$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3241D89371FF3D3AFC0BA911E316A825484B3FDA.cer File: 3241D89371FF3D3AFC0BA911E316A825484B3FDA.cer (raw, json) Hash identifier: QuI8bKKrwnprSV3trIm91VYEqbDC5AP6Vs3Tado6cIU= Subject key identifier: 32:41:D8:93:71:FF:3D:3A:FC:0B:A9:11:E3:16:A8:25:48:4B:3F:DA Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 7E4B4A2CF1BC7C8535B795FE62AB17F6E0B35FF2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/48c07441-cd9d-4d85-aab4-65f5dd4ed7e0/0/3241D89371FF3D3AFC0BA911E316A825484B3FDA.mft caRepository: rsync://repo-rpki.idnic.net/repo/48c07441-cd9d-4d85-aab4-65f5dd4ed7e0/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 08 Mar 2024 06:41:24 +0000 Certificate not after: Fri 07 Mar 2025 06:46:24 +0000 Subordinate resources: IP: 36.50.97.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 00:20:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:4b:4a:2c:f1:bc:7c:85:35:b7:95:fe:62:ab:17:f6:e0:b3:5f:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 8 06:41:24 2024 GMT Not After : Mar 7 06:46:24 2025 GMT Subject: CN=3241D89371FF3D3AFC0BA911E316A825484B3FDA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:6f:92:6b:a1:9d:bf:c4:25:0b:01:48:5f:2f: 1a:49:5f:ec:05:e1:c2:20:f1:07:57:32:a4:d4:81: 99:18:97:16:d5:61:d5:8f:01:85:98:1f:27:66:32: e6:27:25:ad:29:ab:c5:30:19:39:2d:4b:1e:fd:c7: 87:22:1b:fc:21:86:4e:f5:5e:3a:57:cd:07:d2:46: 4d:12:f3:aa:65:8a:74:d0:b4:05:47:a6:9c:cd:7b: 90:70:a7:c1:1c:0d:f5:b7:03:ca:26:4a:b3:75:9e: ec:0a:0b:f4:9a:5d:f8:d3:ff:c2:a9:e5:91:5b:28: f4:e3:8b:56:15:25:0d:25:a2:8c:29:20:77:ac:92: 90:c1:13:75:9c:95:db:09:f0:05:03:32:23:49:14: c0:e2:ab:f3:43:4c:29:01:c4:c9:90:f8:0c:dd:f9: 43:b6:26:55:b2:55:06:bf:55:f3:72:a7:f6:f5:1d: 15:ce:e9:87:a1:c9:31:df:f2:de:33:36:b3:4f:a4: 6c:fc:de:ff:7e:94:24:29:39:2e:56:df:f0:67:a4: 9b:50:eb:33:25:68:d9:a4:3c:a7:82:a8:5f:0d:4e: 82:51:ca:32:97:79:81:af:66:d9:67:71:cb:50:34: 77:8b:08:47:57:90:60:57:99:bc:90:bc:88:bf:f5: 3e:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 32:41:D8:93:71:FF:3D:3A:FC:0B:A9:11:E3:16:A8:25:48:4B:3F:DA X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/48c07441-cd9d-4d85-aab4-65f5dd4ed7e0/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/48c07441-cd9d-4d85-aab4-65f5dd4ed7e0/0/3241D89371FF3D3AFC0BA911E316A825484B3FDA.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 36.50.97.0/24 Signature Algorithm: sha256WithRSAEncryption 87:e2:83:0d:1f:84:88:f3:ef:da:e3:19:db:6a:fb:6b:36:6d: be:e1:c1:74:31:81:a4:bb:9a:76:48:c5:9a:28:88:bf:d1:ee: b8:e2:f4:9f:ac:a0:be:66:d0:07:c6:8e:e6:82:4f:3d:bd:38: 0d:89:35:92:2d:ae:9c:e8:63:e3:49:b3:9c:52:33:e4:31:4f: 23:07:05:9d:15:62:36:2a:0a:19:bf:9c:16:11:e4:49:06:f0: fc:70:81:95:a5:22:dc:02:db:9e:e3:73:99:7f:b0:d9:df:a4: 1c:2d:26:8b:b1:8b:62:d8:20:af:39:72:f1:76:69:d2:41:4d: 78:e7:e0:72:b7:10:c0:fa:b4:52:0b:79:33:56:c2:60:b1:36: 7a:dd:2e:97:3d:7f:8a:62:67:50:f7:c3:f9:e5:01:bc:19:a9: d5:de:e3:0d:86:6d:72:8f:2b:2a:51:35:eb:2f:f5:73:ef:19: 5a:e8:82:19:3e:3d:eb:ed:42:c0:d0:a0:f6:a8:f6:4c:bf:74: 41:43:18:5e:e5:3f:c2:1b:b6:63:f7:d4:ba:4c:74:f4:01:72: df:1a:bf:b4:d6:c1:8d:ab:42:07:7e:6c:ae:67:8d:28:ec:48: 90:97:a9:91:01:54:21:8b:74:a2:ad:cd:cb:1e:c0:48:b8:6f: 76:b2:04:a7 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUfktKLPG8fIU1t5X+YqsX9uCzX/IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDMwODA2NDEyNFoX DTI1MDMwNzA2NDYyNFowMzExMC8GA1UEAxMoMzI0MUQ4OTM3MUZGM0QzQUZDMEJB OTExRTMxNkE4MjU0ODRCM0ZEQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKVvkmuhnb/EJQsBSF8vGklf7AXhwiDxB1cypNSBmRiXFtVh1Y8BhZgfJ2Yy 5iclrSmrxTAZOS1LHv3HhyIb/CGGTvVeOlfNB9JGTRLzqmWKdNC0BUemnM17kHCn wRwN9bcDyiZKs3We7AoL9Jpd+NP/wqnlkVso9OOLVhUlDSWijCkgd6ySkMETdZyV 2wnwBQMyI0kUwOKr80NMKQHEyZD4DN35Q7YmVbJVBr9V83Kn9vUdFc7ph6HJMd/y 3jM2s0+kbPze/36UJCk5Llbf8Gekm1DrMyVo2aQ8p4KoXw1OglHKMpd5ga9m2Wdx y1A0d4sIR1eQYFeZvJC8iL/1PnsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDJB2JNx/z06/AupEeMWqCVISz/aMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by80OGMwNzQ0MS1jZDlkLTRkODUtYWFiNC02NWY1ZGQ0ZWQ3ZTAvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ4YzA3NDQx LWNkOWQtNGQ4NS1hYWI0LTY1ZjVkZDRlZDdlMC8wLzMyNDFEODkzNzFGRjNEM0FG QzBCQTkxMUUzMTZBODI1NDg0QjNGREEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAkMmEwDQYJKoZIhvcNAQELBQADggEBAIfigw0fhIjz79rjGdtq+2s2bb7hwXQx gaS7mnZIxZooiL/R7rji9J+soL5m0AfGjuaCTz29OA2JNZItrpzoY+NJs5xSM+Qx TyMHBZ0VYjYqChm/nBYR5EkG8PxwgZWlItwC257jc5l/sNnfpBwtJouxi2LYIK85 cvF2adJBTXjn4HK3EMD6tFILeTNWwmCxNnrdLpc9f4piZ1D3w/nlAbwZqdXe4w2G bXKPKypRNesv9XPvGVroghk+PevtQsDQoPao9ky/dEFDGF7lP8IbtmP31LpMdPQB ct8av7TWwY2rQgd+bK5njSjsSJCXqZEBVCGLdKKtzcsewEi4b3ayBKc= -----END CERTIFICATE-----Generated at Thu May 9 00:29:10 2024 by rpki-client on console-ams.rpki-client.org