$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer File: 20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer (raw, json) Hash identifier: DFW0v6DaNpwduPq3Qzd+P4/S9p17hWEXsnvujKzKBjs= Subject key identifier: 20:B1:5C:95:FA:33:51:40:2D:60:E9:68:AD:1D:9E:CD:28:9A:BF:F9 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0D72D4F984A38E318A212E3E756E91227A9DDD5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft caRepository: rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 01 Nov 2023 07:53:50 +0000 Certificate not after: Wed 30 Oct 2024 07:58:50 +0000 Subordinate resources: IP: 103.162.0.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 00:20:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:72:d4:f9:84:a3:8e:31:8a:21:2e:3e:75:6e:91:22:7a:9d:dd:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 1 07:53:50 2023 GMT Not After : Oct 30 07:58:50 2024 GMT Subject: CN=20B15C95FA3351402D60E968AD1D9ECD289ABFF9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:c5:96:da:3f:7a:a2:b2:f5:43:b7:32:74:a8: ac:49:60:c3:eb:cc:13:05:7b:1b:7d:1d:7e:ae:57: 86:cb:22:08:ac:f1:e4:7e:60:83:84:83:bc:2b:d4: c6:11:fa:f7:ad:48:58:fc:12:2c:4b:71:3d:56:bc: fe:39:86:6d:14:0b:a8:ff:ea:a8:5f:0e:3b:d0:b7: b9:62:a8:5c:dc:ca:b5:b2:30:df:e0:4e:5e:53:da: 41:4e:88:da:f7:6c:7d:fb:25:46:ad:8f:9c:c9:e8: 3b:fe:b4:3f:dd:11:83:cf:26:24:d7:f7:96:65:52: 6c:2e:45:de:95:0f:59:bc:b0:58:da:f3:49:fa:aa: cb:71:7c:32:79:a3:74:e6:a8:0d:66:92:18:52:a6: 1d:c5:a9:f9:35:da:13:8f:7a:04:bf:62:8b:5f:c6: f9:57:93:c3:1b:22:9d:b3:86:fc:f6:c0:d9:00:42: 0c:6e:2c:ea:83:5e:41:27:21:f7:f8:82:7c:9c:41: e4:4c:d2:17:e3:69:d0:23:a3:7d:e3:5e:34:ca:ec: ec:b8:d6:89:05:6f:44:23:f2:53:50:ab:6d:13:77: 2c:05:20:65:55:72:6e:44:6f:4e:68:96:fa:5e:7b: 5c:2a:a6:4a:b2:eb:f6:da:99:72:a9:8b:4d:c7:79: eb:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 20:B1:5C:95:FA:33:51:40:2D:60:E9:68:AD:1D:9E:CD:28:9A:BF:F9 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.162.0.0/23 Signature Algorithm: sha256WithRSAEncryption 85:a4:82:3b:5e:e3:77:a8:b7:3a:85:0a:9f:f7:29:e4:93:47: ba:29:83:48:04:ae:58:7a:2a:dd:3b:50:5a:41:c0:f9:83:c0: b1:c2:1d:a4:83:d5:14:74:88:e0:bf:dc:d3:3c:a9:7d:23:c5: 73:c5:ea:35:e8:a2:e5:33:66:a5:b2:0f:73:c8:73:bd:92:d2: e1:e3:40:6e:02:a9:e3:6d:11:a8:fb:74:a0:f8:52:f4:1f:85: 87:bc:08:d0:49:63:1c:91:37:ef:e3:36:89:fc:ed:e2:3f:57: 94:57:a0:11:8a:04:eb:f9:09:ef:42:1a:a4:3e:23:17:22:3a: 2d:3c:71:d3:08:7d:02:21:4f:2a:ad:fd:a3:dd:5d:d4:bf:37: 03:18:56:4f:3b:e6:32:45:21:55:45:3a:04:91:22:03:c8:73: 26:99:19:5e:f2:d9:47:bc:5b:f9:f7:b6:53:22:b0:50:39:11: 2c:6d:da:9e:f6:a2:92:1e:b5:22:29:2a:88:8a:af:eb:18:97: 8c:af:18:fd:66:7f:83:85:1e:98:cd:dc:ed:4b:da:50:3b:67: 83:23:3b:2f:26:62:45:10:ff:15:15:e4:82:85:3a:89:ca:bf: ab:3d:43:af:cc:54:ad:08:ee:ed:bb:50:0b:95:93:9f:f5:2c: a4:10:84:56 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUDXLU+YSjjjGKIS4+dW6RInqd3VswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTEwMTA3NTM1MFoX DTI0MTAzMDA3NTg1MFowMzExMC8GA1UEAxMoMjBCMTVDOTVGQTMzNTE0MDJENjBF OTY4QUQxRDlFQ0QyODlBQkZGOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL/Flto/eqKy9UO3MnSorElgw+vMEwV7G30dfq5XhssiCKzx5H5gg4SDvCvU xhH6961IWPwSLEtxPVa8/jmGbRQLqP/qqF8OO9C3uWKoXNzKtbIw3+BOXlPaQU6I 2vdsffslRq2PnMnoO/60P90Rg88mJNf3lmVSbC5F3pUPWbywWNrzSfqqy3F8Mnmj dOaoDWaSGFKmHcWp+TXaE496BL9ii1/G+VeTwxsinbOG/PbA2QBCDG4s6oNeQSch 9/iCfJxB5EzSF+Np0COjfeNeNMrs7LjWiQVvRCPyU1CrbRN3LAUgZVVybkRvTmiW +l57XCqmSrLr9tqZcqmLTcd561kCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCCxXJX6M1FALWDpaK0dns0omr/5MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9kMTQxOTNjNC00YWJkLTRlMmMtYTFkMC0xYjVjZTMyZTQyMGIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QxNDE5M2M0 LTRhYmQtNGUyYy1hMWQwLTFiNWNlMzJlNDIwYi8wLzIwQjE1Qzk1RkEzMzUxNDAy RDYwRTk2OEFEMUQ5RUNEMjg5QUJGRjkubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnogAwDQYJKoZIhvcNAQELBQADggEBAIWkgjte43eotzqFCp/3KeSTR7opg0gE rlh6Kt07UFpBwPmDwLHCHaSD1RR0iOC/3NM8qX0jxXPF6jXoouUzZqWyD3PIc72S 0uHjQG4CqeNtEaj7dKD4UvQfhYe8CNBJYxyRN+/jNon87eI/V5RXoBGKBOv5Ce9C GqQ+IxciOi08cdMIfQIhTyqt/aPdXdS/NwMYVk875jJFIVVFOgSRIgPIcyaZGV7y 2Ue8W/n3tlMisFA5ESxt2p72opIetSIpKoiKr+sYl4yvGP1mf4OFHpjN3O1L2lA7 Z4MjOy8mYkUQ/xUV5IKFOonKv6s9Q6/MVK0I7u27UAuVk5/1LKQQhFY= -----END CERTIFICATE-----Generated at Thu May 9 00:36:57 2024 by rpki-client on console-fra.rpki-client.org