$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3241D89371FF3D3AFC0BA911E316A825484B3FDA.cer File: 3241D89371FF3D3AFC0BA911E316A825484B3FDA.cer (raw, json) Hash identifier: 1fx+gI1pQLYUenBGKgV6ixSAW6dQSwBeMFuF+/wSbNo= Subject key identifier: 32:41:D8:93:71:FF:3D:3A:FC:0B:A9:11:E3:16:A8:25:48:4B:3F:DA Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0EBFAC262BEA350435ED126F9FF6D2FC49AC71A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/48c07441-cd9d-4d85-aab4-65f5dd4ed7e0/0/3241D89371FF3D3AFC0BA911E316A825484B3FDA.mft caRepository: rsync://repo-rpki.idnic.net/repo/48c07441-cd9d-4d85-aab4-65f5dd4ed7e0/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 07 Feb 2025 10:02:27 +0000 Certificate not after: Fri 06 Feb 2026 10:07:27 +0000 Subordinate resources: IP: 36.50.97.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:bf:ac:26:2b:ea:35:04:35:ed:12:6f:9f:f6:d2:fc:49:ac:71:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Feb 7 10:02:27 2025 GMT Not After : Feb 6 10:07:27 2026 GMT Subject: CN=3241D89371FF3D3AFC0BA911E316A825484B3FDA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:6f:92:6b:a1:9d:bf:c4:25:0b:01:48:5f:2f: 1a:49:5f:ec:05:e1:c2:20:f1:07:57:32:a4:d4:81: 99:18:97:16:d5:61:d5:8f:01:85:98:1f:27:66:32: e6:27:25:ad:29:ab:c5:30:19:39:2d:4b:1e:fd:c7: 87:22:1b:fc:21:86:4e:f5:5e:3a:57:cd:07:d2:46: 4d:12:f3:aa:65:8a:74:d0:b4:05:47:a6:9c:cd:7b: 90:70:a7:c1:1c:0d:f5:b7:03:ca:26:4a:b3:75:9e: ec:0a:0b:f4:9a:5d:f8:d3:ff:c2:a9:e5:91:5b:28: f4:e3:8b:56:15:25:0d:25:a2:8c:29:20:77:ac:92: 90:c1:13:75:9c:95:db:09:f0:05:03:32:23:49:14: c0:e2:ab:f3:43:4c:29:01:c4:c9:90:f8:0c:dd:f9: 43:b6:26:55:b2:55:06:bf:55:f3:72:a7:f6:f5:1d: 15:ce:e9:87:a1:c9:31:df:f2:de:33:36:b3:4f:a4: 6c:fc:de:ff:7e:94:24:29:39:2e:56:df:f0:67:a4: 9b:50:eb:33:25:68:d9:a4:3c:a7:82:a8:5f:0d:4e: 82:51:ca:32:97:79:81:af:66:d9:67:71:cb:50:34: 77:8b:08:47:57:90:60:57:99:bc:90:bc:88:bf:f5: 3e:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 32:41:D8:93:71:FF:3D:3A:FC:0B:A9:11:E3:16:A8:25:48:4B:3F:DA X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/48c07441-cd9d-4d85-aab4-65f5dd4ed7e0/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/48c07441-cd9d-4d85-aab4-65f5dd4ed7e0/0/3241D89371FF3D3AFC0BA911E316A825484B3FDA.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 36.50.97.0/24 Signature Algorithm: sha256WithRSAEncryption 33:46:ff:9c:4d:d4:b2:1f:da:e6:7e:ec:18:7a:93:fb:8e:df: c8:19:98:d8:bc:59:f7:d5:44:fd:d2:2d:ca:5b:83:7a:45:63: 18:d9:61:ee:da:10:64:28:5a:08:08:2e:4e:b0:e7:73:60:cd: db:59:da:33:bd:5a:de:c3:c3:e8:dc:87:00:d8:97:8e:76:c4: 32:1a:b6:0c:62:38:96:33:ac:5f:6b:a0:dd:8a:d8:3a:4a:de: d6:1d:6a:6b:fb:f4:f0:bc:af:95:a7:58:4a:31:0a:8e:98:19: 00:1a:4b:5f:a1:51:d6:e3:6f:09:ef:96:65:be:97:ae:15:3a: 37:79:f3:ad:77:f3:20:f7:72:29:b6:f1:3f:5e:07:25:43:25: 4e:86:97:12:cb:b5:8e:a8:01:e3:66:e4:e5:e8:a1:b3:d5:da: de:bc:ad:b7:68:cc:0b:11:e6:85:72:58:71:af:19:c6:c3:14: 8a:c9:fc:4d:ec:b4:98:3c:75:9a:cc:6b:08:d6:33:82:c3:04: 53:50:b0:3c:90:b2:66:c9:fd:8a:e9:13:17:c2:7a:7b:f9:35: ae:52:f6:53:96:72:ca:48:14:3c:6e:5e:e0:3f:66:a5:43:e7: 8e:30:75:f2:2d:06:8e:32:92:63:d4:26:c4:09:9a:26:b9:5c: e5:fe:0f:43 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUDr+sJivqNQQ17RJvn/bS/EmscaUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDIwNzEwMDIyN1oX DTI2MDIwNjEwMDcyN1owMzExMC8GA1UEAxMoMzI0MUQ4OTM3MUZGM0QzQUZDMEJB OTExRTMxNkE4MjU0ODRCM0ZEQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKVvkmuhnb/EJQsBSF8vGklf7AXhwiDxB1cypNSBmRiXFtVh1Y8BhZgfJ2Yy 5iclrSmrxTAZOS1LHv3HhyIb/CGGTvVeOlfNB9JGTRLzqmWKdNC0BUemnM17kHCn wRwN9bcDyiZKs3We7AoL9Jpd+NP/wqnlkVso9OOLVhUlDSWijCkgd6ySkMETdZyV 2wnwBQMyI0kUwOKr80NMKQHEyZD4DN35Q7YmVbJVBr9V83Kn9vUdFc7ph6HJMd/y 3jM2s0+kbPze/36UJCk5Llbf8Gekm1DrMyVo2aQ8p4KoXw1OglHKMpd5ga9m2Wdx y1A0d4sIR1eQYFeZvJC8iL/1PnsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDJB2JNx/z06/AupEeMWqCVISz/aMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by80OGMwNzQ0MS1jZDlkLTRkODUtYWFiNC02NWY1ZGQ0ZWQ3ZTAvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ4YzA3NDQx LWNkOWQtNGQ4NS1hYWI0LTY1ZjVkZDRlZDdlMC8wLzMyNDFEODkzNzFGRjNEM0FG QzBCQTkxMUUzMTZBODI1NDg0QjNGREEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAAkMmEwDQYJKoZIhvcNAQELBQADggEBADNG/5xN1LIf2uZ+7Bh6k/uO38gZmNi8 WffVRP3SLcpbg3pFYxjZYe7aEGQoWggILk6w53NgzdtZ2jO9Wt7Dw+jchwDYl452 xDIatgxiOJYzrF9roN2K2DpK3tYdamv79PC8r5WnWEoxCo6YGQAaS1+hUdbjbwnv lmW+l64VOjd586138yD3cim28T9eByVDJU6GlxLLtY6oAeNm5OXoobPV2t68rbdo zAsR5oVyWHGvGcbDFIrJ/E3stJg8dZrMawjWM4LDBFNQsDyQsmbJ/YrpExfCenv5 Na5S9lOWcspIFDxuXuA/ZqVD544wdfItBo4ykmPUJsQJmia5XOX+D0M= -----END CERTIFICATE-----Generated at Sat Apr 5 03:50:38 2025 by rpki-client