$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/2F24A2044806301EB7FA6CE5C8521FE03941B7BA.cer File: 2F24A2044806301EB7FA6CE5C8521FE03941B7BA.cer (raw, json) Hash identifier: k5PRs5wVkduLuBTSzeTNq7gmEnHsE0sSNPK7OivA7BI= Subject key identifier: 2F:24:A2:04:48:06:30:1E:B7:FA:6C:E5:C8:52:1F:E0:39:41:B7:BA Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 7CD23F05D0C4ABA1FDF9CAADBEECDA116F47CC8A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/91a2929c-6088-4cb5-83c6-f4a356b20f9d/0/2F24A2044806301EB7FA6CE5C8521FE03941B7BA.mft caRepository: rsync://repo-rpki.idnic.net/repo/91a2929c-6088-4cb5-83c6-f4a356b20f9d/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 28 Dec 2024 13:42:03 +0000 Certificate not after: Sat 27 Dec 2025 13:47:03 +0000 Subordinate resources: IP: 103.184.57.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:d2:3f:05:d0:c4:ab:a1:fd:f9:ca:ad:be:ec:da:11:6f:47:cc:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Dec 28 13:42:03 2024 GMT Not After : Dec 27 13:47:03 2025 GMT Subject: CN=2F24A2044806301EB7FA6CE5C8521FE03941B7BA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:0d:e7:8a:c0:3e:8b:3c:2e:61:15:87:22:4b: ba:23:80:e0:bb:cd:17:4f:8c:25:53:fa:62:60:0c: 93:4b:63:2c:e2:71:95:51:dd:5a:3e:98:61:f4:2c: 7d:06:2a:bd:56:16:c4:f8:a5:78:03:b3:49:77:09: e3:7a:93:48:c8:3c:77:fd:8a:6c:70:ad:1d:3d:72: 23:50:d2:db:f0:d2:1e:30:1b:9d:68:a9:7d:ea:56: 5d:29:f0:82:96:01:1e:63:b5:52:9c:9c:8b:c9:df: 2c:37:15:cc:cb:81:5b:52:dd:f8:20:a6:28:89:e5: 1f:e1:0e:0a:6e:51:c5:1f:7e:3b:30:f7:ab:06:a6: 3d:97:9b:f7:be:78:0b:cf:17:23:0e:e6:83:af:ce: a1:aa:f3:e2:5a:0c:ec:21:62:f3:91:74:cc:e7:1c: ff:f9:8f:0c:b6:21:b5:c0:71:3a:d5:6c:83:fe:f8: 8d:bf:22:8a:1f:a6:23:2c:57:4d:be:71:30:ac:88: a0:2b:93:01:18:a6:b8:7f:dd:2a:d0:13:1d:eb:90: df:8f:fe:31:cf:63:a6:81:05:10:59:12:5d:72:97: ba:64:11:ea:46:0b:ce:f6:67:9b:4e:2b:7f:f1:39: 15:54:69:96:4b:97:f3:31:29:24:c5:cb:1b:6c:60: f7:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2F:24:A2:04:48:06:30:1E:B7:FA:6C:E5:C8:52:1F:E0:39:41:B7:BA X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/91a2929c-6088-4cb5-83c6-f4a356b20f9d/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/91a2929c-6088-4cb5-83c6-f4a356b20f9d/0/2F24A2044806301EB7FA6CE5C8521FE03941B7BA.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.184.57.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:56:a6:dd:82:74:21:8e:e6:2a:51:04:26:b4:c1:55:ca:ec: 3b:6d:b3:39:93:36:aa:41:4b:ed:55:bb:f1:7e:0f:9e:4a:8b: 26:5e:a1:fc:83:dd:ee:9f:36:43:44:11:d2:a1:bc:90:d0:de: 94:c4:82:76:e5:bb:86:bd:12:43:43:82:f1:5a:72:7f:84:44: cb:b5:ec:2b:58:f5:7e:55:5e:17:b9:f0:ff:96:10:b4:43:32: 78:ac:a9:ef:64:51:a8:e9:0e:32:b8:c3:64:fd:c8:f2:f6:6b: 06:04:99:29:e2:3d:b0:76:ff:41:55:47:84:d3:be:f5:57:24: f9:00:fe:8e:ad:19:39:08:09:01:ec:33:7a:bf:4f:46:46:70: 7b:73:ea:07:48:ee:6b:76:e5:02:40:37:0c:09:9a:3d:f6:27: 71:e9:22:39:4d:98:f3:a0:89:b6:50:70:84:51:69:b0:53:13: 7b:79:44:cb:b2:7d:f0:6c:e7:bf:7f:e9:18:55:f8:2d:ae:e2: dd:5a:ec:1f:2a:a5:82:0e:12:25:4e:c9:3f:8d:64:bd:d7:51: 3c:be:02:a2:8e:08:2d:7f:b5:3b:61:48:6f:54:b6:eb:dd:7b: 56:4f:07:ba:43:61:f4:46:d1:df:52:9c:b1:b6:c8:79:db:77: 34:fb:ac:98 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUfNI/BdDEq6H9+cqtvuzaEW9HzIowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIyODEzNDIwM1oX DTI1MTIyNzEzNDcwM1owMzExMC8GA1UEAxMoMkYyNEEyMDQ0ODA2MzAxRUI3RkE2 Q0U1Qzg1MjFGRTAzOTQxQjdCQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALYN54rAPos8LmEVhyJLuiOA4LvNF0+MJVP6YmAMk0tjLOJxlVHdWj6YYfQs fQYqvVYWxPileAOzSXcJ43qTSMg8d/2KbHCtHT1yI1DS2/DSHjAbnWipfepWXSnw gpYBHmO1Upyci8nfLDcVzMuBW1Ld+CCmKInlH+EOCm5RxR9+OzD3qwamPZeb9754 C88XIw7mg6/Ooarz4loM7CFi85F0zOcc//mPDLYhtcBxOtVsg/74jb8iih+mIyxX Tb5xMKyIoCuTARimuH/dKtATHeuQ34/+Mc9jpoEFEFkSXXKXumQR6kYLzvZnm04r f/E5FVRplkuX8zEpJMXLG2xg93MCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFC8kogRIBjAet/ps5chSH+A5Qbe6MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by85MWEyOTI5Yy02MDg4LTRjYjUtODNjNi1mNGEzNTZiMjBmOWQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzkxYTI5Mjlj LTYwODgtNGNiNS04M2M2LWY0YTM1NmIyMGY5ZC8wLzJGMjRBMjA0NDgwNjMwMUVC N0ZBNkNFNUM4NTIxRkUwMzk0MUI3QkEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnuDkwDQYJKoZIhvcNAQELBQADggEBADpWpt2CdCGO5ipRBCa0wVXK7DttszmT NqpBS+1Vu/F+D55KiyZeofyD3e6fNkNEEdKhvJDQ3pTEgnblu4a9EkNDgvFacn+E RMu17CtY9X5VXhe58P+WELRDMnisqe9kUajpDjK4w2T9yPL2awYEmSniPbB2/0FV R4TTvvVXJPkA/o6tGTkICQHsM3q/T0ZGcHtz6gdI7mt25QJANwwJmj32J3HpIjlN mPOgibZQcIRRabBTE3t5RMuyffBs579/6RhV+C2u4t1a7B8qpYIOEiVOyT+NZL3X UTy+AqKOCC1/tTthSG9Utuvde1ZPB7pDYfRG0d9SnLG2yHnbdzT7rJg= -----END CERTIFICATE-----Generated at Sat Apr 5 06:26:49 2025 by rpki-client