$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/29CF00DB5C2109C4B5090935368C9AC57C5BD2A4.cer File: 29CF00DB5C2109C4B5090935368C9AC57C5BD2A4.cer (raw, json) Hash identifier: rmQbIErHAnqg/vXb5Pxs/uu0CpQOF26HxDvy2jO+ixs= Subject key identifier: 29:CF:00:DB:5C:21:09:C4:B5:09:09:35:36:8C:9A:C5:7C:5B:D2:A4 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4A365999F30045D0E888DB99C27025463F39A3E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/7a22b4e2-26f6-41e8-8910-206bea783db9/0/29CF00DB5C2109C4B5090935368C9AC57C5BD2A4.mft caRepository: rsync://repo-rpki.idnic.net/repo/7a22b4e2-26f6-41e8-8910-206bea783db9/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 27 May 2024 16:07:34 +0000 Certificate not after: Mon 26 May 2025 16:12:34 +0000 Subordinate resources: IP: 103.191.176.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 06:34:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:36:59:99:f3:00:45:d0:e8:88:db:99:c2:70:25:46:3f:39:a3:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: May 27 16:07:34 2024 GMT Not After : May 26 16:12:34 2025 GMT Subject: CN=29CF00DB5C2109C4B5090935368C9AC57C5BD2A4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:fd:e1:6a:4a:46:c9:ca:b1:fe:24:3e:d6:1e: cd:89:50:ff:ce:ba:bd:df:24:de:6c:eb:f3:ff:5d: b2:c1:4b:da:de:ff:cc:8b:a2:ac:11:90:46:dc:16: e9:86:7d:0b:f6:1b:09:89:df:6a:34:54:ee:df:9e: 06:0d:0d:a3:88:40:54:ad:8c:d5:9c:fd:e3:e9:3c: 0d:8a:c3:a9:37:3b:10:d4:46:e1:07:8a:16:7f:18: c6:96:e6:d2:fa:88:b3:46:76:ea:ee:88:e8:ca:72: ef:a0:be:34:3e:d8:95:ff:b4:e7:07:5e:99:61:bf: 20:8c:79:61:2f:9d:95:26:1e:51:6a:0f:5e:c9:03: 56:45:d7:f2:79:a9:3e:57:f3:bf:17:ff:5f:06:6f: 73:b8:d1:6b:5b:a7:5b:9b:d7:21:78:50:ba:99:c2: 3a:27:8d:e5:16:2e:29:a0:1a:9b:e1:2e:d7:3e:06: 0b:57:d9:2e:3e:d1:ed:54:8a:ad:92:da:c1:cf:14: e4:dc:3c:f9:fb:05:62:a4:c6:6a:58:1f:7e:7b:65: 57:99:ff:75:d6:5c:fe:0b:a1:65:5d:0c:12:4e:d2: dc:6b:94:f0:da:ae:82:e8:a5:4f:1a:1f:74:0f:ba: 5a:7e:92:0a:b0:8b:22:e6:c5:dd:f8:d6:54:b8:95: 93:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 29:CF:00:DB:5C:21:09:C4:B5:09:09:35:36:8C:9A:C5:7C:5B:D2:A4 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/7a22b4e2-26f6-41e8-8910-206bea783db9/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/7a22b4e2-26f6-41e8-8910-206bea783db9/0/29CF00DB5C2109C4B5090935368C9AC57C5BD2A4.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.191.176.0/23 Signature Algorithm: sha256WithRSAEncryption 41:c1:04:c1:6d:9c:9a:fd:d4:b8:0e:72:31:38:81:b2:3b:e0: 59:b2:37:e1:c2:a6:5b:c3:27:06:a5:e0:6c:09:c6:fc:22:6d: cb:c4:b3:b1:61:66:eb:e8:31:c0:4e:e9:1f:c8:7e:73:34:32: 21:32:e5:48:74:81:71:e9:dd:8b:5a:29:5d:54:79:e3:81:2f: 34:2f:3c:09:d5:2e:8c:97:cd:72:7c:07:c2:60:10:61:01:ff: f0:88:e1:15:80:55:bd:76:d4:09:02:d2:cb:66:fa:ac:f3:0a: a6:89:a2:d6:92:79:bf:f4:f7:e0:2a:15:5f:41:fd:c5:ea:8b: 80:eb:84:c9:d4:30:d3:03:1a:e3:3f:ee:c8:fc:4c:58:20:c3: 62:ce:15:58:ce:14:b0:fd:ad:ff:fd:4f:67:3c:6f:a6:99:b2: f9:1b:5d:f7:89:28:9d:5c:62:34:19:db:66:2d:57:74:6e:aa: c9:d5:83:55:79:1b:eb:db:42:c6:44:08:ba:65:fa:58:34:66: 2e:39:39:c8:4f:c8:4e:a6:a3:3e:fd:11:13:e7:88:b0:af:1c: 72:94:26:d6:85:c6:45:7a:56:7a:20:56:60:09:26:15:c3:52: 6c:20:e1:29:5c:2e:20:d6:42:c9:b1:c0:e0:68:d3:57:44:b9: 63:5c:7b:6b -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUSjZZmfMARdDoiNuZwnAlRj85o+gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDUyNzE2MDczNFoX DTI1MDUyNjE2MTIzNFowMzExMC8GA1UEAxMoMjlDRjAwREI1QzIxMDlDNEI1MDkw OTM1MzY4QzlBQzU3QzVCRDJBNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL394WpKRsnKsf4kPtYezYlQ/866vd8k3mzr8/9dssFL2t7/zIuirBGQRtwW 6YZ9C/YbCYnfajRU7t+eBg0No4hAVK2M1Zz94+k8DYrDqTc7ENRG4QeKFn8Yxpbm 0vqIs0Z26u6I6Mpy76C+ND7Ylf+05wdemWG/IIx5YS+dlSYeUWoPXskDVkXX8nmp Plfzvxf/XwZvc7jRa1unW5vXIXhQupnCOieN5RYuKaAam+Eu1z4GC1fZLj7R7VSK rZLawc8U5Nw8+fsFYqTGalgffntlV5n/ddZc/guhZV0MEk7S3GuU8NquguilTxof dA+6Wn6SCrCLIubF3fjWVLiVk/0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCnPANtcIQnEtQkJNTaMmsV8W9KkMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83YTIyYjRlMi0yNmY2LTQxZTgtODkxMC0yMDZiZWE3ODNkYjkvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdhMjJiNGUy LTI2ZjYtNDFlOC04OTEwLTIwNmJlYTc4M2RiOS8wLzI5Q0YwMERCNUMyMTA5QzRC NTA5MDkzNTM2OEM5QUM1N0M1QkQyQTQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnv7AwDQYJKoZIhvcNAQELBQADggEBAEHBBMFtnJr91LgOcjE4gbI74FmyN+HC plvDJwal4GwJxvwibcvEs7FhZuvoMcBO6R/IfnM0MiEy5Uh0gXHp3YtaKV1UeeOB LzQvPAnVLoyXzXJ8B8JgEGEB//CI4RWAVb121AkC0stm+qzzCqaJotaSeb/09+Aq FV9B/cXqi4DrhMnUMNMDGuM/7sj8TFggw2LOFVjOFLD9rf/9T2c8b6aZsvkbXfeJ KJ1cYjQZ22YtV3RuqsnVg1V5G+vbQsZECLpl+lg0Zi45OchPyE6moz79ERPniLCv HHKUJtaFxkV6VnogVmAJJhXDUmwg4SlcLiDWQsmxwOBo01dEuWNce2s= -----END CERTIFICATE-----Generated at Sun Feb 16 21:07:49 2025 by rpki-client