$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/3E0B957B582D8AEF99A49C6448F9993C72378BF3.cer File: 3E0B957B582D8AEF99A49C6448F9993C72378BF3.cer (raw, json) Hash identifier: WyEab3/zJg0JxZiP7B+Cb2ph1AcaIZGbZVTUFZtD6Ac= Subject key identifier: 3E:0B:95:7B:58:2D:8A:EF:99:A4:9C:64:48:F9:99:3C:72:37:8B:F3 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4513CEFD335E07B3C2A054C4556EB50C105BCF07 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/4edc9e4f-8180-41d6-b08d-8ee5a8a70a05/0/3E0B957B582D8AEF99A49C6448F9993C72378BF3.mft caRepository: rsync://repo-rpki.idnic.net/repo/4edc9e4f-8180-41d6-b08d-8ee5a8a70a05/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 19 Jan 2024 06:12:57 +0000 Certificate not after: Fri 17 Jan 2025 06:17:57 +0000 Subordinate resources: IP: 103.132.230.0/23 IP: 2001:df7:8b00::/48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:13:ce:fd:33:5e:07:b3:c2:a0:54:c4:55:6e:b5:0c:10:5b:cf:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 19 06:12:57 2024 GMT Not After : Jan 17 06:17:57 2025 GMT Subject: CN=3E0B957B582D8AEF99A49C6448F9993C72378BF3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:f0:88:f2:4d:5b:e8:c9:59:49:8a:29:a3:f2: 32:2a:84:76:84:77:71:ff:31:d0:be:1a:67:bc:c3: 42:7e:b2:fa:cd:09:cc:d0:cf:c3:c1:76:cf:f5:aa: 1f:a9:45:48:02:db:fa:bf:fd:a1:72:7e:36:4f:52: c8:94:fb:86:59:c8:a3:d0:1b:16:47:d7:1f:58:89: 63:92:dd:73:cd:12:05:01:8d:b2:25:fb:0c:81:db: 00:ef:2a:31:a0:92:00:54:21:1e:5c:57:58:44:b1: 34:83:eb:43:b0:94:d4:06:22:68:3a:7d:95:38:5f: 3e:dc:53:c3:c2:6a:05:12:37:60:c4:2c:46:eb:87: 02:e2:6f:4c:5f:d8:85:21:31:e9:fd:26:5b:6a:2f: fc:88:a8:51:cb:d9:66:47:2e:cb:b1:a8:95:00:b1: ab:9f:ed:32:12:e9:41:51:83:b9:b6:99:a7:c6:ca: b8:2f:a5:14:32:81:6d:56:d9:9c:97:af:80:1a:46: 16:53:e6:8d:62:fe:42:25:5a:8a:2d:dc:52:0b:0f: 6c:ed:12:c0:62:a4:4d:83:4b:5e:79:95:5a:6b:06: 6c:d0:35:d8:76:c5:a7:5f:ab:0c:c6:23:b7:77:0a: 7f:f3:2a:45:af:03:69:ed:1f:49:b7:e6:2b:f9:7c: 17:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 3E:0B:95:7B:58:2D:8A:EF:99:A4:9C:64:48:F9:99:3C:72:37:8B:F3 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/4edc9e4f-8180-41d6-b08d-8ee5a8a70a05/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/4edc9e4f-8180-41d6-b08d-8ee5a8a70a05/0/3E0B957B582D8AEF99A49C6448F9993C72378BF3.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.132.230.0/23 IPv6: 2001:df7:8b00::/48 Signature Algorithm: sha256WithRSAEncryption 68:d3:2f:31:c2:50:50:ca:1a:72:14:60:7d:f4:ce:32:31:38: f3:90:72:43:bd:3e:d0:36:8f:b7:14:44:4c:00:a1:62:5b:e2: 39:65:01:27:32:c8:32:af:06:d5:39:9e:e7:80:aa:0f:0d:f0: 0e:44:6d:ed:25:07:16:a4:d7:e2:d0:80:cc:d8:3c:a3:9e:49: 80:ec:fa:d9:96:3e:bd:a8:e4:61:16:54:ad:a3:eb:fe:e0:c0: 75:c4:53:37:b2:39:b5:65:c1:c3:00:cb:38:15:18:b3:00:c7: c2:37:96:a0:b3:d1:98:8e:cc:7d:c7:0a:a4:d1:db:9e:86:59: 17:03:d4:c9:c5:38:28:38:4a:36:41:27:e9:ee:65:6e:9f:44: 0a:80:e6:7f:16:a0:e1:39:f6:b2:ee:d5:9b:17:bc:ee:f2:62: d2:6f:9e:aa:78:bd:9b:97:71:5d:e4:9d:54:39:ea:00:12:49: 00:54:8f:d4:cf:d8:6d:2c:8a:ca:90:74:fc:22:a6:4a:45:b0: da:55:5b:0a:21:e9:a0:3b:dc:90:a8:ca:41:44:76:80:88:6e: 57:62:bb:d5:7f:6e:8b:6c:1f:71:e4:e1:c6:5e:c4:7b:8c:da: b1:b9:4f:30:14:49:3c:9b:4e:93:c7:9f:97:64:9e:ab:66:ee: 7c:04:18:19 -----BEGIN CERTIFICATE----- MIIF1jCCBL6gAwIBAgIURRPO/TNeB7PCoFTEVW61DBBbzwcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDExOTA2MTI1N1oX DTI1MDExNzA2MTc1N1owMzExMC8GA1UEAxMoM0UwQjk1N0I1ODJEOEFFRjk5QTQ5 QzY0NDhGOTk5M0M3MjM3OEJGMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJ3wiPJNW+jJWUmKKaPyMiqEdoR3cf8x0L4aZ7zDQn6y+s0JzNDPw8F2z/Wq H6lFSALb+r/9oXJ+Nk9SyJT7hlnIo9AbFkfXH1iJY5Ldc80SBQGNsiX7DIHbAO8q MaCSAFQhHlxXWESxNIPrQ7CU1AYiaDp9lThfPtxTw8JqBRI3YMQsRuuHAuJvTF/Y hSEx6f0mW2ov/IioUcvZZkcuy7GolQCxq5/tMhLpQVGDubaZp8bKuC+lFDKBbVbZ nJevgBpGFlPmjWL+QiVaii3cUgsPbO0SwGKkTYNLXnmVWmsGbNA12HbFp1+rDMYj t3cKf/MqRa8Dae0fSbfmK/l8F0ECAwEAAaOCAskwggLFMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFD4LlXtYLYrvmaScZEj5mTxyN4vzMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by80ZWRjOWU0Zi04MTgwLTQxZDYtYjA4ZC04ZWU1YThhNzBhMDUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRlZGM5ZTRm LTgxODAtNDFkNi1iMDhkLThlZTVhOGE3MGEwNS8wLzNFMEI5NTdCNTgyRDhBRUY5 OUE0OUM2NDQ4Rjk5OTNDNzIzNzhCRjMubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYD BAFnhOYwDwQCAAIwCQMHACABDfeLADANBgkqhkiG9w0BAQsFAAOCAQEAaNMvMcJQ UMoachRgffTOMjE485ByQ70+0DaPtxRETAChYlviOWUBJzLIMq8G1Tme54CqDw3w DkRt7SUHFqTX4tCAzNg8o55JgOz62ZY+vajkYRZUraPr/uDAdcRTN7I5tWXBwwDL OBUYswDHwjeWoLPRmI7MfccKpNHbnoZZFwPUycU4KDhKNkEn6e5lbp9ECoDmfxag 4Tn2su7Vmxe87vJi0m+eqni9m5dxXeSdVDnqABJJAFSP1M/YbSyKypB0/CKmSkWw 2lVbCiHpoDvckKjKQUR2gIhuV2K71X9ui2wfceThxl7Ee4zasblPMBRJPJtOk8ef l2Seq2bufAQYGQ== -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:40 2024 by rpki-client on console-ams.rpki-client.org