76: 49:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: F4:D9:C6:C3:E2:65:3E:53:E4:54:9E:CD:7B:0E:43:26:FE:95:6B:4C X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/e97c682a-448b-40e2-a88f-16df83dd3337/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/e97c682a-448b-40e2-a88f-16df83dd3337/0/F4D9C6C3E2653E53E4549ECD7B0E4326FE956B4C.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.66.84.0/23 Signature Algorithm: sha256WithRSAEncryption 4f:11:75:17:3a:f6:f9:44:bc:b4:ee:f8:4c:fd:e7:26:2c:7a: 48:0d:a1:b7:a5:46:16:e1:06:d4:11:2d:05:0d:95:2b:ef:ff: ae:5e:0e:97:53:31:c4:bc:e9:fd:36:72:37:dd:cf:76:f9:c0: fa:b9:42:54:ea:64:0e:c0:2e:7a:e3:a1:1a:aa:7b:99:08:70: 5b:ac:a3:8e:e8:a6:01:4d:b9:e2:a8:17:00:69:25:72:c5:8b: 69:f7:83:a1:da:1d:57:0e:3f:cf:86:95:66:61:6a:eb:94:c5: 46:f9:78:d8:84:39:bc:76:20:fe:e6:ca:cc:68:49:5a:89:6e: 9c:79:32:f4:94:be:16:b3:6e:b3:f7:d0:64:d1:ee:fa:8a:50: a5:55:84:e8:4a:69:d3:c1:3a:a2:1e:b2:11:cf:b5:48:28:de: 9f:06:bd:59:7e:4c:03:45:b3:59:36:15:b5:c3:52:d6:41:19: 4f:4f:b9:75:8a:ee:07:7c:cb:a9:38:e4:b3:8f:e1:68:c7:67: 57:a7:c0:33:3a:77:04:03:b8:d9:8f:aa:e1:fc:ec:f6:63:d1: 12:e1:43:46:f7:42:54:65:c4:30:e3:0a:7c:f9:10:98:a6:f2: f9:7f:18:7f:ee:d4:cb:06:dc:ab:2a:8e:cc:d3:3a:54:1c:83: 3a:70:fa:20 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUVERs0229iJfj/Y7S3+sTgnmTtpwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDUxNzA4MjExNFoX DTI1MDUxNjA4MjYxNFowMzExMC8GA1UEAxMoRjREOUM2QzNFMjY1M0U1M0U0NTQ5 RUNEN0IwRTQzMjZGRTk1NkI0QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMZdil2LcgE7aTpvPPCHfTVX/S1U1Ec0Equr4B43fpg+U0lI6EiMct9bJEIy 2qdZhf8WP4zpJ9k/khm5X4/GlQ5izMcwpyLOnKNiXuX3o6r4aL1jnqK/Khbz6KR4 /CkutegDF/+BxfNXcRDU5MkVylM3jeXwzdfszLSPrI7wMUQr1XM29cVzbsB7zgdz avM49MJOA06LL5UzcoASBmU57IRDW5UZVztial0mPpgSPE75IBQyNOOAqc0F7xUj G2BN/+awCcS6EZ27R0qL2RkHxLO/xEL2dct6sax61xLAzqgSrsqp6e2n19b8jrm4 4nsBSp8rNvhZJBTU9S6s0wl2SXMCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFPTZxsPiZT5T5FSezXsOQyb+lWtMMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9lOTdjNjgyYS00NDhiLTQwZTItYTg4Zi0xNmRmODNkZDMzMzcvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U5N2M2ODJh LTQ0OGItNDBlMi1hODhmLTE2ZGY4M2RkMzMzNy8wL0Y0RDlDNkMzRTI2NTNFNTNF NDU0OUVDRDdCMEU0MzI2RkU5NTZCNEMubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGdQlQwDQYJKoZIhvcNAQELBQADggEBAE8RdRc69vlEvLTu+Ez95yYsekgNobel RhbhBtQRLQUNlSvv/65eDpdTMcS86f02cjfdz3b5wPq5QlTqZA7ALnrjoRqqe5kI cFuso47opgFNueKoFwBpJXLFi2n3g6HaHVcOP8+GlWZhauuUxUb5eNiEObx2IP7m ysxoSVqJbpx5MvSUvhazbrP30GTR7vqKUKVVhOhKadPBOqIeshHPtUgo3p8GvVl+ TANFs1k2FbXDUtZBGU9PuXWK7gd8y6k45LOP4WjHZ1enwDM6dwQDuNmPquH87PZj 0RLhQ0b3QlRlxDDjCnz5EJim8vl/GH/u1MsG3KsqjszTOlQcgzpw+iA= -----END CERTIFICATE-----Generated at Wed Nov 20 05:42:54 2024 by rpki-client on console-fra.rpki-client.org