$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3C52D4A86ABDDD0D6DA631737F78DC205EEC239B.cer File: 3C52D4A86ABDDD0D6DA631737F78DC205EEC239B.cer (raw, json) Hash identifier: DzksO4mW6jS93Mscum5P+EjpHCyssjgtw8v7Xdpx9Vg= Subject key identifier: 3C:52:D4:A8:6A:BD:DD:0D:6D:A6:31:73:7F:78:DC:20:5E:EC:23:9B Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5AFF006C6113E42282F1F5B29D15B7DC77644BC6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/837694b7-3256-4666-a3fe-6e82e783b1e1/0/3C52D4A86ABDDD0D6DA631737F78DC205EEC239B.mft caRepository: rsync://repo-rpki.idnic.net/repo/837694b7-3256-4666-a3fe-6e82e783b1e1/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 04 Jan 2024 08:13:06 +0000 Certificate not after: Thu 02 Jan 2025 08:18:06 +0000 Subordinate resources: IP: 103.54.170.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 18:02:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:ff:00:6c:61:13:e4:22:82:f1:f5:b2:9d:15:b7:dc:77:64:4b:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 4 08:13:06 2024 GMT Not After : Jan 2 08:18:06 2025 GMT Subject: CN=3C52D4A86ABDDD0D6DA631737F78DC205EEC239B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:3d:a9:48:bd:b7:20:b0:77:9f:62:2f:1f:20: ef:d5:b6:d8:e5:cd:b9:c5:f0:9b:a9:7c:07:2d:88: 2c:9c:80:2b:6d:b7:91:f4:62:97:3f:8b:ab:56:11: 61:3c:be:e0:ee:cd:1e:95:77:ae:45:db:4e:14:51: dc:aa:9c:e2:7b:48:3e:15:42:6c:6c:2e:13:2f:a2: 6f:9f:aa:85:a0:e2:02:8d:d2:03:43:43:88:08:02: 8c:d4:90:9f:71:a1:21:69:e6:78:bc:8b:88:d7:01: 72:38:67:bc:65:b8:38:36:85:97:53:e3:1f:ff:93: a9:b9:5e:01:4e:60:62:54:57:06:87:08:1b:1d:7d: 2c:5b:c9:a4:5e:1d:27:91:a7:d9:64:da:18:2d:d1: 3a:d0:2e:24:a2:fa:be:08:bb:92:3d:fe:57:16:3f: 04:91:1d:41:b4:69:ca:d0:a1:44:ec:6a:61:58:11: 10:5b:9e:93:62:2a:c0:e5:86:81:2a:82:dd:33:6a: 69:74:dd:87:dc:0d:db:43:69:0a:83:a6:0b:e4:ac: 0b:9f:13:9e:d9:b0:37:b0:71:39:93:0f:0c:ee:6d: 26:00:d2:5c:50:af:57:a2:a2:7c:f6:11:d6:90:77: 2e:33:8a:10:d3:cd:19:5a:71:a0:f9:08:30:c3:50: 08:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3C:52:D4:A8:6A:BD:DD:0D:6D:A6:31:73:7F:78:DC:20:5E:EC:23:9B X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/837694b7-3256-4666-a3fe-6e82e783b1e1/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/837694b7-3256-4666-a3fe-6e82e783b1e1/0/3C52D4A86ABDDD0D6DA631737F78DC205EEC239B.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.54.170.0/23 Signature Algorithm: sha256WithRSAEncryption 0f:a5:5a:e0:73:99:40:1b:80:50:2a:fe:1a:76:a4:cc:d5:7e: fb:a5:f1:66:9b:2f:cf:5a:9f:19:48:d1:1a:49:c4:ad:1e:02: 29:f6:01:82:31:b8:c6:7e:de:67:ba:d7:3b:6d:7d:6d:6c:68: 33:ae:b7:32:c0:28:a6:6d:67:ba:66:3d:6e:05:48:8a:dd:ab: fd:92:33:28:e7:9b:ce:c4:0b:b3:b4:8b:15:7e:ef:5d:9a:6e: 85:5c:17:67:c4:27:35:19:81:82:3a:0e:74:0b:43:cb:44:04: eb:bf:17:a1:23:28:e3:a3:fb:06:b8:53:e7:40:4f:f9:8f:d0: a4:b9:b7:f9:33:79:41:7a:fe:09:9f:58:e6:2b:c3:67:97:3a: 54:6f:10:e1:e3:aa:56:ad:f9:9f:89:35:79:4b:fc:85:e2:d8: 9e:26:b1:8f:4b:d1:5e:0a:ed:91:98:14:69:b0:86:6b:fe:b7: 34:91:8b:e8:45:7d:7a:c2:8e:00:98:18:d0:0b:80:60:bf:a7: f2:0b:62:62:f7:96:cf:53:6d:44:3e:62:39:a0:ea:85:22:af: fe:6e:c0:b0:0f:6c:29:36:88:ff:59:90:37:a7:a9:13:02:3e: 31:2f:88:bf:7a:47:22:5a:7e:c5:32:4b:58:11:fc:4e:2e:d9: 27:46:bc:43 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUWv8AbGET5CKC8fWynRW33HdkS8YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwNDA4MTMwNloX DTI1MDEwMjA4MTgwNlowMzExMC8GA1UEAxMoM0M1MkQ0QTg2QUJEREQwRDZEQTYz MTczN0Y3OERDMjA1RUVDMjM5QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAME9qUi9tyCwd59iLx8g79W22OXNucXwm6l8By2ILJyAK223kfRilz+Lq1YR YTy+4O7NHpV3rkXbThRR3Kqc4ntIPhVCbGwuEy+ib5+qhaDiAo3SA0NDiAgCjNSQ n3GhIWnmeLyLiNcBcjhnvGW4ODaFl1PjH/+TqbleAU5gYlRXBocIGx19LFvJpF4d J5Gn2WTaGC3ROtAuJKL6vgi7kj3+VxY/BJEdQbRpytChROxqYVgREFuek2IqwOWG gSqC3TNqaXTdh9wN20NpCoOmC+SsC58TntmwN7BxOZMPDO5tJgDSXFCvV6KifPYR 1pB3LjOKENPNGVpxoPkIMMNQCM8CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFDxS1Khqvd0NbaYxc3943CBe7CObMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by84Mzc2OTRiNy0zMjU2LTQ2NjYtYTNmZS02ZTgyZTc4M2IxZTEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzgzNzY5NGI3 LTMyNTYtNDY2Ni1hM2ZlLTZlODJlNzgzYjFlMS8wLzNDNTJENEE4NkFCREREMEQ2 REE2MzE3MzdGNzhEQzIwNUVFQzIzOUIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnNqowDQYJKoZIhvcNAQELBQADggEBAA+lWuBzmUAbgFAq/hp2pMzVfvul8Wab L89anxlI0RpJxK0eAin2AYIxuMZ+3me61zttfW1saDOutzLAKKZtZ7pmPW4FSIrd q/2SMyjnm87EC7O0ixV+712aboVcF2fEJzUZgYI6DnQLQ8tEBOu/F6EjKOOj+wa4 U+dAT/mP0KS5t/kzeUF6/gmfWOYrw2eXOlRvEOHjqlat+Z+JNXlL/IXi2J4msY9L 0V4K7ZGYFGmwhmv+tzSRi+hFfXrCjgCYGNALgGC/p/ILYmL3ls9TbUQ+Yjmg6oUi r/5uwLAPbCk2iP9ZkDenqRMCPjEviL96RyJafsUyS1gR/E4u2SdGvEM= -----END CERTIFICATE-----Generated at Wed May 8 18:12:06 2024 by rpki-client on console-fra.rpki-client.org