$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3D95B729FF923CD2442549B7702A6D7C2F78DE85.cer File: 3D95B729FF923CD2442549B7702A6D7C2F78DE85.cer (raw, json) Hash identifier: 7b1lE3St5Y9zfW4c8XfRVJPZEi3/MYieDgQnd+tgb1Y= Subject key identifier: 3D:95:B7:29:FF:92:3C:D2:44:25:49:B7:70:2A:6D:7C:2F:78:DE:85 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0932F2DE27D27AD161F6DE39214ACC9E12BD6A5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/7c8c46fb-b6c1-4a69-83fb-90e7d5c326de/0/3D95B729FF923CD2442549B7702A6D7C2F78DE85.mft caRepository: rsync://repo-rpki.idnic.net/repo/7c8c46fb-b6c1-4a69-83fb-90e7d5c326de/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 03 Dec 2024 11:08:38 +0000 Certificate not after: Tue 02 Dec 2025 11:13:38 +0000 Subordinate resources: IP: 103.240.0.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 06:34:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:32:f2:de:27:d2:7a:d1:61:f6:de:39:21:4a:cc:9e:12:bd:6a:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Dec 3 11:08:38 2024 GMT Not After : Dec 2 11:13:38 2025 GMT Subject: CN=3D95B729FF923CD2442549B7702A6D7C2F78DE85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:73:ce:05:67:96:51:38:8d:71:68:b0:09:8d: 0a:31:b1:12:37:84:0d:c4:99:87:ec:54:1b:7f:f7: 66:aa:96:99:39:df:1e:e0:5d:a3:d9:f1:58:bb:08: f2:0c:e6:32:51:c0:45:56:40:77:18:d0:81:58:12: 64:1a:dc:c6:11:c0:fa:70:29:84:cd:7a:39:dd:cc: f1:4f:75:92:29:86:0b:38:7a:82:45:28:67:97:dc: b1:cd:84:b0:0b:a2:67:77:8e:5b:a1:0f:83:54:b8: 5a:1f:3c:bb:a7:c7:37:f5:90:d9:56:59:08:bb:5e: b6:b4:e9:d9:b1:53:b3:f4:31:73:d3:ff:04:15:e8: 23:72:7c:87:f4:57:3e:27:b0:dc:08:11:99:88:c7: b2:3a:1e:62:71:dd:8a:c3:9e:c2:e0:7b:7e:e5:cd: c6:56:34:2b:12:2e:81:29:5e:a7:6e:21:07:ff:8a: 57:ba:57:f5:cf:fa:b5:72:c2:5b:2f:9b:a7:71:61: 53:da:24:43:e9:dd:88:a4:71:ae:83:5b:0c:19:63: 12:7f:95:7d:1a:96:ca:3d:f3:27:de:0f:38:3e:71: ba:40:af:6a:21:16:53:8e:c8:f4:27:f7:61:91:59: 49:8c:95:3d:3b:fa:39:a3:cd:c2:b4:f4:23:5b:f7: b6:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3D:95:B7:29:FF:92:3C:D2:44:25:49:B7:70:2A:6D:7C:2F:78:DE:85 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/7c8c46fb-b6c1-4a69-83fb-90e7d5c326de/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/7c8c46fb-b6c1-4a69-83fb-90e7d5c326de/0/3D95B729FF923CD2442549B7702A6D7C2F78DE85.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.240.0.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:2f:f0:0e:bb:73:af:f6:5d:14:75:2b:8e:48:6d:03:e3:48: ed:4a:01:17:27:bb:cd:93:5d:b5:47:75:8d:95:9e:d9:76:f1: c5:0d:8d:32:b7:b3:5b:ae:69:64:51:95:7a:f5:f6:b7:38:04: ff:36:72:4d:a7:b7:d8:4e:e2:c2:03:34:b2:d5:72:46:fb:4e: d4:d8:af:0b:29:ad:61:19:46:f3:ea:7e:76:03:ea:cc:1b:e6: d9:f5:d6:df:41:8b:ae:ec:75:42:2b:40:a1:52:cb:86:10:63: 95:a8:32:63:5f:9f:c9:ec:82:31:39:50:1a:6e:66:a1:b6:cf: f0:31:c0:6f:f5:75:ff:b9:4f:17:be:18:4e:bf:46:a1:c0:36: 47:ef:d1:6f:43:f1:86:e9:11:c5:2a:65:cd:04:a9:cc:93:11: 44:3a:31:d7:2b:4a:e1:2a:85:5a:0e:d3:e9:72:30:e9:ac:a1: 92:ff:e0:24:a9:d7:ee:ab:c6:1c:d6:54:4b:c6:b9:9b:de:d6: 80:80:07:2c:95:aa:3e:2e:f7:6b:12:e5:4c:18:7f:f4:2a:13: 80:e5:e0:d5:96:27:aa:5b:32:c9:4d:5c:10:52:28:22:15:86: a5:c1:3d:d4:68:78:54:ef:9f:41:90:c3:29:16:c4:d0:b8:81: 90:69:72:6d -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUCTLy3ifSetFh9t45IUrMnhK9alwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIwMzExMDgzOFoX DTI1MTIwMjExMTMzOFowMzExMC8GA1UEAxMoM0Q5NUI3MjlGRjkyM0NEMjQ0MjU0 OUI3NzAyQTZEN0MyRjc4REU4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKtzzgVnllE4jXFosAmNCjGxEjeEDcSZh+xUG3/3ZqqWmTnfHuBdo9nxWLsI 8gzmMlHARVZAdxjQgVgSZBrcxhHA+nAphM16Od3M8U91kimGCzh6gkUoZ5fcsc2E sAuiZ3eOW6EPg1S4Wh88u6fHN/WQ2VZZCLtetrTp2bFTs/Qxc9P/BBXoI3J8h/RX Piew3AgRmYjHsjoeYnHdisOewuB7fuXNxlY0KxIugSlep24hB/+KV7pX9c/6tXLC Wy+bp3FhU9okQ+ndiKRxroNbDBljEn+VfRqWyj3zJ94POD5xukCvaiEWU47I9Cf3 YZFZSYyVPTv6OaPNwrT0I1v3tlkCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFD2Vtyn/kjzSRCVJt3AqbXwveN6FMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83YzhjNDZmYi1iNmMxLTRhNjktODNmYi05MGU3ZDVjMzI2ZGUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdjOGM0NmZi LWI2YzEtNGE2OS04M2ZiLTkwZTdkNWMzMjZkZS8wLzNEOTVCNzI5RkY5MjNDRDI0 NDI1NDlCNzcwMkE2RDdDMkY3OERFODUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn8AAwDQYJKoZIhvcNAQELBQADggEBADov8A67c6/2XRR1K45IbQPjSO1KARcn u82TXbVHdY2Vntl28cUNjTK3s1uuaWRRlXr19rc4BP82ck2nt9hO4sIDNLLVckb7 TtTYrwsprWEZRvPqfnYD6swb5tn11t9Bi67sdUIrQKFSy4YQY5WoMmNfn8nsgjE5 UBpuZqG2z/AxwG/1df+5Txe+GE6/RqHANkfv0W9D8YbpEcUqZc0EqcyTEUQ6Mdcr SuEqhVoO0+lyMOmsoZL/4CSp1+6rxhzWVEvGuZve1oCAByyVqj4u92sS5UwYf/Qq E4Dl4NWWJ6pbMslNXBBSKCIVhqXBPdRoeFTvn0GQwykWxNC4gZBpcm0= -----END CERTIFICATE-----Generated at Sun Feb 16 21:02:20 2025 by rpki-client