$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/1D024B7DF6A4F54213C50C405AE1E37B8521B49A.cer File: 1D024B7DF6A4F54213C50C405AE1E37B8521B49A.cer (raw, json) Hash identifier: jCLw6wpvGScj+lJ2phqx62ekAYhk9NcyjP9SciSdn1s= Subject key identifier: 1D:02:4B:7D:F6:A4:F5:42:13:C5:0C:40:5A:E1:E3:7B:85:21:B4:9A Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 78C0EA76C1E88EF0ADE8029100CEE6912623999E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/a13de3ec-4d3c-4402-a7b8-8a1b96226e75/1/1D024B7DF6A4F54213C50C405AE1E37B8521B49A.mft caRepository: rsync://repo-rpki.idnic.net/repo/a13de3ec-4d3c-4402-a7b8-8a1b96226e75/1/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 03 Dec 2024 14:31:04 +0000 Certificate not after: Tue 02 Dec 2025 14:36:04 +0000 Subordinate resources: IP: 61.247.0.0/18 IP: 103.21.212.0/22 IP: 111.94.0.0/15 IP: 118.136.0.0/15 IP: 202.73.96.0/19 IP: 2404:5600::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 25 Feb 2025 10:14:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:c0:ea:76:c1:e8:8e:f0:ad:e8:02:91:00:ce:e6:91:26:23:99:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Dec 3 14:31:04 2024 GMT Not After : Dec 2 14:36:04 2025 GMT Subject: CN=1D024B7DF6A4F54213C50C405AE1E37B8521B49A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:96:9e:8f:2b:cf:3f:1d:34:85:39:60:31:c7: 96:4e:de:ef:aa:5f:ce:ea:ad:aa:0e:db:5d:e4:67: 86:19:0b:67:71:99:6f:1c:0d:85:f1:b4:4f:02:dc: 55:b3:67:b1:7d:eb:44:01:e1:0a:1b:36:3b:4e:8f: 19:44:c3:e0:2f:1d:85:e1:9d:20:a0:68:1e:61:0d: b7:a9:21:44:b1:d7:97:13:2d:7c:ae:50:92:4e:be: c9:36:62:ac:54:af:4b:34:b8:19:13:1b:e9:f9:3b: aa:17:48:98:63:41:73:f9:2a:83:56:26:7c:90:fb: 0a:81:5d:33:fa:bb:81:de:e6:65:46:da:6a:38:59: 25:12:64:80:6c:91:87:6a:ae:98:43:7a:64:ec:9b: 5d:ae:66:fd:41:28:3a:89:eb:06:6c:be:7d:9b:c8: 86:0d:a0:a5:0a:ef:a9:cd:84:37:9a:99:ac:6b:75: 17:b3:48:b3:ca:a0:f5:95:dc:52:77:ab:e1:a6:c0: 7e:cb:f1:03:85:5b:a1:1d:e3:e1:65:5d:8f:3e:67: f2:32:7b:42:b1:db:e1:a5:3f:76:41:7d:e4:c0:f1: 20:8a:cf:fa:26:0c:f0:2d:2b:b4:36:ee:e3:16:f2: 69:52:68:b2:2a:c7:bd:3e:e4:66:2e:2a:4c:8a:77: 30:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 1D:02:4B:7D:F6:A4:F5:42:13:C5:0C:40:5A:E1:E3:7B:85:21:B4:9A X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/a13de3ec-4d3c-4402-a7b8-8a1b96226e75/1 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/a13de3ec-4d3c-4402-a7b8-8a1b96226e75/1/1D024B7DF6A4F54213C50C405AE1E37B8521B49A.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 61.247.0.0/18 103.21.212.0/22 111.94.0.0/15 118.136.0.0/15 202.73.96.0/19 IPv6: 2404:5600::/32 Signature Algorithm: sha256WithRSAEncryption 02:1a:c4:84:26:4e:8b:45:56:51:00:ba:fe:33:8f:9b:c8:49: d9:4c:5d:49:83:fe:5f:df:71:a7:2c:b8:22:80:7d:fb:46:66: f0:d2:00:74:f5:68:d5:dd:4f:a6:3a:9b:ae:3d:a6:5d:fe:e0: e4:17:58:37:cc:6b:ea:1b:0e:64:15:f4:09:00:17:34:40:f0: c8:4a:cb:3e:68:11:9a:83:ee:03:88:2d:32:db:ae:12:39:dd: 52:17:0b:fe:93:14:7e:76:83:d8:5b:6c:b2:95:24:0c:69:23: 94:a5:e5:94:82:4b:41:af:1c:57:e1:78:6b:84:44:0e:51:4a: f4:3f:dd:1d:3c:2a:97:fd:d2:58:17:da:27:d5:68:c2:10:4d: c0:ea:48:87:48:d5:46:b1:d7:cb:83:21:44:f4:69:e2:f3:5f: 92:4d:9c:9a:c1:5e:3e:2b:20:8f:4a:56:3a:04:9e:3a:d7:ec: da:0e:6f:0c:df:56:ba:cf:98:76:73:1d:68:1c:9d:7e:a8:2f: 7e:ca:51:13:3c:6d:8e:3d:32:85:a8:de:b3:24:ba:73:db:d5: 22:55:3b:5f:87:1a:d5:e0:0e:74:84:e1:e5:1f:c0:f0:0e:6e: 39:66:b0:c9:0a:aa:ab:51:25:9c:3e:0b:8a:d8:22:5c:7c:e2: 56:21:89:e3 -----BEGIN CERTIFICATE----- MIIF6jCCBNKgAwIBAgIUeMDqdsHojvCt6AKRAM7mkSYjmZ4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIwMzE0MzEwNFoX DTI1MTIwMjE0MzYwNFowMzExMC8GA1UEAxMoMUQwMjRCN0RGNkE0RjU0MjEzQzUw QzQwNUFFMUUzN0I4NTIxQjQ5QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOqWno8rzz8dNIU5YDHHlk7e76pfzuqtqg7bXeRnhhkLZ3GZbxwNhfG0TwLc VbNnsX3rRAHhChs2O06PGUTD4C8dheGdIKBoHmENt6khRLHXlxMtfK5Qkk6+yTZi rFSvSzS4GRMb6fk7qhdImGNBc/kqg1YmfJD7CoFdM/q7gd7mZUbaajhZJRJkgGyR h2qumEN6ZOybXa5m/UEoOonrBmy+fZvIhg2gpQrvqc2EN5qZrGt1F7NIs8qg9ZXc Uner4abAfsvxA4VboR3j4WVdjz5n8jJ7QrHb4aU/dkF95MDxIIrP+iYM8C0rtDbu 4xbyaVJosirHvT7kZi4qTIp3MFUCAwEAAaOCAt0wggLZMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFB0CS332pPVCE8UMQFrh43uFIbSaMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9hMTNkZTNlYy00ZDNjLTQ0MDItYTdiOC04YTFiOTYyMjZlNzUvMTCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ExM2RlM2Vj LTRkM2MtNDQwMi1hN2I4LThhMWI5NjIyNmU3NS8xLzFEMDI0QjdERjZBNEY1NDIx M0M1MEM0MDVBRTFFMzdCODUyMUI0OUEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwRAYIKwYBBQUHAQcBAf8ENTAzMCIEAgABMBwD BAY99wADBAJnFdQDAwFvXgMDAXaIAwQFyklgMA0EAgACMAcDBQAkBFYAMA0GCSqG SIb3DQEBCwUAA4IBAQACGsSEJk6LRVZRALr+M4+byEnZTF1Jg/5f33GnLLgigH37 Rmbw0gB09WjV3U+mOpuuPaZd/uDkF1g3zGvqGw5kFfQJABc0QPDISss+aBGag+4D iC0y264SOd1SFwv+kxR+doPYW2yylSQMaSOUpeWUgktBrxxX4XhrhEQOUUr0P90d PCqX/dJYF9on1WjCEE3A6kiHSNVGsdfLgyFE9Gni81+STZyawV4+KyCPSlY6BJ46 1+zaDm8M31a6z5h2cx1oHJ1+qC9+ylETPG2OPTKFqN6zJLpz29UiVTtfhxrV4A50 hOHlH8DwDm45ZrDJCqqrUSWcPguK2CJcfOJWIYnj -----END CERTIFICATE-----Generated at Sat Feb 22 14:41:53 2025 by rpki-client