$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/FF3F066A5E9AB8F988B8E17C7A56DD2E00A66AD8.cer File: FF3F066A5E9AB8F988B8E17C7A56DD2E00A66AD8.cer (raw, json) Hash identifier: WGoaH0hQ5ZNR6A71f87/u7IVHg32LZJF3wF/YuojJ24= Subject key identifier: FF:3F:06:6A:5E:9A:B8:F9:88:B8:E1:7C:7A:56:DD:2E:00:A6:6A:D8 Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 Certificate issuer: /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Certificate serial: 034CCEF8ACB58BF2C6F44EB98D855261C3C2B5E1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Manifest: rsync://repo-rpki.idnic.net/repo/1d011a1c-a0ad-4d93-86af-3f0aadd9684f/0/FF3F066A5E9AB8F988B8E17C7A56DD2E00A66AD8.mft caRepository: rsync://repo-rpki.idnic.net/repo/1d011a1c-a0ad-4d93-86af-3f0aadd9684f/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 30 May 2024 07:23:11 +0000 Certificate not after: Thu 29 May 2025 07:28:11 +0000 Subordinate resources: IP: 157.15.82.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Nov 2024 14:24:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:4c:ce:f8:ac:b5:8b:f2:c6:f4:4e:b9:8d:85:52:61:c3:c2:b5:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4 Validity Not Before: May 30 07:23:11 2024 GMT Not After : May 29 07:28:11 2025 GMT Subject: CN=FF3F066A5E9AB8F988B8E17C7A56DD2E00A66AD8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:0e:48:c8:ac:e6:07:dc:34:b1:72:b5:ae:c1: 2c:4e:0c:7e:51:fc:63:53:42:bc:71:96:74:ce:71: 94:97:36:70:ab:96:93:06:d6:a9:fa:70:15:ed:45: bf:a6:ec:df:ef:de:2e:90:c9:6d:af:37:1c:60:df: 17:0f:67:cb:fb:d3:b5:b4:81:eb:d5:fe:d1:84:19: ec:fa:fc:83:d7:66:99:2e:3b:e5:74:7e:7a:9f:05: e2:6f:0e:19:72:17:e7:ac:b8:aa:82:74:69:1a:66: 1e:90:f7:64:1a:84:a4:04:46:2d:33:a0:be:3a:86: 86:dc:16:56:04:04:eb:c0:26:59:02:8e:f1:c0:db: c5:c8:a7:e5:d7:91:8c:39:ef:5f:dc:a5:3b:1c:06: d5:40:13:a5:1b:5c:c2:a9:d6:0a:9d:ec:44:66:9c: d4:be:27:04:82:62:45:60:fe:03:04:33:41:ad:f2: 55:2d:9b:4e:27:fd:17:3a:cc:68:13:9e:80:2a:85: cb:af:13:bb:7e:a3:2e:ab:17:f1:6a:4f:a9:f4:f0: f1:54:4d:b4:5e:cb:cd:b1:4a:82:1c:99:5c:64:b6: a5:5b:14:ad:21:75:38:ce:60:9f:bc:48:71:c0:71: de:32:e8:89:a4:e8:e6:b7:93:e7:80:55:f7:3c:9d: a6:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: FF:3F:06:6A:5E:9A:B8:F9:88:B8:E1:7C:7A:56:DD:2E:00:A6:6A:D8 X509v3 Authority Key Identifier: keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4 X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/1d011a1c-a0ad-4d93-86af-3f0aadd9684f/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/1d011a1c-a0ad-4d93-86af-3f0aadd9684f/0/FF3F066A5E9AB8F988B8E17C7A56DD2E00A66AD8.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.15.82.0/23 Signature Algorithm: sha256WithRSAEncryption 19:d6:3b:c9:af:6d:5a:80:89:4b:75:c5:2d:79:19:8f:35:26: ea:74:ef:e1:78:d9:5b:43:36:f5:1f:cb:92:b1:45:69:31:29: 3a:bb:68:40:6d:8a:75:35:0b:4c:1a:84:4e:3f:ea:ea:07:b7: 71:2b:10:b0:69:71:4a:f6:b4:cd:ad:32:38:8f:93:88:32:81: f5:a9:c6:21:1f:2a:0a:cb:3b:c6:81:c2:48:f7:2f:bc:48:3a: ac:da:ed:ca:27:8d:e0:d1:de:30:f4:59:ae:ef:29:ea:13:41: 33:2e:e3:9e:ee:5c:03:33:c4:22:91:6c:96:9a:2b:aa:13:df: ef:b2:76:12:38:67:57:c0:ab:61:07:75:45:2a:f9:11:eb:47: de:29:90:af:b6:65:a2:65:f5:9b:bc:bc:81:e7:b5:ea:f6:65: 6e:0e:cd:b0:8c:9d:30:83:34:e0:39:ff:2f:80:50:93:25:60: a6:fe:fa:34:61:77:e4:2a:62:bf:3b:28:80:d4:07:ce:56:d3: 49:e0:80:b3:16:ef:29:30:3b:f8:5d:e1:88:56:58:df:15:e2: ef:a3:64:cc:f4:3b:0f:eb:14:0b:22:d4:0d:e9:d4:7a:ea:ce: 29:83:0d:f0:dc:af:06:bf:d7:a0:64:ff:08:79:0c:21:49:a3: 1e:cd:b2:ab -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUA0zO+Ky1i/LG9E65jYVSYcPCteEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2 NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDUzMDA3MjMxMVoX DTI1MDUyOTA3MjgxMVowMzExMC8GA1UEAxMoRkYzRjA2NkE1RTlBQjhGOTg4QjhF MTdDN0E1NkREMkUwMEE2NkFEODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL4OSMis5gfcNLFyta7BLE4MflH8Y1NCvHGWdM5xlJc2cKuWkwbWqfpwFe1F v6bs3+/eLpDJba83HGDfFw9ny/vTtbSB69X+0YQZ7Pr8g9dmmS475XR+ep8F4m8O GXIX56y4qoJ0aRpmHpD3ZBqEpARGLTOgvjqGhtwWVgQE68AmWQKO8cDbxcin5deR jDnvX9ylOxwG1UATpRtcwqnWCp3sRGac1L4nBIJiRWD+AwQzQa3yVS2bTif9FzrM aBOegCqFy68Tu36jLqsX8WpPqfTw8VRNtF7LzbFKghyZXGS2pVsUrSF1OM5gn7xI ccBx3jLoiaTo5reT54BV9zydpmsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFP8/Bmpemrj5iLjhfHpW3S4ApmrYMB8GA1UdIwQYMBaAFGD4 vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8xZDAxMWExYy1hMGFkLTRkOTMtODZhZi0zZjBhYWRkOTY4NGYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFkMDExYTFj LWEwYWQtNGQ5My04NmFmLTNmMGFhZGQ5Njg0Zi8wL0ZGM0YwNjZBNUU5QUI4Rjk4 OEI4RTE3QzdBNTZERDJFMDBBNjZBRDgubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAGdD1IwDQYJKoZIhvcNAQELBQADggEBABnWO8mvbVqAiUt1xS15GY81Jup07+F4 2VtDNvUfy5KxRWkxKTq7aEBtinU1C0wahE4/6uoHt3ErELBpcUr2tM2tMjiPk4gy gfWpxiEfKgrLO8aBwkj3L7xIOqza7conjeDR3jD0Wa7vKeoTQTMu457uXAMzxCKR bJaaK6oT3++ydhI4Z1fAq2EHdUUq+RHrR94pkK+2ZaJl9Zu8vIHnter2ZW4OzbCM nTCDNOA5/y+AUJMlYKb++jRhd+QqYr87KIDUB85W00nggLMW7ykwO/hd4YhWWN8V 4u+jZMz0Ow/rFAsi1A3p1HrqzimDDfDcrwa/16Bk/wh5DCFJox7Nsqs= -----END CERTIFICATE-----Generated at Wed Nov 20 06:21:51 2024 by rpki-client on console-ams.rpki-client.org