$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/129AAEFC08D204E9BE5439C807FF840DC3CE57F9.cer File: 129AAEFC08D204E9BE5439C807FF840DC3CE57F9.cer (raw, json) Hash identifier: vltvpkMAdh/69Q7lOrq1S/Ptt6MddN58CmJN+p3RTOU= Subject key identifier: 12:9A:AE:FC:08:D2:04:E9:BE:54:39:C8:07:FF:84:0D:C3:CE:57:F9 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5B4A8E03ECB50F89EEF2AA3042C17F3858C99929 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/a63655f1-38b6-4415-8faf-2b5b9153e52d/0/129AAEFC08D204E9BE5439C807FF840DC3CE57F9.mft caRepository: rsync://repo-rpki.idnic.net/repo/a63655f1-38b6-4415-8faf-2b5b9153e52d/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 02 Apr 2024 13:07:50 +0000 Certificate not after: Tue 01 Apr 2025 13:12:50 +0000 Subordinate resources: IP: 45.113.228.0/22 IP: 103.91.0.0/22 IP: 2001:df0:ef00::/48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 10:29:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:4a:8e:03:ec:b5:0f:89:ee:f2:aa:30:42:c1:7f:38:58:c9:99:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Apr 2 13:07:50 2024 GMT Not After : Apr 1 13:12:50 2025 GMT Subject: CN=129AAEFC08D204E9BE5439C807FF840DC3CE57F9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:cd:d4:5c:46:9b:51:fb:e3:c1:c1:59:98:c4: e8:67:02:26:7d:2a:e3:5a:1d:72:1c:d9:68:b5:04: 87:dc:d4:34:75:06:49:e4:89:a4:86:a1:04:9f:7c: af:95:b9:db:0f:39:b3:e9:02:9f:0c:30:b4:4b:a4: f1:e0:4f:18:03:c9:3e:b2:0a:c8:1a:d2:d3:10:63: c9:2f:2a:80:f9:bc:e5:b8:40:d6:bd:7e:56:ec:89: f7:e7:d1:8e:af:02:82:37:23:42:24:0d:ee:fd:fc: 89:c0:95:3c:b7:3b:3b:85:7f:37:e4:c2:ea:ed:d3: 34:4e:72:29:8e:2c:eb:b8:d6:fb:e1:c0:f7:11:d2: cf:12:39:85:35:5b:16:83:83:be:c2:8b:82:48:e6: e8:d0:b8:6a:b9:4c:bf:f6:59:cb:8c:82:09:ff:a8: 52:cf:a3:cc:e8:25:c1:9e:06:2a:d0:bf:b2:66:9b: 1c:69:4b:00:85:a3:83:2f:fd:e4:77:fa:04:48:8b: a5:47:69:84:8b:a9:08:b3:44:65:c3:6e:e9:4a:b8: c4:32:c3:8a:0a:f7:95:4b:1c:f5:4b:c7:34:3c:74: 0d:68:e2:61:99:73:7d:c4:53:13:13:d7:37:63:89: c9:f7:4e:f8:94:c2:ec:ba:98:3d:05:3e:f3:8a:10: 7b:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 12:9A:AE:FC:08:D2:04:E9:BE:54:39:C8:07:FF:84:0D:C3:CE:57:F9 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/a63655f1-38b6-4415-8faf-2b5b9153e52d/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/a63655f1-38b6-4415-8faf-2b5b9153e52d/0/129AAEFC08D204E9BE5439C807FF840DC3CE57F9.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.113.228.0/22 103.91.0.0/22 IPv6: 2001:df0:ef00::/48 Signature Algorithm: sha256WithRSAEncryption 29:08:89:4d:36:b8:07:6f:35:6b:51:3b:f5:72:84:19:8e:42: 5d:27:87:03:b0:d8:5b:ab:49:eb:9d:99:8a:a2:6f:4f:ed:42: e8:aa:33:ca:43:11:56:bf:de:57:e6:19:1e:8b:47:3d:f3:d5: 7c:11:55:63:b0:cb:4a:8c:2d:af:14:f6:9c:2b:d9:ca:08:56: 69:bb:cc:30:c8:b4:eb:85:e0:45:9f:d8:be:e5:a5:2a:ae:fd: 36:2d:89:df:65:59:f5:3b:aa:be:86:0a:12:0a:8b:c3:26:d1: fc:be:25:65:42:03:47:a4:85:ae:12:1b:be:dd:96:b0:72:82: 07:d8:75:4e:3d:eb:64:97:76:fb:fc:c0:48:d9:51:e5:fc:97: 64:19:90:19:6a:56:62:1f:2b:af:36:3a:77:f5:88:aa:5a:5a: db:b8:9d:9e:8f:4c:d6:0b:a4:36:c5:01:84:e4:f2:41:68:b4: 04:b7:cc:2d:eb:a1:66:d4:4e:89:81:e1:17:bd:84:8d:0d:30: c8:f8:cd:9e:60:bf:a9:ef:3e:a3:e2:ee:23:d6:92:0c:2e:6f: ff:b9:bc:ab:49:17:9f:55:d0:b2:79:cb:e3:ad:9e:6c:a2:44: 08:57:04:2f:d7:b2:7d:9f:b1:36:22:7e:c5:71:f2:d7:f2:fd: 0c:f2:09:16 -----BEGIN CERTIFICATE----- MIIF3DCCBMSgAwIBAgIUW0qOA+y1D4nu8qowQsF/OFjJmSkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDQwMjEzMDc1MFoX DTI1MDQwMTEzMTI1MFowMzExMC8GA1UEAxMoMTI5QUFFRkMwOEQyMDRFOUJFNTQz OUM4MDdGRjg0MERDM0NFNTdGOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJTN1FxGm1H748HBWZjE6GcCJn0q41odchzZaLUEh9zUNHUGSeSJpIahBJ98 r5W52w85s+kCnwwwtEuk8eBPGAPJPrIKyBrS0xBjyS8qgPm85bhA1r1+VuyJ9+fR jq8CgjcjQiQN7v38icCVPLc7O4V/N+TC6u3TNE5yKY4s67jW++HA9xHSzxI5hTVb FoODvsKLgkjm6NC4arlMv/ZZy4yCCf+oUs+jzOglwZ4GKtC/smabHGlLAIWjgy/9 5Hf6BEiLpUdphIupCLNEZcNu6Uq4xDLDigr3lUsc9UvHNDx0DWjiYZlzfcRTExPX N2OJyfdO+JTC7LqYPQU+84oQex0CAwEAAaOCAs8wggLLMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFBKarvwI0gTpvlQ5yAf/hA3Dzlf5MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9hNjM2NTVmMS0zOGI2LTQ0MTUtOGZhZi0yYjViOTE1M2U1MmQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E2MzY1NWYx LTM4YjYtNDQxNS04ZmFmLTJiNWI5MTUzZTUyZC8wLzEyOUFBRUZDMDhEMjA0RTlC RTU0MzlDODA3RkY4NDBEQzNDRTU3RjkubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwD BAItceQDBAJnWwAwDwQCAAIwCQMHACABDfDvADANBgkqhkiG9w0BAQsFAAOCAQEA KQiJTTa4B281a1E79XKEGY5CXSeHA7DYW6tJ652ZiqJvT+1C6KozykMRVr/eV+YZ HotHPfPVfBFVY7DLSowtrxT2nCvZyghWabvMMMi064XgRZ/YvuWlKq79Ni2J32VZ 9TuqvoYKEgqLwybR/L4lZUIDR6SFrhIbvt2WsHKCB9h1Tj3rZJd2+/zASNlR5fyX ZBmQGWpWYh8rrzY6d/WIqlpa27idno9M1gukNsUBhOTyQWi0BLfMLeuhZtROiYHh F72EjQ0wyPjNnmC/qe8+o+LuI9aSDC5v/7m8q0kXn1XQsnnL462ebKJECFcEL9ey fZ+xNiJ+xXHy1/L9DPIJFg== -----END CERTIFICATE-----Generated at Wed May 8 04:37:46 2024 by rpki-client on console-fra.rpki-client.org