$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/2AA6E65B86E4423AEC7D02D85B43BA008012D29D.cer File: 2AA6E65B86E4423AEC7D02D85B43BA008012D29D.cer (raw, json) Hash identifier: q0WaEpdrijUDYhLd83dV5DHgT/TD100y+Hv0Y0qVtVY= Subject key identifier: 2A:A6:E6:5B:86:E4:42:3A:EC:7D:02:D8:5B:43:BA:00:80:12:D2:9D Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 305A30F317A08F84A0B13CECC4ECBA6C9DFF61CE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/7e6bff9d-fb13-47b9-9cc0-dd6a0730a1c6/0/2AA6E65B86E4423AEC7D02D85B43BA008012D29D.mft caRepository: rsync://repo-rpki.idnic.net/repo/7e6bff9d-fb13-47b9-9cc0-dd6a0730a1c6/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 03 Jan 2024 15:36:41 +0000 Certificate not after: Wed 01 Jan 2025 15:41:41 +0000 Subordinate resources: IP: 103.129.48.0/22 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:5a:30:f3:17:a0:8f:84:a0:b1:3c:ec:c4:ec:ba:6c:9d:ff:61:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 3 15:36:41 2024 GMT Not After : Jan 1 15:41:41 2025 GMT Subject: CN=2AA6E65B86E4423AEC7D02D85B43BA008012D29D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:10:33:1b:f3:95:e6:b4:2c:66:1a:87:98:c5: bf:91:b6:a3:c5:6e:a1:fb:87:57:bd:67:1f:c8:71: fd:9b:87:42:b8:ac:0a:67:a3:bc:2d:3d:3c:b7:70: 2e:53:a3:12:7b:fa:5a:31:26:1b:73:f6:f5:b2:0d: e3:f2:34:a1:ab:e1:0b:cb:bc:c2:56:ef:bf:e1:eb: 8c:5e:06:ac:3c:bc:97:fa:d5:9a:11:07:24:f0:88: 8c:f4:d8:2c:ec:b3:64:0e:7c:4d:94:55:55:1c:cc: ed:12:48:21:34:ac:3c:f1:69:52:20:c6:41:66:8a: 43:5d:26:aa:22:26:be:7b:75:7e:aa:5c:92:d8:f7: f0:e9:33:ee:8d:66:6e:99:3c:6f:7e:4c:ea:7f:6c: db:47:99:5c:26:89:a3:27:68:5a:63:0d:e1:48:d9: 68:64:f6:47:44:7b:19:0d:ff:da:58:3d:d8:9b:5c: dc:1b:74:74:de:c4:5a:fe:ff:35:94:7f:7a:9b:cb: ca:11:e8:0a:be:f0:99:9d:6e:68:8d:be:10:40:40: c9:9e:86:79:be:64:04:f9:11:d1:56:2d:e2:dc:70: 80:69:d7:58:eb:5c:92:05:5b:fa:51:db:63:98:ba: c7:aa:e0:93:57:48:1c:bd:aa:dd:41:b0:eb:b5:55: 5f:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2A:A6:E6:5B:86:E4:42:3A:EC:7D:02:D8:5B:43:BA:00:80:12:D2:9D X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/7e6bff9d-fb13-47b9-9cc0-dd6a0730a1c6/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/7e6bff9d-fb13-47b9-9cc0-dd6a0730a1c6/0/2AA6E65B86E4423AEC7D02D85B43BA008012D29D.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.129.48.0/22 Signature Algorithm: sha256WithRSAEncryption 89:05:7e:43:dc:a1:a0:d1:8f:1b:5b:2d:e8:c7:94:af:89:a8: df:c4:0f:2f:6b:55:ff:97:93:a3:44:74:cb:fc:6a:9b:38:1a: 7e:96:7b:fb:dc:d7:8c:be:01:0e:1e:a7:77:d6:b2:a8:aa:4a: 43:0d:11:9a:b5:f5:cb:18:39:d8:f2:90:80:23:82:5e:ba:ff: 48:fc:3a:8c:0e:3d:aa:9d:ec:87:63:eb:55:bc:bd:0a:fb:bf: 0b:fa:a6:d1:b0:d5:72:03:3d:f6:fe:d7:89:db:41:92:83:b7: 0b:a7:15:3e:22:6d:0e:74:32:ec:35:14:ec:68:25:b8:e7:51: d8:d4:0b:8f:7f:fe:9e:ea:19:90:00:39:61:6f:e6:da:8d:f2: 76:e2:7a:be:df:af:1e:ab:b3:24:dc:c4:d8:2f:c1:00:76:e1: ae:97:d2:1b:16:eb:81:44:4a:e9:48:07:7c:73:a1:83:aa:19: 78:fd:c9:03:95:29:46:19:09:93:a7:24:c4:07:e6:17:62:12: 26:55:b7:e5:c8:7d:3b:bc:88:d3:7c:c5:53:d7:b1:0f:4f:b6: 41:9a:c7:32:5e:b4:48:6c:04:ef:03:0f:c0:5c:a5:39:82:eb: 3f:16:3b:53:a9:10:61:ea:35:e6:fb:74:fd:8b:dd:d9:06:5c: 79:c1:da:5b -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUMFow8xegj4SgsTzsxOy6bJ3/Yc4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwMzE1MzY0MVoX DTI1MDEwMTE1NDE0MVowMzExMC8GA1UEAxMoMkFBNkU2NUI4NkU0NDIzQUVDN0Qw MkQ4NUI0M0JBMDA4MDEyRDI5RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAPEQMxvzlea0LGYah5jFv5G2o8VuofuHV71nH8hx/ZuHQrisCmejvC09PLdw LlOjEnv6WjEmG3P29bIN4/I0oavhC8u8wlbvv+HrjF4GrDy8l/rVmhEHJPCIjPTY LOyzZA58TZRVVRzM7RJIITSsPPFpUiDGQWaKQ10mqiImvnt1fqpcktj38Okz7o1m bpk8b35M6n9s20eZXCaJoydoWmMN4UjZaGT2R0R7GQ3/2lg92Jtc3Bt0dN7EWv7/ NZR/epvLyhHoCr7wmZ1uaI2+EEBAyZ6Geb5kBPkR0VYt4txwgGnXWOtckgVb+lHb Y5i6x6rgk1dIHL2q3UGw67VVX+ECAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCqm5luG5EI67H0C2FtDugCAEtKdMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83ZTZiZmY5ZC1mYjEzLTQ3YjktOWNjMC1kZDZhMDczMGExYzYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdlNmJmZjlk LWZiMTMtNDdiOS05Y2MwLWRkNmEwNzMwYTFjNi8wLzJBQTZFNjVCODZFNDQyM0FF QzdEMDJEODVCNDNCQTAwODAxMkQyOUQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJngTAwDQYJKoZIhvcNAQELBQADggEBAIkFfkPcoaDRjxtbLejHlK+JqN/EDy9r Vf+Xk6NEdMv8aps4Gn6We/vc14y+AQ4ep3fWsqiqSkMNEZq19csYOdjykIAjgl66 /0j8OowOPaqd7Idj61W8vQr7vwv6ptGw1XIDPfb+14nbQZKDtwunFT4ibQ50Muw1 FOxoJbjnUdjUC49//p7qGZAAOWFv5tqN8nbier7frx6rsyTcxNgvwQB24a6X0hsW 64FESulIB3xzoYOqGXj9yQOVKUYZCZOnJMQH5hdiEiZVt+XIfTu8iNN8xVPXsQ9P tkGaxzJetEhsBO8DD8BcpTmC6z8WO1OpEGHqNeb7dP2L3dkGXHnB2ls= -----END CERTIFICATE-----Generated at Wed May 8 09:50:27 2024 by rpki-client on console-fra.rpki-client.org