$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/4E02702CF90D4075367826B5C5EA64C61B170BFA.cer File: 4E02702CF90D4075367826B5C5EA64C61B170BFA.cer (raw, json) Hash identifier: TtlwHlQ5VgXvNnU8mtINXME+Eil8BKs5WfEHT1b+cx0= Subject key identifier: 4E:02:70:2C:F9:0D:40:75:36:78:26:B5:C5:EA:64:C6:1B:17:0B:FA Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6D07717C45F7005770CF8B5352BB78A8D36C894F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/4794ffd2-4572-4553-9a33-21d60ef2f0be/0/4E02702CF90D4075367826B5C5EA64C61B170BFA.mft caRepository: rsync://repo-rpki.idnic.net/repo/4794ffd2-4572-4553-9a33-21d60ef2f0be/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 14 Feb 2024 22:37:36 +0000 Certificate not after: Wed 12 Feb 2025 22:42:36 +0000 Subordinate resources: IP: 103.41.200.0/22 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 00:20:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:07:71:7c:45:f7:00:57:70:cf:8b:53:52:bb:78:a8:d3:6c:89:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Feb 14 22:37:36 2024 GMT Not After : Feb 12 22:42:36 2025 GMT Subject: CN=4E02702CF90D4075367826B5C5EA64C61B170BFA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:5f:90:ec:ac:2b:51:ce:3b:e0:2d:37:f1:78: 7c:26:71:cc:be:ca:12:e7:78:e1:23:07:e5:37:03: 80:25:0d:e6:07:b5:95:48:54:be:9c:48:4e:43:ab: 67:ca:47:44:fa:ba:a1:68:84:3b:6f:da:99:68:88: 6a:ab:11:56:b0:e7:24:7b:d3:18:57:c8:73:41:29: 4d:0e:6c:29:66:a7:3f:17:c9:3b:7e:29:44:c9:e9: 04:c5:1b:e0:8d:e9:39:1d:5c:53:cd:a1:bf:16:3f: a5:ff:60:b3:00:37:1d:84:6a:d7:ae:89:65:0a:0d: a6:fc:1f:9b:f4:e5:72:6d:df:71:8e:d3:4a:28:67: 08:4e:60:b0:f2:43:fa:82:5b:3d:d7:bb:db:18:32: 2e:12:43:01:d8:6b:16:5d:52:50:bd:1f:9c:3e:f1: f5:74:29:c4:38:dd:4a:e2:8d:68:62:45:25:41:ac: 31:3a:93:6e:70:dd:61:1b:8a:fb:9e:f0:53:c2:a2: 33:36:a8:d7:47:26:47:e7:1e:74:6c:fa:ef:ad:53: 3c:4c:4d:f3:da:97:ae:07:bc:29:e1:72:d3:b9:c6: 45:13:86:d0:66:92:9f:9f:bc:b5:08:01:a5:e1:2f: 9b:97:ad:6d:20:8a:40:cc:86:f6:a3:d8:f7:a5:65: 3c:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 4E:02:70:2C:F9:0D:40:75:36:78:26:B5:C5:EA:64:C6:1B:17:0B:FA X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/4794ffd2-4572-4553-9a33-21d60ef2f0be/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/4794ffd2-4572-4553-9a33-21d60ef2f0be/0/4E02702CF90D4075367826B5C5EA64C61B170BFA.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.41.200.0/22 Signature Algorithm: sha256WithRSAEncryption 0b:45:88:31:9c:42:f5:58:3e:c3:36:f5:df:d4:fa:47:a4:e4: 7b:46:7a:4a:de:70:7e:92:8b:b9:a0:67:7b:02:c4:3d:4a:e9: 8a:65:bf:17:f9:82:f4:e3:6f:25:09:71:26:43:a2:a8:71:90: f5:89:15:fd:d5:14:fe:84:d8:ed:c7:d1:d1:dc:80:c6:9c:b3: 82:28:bd:a7:f8:5e:84:a3:66:fc:c2:bf:7f:8b:34:d0:90:14: 71:12:33:b9:ed:2a:36:bd:34:b2:71:37:69:9c:bf:a9:7b:79: 73:57:83:af:51:fd:9a:05:7e:c9:68:92:ed:7b:25:22:a5:50: 52:e4:88:59:57:84:4b:95:b1:40:48:46:10:60:01:29:14:31: 4c:ba:ae:73:0f:8b:47:ad:2a:1c:28:11:17:72:4d:f5:0b:8f: c0:74:dc:ca:b5:77:de:64:5f:23:6d:67:d5:a6:46:ba:55:fb: 51:6f:1f:94:87:89:a3:6f:3f:73:28:61:35:c1:a8:33:e7:37: a7:eb:cb:c3:66:27:5b:e3:b1:ff:4c:12:fc:a5:8c:18:79:ff: 04:6c:4d:a7:6c:ea:4b:36:ad:75:c8:fb:e8:e9:3d:d2:68:a7: f7:ee:47:de:86:f3:29:d0:20:e2:f8:90:38:1f:8c:83:e9:ad: 90:1b:21:86 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUbQdxfEX3AFdwz4tTUrt4qNNsiU8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDIxNDIyMzczNloX DTI1MDIxMjIyNDIzNlowMzExMC8GA1UEAxMoNEUwMjcwMkNGOTBENDA3NTM2Nzgy NkI1QzVFQTY0QzYxQjE3MEJGQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL9fkOysK1HOO+AtN/F4fCZxzL7KEud44SMH5TcDgCUN5ge1lUhUvpxITkOr Z8pHRPq6oWiEO2/amWiIaqsRVrDnJHvTGFfIc0EpTQ5sKWanPxfJO34pRMnpBMUb 4I3pOR1cU82hvxY/pf9gswA3HYRq166JZQoNpvwfm/Tlcm3fcY7TSihnCE5gsPJD +oJbPde72xgyLhJDAdhrFl1SUL0fnD7x9XQpxDjdSuKNaGJFJUGsMTqTbnDdYRuK +57wU8KiMzao10cmR+cedGz6761TPExN89qXrge8KeFy07nGRROG0GaSn5+8tQgB peEvm5etbSCKQMyG9qPY96VlPB8CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFE4CcCz5DUB1NngmtcXqZMYbFwv6MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by80Nzk0ZmZkMi00NTcyLTQ1NTMtOWEzMy0yMWQ2MGVmMmYwYmUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ3OTRmZmQy LTQ1NzItNDU1My05YTMzLTIxZDYwZWYyZjBiZS8wLzRFMDI3MDJDRjkwRDQwNzUz Njc4MjZCNUM1RUE2NEM2MUIxNzBCRkEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJnKcgwDQYJKoZIhvcNAQELBQADggEBAAtFiDGcQvVYPsM29d/U+kek5HtGekre cH6Si7mgZ3sCxD1K6Yplvxf5gvTjbyUJcSZDoqhxkPWJFf3VFP6E2O3H0dHcgMac s4Iovaf4XoSjZvzCv3+LNNCQFHESM7ntKja9NLJxN2mcv6l7eXNXg69R/ZoFfslo ku17JSKlUFLkiFlXhEuVsUBIRhBgASkUMUy6rnMPi0etKhwoERdyTfULj8B03Mq1 d95kXyNtZ9WmRrpV+1FvH5SHiaNvP3MoYTXBqDPnN6fry8NmJ1vjsf9MEvyljBh5 /wRsTads6ks2rXXI++jpPdJop/fuR96G8ynQIOL4kDgfjIPprZAbIYY= -----END CERTIFICATE-----Generated at Thu May 9 00:36:59 2024 by rpki-client on console-fra.rpki-client.org