$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/58A706EA7468DF0D14CA1817C7CC5DBD5A69C596.cer File: 58A706EA7468DF0D14CA1817C7CC5DBD5A69C596.cer (raw, json) Hash identifier: jamhXrdYrUIlcVoqeRn4mLpSXF9kd7TDewVQ6Nhl6i8= Subject key identifier: 58:A7:06:EA:74:68:DF:0D:14:CA:18:17:C7:CC:5D:BD:5A:69:C5:96 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 189571025D2B8A4865E26F6EC798A577DB138A9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/32bfab09-c1e9-44d8-819e-fdf6549c6b3f/0/58A706EA7468DF0D14CA1817C7CC5DBD5A69C596.mft caRepository: rsync://repo-rpki.idnic.net/repo/32bfab09-c1e9-44d8-819e-fdf6549c6b3f/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 10 Jun 2024 09:19:44 +0000 Certificate not after: Mon 09 Jun 2025 09:24:44 +0000 Subordinate resources: IP: 103.184.20.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:95:71:02:5d:2b:8a:48:65:e2:6f:6e:c7:98:a5:77:db:13:8a:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 10 09:19:44 2024 GMT Not After : Jun 9 09:24:44 2025 GMT Subject: CN=58A706EA7468DF0D14CA1817C7CC5DBD5A69C596 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:da:08:7c:08:e3:a7:f2:d2:83:49:d5:ca:0a: 5e:bf:36:40:95:a0:94:9c:58:a0:1e:64:00:a4:35: 39:01:37:48:53:c6:6a:cb:ca:9f:4e:c4:d2:13:ad: c4:fc:46:2b:ad:c5:06:64:a7:d6:a7:ab:8b:f3:7c: 7f:0c:b2:31:2c:75:7b:9f:fc:20:58:b6:89:65:13: 20:bd:ec:f3:c6:e5:50:f0:82:b5:82:db:08:de:c2: 34:1e:4b:b0:c9:04:08:55:41:6d:86:03:cf:a3:af: ef:c9:cd:76:68:0f:f4:7a:45:b4:70:07:14:36:a9: 20:76:cf:08:03:e3:17:ab:e6:bc:80:2e:ef:30:30: 48:30:16:9a:20:89:ed:ae:7c:41:60:65:a3:d7:0b: c1:73:31:b0:cf:25:cf:d8:13:14:36:ee:25:f0:ee: c5:96:d2:9f:dc:99:2c:74:c5:8e:65:d9:4e:a1:37: 3b:d9:a0:c0:db:f4:e0:19:f6:cf:07:cd:d3:f3:28: 78:b6:83:d4:0d:27:57:59:19:5e:87:46:87:21:21: b8:75:00:78:bd:b7:02:0f:cf:dd:25:21:a1:bb:de: ad:c6:1b:d6:0a:72:b2:74:ce:18:d4:eb:47:9d:06: 43:8e:47:8e:dc:a8:0c:80:e8:63:d9:8b:fc:91:08: 74:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 58:A7:06:EA:74:68:DF:0D:14:CA:18:17:C7:CC:5D:BD:5A:69:C5:96 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/32bfab09-c1e9-44d8-819e-fdf6549c6b3f/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/32bfab09-c1e9-44d8-819e-fdf6549c6b3f/0/58A706EA7468DF0D14CA1817C7CC5DBD5A69C596.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.184.20.0/23 Signature Algorithm: sha256WithRSAEncryption 76:6d:78:ef:27:b4:58:0f:35:7c:3d:45:c2:d4:6d:41:d0:40: 33:b2:9c:b6:66:1d:c8:6a:25:73:5d:42:3f:e5:68:63:e6:37: 0a:00:05:27:56:52:48:61:e1:62:48:a1:59:22:5e:f1:8d:dd: 20:c5:30:e8:b8:ae:a4:e5:c3:ba:63:4b:17:dc:b4:1a:da:0a: 30:d9:88:3d:58:9b:c9:1c:98:57:3e:02:58:42:9d:c9:ac:b7: 35:7e:c3:d5:b3:e7:a0:62:8c:69:8f:f4:02:87:49:41:37:bc: 4e:04:73:d5:b1:43:67:1c:23:92:47:d3:52:0f:d2:46:5d:ca: 0c:27:08:81:7c:d9:07:b8:87:f5:25:b9:97:5f:61:05:b1:64: ae:76:a7:01:12:47:a0:65:87:94:57:ae:1b:a3:e9:88:5b:61: 27:0d:26:d4:d9:38:a2:3b:4d:85:59:30:e3:63:9c:24:c8:d3: aa:6f:f1:a2:45:67:0a:29:e5:44:62:7f:3b:81:26:b0:10:62: 69:e4:95:a3:3b:22:c6:c1:69:4d:cc:f6:4d:8e:9f:f2:19:7a: e5:4e:44:af:10:01:d5:99:db:17:59:67:e0:2d:9e:13:dc:3e: 95:53:0b:7b:7e:96:56:05:6d:42:e6:bb:e6:b1:9e:dd:82:23: b9:be:9f:99 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUGJVxAl0rikhl4m9ux5ild9sTipowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDYxMDA5MTk0NFoX DTI1MDYwOTA5MjQ0NFowMzExMC8GA1UEAxMoNThBNzA2RUE3NDY4REYwRDE0Q0Ex ODE3QzdDQzVEQkQ1QTY5QzU5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL3aCHwI46fy0oNJ1coKXr82QJWglJxYoB5kAKQ1OQE3SFPGasvKn07E0hOt xPxGK63FBmSn1qeri/N8fwyyMSx1e5/8IFi2iWUTIL3s88blUPCCtYLbCN7CNB5L sMkECFVBbYYDz6Ov78nNdmgP9HpFtHAHFDapIHbPCAPjF6vmvIAu7zAwSDAWmiCJ 7a58QWBlo9cLwXMxsM8lz9gTFDbuJfDuxZbSn9yZLHTFjmXZTqE3O9mgwNv04Bn2 zwfN0/MoeLaD1A0nV1kZXodGhyEhuHUAeL23Ag/P3SUhobvercYb1gpysnTOGNTr R50GQ45HjtyoDIDoY9mL/JEIdOsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFFinBup0aN8NFMoYF8fMXb1aacWWMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zMmJmYWIwOS1jMWU5LTQ0ZDgtODE5ZS1mZGY2NTQ5YzZiM2YvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMyYmZhYjA5 LWMxZTktNDRkOC04MTllLWZkZjY1NDljNmIzZi8wLzU4QTcwNkVBNzQ2OERGMEQx NENBMTgxN0M3Q0M1REJENUE2OUM1OTYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnuBQwDQYJKoZIhvcNAQELBQADggEBAHZteO8ntFgPNXw9RcLUbUHQQDOynLZm HchqJXNdQj/laGPmNwoABSdWUkhh4WJIoVkiXvGN3SDFMOi4rqTlw7pjSxfctBra CjDZiD1Ym8kcmFc+AlhCncmstzV+w9Wz56BijGmP9AKHSUE3vE4Ec9WxQ2ccI5JH 01IP0kZdygwnCIF82Qe4h/UluZdfYQWxZK52pwESR6Blh5RXrhuj6YhbYScNJtTZ OKI7TYVZMONjnCTI06pv8aJFZwop5URifzuBJrAQYmnklaM7IsbBaU3M9k2On/IZ euVORK8QAdWZ2xdZZ+AtnhPcPpVTC3t+llYFbULmu+axnt2CI7m+n5k= -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:42 2024 by rpki-client on console-ams.rpki-client.org