$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer File: 21AC220B77A77D0516BC73B4C29C8363DD00911B.cer (raw, json) Hash identifier: 67qtAZhe1YBMC5/MxJR5JZOuYlgQm3KXpmcs4oXMyXw= Subject key identifier: 21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3150DC45DEDEE4A1DD43EF25E8AE2C88491B6231 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft caRepository: rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 18 Sep 2024 00:44:53 +0000 Certificate not after: Wed 17 Sep 2025 00:49:53 +0000 Subordinate resources: IP: 103.94.168.0/22 IP: 103.119.140.0 -- 103.119.147.255 IP: 202.10.56.0/22 IP: 2401:48c0::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:50:dc:45:de:de:e4:a1:dd:43:ef:25:e8:ae:2c:88:49:1b:62:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 18 00:44:53 2024 GMT Not After : Sep 17 00:49:53 2025 GMT Subject: CN=21AC220B77A77D0516BC73B4C29C8363DD00911B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:eb:38:c7:01:28:91:28:bd:01:1c:a0:98:9c: df:d7:be:6e:a8:9a:02:1f:e4:11:df:b8:42:36:4d: 22:37:85:6d:4c:d8:22:1c:57:78:36:63:88:4c:6e: 86:6e:57:06:91:10:f4:f9:1f:aa:e5:65:46:4e:6e: 88:06:ea:75:c3:5d:b1:96:a2:6a:85:3e:7e:3b:33: 74:33:ff:78:ef:05:9b:d7:28:95:54:3e:d8:62:d8: 58:5b:f3:0e:4f:7f:d0:21:7c:82:6a:96:99:40:12: 07:8c:e7:cd:bd:9b:62:8f:92:ee:01:40:03:72:76: fa:29:59:22:69:1d:a6:31:d8:6a:0b:cd:2e:9f:91: 01:12:83:cb:48:c9:b3:53:54:f1:21:67:87:1a:1d: 14:f1:70:ee:7d:e3:ec:46:99:04:d2:e9:97:ca:34: 0e:4e:8b:ee:62:48:63:22:8d:fd:a1:64:b2:de:ce: 7a:7c:4c:1f:d9:cc:5d:c5:74:7d:ec:b8:cc:ea:0c: 43:1b:28:5e:63:4b:53:83:ac:63:5b:c2:78:a4:99: a1:17:27:b3:88:06:cc:26:64:ae:32:fd:a5:bb:cf: 6a:1b:45:b7:ef:d7:73:96:c4:bf:a1:a6:80:2c:25: 99:f3:03:7a:03:5b:fc:16:3d:e0:59:fc:bb:41:1a: 6e:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.94.168.0/22 103.119.140.0-103.119.147.255 202.10.56.0/22 IPv6: 2401:48c0::/32 Signature Algorithm: sha256WithRSAEncryption 0d:bc:0a:17:3d:8a:1f:d1:a3:cf:85:0a:8c:63:dc:ed:25:21: 14:ab:df:c7:62:cc:ae:17:92:e7:cf:de:f2:60:ce:f1:8c:8b: 9f:0f:22:c6:7c:72:b8:fa:05:5c:37:ea:e7:be:75:3f:78:c2: 41:bb:d7:35:b2:44:79:86:e9:b5:45:20:18:21:c9:a7:95:51: b9:64:2d:f9:91:08:25:b8:b6:a4:86:f0:88:57:ea:11:50:77: e7:80:b3:2e:e6:ff:69:92:a3:08:98:79:30:ad:10:43:ce:f6: f9:0b:f0:09:10:00:4e:cb:71:ad:1d:6f:06:89:c1:b4:5e:3d: 22:39:da:90:83:63:c1:7c:5d:31:f0:86:cc:e4:71:1b:f6:3c: 03:f6:ec:f7:81:81:e2:b1:bc:17:ec:4b:be:37:52:f1:2b:44: 19:43:2e:06:52:81:f8:80:8e:df:1e:0e:37:c5:72:d7:22:c4: 79:a9:16:cf:7e:99:e6:6a:14:94:85:43:e9:4a:25:e9:fe:c2: 8c:ac:2f:13:c2:88:31:b8:92:f3:8f:93:61:f3:c5:d1:8b:b4: e9:4b:52:0d:fd:7d:dd:29:d5:68:1e:b5:7f:94:3e:de:02:58: 29:9d:a4:9b:b3:65:c8:86:eb:5f:a0:66:77:2e:16:b1:48:c8: 3e:3d:fe:5d -----BEGIN CERTIFICATE----- MIIF6DCCBNCgAwIBAgIUMVDcRd7e5KHdQ+8l6K4siEkbYjEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDkxODAwNDQ1M1oX DTI1MDkxNzAwNDk1M1owMzExMC8GA1UEAxMoMjFBQzIyMEI3N0E3N0QwNTE2QkM3 M0I0QzI5QzgzNjNERDAwOTExQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKnrOMcBKJEovQEcoJic39e+bqiaAh/kEd+4QjZNIjeFbUzYIhxXeDZjiExu hm5XBpEQ9PkfquVlRk5uiAbqdcNdsZaiaoU+fjszdDP/eO8Fm9colVQ+2GLYWFvz Dk9/0CF8gmqWmUASB4znzb2bYo+S7gFAA3J2+ilZImkdpjHYagvNLp+RARKDy0jJ s1NU8SFnhxodFPFw7n3j7EaZBNLpl8o0Dk6L7mJIYyKN/aFkst7OenxMH9nMXcV0 fey4zOoMQxsoXmNLU4OsY1vCeKSZoRcns4gGzCZkrjL9pbvPahtFt+/Xc5bEv6Gm gCwlmfMDegNb/BY94Fn8u0EabtMCAwEAAaOCAtswggLXMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCGsIgt3p30FFrxztMKcg2PdAJEbMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9iZGFiYzBiYS05MjIyLTRjNDUtODM0Mi1lYjg2NDNjNDk2N2QvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JkYWJjMGJh LTkyMjItNGM0NS04MzQyLWViODY0M2M0OTY3ZC8wLzIxQUMyMjBCNzdBNzdEMDUx NkJDNzNCNEMyOUM4MzYzREQwMDkxMUIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwQgYIKwYBBQUHAQcBAf8EMzAxMCAEAgABMBoD BAJnXqgwDAMEAmd3jAMEAmd3kAMEAsoKODANBAIAAjAHAwUAJAFIwDANBgkqhkiG 9w0BAQsFAAOCAQEADbwKFz2KH9Gjz4UKjGPc7SUhFKvfx2LMrheS58/e8mDO8YyL nw8ixnxyuPoFXDfq5751P3jCQbvXNbJEeYbptUUgGCHJp5VRuWQt+ZEIJbi2pIbw iFfqEVB354CzLub/aZKjCJh5MK0QQ872+QvwCRAATstxrR1vBonBtF49IjnakINj wXxdMfCGzORxG/Y8A/bs94GB4rG8F+xLvjdS8StEGUMuBlKB+ICO3x4ON8Vy1yLE eakWz36Z5moUlIVD6Uol6f7CjKwvE8KIMbiS84+TYfPF0Yu06UtSDf193SnVaB61 f5Q+3gJYKZ2km7NlyIbrX6Bmdy4WsUjIPj3+XQ== -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:14 2024 by rpki-client on console-fra.rpki-client.org