$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer File: 2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer (raw, json) Hash identifier: ljaRfods23jm51nyTyCrseEYo5pRKnQf/WQz1J4Jmxs= Subject key identifier: 2A:AF:A8:14:14:ED:CB:10:32:23:5F:22:40:FE:06:77:3F:3E:6F:16 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 244002709F9BCAD9EBA74C00872664E4762BF9EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft caRepository: rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 04 Mar 2024 16:03:03 +0000 Certificate not after: Mon 03 Mar 2025 16:08:03 +0000 Subordinate resources: IP: 103.177.218.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:40:02:70:9f:9b:ca:d9:eb:a7:4c:00:87:26:64:e4:76:2b:f9:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 4 16:03:03 2024 GMT Not After : Mar 3 16:08:03 2025 GMT Subject: CN=2AAFA81414EDCB1032235F2240FE06773F3E6F16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:4c:39:c0:a1:a8:e0:77:23:1f:3f:b5:f4:e4: 50:10:01:52:08:d1:19:4f:02:9f:63:30:21:21:f0: 50:4f:34:8b:a9:2c:95:aa:d6:d1:f1:33:b6:1d:20: 5f:7d:97:df:90:56:53:74:10:b6:6e:83:d9:d5:66: 19:d3:b6:fa:2f:3b:ba:c2:1d:aa:bb:42:75:c3:13: 77:83:34:12:fa:3e:7f:a9:39:31:37:01:46:37:aa: ca:18:9a:c7:5b:14:e4:b7:93:23:be:a7:f5:ff:9b: d9:6d:79:b7:02:ab:4a:15:2f:64:7f:5e:9a:a4:f4: a5:d8:4c:39:f0:71:33:f4:39:91:fa:53:f0:84:b3: 3b:6a:6c:40:58:2c:19:7d:70:05:17:14:56:19:54: 36:31:67:d9:3b:81:5e:39:20:bc:83:37:f7:28:ce: c3:e6:7e:d6:92:8b:48:ec:71:85:3b:cd:6c:4d:b3: 33:46:52:c1:ee:fd:1f:71:0e:88:9a:2f:9c:ab:b4: 4b:8a:58:3e:78:29:ed:3b:17:d3:31:c3:17:70:d9: 81:d4:7a:3d:d1:25:01:dc:07:f5:3e:bf:4d:8f:fa: 43:86:b7:c4:0e:a8:5e:20:14:94:61:ef:b2:35:22: 88:a5:a2:9f:02:71:18:25:dd:aa:38:e3:d1:c2:da: f5:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2A:AF:A8:14:14:ED:CB:10:32:23:5F:22:40:FE:06:77:3F:3E:6F:16 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.177.218.0/23 Signature Algorithm: sha256WithRSAEncryption 07:af:2b:2f:f3:92:88:71:22:82:c3:8b:1c:54:bb:e2:28:95: de:cc:f1:d2:17:39:3e:23:c7:2c:e1:e9:9f:33:ff:3c:79:21: 07:4e:10:82:d5:fa:14:f9:9e:ae:36:f5:b7:8d:31:7e:82:01: 96:37:b8:72:0c:b6:95:0c:83:32:e7:24:8c:ee:90:90:87:95: 1e:55:15:eb:9c:56:5e:2b:59:44:7f:63:49:03:c8:09:2c:df: 59:69:a8:d1:2a:39:3b:4a:32:97:34:9d:3a:9c:52:5e:30:a1: 0a:af:79:b1:e4:d1:db:87:e1:2b:4a:85:4e:0c:73:ea:9c:b8: 87:87:f1:29:06:4d:11:8c:28:49:ac:f5:4c:81:61:10:1f:3a: 8a:b4:94:24:12:ed:45:e7:62:a7:2a:b8:1c:49:8e:e4:10:91: 66:e3:f6:ef:81:85:70:99:0a:b1:18:dd:46:97:c4:12:a9:04: 6b:91:1c:6f:31:57:83:bc:ec:44:1a:7f:15:5e:35:ee:f3:53: 09:f1:ed:ac:70:1f:31:b7:4b:cd:36:8e:8e:c1:ba:59:06:f7: e1:05:83:2d:08:eb:6c:c6:e6:54:f2:4d:7d:92:ff:1e:ae:4c: 79:a8:d5:c6:54:6e:5b:8d:1a:c4:a9:49:0e:a5:aa:02:e7:e6: 2f:63:b2:14 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUJEACcJ+bytnrp0wAhyZk5HYr+e8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDMwNDE2MDMwM1oX DTI1MDMwMzE2MDgwM1owMzExMC8GA1UEAxMoMkFBRkE4MTQxNEVEQ0IxMDMyMjM1 RjIyNDBGRTA2NzczRjNFNkYxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKhMOcChqOB3Ix8/tfTkUBABUgjRGU8Cn2MwISHwUE80i6kslarW0fEzth0g X32X35BWU3QQtm6D2dVmGdO2+i87usIdqrtCdcMTd4M0Evo+f6k5MTcBRjeqyhia x1sU5LeTI76n9f+b2W15twKrShUvZH9emqT0pdhMOfBxM/Q5kfpT8ISzO2psQFgs GX1wBRcUVhlUNjFn2TuBXjkgvIM39yjOw+Z+1pKLSOxxhTvNbE2zM0ZSwe79H3EO iJovnKu0S4pYPngp7TsX0zHDF3DZgdR6PdElAdwH9T6/TY/6Q4a3xA6oXiAUlGHv sjUiiKWinwJxGCXdqjjj0cLa9W8CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCqvqBQU7csQMiNfIkD+Bnc/Pm8WMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zYWI4ZTYwZi1mOTkzLTQ1MzQtOWRhMC1mMjg1YTg2MDNmNjkvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNhYjhlNjBm LWY5OTMtNDUzNC05ZGEwLWYyODVhODYwM2Y2OS8wLzJBQUZBODE0MTRFRENCMTAz MjIzNUYyMjQwRkUwNjc3M0YzRTZGMTYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnsdowDQYJKoZIhvcNAQELBQADggEBAAevKy/zkohxIoLDixxUu+Iold7M8dIX OT4jxyzh6Z8z/zx5IQdOEILV+hT5nq429beNMX6CAZY3uHIMtpUMgzLnJIzukJCH lR5VFeucVl4rWUR/Y0kDyAks31lpqNEqOTtKMpc0nTqcUl4woQqvebHk0duH4StK hU4Mc+qcuIeH8SkGTRGMKEms9UyBYRAfOoq0lCQS7UXnYqcquBxJjuQQkWbj9u+B hXCZCrEY3UaXxBKpBGuRHG8xV4O87EQafxVeNe7zUwnx7axwHzG3S802jo7BulkG 9+EFgy0I62zG5lTyTX2S/x6uTHmo1cZUbluNGsSpSQ6lqgLn5i9jshQ= -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:40 2024 by rpki-client on console-ams.rpki-client.org