$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/43352CF2FE94548EEF080C0D6A6DA5C07EE627AB.cer File: 43352CF2FE94548EEF080C0D6A6DA5C07EE627AB.cer (raw, json) Hash identifier: wHWNfa0poYeMrdYfjbYcwMp6hewJw6+IWt9ZvRrfVLg= Subject key identifier: 43:35:2C:F2:FE:94:54:8E:EF:08:0C:0D:6A:6D:A5:C0:7E:E6:27:AB Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 367678F71BB9711F0759775BE0A714AEE0F9D1FC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/e7d9f745-faa4-48ce-83b1-0bde33c2447f/0/43352CF2FE94548EEF080C0D6A6DA5C07EE627AB.mft caRepository: rsync://repo-rpki.idnic.net/repo/e7d9f745-faa4-48ce-83b1-0bde33c2447f/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 12 Nov 2024 20:30:51 +0000 Certificate not after: Tue 11 Nov 2025 20:35:51 +0000 Subordinate resources: IP: 203.145.60.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 06:34:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:76:78:f7:1b:b9:71:1f:07:59:77:5b:e0:a7:14:ae:e0:f9:d1:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Nov 12 20:30:51 2024 GMT Not After : Nov 11 20:35:51 2025 GMT Subject: CN=43352CF2FE94548EEF080C0D6A6DA5C07EE627AB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:63:15:12:06:ee:9c:d0:57:72:5b:56:64:a7: 2b:7e:94:0f:8f:ec:97:e2:53:27:70:f7:04:f3:d1: c3:65:66:ea:0e:bf:4b:84:ba:3f:74:b9:7c:c8:0a: 54:30:cb:8c:81:67:fb:a1:8b:ba:66:57:99:28:f0: 9e:e1:64:10:6e:1f:c7:27:ec:ed:83:b3:c5:c3:d1: 5d:e9:86:8e:3c:dc:c3:99:03:30:06:31:1f:70:1c: 98:0c:23:08:12:4e:11:03:68:3a:f7:9a:94:18:85: d5:88:63:32:59:2f:90:83:d1:e0:f3:2e:09:b5:be: 3e:b4:a2:07:9a:2d:f8:32:7e:f7:2e:3b:81:57:15: 26:bc:18:f3:1f:49:a2:0c:9f:30:7e:30:93:18:26: 58:d4:6f:a3:cd:b4:75:61:49:d6:45:7d:fa:5d:03: cb:1c:ac:04:3b:14:d8:57:a2:16:45:1a:ca:62:d5: 58:be:59:5f:47:b8:80:c0:e6:24:b0:7d:35:13:60: 1e:09:81:16:f6:97:3c:98:18:3b:8c:46:97:9b:d5: f8:e6:52:ce:7a:0f:f1:57:30:e5:7f:25:a4:20:ea: 26:48:3d:09:aa:e8:b1:ce:92:74:e5:86:0f:b3:18: fa:60:fc:2e:30:bc:91:66:60:3e:11:bb:26:e8:7c: 3c:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 43:35:2C:F2:FE:94:54:8E:EF:08:0C:0D:6A:6D:A5:C0:7E:E6:27:AB X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/e7d9f745-faa4-48ce-83b1-0bde33c2447f/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/e7d9f745-faa4-48ce-83b1-0bde33c2447f/0/43352CF2FE94548EEF080C0D6A6DA5C07EE627AB.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.145.60.0/23 Signature Algorithm: sha256WithRSAEncryption 18:27:0c:9c:a0:47:0b:54:26:25:1e:f7:99:f4:cd:6a:ca:71: 24:1e:6b:bf:d1:9e:2e:51:d7:3f:c3:e5:cb:d4:eb:b3:e7:d8: 49:3f:79:1a:ef:0e:7e:08:8e:0e:42:d2:95:0f:4f:cf:84:6b: 5d:24:97:79:61:bb:1d:2d:bc:67:81:b8:3c:8e:be:63:81:e4: 72:29:92:eb:6a:1d:a2:0f:98:f9:86:6b:e0:d5:67:fa:20:da: 09:a6:02:e5:9f:fd:a6:ae:0b:84:6b:2f:96:85:3f:ef:23:d5: ad:dc:cc:79:5e:0c:f1:77:af:c6:8b:51:c1:c4:a9:bd:36:e3: b1:3f:2c:21:b2:8f:52:92:07:cf:26:0b:b4:16:82:ed:f6:de: 0a:71:47:da:b8:9e:89:12:34:cf:d7:ac:41:35:7a:20:cb:95: 1b:eb:fd:a6:b3:97:6b:bd:c5:1d:bd:7a:b9:62:3f:12:cd:e9: ac:91:24:b9:02:44:7a:6c:46:75:08:b0:1f:e4:0f:a8:d0:40: d8:88:b5:ba:9f:a9:e4:81:2d:b3:cd:cb:54:d1:89:2e:ba:a4: 86:39:f0:4c:54:af:d8:e7:83:95:a7:6b:00:a1:8f:65:eb:21: 0a:c3:6c:02:19:38:b5:b8:1f:1b:fe:4f:82:b7:ec:2c:0a:85: 8d:f9:5c:2e -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUNnZ49xu5cR8HWXdb4KcUruD50fwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTExMjIwMzA1MVoX DTI1MTExMTIwMzU1MVowMzExMC8GA1UEAxMoNDMzNTJDRjJGRTk0NTQ4RUVGMDgw QzBENkE2REE1QzA3RUU2MjdBQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMpjFRIG7pzQV3JbVmSnK36UD4/sl+JTJ3D3BPPRw2Vm6g6/S4S6P3S5fMgK VDDLjIFn+6GLumZXmSjwnuFkEG4fxyfs7YOzxcPRXemGjjzcw5kDMAYxH3AcmAwj CBJOEQNoOvealBiF1YhjMlkvkIPR4PMuCbW+PrSiB5ot+DJ+9y47gVcVJrwY8x9J ogyfMH4wkxgmWNRvo820dWFJ1kV9+l0DyxysBDsU2FeiFkUaymLVWL5ZX0e4gMDm JLB9NRNgHgmBFvaXPJgYO4xGl5vV+OZSznoP8Vcw5X8lpCDqJkg9Carosc6SdOWG D7MY+mD8LjC8kWZgPhG7Juh8PP0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEM1LPL+lFSO7wgMDWptpcB+5ierMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9lN2Q5Zjc0NS1mYWE0LTQ4Y2UtODNiMS0wYmRlMzNjMjQ0N2YvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U3ZDlmNzQ1 LWZhYTQtNDhjZS04M2IxLTBiZGUzM2MyNDQ3Zi8wLzQzMzUyQ0YyRkU5NDU0OEVF RjA4MEMwRDZBNkRBNUMwN0VFNjI3QUIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAHLkTwwDQYJKoZIhvcNAQELBQADggEBABgnDJygRwtUJiUe95n0zWrKcSQea7/R ni5R1z/D5cvU67Pn2Ek/eRrvDn4Ijg5C0pUPT8+Ea10kl3lhux0tvGeBuDyOvmOB 5HIpkutqHaIPmPmGa+DVZ/og2gmmAuWf/aauC4RrL5aFP+8j1a3czHleDPF3r8aL UcHEqb0247E/LCGyj1KSB88mC7QWgu323gpxR9q4nokSNM/XrEE1eiDLlRvr/aaz l2u9xR29erliPxLN6ayRJLkCRHpsRnUIsB/kD6jQQNiItbqfqeSBLbPNy1TRiS66 pIY58ExUr9jng5WnawChj2XrIQrDbAIZOLW4Hxv+T4K37CwKhY35XC4= -----END CERTIFICATE-----Generated at Sun Feb 16 20:54:17 2025 by rpki-client