$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/43E94F4D6572FA61C908F2C122712EB0A696EF96.cer File: 43E94F4D6572FA61C908F2C122712EB0A696EF96.cer (raw, json) Hash identifier: 23lD+lKItIKCq5CZ/phfx7qkV/2ddZFXdZ8U1TekPN4= Subject key identifier: 43:E9:4F:4D:65:72:FA:61:C9:08:F2:C1:22:71:2E:B0:A6:96:EF:96 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 70D89A525FB3DE431BF1D2FBAB0CBE7478FE12D3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/448407e3-2cb1-4c6e-8aeb-5e0d355e8c96/0/43E94F4D6572FA61C908F2C122712EB0A696EF96.mft caRepository: rsync://repo-rpki.idnic.net/repo/448407e3-2cb1-4c6e-8aeb-5e0d355e8c96/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 23 Nov 2023 04:39:50 +0000 Certificate not after: Thu 21 Nov 2024 04:44:50 +0000 Subordinate resources: IP: 45.126.40.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 17:47:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:d8:9a:52:5f:b3:de:43:1b:f1:d2:fb:ab:0c:be:74:78:fe:12:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 23 04:39:50 2023 GMT Not After : Nov 21 04:44:50 2024 GMT Subject: CN=43E94F4D6572FA61C908F2C122712EB0A696EF96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:66:4a:99:00:f1:26:c9:ee:1f:b5:3f:8a:f5: 66:a7:59:5f:41:eb:c4:a7:e2:eb:24:12:b3:86:40: cb:d7:e1:22:69:f2:6e:90:aa:01:da:5a:8d:92:fd: 1a:b4:ce:ae:24:71:dc:93:61:6b:d6:80:08:c8:1a: 9c:70:87:73:28:1a:28:1e:d0:0a:57:5a:26:5a:f3: 38:73:53:64:d8:7a:bf:fe:ea:d2:d4:05:7d:d0:76: 68:7d:5b:f9:b2:35:6d:c8:94:81:75:20:e6:c1:bf: 51:95:1a:db:00:e2:3e:39:d8:04:71:a8:7b:0a:ac: 6e:ed:42:b4:60:db:8e:96:c5:3b:20:ab:fb:ab:07: c6:13:81:82:ed:48:ce:6e:65:95:44:e0:7d:fe:2e: 25:90:1f:df:0b:2c:ee:e4:de:b4:0e:8b:55:a6:56: 0f:c3:8f:e1:11:8a:50:0e:64:27:08:49:79:b4:49: 30:27:32:16:1e:a4:fc:c1:0c:47:46:05:b5:58:10: 22:7a:0e:3a:b6:d6:7c:86:21:c2:9d:b3:9f:6b:ee: 12:d8:65:2e:31:b1:0a:72:b0:6c:02:83:6d:6d:14: 07:95:00:9a:51:5f:d5:91:b0:b6:97:81:65:6a:0d: 3b:e7:87:fe:9c:2c:58:0c:39:25:d2:24:fc:d0:bf: 61:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 43:E9:4F:4D:65:72:FA:61:C9:08:F2:C1:22:71:2E:B0:A6:96:EF:96 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/448407e3-2cb1-4c6e-8aeb-5e0d355e8c96/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/448407e3-2cb1-4c6e-8aeb-5e0d355e8c96/0/43E94F4D6572FA61C908F2C122712EB0A696EF96.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.126.40.0/23 Signature Algorithm: sha256WithRSAEncryption 62:c7:f0:f0:6f:13:4b:a8:ca:cd:06:e0:e9:ef:d7:d6:14:73: 05:a9:6e:f9:63:7c:07:6a:cb:82:77:00:84:5d:42:b0:f7:f0: 63:b0:a7:c2:4d:b4:c9:f7:b3:e1:54:22:77:e8:2a:41:d1:b2: 85:cf:1f:a7:df:72:ea:73:a3:3e:a5:34:ab:f4:54:4a:c5:c9: 9e:19:b9:fd:c9:88:c2:81:eb:fa:aa:8f:73:81:d4:93:2f:23: f8:df:a1:fc:38:36:43:fb:de:27:4b:a1:2e:01:e8:0a:d3:33: 1c:fd:7d:7a:93:2e:9c:8f:c9:45:b7:94:c6:47:14:f7:56:32: 38:91:d8:3c:13:04:c0:a7:3b:94:bc:c7:ce:af:22:8e:14:fd: 84:6d:24:f2:13:3c:fa:5c:4a:34:e6:b2:82:ae:ec:37:32:f6: 0b:7d:2d:98:f3:3c:a1:47:37:ed:bb:c7:dd:e6:10:2f:cf:45: 4c:d1:51:94:92:91:64:ca:fa:d1:46:1e:51:26:a3:e4:b9:a5: b3:b7:f1:ac:06:8a:83:e5:81:c4:91:fd:2b:3f:f8:ff:dc:60: 87:b1:37:3f:de:a3:29:36:cb:55:67:f8:b0:d1:95:ab:dd:45: 53:7c:56:49:aa:99:e4:37:0d:3e:19:81:e6:a2:d3:3f:87:9d: 80:e6:94:95 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUcNiaUl+z3kMb8dL7qwy+dHj+EtMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTEyMzA0Mzk1MFoX DTI0MTEyMTA0NDQ1MFowMzExMC8GA1UEAxMoNDNFOTRGNEQ2NTcyRkE2MUM5MDhG MkMxMjI3MTJFQjBBNjk2RUY5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANBmSpkA8SbJ7h+1P4r1ZqdZX0HrxKfi6yQSs4ZAy9fhImnybpCqAdpajZL9 GrTOriRx3JNha9aACMganHCHcygaKB7QCldaJlrzOHNTZNh6v/7q0tQFfdB2aH1b +bI1bciUgXUg5sG/UZUa2wDiPjnYBHGoewqsbu1CtGDbjpbFOyCr+6sHxhOBgu1I zm5llUTgff4uJZAf3wss7uTetA6LVaZWD8OP4RGKUA5kJwhJebRJMCcyFh6k/MEM R0YFtVgQInoOOrbWfIYhwp2zn2vuEthlLjGxCnKwbAKDbW0UB5UAmlFf1ZGwtpeB ZWoNO+eH/pwsWAw5JdIk/NC/YRMCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEPpT01lcvphyQjywSJxLrCmlu+WMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by80NDg0MDdlMy0yY2IxLTRjNmUtOGFlYi01ZTBkMzU1ZThjOTYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ0ODQwN2Uz LTJjYjEtNGM2ZS04YWViLTVlMGQzNTVlOGM5Ni8wLzQzRTk0RjRENjU3MkZBNjFD OTA4RjJDMTIyNzEyRUIwQTY5NkVGOTYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAEtfigwDQYJKoZIhvcNAQELBQADggEBAGLH8PBvE0uoys0G4Onv19YUcwWpbvlj fAdqy4J3AIRdQrD38GOwp8JNtMn3s+FUInfoKkHRsoXPH6ffcupzoz6lNKv0VErF yZ4Zuf3JiMKB6/qqj3OB1JMvI/jfofw4NkP73idLoS4B6ArTMxz9fXqTLpyPyUW3 lMZHFPdWMjiR2DwTBMCnO5S8x86vIo4U/YRtJPITPPpcSjTmsoKu7Dcy9gt9LZjz PKFHN+27x93mEC/PRUzRUZSSkWTK+tFGHlEmo+S5pbO38awGioPlgcSR/Ss/+P/c YIexNz/eoyk2y1Vn+LDRlavdRVN8VkmqmeQ3DT4Zgeai0z+HnYDmlJU= -----END CERTIFICATE-----Generated at Wed May 8 14:59:51 2024 by rpki-client on console-ams.rpki-client.org