$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/4F40845626DE4E373F550B654EA4E833B6EB4D27.cer File: 4F40845626DE4E373F550B654EA4E833B6EB4D27.cer (raw, json) Hash identifier: uswHyavBDT8VFw8uaDhZQb3KcGGQU2qo1mfY5L96en4= Subject key identifier: 4F:40:84:56:26:DE:4E:37:3F:55:0B:65:4E:A4:E8:33:B6:EB:4D:27 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5A69F5053ED4AB9DF7B38C5DB87626C7B7BB287B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/3a46360d-662b-4f7d-bb17-d86082152471/0/4F40845626DE4E373F550B654EA4E833B6EB4D27.mft caRepository: rsync://repo-rpki.idnic.net/repo/3a46360d-662b-4f7d-bb17-d86082152471/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 29 Mar 2024 11:19:36 +0000 Certificate not after: Fri 28 Mar 2025 11:24:36 +0000 Subordinate resources: IP: 103.168.146.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 00:20:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:69:f5:05:3e:d4:ab:9d:f7:b3:8c:5d:b8:76:26:c7:b7:bb:28:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 29 11:19:36 2024 GMT Not After : Mar 28 11:24:36 2025 GMT Subject: CN=4F40845626DE4E373F550B654EA4E833B6EB4D27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:1d:7a:62:7e:a4:a4:56:78:5c:62:8f:09:b2: cd:7e:42:85:0f:b9:d5:02:04:71:aa:b0:71:e4:50: c0:bb:de:39:88:32:1c:68:e0:a1:1c:30:02:a3:2e: 41:02:a7:1f:68:8a:5d:c4:6d:73:5d:30:31:b2:f6: e1:63:ad:fd:25:73:68:a8:f1:92:0d:fb:2d:f6:b8: 28:bb:17:4e:fd:98:bf:2f:ea:64:6a:6a:6a:db:48: 87:ce:6e:98:7c:ef:48:61:32:5e:82:ba:c4:36:3f: a0:88:94:77:58:d5:18:1f:fc:f4:39:95:a6:38:64: 70:01:0c:cf:ac:93:d7:73:ca:b9:f8:bd:f8:35:d9: 71:46:6d:3d:49:df:a7:b2:af:4f:22:b8:7b:90:93: 92:c1:0a:07:e0:37:4d:af:97:eb:58:ba:ca:fd:5c: 1c:ca:9b:99:b4:85:2e:3a:f2:59:24:47:e0:a6:a3: 17:60:0a:ea:e9:4a:8d:b1:d1:d0:be:6a:03:ab:ac: 5c:bb:90:31:f8:a5:cd:c5:32:23:19:24:7d:82:52: 6a:af:d6:58:f6:92:fd:bd:14:9e:97:85:0c:5f:a7: 41:5a:ed:f8:4d:2d:9a:50:60:c3:c8:ef:15:7e:8f: 61:11:b1:e6:fd:0a:e3:f9:b5:34:44:84:a8:e1:fb: c1:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 4F:40:84:56:26:DE:4E:37:3F:55:0B:65:4E:A4:E8:33:B6:EB:4D:27 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/3a46360d-662b-4f7d-bb17-d86082152471/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/3a46360d-662b-4f7d-bb17-d86082152471/0/4F40845626DE4E373F550B654EA4E833B6EB4D27.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.168.146.0/23 Signature Algorithm: sha256WithRSAEncryption 88:8b:99:de:da:6a:93:74:97:83:39:a1:71:72:3b:27:d7:29: 90:45:a7:4b:ee:26:d6:26:7e:6c:68:e8:5c:f9:52:41:60:f4: ed:7b:76:24:a8:26:36:40:f4:1b:f8:fe:c8:fb:4a:b6:84:df: 3b:7a:16:33:57:e5:55:3b:65:f3:3e:a0:49:5e:20:6f:f6:b5: d8:01:cc:cb:c8:8a:c0:fd:7c:ea:e4:db:6f:aa:19:57:8c:74: 87:53:14:b2:d0:51:76:0e:db:ce:70:b6:10:31:87:6d:ba:f0: ff:94:27:fc:a6:5c:bb:44:e5:95:7e:29:89:75:0e:3f:52:0d: 8a:3c:5e:b3:2f:7c:24:9b:45:ee:64:bd:b8:37:c9:4a:48:43: 6f:41:8d:30:34:80:b9:1d:ac:e3:a8:a3:ac:b2:6b:09:30:b7: ff:16:1b:a0:75:cf:e1:7b:31:7f:2b:81:c3:9b:c0:27:4c:81: b5:ac:cf:21:c9:5f:55:18:0c:5d:2c:da:ad:9f:7f:b0:e2:6d: 9e:33:ea:cc:62:ba:b7:36:4e:fa:68:cc:70:70:01:1e:46:3b: b0:6b:52:6f:7c:a2:17:c9:75:d0:02:7a:0b:7e:48:cf:0a:02: 6a:05:9e:ac:1f:9d:90:f7:b3:af:a5:5f:e2:4e:0d:60:ae:bd: 7d:70:f0:88 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUWmn1BT7Uq533s4xduHYmx7e7KHswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDMyOTExMTkzNloX DTI1MDMyODExMjQzNlowMzExMC8GA1UEAxMoNEY0MDg0NTYyNkRFNEUzNzNGNTUw QjY1NEVBNEU4MzNCNkVCNEQyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL0demJ+pKRWeFxijwmyzX5ChQ+51QIEcaqwceRQwLveOYgyHGjgoRwwAqMu QQKnH2iKXcRtc10wMbL24WOt/SVzaKjxkg37Lfa4KLsXTv2Yvy/qZGpqattIh85u mHzvSGEyXoK6xDY/oIiUd1jVGB/89DmVpjhkcAEMz6yT13PKufi9+DXZcUZtPUnf p7KvTyK4e5CTksEKB+A3Ta+X61i6yv1cHMqbmbSFLjryWSRH4KajF2AK6ulKjbHR 0L5qA6usXLuQMfilzcUyIxkkfYJSaq/WWPaS/b0UnpeFDF+nQVrt+E0tmlBgw8jv FX6PYRGx5v0K4/m1NESEqOH7wVECAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFE9AhFYm3k43P1ULZU6k6DO2600nMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zYTQ2MzYwZC02NjJiLTRmN2QtYmIxNy1kODYwODIxNTI0NzEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNhNDYzNjBk LTY2MmItNGY3ZC1iYjE3LWQ4NjA4MjE1MjQ3MS8wLzRGNDA4NDU2MjZERTRFMzcz RjU1MEI2NTRFQTRFODMzQjZFQjREMjcubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnqJIwDQYJKoZIhvcNAQELBQADggEBAIiLmd7aapN0l4M5oXFyOyfXKZBFp0vu JtYmfmxo6Fz5UkFg9O17diSoJjZA9Bv4/sj7SraE3zt6FjNX5VU7ZfM+oEleIG/2 tdgBzMvIisD9fOrk22+qGVeMdIdTFLLQUXYO285wthAxh2268P+UJ/ymXLtE5ZV+ KYl1Dj9SDYo8XrMvfCSbRe5kvbg3yUpIQ29BjTA0gLkdrOOoo6yyawkwt/8WG6B1 z+F7MX8rgcObwCdMgbWszyHJX1UYDF0s2q2ff7DibZ4z6sxiurc2TvpozHBwAR5G O7BrUm98ohfJddACegt+SM8KAmoFnqwfnZD3s6+lX+JODWCuvX1w8Ig= -----END CERTIFICATE-----Generated at Thu May 9 00:37:00 2024 by rpki-client on console-fra.rpki-client.org