$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/FAB081FCD86AB0F81D41C9E5FB9C3D32220F48CD.cer File: FAB081FCD86AB0F81D41C9E5FB9C3D32220F48CD.cer (raw, json) Hash identifier: AxgWxz1GNJr0o/8zYzWLsVHNmBv01n5KDxlFsuItR3c= Subject key identifier: FA:B0:81:FC:D8:6A:B0:F8:1D:41:C9:E5:FB:9C:3D:32:22:0F:48:CD Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 131FDCB62BF9EA1A663228D64DB40D0FF3F953A3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/994d1f62-8488-4086-8d4c-f2de5c76da3d/0/FAB081FCD86AB0F81D41C9E5FB9C3D32220F48CD.mft caRepository: rsync://repo-rpki.idnic.net/repo/994d1f62-8488-4086-8d4c-f2de5c76da3d/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 28 Feb 2024 11:49:33 +0000 Certificate not after: Wed 26 Feb 2025 11:54:33 +0000 Subordinate resources: IP: 157.10.0.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 May 2024 00:47:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:1f:dc:b6:2b:f9:ea:1a:66:32:28:d6:4d:b4:0d:0f:f3:f9:53:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: Feb 28 11:49:33 2024 GMT Not After : Feb 26 11:54:33 2025 GMT Subject: CN=FAB081FCD86AB0F81D41C9E5FB9C3D32220F48CD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:6d:d7:b7:81:03:98:b7:4b:66:41:28:e3:a9: a3:86:d7:85:f9:40:e5:14:e9:60:63:7f:75:14:3f: 5b:c1:62:29:cd:cc:7f:c8:e8:6b:b7:17:13:d9:09: 9a:8f:7d:07:01:a2:e1:a0:13:eb:13:d1:99:61:6c: 1d:f4:d0:d7:fa:29:0d:22:d3:21:b7:b4:5b:98:5a: d6:56:7b:54:fc:7e:a8:2b:12:c5:26:73:e0:67:1d: be:05:ed:a3:a3:92:25:c3:ba:2a:b4:64:d4:26:ff: ea:e0:bf:28:e0:07:32:0d:0f:5e:83:96:da:ba:40: e0:f5:b8:37:cf:af:52:e6:99:44:80:a8:be:ea:9e: 6c:7d:59:ff:50:80:31:e4:de:06:5d:f4:6b:1d:83: cc:5c:8f:67:70:a1:15:4b:3e:ba:f8:74:6c:53:5a: 18:7c:7a:b9:65:20:59:09:6c:c8:b1:84:50:63:56: d1:b8:7d:6e:2b:b7:16:ac:2d:21:fb:83:58:05:18: 67:2b:f5:94:19:dd:c1:57:65:c9:85:5f:e5:ae:77: d3:8e:70:87:2d:b0:e5:a8:f3:25:00:8a:b3:21:47: 4c:df:4c:f5:2d:ee:83:2a:98:1b:da:c8:a0:d9:8e: e8:70:3c:95:d2:6c:f1:7c:83:fd:c4:a8:c2:59:a4: 24:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: FA:B0:81:FC:D8:6A:B0:F8:1D:41:C9:E5:FB:9C:3D:32:22:0F:48:CD X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/994d1f62-8488-4086-8d4c-f2de5c76da3d/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/994d1f62-8488-4086-8d4c-f2de5c76da3d/0/FAB081FCD86AB0F81D41C9E5FB9C3D32220F48CD.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.10.0.0/23 Signature Algorithm: sha256WithRSAEncryption 5b:b2:16:24:2f:5e:98:ba:78:48:a6:c4:91:41:86:d3:c1:5c: 67:28:a8:b8:d5:32:17:9c:5c:4c:2f:9f:2e:0d:f1:eb:9c:38: 14:b1:08:35:cb:36:09:c7:19:f1:81:35:6f:e7:78:8a:cd:01: 35:3a:ea:7d:1e:8e:f4:5d:22:b0:49:73:9c:f4:35:71:b3:e4: 81:c2:bb:23:bf:15:e6:95:4a:94:86:0c:5d:fa:fd:4d:12:5e: b4:91:29:e5:5c:96:93:95:ac:8e:11:ad:b5:36:43:6f:3e:e8: f6:9f:77:d3:cf:92:18:42:e1:00:02:28:e2:1c:42:69:96:ce: 1a:b3:96:e4:4b:e2:84:13:2a:f9:73:42:7f:74:a4:0c:ab:12: e4:15:39:aa:09:7a:21:a2:74:20:ce:1c:f8:ed:9b:11:29:4d: fe:ae:b7:e2:ff:ae:fd:57:2a:38:fd:5e:81:f6:20:ad:15:2d: 62:52:ee:1d:dc:54:f1:56:8e:c7:bc:79:6d:ee:07:0f:53:83: a8:fa:dd:c0:11:21:bb:fc:f0:b2:8a:0b:55:d0:50:0e:0f:bb: d3:a1:8a:89:c5:5d:d3:5b:49:a6:f3:1e:7b:5f:2e:69:0f:a4: 02:0d:68:e9:f0:48:7f:c5:f0:58:fc:cd:37:67:43:d4:59:17: c4:bc:b1:d9 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUEx/ctiv56hpmMijWTbQND/P5U6MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDIyODExNDkzM1oX DTI1MDIyNjExNTQzM1owMzExMC8GA1UEAxMoRkFCMDgxRkNEODZBQjBGODFENDFD OUU1RkI5QzNEMzIyMjBGNDhDRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMlt17eBA5i3S2ZBKOOpo4bXhflA5RTpYGN/dRQ/W8FiKc3Mf8joa7cXE9kJ mo99BwGi4aAT6xPRmWFsHfTQ1/opDSLTIbe0W5ha1lZ7VPx+qCsSxSZz4GcdvgXt o6OSJcO6KrRk1Cb/6uC/KOAHMg0PXoOW2rpA4PW4N8+vUuaZRICovuqebH1Z/1CA MeTeBl30ax2DzFyPZ3ChFUs+uvh0bFNaGHx6uWUgWQlsyLGEUGNW0bh9biu3Fqwt IfuDWAUYZyv1lBndwVdlyYVf5a53045why2w5ajzJQCKsyFHTN9M9S3ugyqYG9rI oNmO6HA8ldJs8XyD/cSowlmkJLMCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFPqwgfzYarD4HUHJ5fucPTIiD0jNMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by85OTRkMWY2Mi04NDg4LTQwODYtOGQ0Yy1mMmRlNWM3NmRhM2QvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk5NGQxZjYy LTg0ODgtNDA4Ni04ZDRjLWYyZGU1Yzc2ZGEzZC8wL0ZBQjA4MUZDRDg2QUIwRjgx RDQxQzlFNUZCOUMzRDMyMjIwRjQ4Q0QubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGdCgAwDQYJKoZIhvcNAQELBQADggEBAFuyFiQvXpi6eEimxJFBhtPBXGcoqLjV MhecXEwvny4N8eucOBSxCDXLNgnHGfGBNW/neIrNATU66n0ejvRdIrBJc5z0NXGz 5IHCuyO/FeaVSpSGDF36/U0SXrSRKeVclpOVrI4RrbU2Q28+6Pafd9PPkhhC4QAC KOIcQmmWzhqzluRL4oQTKvlzQn90pAyrEuQVOaoJeiGidCDOHPjtmxEpTf6ut+L/ rv1XKjj9XoH2IK0VLWJS7h3cVPFWjse8eW3uBw9Tg6j63cARIbv88LKKC1XQUA4P u9OhionFXdNbSabzHntfLmkPpAINaOnwSH/F8Fj8zTdnQ9RZF8S8sdk= -----END CERTIFICATE-----Generated at Fri May 17 17:47:04 2024 by rpki-client on console-ams.rpki-client.org