$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer File: 3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.cer (raw, json) Hash identifier: 48/pz0wB/GCgrnXFFD+q4ro7feL/7HBE9vEeuz1+/mI= Subject key identifier: 3D:78:9F:AF:5F:7E:BE:69:38:C4:C7:23:DC:D2:EE:D7:85:C3:5E:4F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 559DE2B2DE8D67A56412DE180A27E097AE97D3F9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft caRepository: rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 15 Sep 2023 11:34:48 +0000 Certificate not after: Fri 13 Sep 2024 11:39:48 +0000 Subordinate resources: IP: 103.10.253.0/24 IP: 103.28.163.0/24 IP: 103.65.96.0/23 IP: 2001:df0:269::/48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 10:29:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:9d:e2:b2:de:8d:67:a5:64:12:de:18:0a:27:e0:97:ae:97:d3:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 15 11:34:48 2023 GMT Not After : Sep 13 11:39:48 2024 GMT Subject: CN=3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:a1:01:f0:00:12:89:d4:c3:52:41:f6:5c:79: a2:f0:dc:95:0c:49:e3:f3:7e:03:00:e5:ec:63:b1: 1f:62:d6:95:9b:64:75:4e:6c:c8:cc:c4:fe:33:8f: e3:a0:31:87:93:89:df:ec:c2:c0:c6:af:b6:1a:17: b0:89:90:ca:28:10:55:84:c0:15:4a:40:fe:45:76: 1a:95:7e:5c:21:0f:d7:f0:ee:68:f3:63:48:d5:8d: 07:2e:4d:19:51:03:6c:9e:93:08:9d:98:ba:9e:b0: b9:77:b2:c1:ec:90:b2:d0:c0:b2:2a:0c:18:0b:65: 92:73:ff:28:55:96:12:65:94:76:44:59:45:f1:9e: 97:53:1a:93:eb:b1:23:7c:e2:20:cf:38:5c:8c:8a: 03:9a:80:44:86:82:b7:8a:2e:e6:73:07:f4:4e:8d: 9b:1d:e3:b3:09:d6:1e:2d:18:78:97:da:8d:02:3b: 6f:89:9e:ef:3f:ad:b4:5f:13:16:50:2d:94:03:be: 0a:d4:51:a2:fc:62:6a:4c:38:17:09:36:32:d8:22: e9:8c:86:a7:d6:ce:69:95:c2:56:7c:f4:3e:d8:f2: fc:21:88:2f:ce:bf:68:00:a0:0b:ff:83:a1:49:ac: 26:bc:d9:ac:d9:bd:f9:86:ab:6b:08:d0:ce:7f:bb: 97:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3D:78:9F:AF:5F:7E:BE:69:38:C4:C7:23:DC:D2:EE:D7:85:C3:5E:4F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/4d970032-08ea-4890-bdba-6309a497917d/0/3D789FAF5F7EBE6938C4C723DCD2EED785C35E4F.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.10.253.0/24 103.28.163.0/24 103.65.96.0/23 IPv6: 2001:df0:269::/48 Signature Algorithm: sha256WithRSAEncryption 05:d0:44:50:f9:dc:8e:88:46:e8:cb:ca:28:84:2c:5f:28:ac: ab:18:23:9c:df:12:28:d5:f7:55:70:eb:d4:ea:b7:5b:7c:9b: fc:d4:a7:ab:38:5f:22:e0:e3:06:30:9b:99:e4:f5:ae:ab:40: 02:62:54:3e:65:c9:1c:26:86:97:f1:36:67:11:45:e9:de:ad: 76:31:3a:b8:5c:c0:4e:80:76:fb:e1:72:31:48:2d:98:9a:d0: c3:1b:77:25:31:57:eb:56:1a:3c:8a:50:75:51:2d:e6:d5:21: 6c:f3:9b:d6:cf:fb:02:a6:9d:5c:a7:7c:dd:0a:6d:a8:08:72: a6:b0:b6:94:05:82:fc:bb:de:17:ba:6e:dd:d3:39:61:19:5f: 74:ac:1b:bc:af:74:0c:af:1d:a8:ae:07:98:a2:b8:ef:38:67: 44:72:e7:8f:43:2f:8c:92:5d:76:1d:a3:5b:dd:fd:7f:90:4b: 5f:89:2a:f9:2c:6f:19:9c:f9:65:df:bf:65:27:92:2b:bc:b5: 04:1d:b9:c5:dd:ac:23:c6:98:f5:5b:3b:ce:da:32:62:8a:3c: e7:f0:30:9c:2e:4c:ef:0b:97:52:4e:d2:be:77:f6:c7:59:06: 99:6f:ba:53:10:c6:b5:2c:37:0f:9d:a6:38:30:33:2c:0d:4e: 83:24:cc:b7 -----BEGIN CERTIFICATE----- MIIF4jCCBMqgAwIBAgIUVZ3ist6NZ6VkEt4YCifgl66X0/kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDkxNTExMzQ0OFoX DTI0MDkxMzExMzk0OFowMzExMC8GA1UEAxMoM0Q3ODlGQUY1RjdFQkU2OTM4QzRD NzIzRENEMkVFRDc4NUMzNUU0RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANWhAfAAEonUw1JB9lx5ovDclQxJ4/N+AwDl7GOxH2LWlZtkdU5syMzE/jOP 46Axh5OJ3+zCwMavthoXsImQyigQVYTAFUpA/kV2GpV+XCEP1/DuaPNjSNWNBy5N GVEDbJ6TCJ2Yup6wuXeyweyQstDAsioMGAtlknP/KFWWEmWUdkRZRfGel1Mak+ux I3ziIM84XIyKA5qARIaCt4ou5nMH9E6Nmx3jswnWHi0YeJfajQI7b4me7z+ttF8T FlAtlAO+CtRRovxiakw4Fwk2Mtgi6YyGp9bOaZXCVnz0Ptjy/CGIL86/aACgC/+D oUmsJrzZrNm9+YarawjQzn+7l9cCAwEAAaOCAtUwggLRMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFD14n69ffr5pOMTHI9zS7teFw15PMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by80ZDk3MDAzMi0wOGVhLTQ4OTAtYmRiYS02MzA5YTQ5NzkxN2QvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRkOTcwMDMy LTA4ZWEtNDg5MC1iZGJhLTYzMDlhNDk3OTE3ZC8wLzNENzg5RkFGNUY3RUJFNjkz OEM0QzcyM0RDRDJFRUQ3ODVDMzVFNEYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwPAYIKwYBBQUHAQcBAf8ELTArMBgEAgABMBID BABnCv0DBABnHKMDBAFnQWAwDwQCAAIwCQMHACABDfACaTANBgkqhkiG9w0BAQsF AAOCAQEABdBEUPncjohG6MvKKIQsXyisqxgjnN8SKNX3VXDr1Oq3W3yb/NSnqzhf IuDjBjCbmeT1rqtAAmJUPmXJHCaGl/E2ZxFF6d6tdjE6uFzAToB2++FyMUgtmJrQ wxt3JTFX61YaPIpQdVEt5tUhbPOb1s/7AqadXKd83QptqAhyprC2lAWC/LveF7pu 3dM5YRlfdKwbvK90DK8dqK4HmKK47zhnRHLnj0MvjJJddh2jW939f5BLX4kq+Sxv GZz5Zd+/ZSeSK7y1BB25xd2sI8aY9Vs7ztoyYoo85/AwnC5M7wuXUk7Svnf2x1kG mW+6UxDGtSw3D52mODAzLA1OgyTMtw== -----END CERTIFICATE-----Generated at Wed May 8 04:37:49 2024 by rpki-client on console-fra.rpki-client.org