$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer File: 20B15C95FA3351402D60E968AD1D9ECD289ABFF9.cer (raw, json) Hash identifier: s0ekvmTv7ebMxmIWAETnyZhYxkDZmu61I1E07ifCzlc= Subject key identifier: 20:B1:5C:95:FA:33:51:40:2D:60:E9:68:AD:1D:9E:CD:28:9A:BF:F9 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 340F0F26507C5DE1BD2C9FCFE20F430175AD38BD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft caRepository: rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 02 Oct 2024 10:37:54 +0000 Certificate not after: Wed 01 Oct 2025 10:42:54 +0000 Subordinate resources: IP: 103.162.0.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:0f:0f:26:50:7c:5d:e1:bd:2c:9f:cf:e2:0f:43:01:75:ad:38:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Oct 2 10:37:54 2024 GMT Not After : Oct 1 10:42:54 2025 GMT Subject: CN=20B15C95FA3351402D60E968AD1D9ECD289ABFF9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:c5:96:da:3f:7a:a2:b2:f5:43:b7:32:74:a8: ac:49:60:c3:eb:cc:13:05:7b:1b:7d:1d:7e:ae:57: 86:cb:22:08:ac:f1:e4:7e:60:83:84:83:bc:2b:d4: c6:11:fa:f7:ad:48:58:fc:12:2c:4b:71:3d:56:bc: fe:39:86:6d:14:0b:a8:ff:ea:a8:5f:0e:3b:d0:b7: b9:62:a8:5c:dc:ca:b5:b2:30:df:e0:4e:5e:53:da: 41:4e:88:da:f7:6c:7d:fb:25:46:ad:8f:9c:c9:e8: 3b:fe:b4:3f:dd:11:83:cf:26:24:d7:f7:96:65:52: 6c:2e:45:de:95:0f:59:bc:b0:58:da:f3:49:fa:aa: cb:71:7c:32:79:a3:74:e6:a8:0d:66:92:18:52:a6: 1d:c5:a9:f9:35:da:13:8f:7a:04:bf:62:8b:5f:c6: f9:57:93:c3:1b:22:9d:b3:86:fc:f6:c0:d9:00:42: 0c:6e:2c:ea:83:5e:41:27:21:f7:f8:82:7c:9c:41: e4:4c:d2:17:e3:69:d0:23:a3:7d:e3:5e:34:ca:ec: ec:b8:d6:89:05:6f:44:23:f2:53:50:ab:6d:13:77: 2c:05:20:65:55:72:6e:44:6f:4e:68:96:fa:5e:7b: 5c:2a:a6:4a:b2:eb:f6:da:99:72:a9:8b:4d:c7:79: eb:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 20:B1:5C:95:FA:33:51:40:2D:60:E9:68:AD:1D:9E:CD:28:9A:BF:F9 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/d14193c4-4abd-4e2c-a1d0-1b5ce32e420b/0/20B15C95FA3351402D60E968AD1D9ECD289ABFF9.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.162.0.0/23 Signature Algorithm: sha256WithRSAEncryption 4a:2e:e7:25:6d:02:32:4c:97:14:0e:29:20:7f:9d:6f:ff:8a: b1:ce:aa:1c:17:a0:93:cc:9e:61:cd:03:e4:42:62:32:57:46: c5:46:b8:d5:59:52:c2:1b:24:e8:49:64:f1:a1:74:e8:82:f5: 36:b9:38:bb:8e:33:77:f7:c0:4d:e5:8d:04:6a:e4:72:ad:04: c6:04:bd:84:9d:67:15:90:fa:06:4d:9e:57:8e:c1:75:2a:5c: 1e:45:ec:9c:e2:53:8c:eb:6d:33:0e:2b:1b:f1:37:d7:c5:53: ae:f0:ef:a5:6a:2b:79:47:a5:5b:4d:ef:26:e2:74:e9:25:99: 26:19:1e:8e:d9:d6:59:b5:14:ce:c2:e9:81:3f:56:40:d7:0e: 27:d5:99:1f:f1:88:05:b2:55:9e:13:59:a6:59:de:3c:bd:ba: c1:d3:e7:34:b0:bc:fb:67:de:d0:c4:bc:2a:55:f3:29:f5:57: e4:7b:ad:fd:c1:c3:66:b2:3e:39:32:9e:d3:7d:21:79:0d:9b: b7:ac:25:5d:d7:6d:59:2a:ca:0b:1a:78:50:01:b1:f4:16:fa: 18:03:83:54:2d:2b:79:ef:2f:c9:fe:bf:46:af:a1:90:71:7d: 3c:28:fd:f1:74:44:77:65:ca:06:f7:2e:96:fc:5f:45:b4:56: e6:91:b3:f1 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUNA8PJlB8XeG9LJ/P4g9DAXWtOL0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTAwMjEwMzc1NFoX DTI1MTAwMTEwNDI1NFowMzExMC8GA1UEAxMoMjBCMTVDOTVGQTMzNTE0MDJENjBF OTY4QUQxRDlFQ0QyODlBQkZGOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL/Flto/eqKy9UO3MnSorElgw+vMEwV7G30dfq5XhssiCKzx5H5gg4SDvCvU xhH6961IWPwSLEtxPVa8/jmGbRQLqP/qqF8OO9C3uWKoXNzKtbIw3+BOXlPaQU6I 2vdsffslRq2PnMnoO/60P90Rg88mJNf3lmVSbC5F3pUPWbywWNrzSfqqy3F8Mnmj dOaoDWaSGFKmHcWp+TXaE496BL9ii1/G+VeTwxsinbOG/PbA2QBCDG4s6oNeQSch 9/iCfJxB5EzSF+Np0COjfeNeNMrs7LjWiQVvRCPyU1CrbRN3LAUgZVVybkRvTmiW +l57XCqmSrLr9tqZcqmLTcd561kCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCCxXJX6M1FALWDpaK0dns0omr/5MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9kMTQxOTNjNC00YWJkLTRlMmMtYTFkMC0xYjVjZTMyZTQyMGIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QxNDE5M2M0 LTRhYmQtNGUyYy1hMWQwLTFiNWNlMzJlNDIwYi8wLzIwQjE1Qzk1RkEzMzUxNDAy RDYwRTk2OEFEMUQ5RUNEMjg5QUJGRjkubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnogAwDQYJKoZIhvcNAQELBQADggEBAEou5yVtAjJMlxQOKSB/nW//irHOqhwX oJPMnmHNA+RCYjJXRsVGuNVZUsIbJOhJZPGhdOiC9Ta5OLuOM3f3wE3ljQRq5HKt BMYEvYSdZxWQ+gZNnleOwXUqXB5F7JziU4zrbTMOKxvxN9fFU67w76VqK3lHpVtN 7ybidOklmSYZHo7Z1lm1FM7C6YE/VkDXDifVmR/xiAWyVZ4TWaZZ3jy9usHT5zSw vPtn3tDEvCpV8yn1V+R7rf3Bw2ayPjkyntN9IXkNm7esJV3XbVkqygsaeFABsfQW +hgDg1QtK3nvL8n+v0avoZBxfTwo/fF0RHdlygb3Lpb8X0W0VuaRs/E= -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:14 2024 by rpki-client on console-fra.rpki-client.org