$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/45422D0C59556C680872F58CC42068EF3ED1BA2E.cer File: 45422D0C59556C680872F58CC42068EF3ED1BA2E.cer (raw, json) Hash identifier: D79dtju1c7Kb+hS9gZ5OMPDArU4y5T0rU1PDYU6ddb4= Subject key identifier: 45:42:2D:0C:59:55:6C:68:08:72:F5:8C:C4:20:68:EF:3E:D1:BA:2E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 39F48D142928381A51BF9ED784345636D8F3B305 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/78d774f4-2300-4e69-a6ca-7cf48002e2fb/0/45422D0C59556C680872F58CC42068EF3ED1BA2E.mft caRepository: rsync://repo-rpki.idnic.net/repo/78d774f4-2300-4e69-a6ca-7cf48002e2fb/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 01 Jan 2025 06:32:14 +0000 Certificate not after: Wed 31 Dec 2025 06:37:14 +0000 Subordinate resources: IP: 103.172.120.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:f4:8d:14:29:28:38:1a:51:bf:9e:d7:84:34:56:36:d8:f3:b3:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Jan 1 06:32:14 2025 GMT Not After : Dec 31 06:37:14 2025 GMT Subject: CN=45422D0C59556C680872F58CC42068EF3ED1BA2E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:4f:88:e9:95:ae:c3:76:52:9e:34:09:54:d1: 41:78:da:72:8f:c1:5e:0a:72:06:1f:ce:d9:92:eb: 55:cf:4e:bf:e1:fa:7b:b1:cb:1d:76:0e:25:cb:70: a0:0c:4f:e3:1f:2b:6d:c6:e8:ea:a7:52:f6:a2:fe: c7:da:e1:25:66:aa:a1:fd:21:64:d4:b1:6b:28:e8: 65:68:9f:65:a9:42:e4:3b:b5:df:e6:9e:50:b0:87: d0:bd:f8:4c:b8:82:32:5d:43:85:4e:4c:bc:43:22: 69:55:d2:fc:98:14:0e:fd:68:86:fc:81:bd:04:a7: 34:d5:b6:50:78:d8:0e:d0:68:f2:9a:80:00:62:f9: d8:30:fa:36:9c:8a:09:dd:41:d3:d1:28:1b:a5:57: 4e:9b:6d:89:67:73:5b:f4:9e:20:95:b6:6d:df:fb: fa:0f:be:41:29:6a:94:21:38:75:da:3c:23:a6:4f: 13:2e:66:c8:e0:04:aa:9d:1e:05:14:29:e0:a1:c3: e8:f1:b4:6e:e2:25:35:f0:ee:c4:06:f8:8c:ae:71: 60:5f:1a:f7:84:c5:83:00:0f:5b:73:ea:ce:50:f4: 34:15:16:5f:d8:ae:98:55:a3:d3:14:a6:26:33:39: 7b:09:72:3e:f1:2f:0a:f0:1b:fa:b4:7b:cf:10:d5: dc:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 45:42:2D:0C:59:55:6C:68:08:72:F5:8C:C4:20:68:EF:3E:D1:BA:2E X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/78d774f4-2300-4e69-a6ca-7cf48002e2fb/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/78d774f4-2300-4e69-a6ca-7cf48002e2fb/0/45422D0C59556C680872F58CC42068EF3ED1BA2E.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.172.120.0/23 Signature Algorithm: sha256WithRSAEncryption 23:c5:59:00:58:b2:ec:7c:e9:35:a7:cc:b6:9a:a4:f5:46:1d: 24:64:1f:ed:77:a6:41:bb:82:bb:42:be:81:8b:00:35:59:9b: df:35:a9:97:ee:b6:9c:19:47:10:bb:c3:04:6e:22:0b:d7:68: 7c:a2:ed:b6:60:34:e3:ab:76:30:b1:8f:4f:d3:73:1b:ae:b4: ca:3f:24:6b:49:64:bf:c6:57:74:4c:3e:55:b7:09:29:a6:1d: 58:02:11:49:8e:4d:1d:77:c2:f3:e9:95:37:ab:44:88:84:d2: 41:46:3d:83:ed:dc:7f:26:27:6b:75:1c:b6:33:e4:c9:3e:06: c4:61:8b:d6:08:ba:71:8d:9f:5a:b0:d8:f8:c3:8f:65:65:81: 88:79:47:e6:54:f3:60:25:c4:32:b3:cb:4f:07:95:10:92:53: 14:a6:4a:16:c6:01:19:7c:03:d4:af:c3:9e:4c:19:b3:6c:07: f5:6d:ff:ed:b3:99:6b:7b:2f:9a:ac:ce:a0:e1:04:82:fe:3a: 97:ce:18:78:f7:78:f8:ca:2d:4b:37:e7:e9:1f:e6:5b:13:5f: ef:24:52:ea:f6:6f:d6:c4:1a:0f:7d:18:7c:de:3b:17:a3:3f: 59:6b:22:5e:4c:e1:ba:eb:70:22:4a:3a:d5:cc:9d:88:d9:2d: 16:5a:90:09 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUOfSNFCkoOBpRv57XhDRWNtjzswUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDEwMTA2MzIxNFoX DTI1MTIzMTA2MzcxNFowMzExMC8GA1UEAxMoNDU0MjJEMEM1OTU1NkM2ODA4NzJG NThDQzQyMDY4RUYzRUQxQkEyRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKRPiOmVrsN2Up40CVTRQXjaco/BXgpyBh/O2ZLrVc9Ov+H6e7HLHXYOJctw oAxP4x8rbcbo6qdS9qL+x9rhJWaqof0hZNSxayjoZWifZalC5Du13+aeULCH0L34 TLiCMl1DhU5MvEMiaVXS/JgUDv1ohvyBvQSnNNW2UHjYDtBo8pqAAGL52DD6NpyK Cd1B09EoG6VXTpttiWdzW/SeIJW2bd/7+g++QSlqlCE4ddo8I6ZPEy5myOAEqp0e BRQp4KHD6PG0buIlNfDuxAb4jK5xYF8a94TFgwAPW3PqzlD0NBUWX9iumFWj0xSm JjM5ewlyPvEvCvAb+rR7zxDV3I0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFEVCLQxZVWxoCHL1jMQgaO8+0bouMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by83OGQ3NzRmNC0yMzAwLTRlNjktYTZjYS03Y2Y0ODAwMmUyZmIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzc4ZDc3NGY0 LTIzMDAtNGU2OS1hNmNhLTdjZjQ4MDAyZTJmYi8wLzQ1NDIyRDBDNTk1NTZDNjgw ODcyRjU4Q0M0MjA2OEVGM0VEMUJBMkUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnrHgwDQYJKoZIhvcNAQELBQADggEBACPFWQBYsux86TWnzLaapPVGHSRkH+13 pkG7grtCvoGLADVZm981qZfutpwZRxC7wwRuIgvXaHyi7bZgNOOrdjCxj0/Tcxuu tMo/JGtJZL/GV3RMPlW3CSmmHVgCEUmOTR13wvPplTerRIiE0kFGPYPt3H8mJ2t1 HLYz5Mk+BsRhi9YIunGNn1qw2PjDj2VlgYh5R+ZU82AlxDKzy08HlRCSUxSmShbG ARl8A9Svw55MGbNsB/Vt/+2zmWt7L5qszqDhBIL+OpfOGHj3ePjKLUs35+kf5lsT X+8kUur2b9bEGg99GHzeOxejP1lrIl5M4brrcCJKOtXMnYjZLRZakAk= -----END CERTIFICATE-----Generated at Sat Apr 5 10:30:30 2025 by rpki-client