$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer File: 645C9D445B2796662EE98A03E50C124F3E962CAB.cer (raw, json) Hash identifier: ubGvOUd3wh2Q01R6ELcaBoINBbeUMR5QoVJ2/fS4QVY= Subject key identifier: 64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 451F452027572FAB7A6A53FE5A96EEE9B9A6791A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft caRepository: rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 02 Apr 2024 15:49:14 +0000 Certificate not after: Tue 01 Apr 2025 15:54:14 +0000 Subordinate resources: IP: 103.100.172.0/22 IP: 2401:be40::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 03:34:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:1f:45:20:27:57:2f:ab:7a:6a:53:fe:5a:96:ee:e9:b9:a6:79:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Apr 2 15:49:14 2024 GMT Not After : Apr 1 15:54:14 2025 GMT Subject: CN=645C9D445B2796662EE98A03E50C124F3E962CAB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:a2:07:06:50:9f:a6:10:d3:95:a1:08:1f:c6: fc:91:9a:ea:e0:d5:a0:05:c1:22:26:d2:0b:7a:37: 8f:4f:86:9f:8d:92:79:ce:8e:d9:6c:c6:8d:1f:df: c5:57:83:88:e0:f3:7e:7c:78:63:7f:14:e6:63:63: 2f:3e:c0:38:a1:57:bd:0c:f0:2e:8b:09:66:dc:82: c0:76:c0:68:66:8e:63:84:34:74:84:0d:4d:7c:96: 86:73:38:b7:2e:ad:59:3f:74:79:6a:10:26:71:5e: 6d:36:fb:39:d1:38:19:ef:ba:1a:a4:d7:84:a2:a2: 84:60:db:c2:d4:b1:2f:84:c1:48:d5:bd:ea:9d:28: 7d:57:a9:0c:00:59:07:82:01:bf:ba:a9:aa:be:1d: 07:a2:61:5f:68:56:48:a9:8b:22:bb:e1:08:17:a4: d3:54:12:ee:db:04:00:a4:7f:df:85:2e:6f:de:69: 7a:74:e8:40:ca:d3:e1:81:5f:28:44:63:be:be:76: 33:cb:8f:54:59:f9:43:75:f2:f7:a3:f9:41:f7:80: a5:0f:47:e7:9c:f8:1a:55:cd:ca:9a:9b:8c:d1:de: 6e:0f:0e:10:57:09:d2:fb:7f:5a:6c:cf:49:fd:63: 4c:3a:e1:28:86:b0:51:d5:b8:e6:59:2a:6c:96:9e: 98:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.100.172.0/22 IPv6: 2401:be40::/32 Signature Algorithm: sha256WithRSAEncryption 42:f4:fc:39:6b:9d:50:22:9e:37:6f:6e:76:be:52:0d:33:73: 7f:3a:51:40:c5:81:06:62:85:bb:eb:31:4b:66:70:f7:5e:ee: b3:50:27:0c:97:9b:a1:a4:5a:9d:03:de:9b:7e:9a:dd:a3:71: af:dc:a6:ce:f2:24:5b:f1:5f:09:20:92:97:46:77:98:9b:b0: ef:f6:ed:dd:38:84:c9:1c:73:57:fc:3c:03:45:ea:98:53:30: c3:49:0e:13:e3:c2:c1:d1:1c:41:3a:b7:a7:3c:41:7f:09:db: 8c:49:29:12:de:8e:3f:14:6f:36:2d:d8:5d:4b:17:49:6c:87: ba:40:00:a2:1d:06:18:4d:03:e0:1c:94:50:a7:ca:9e:b2:06: 05:4a:7b:5f:a9:1d:86:21:ce:b4:0a:a7:bc:17:ab:9a:18:e1: 73:43:ba:de:6c:c5:92:8b:88:e7:d3:a0:78:13:dd:01:69:01: 43:3c:01:04:02:3b:14:57:61:d3:e5:63:4c:70:95:fe:cb:f0: 62:d7:8d:43:56:c1:c6:0f:af:aa:51:f7:4b:4c:d7:b0:38:11: 5e:7d:ec:c4:ce:e0:c2:ea:19:09:77:ff:26:6e:1f:b7:06:e6: 6e:be:a9:81:ef:95:02:6d:2c:63:84:77:bc:d5:1f:e9:67:94: fc:18:1c:83 -----BEGIN CERTIFICATE----- MIIF1DCCBLygAwIBAgIURR9FICdXL6t6alP+Wpbu6bmmeRowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDQwMjE1NDkxNFoX DTI1MDQwMTE1NTQxNFowMzExMC8GA1UEAxMoNjQ1QzlENDQ1QjI3OTY2NjJFRTk4 QTAzRTUwQzEyNEYzRTk2MkNBQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKqiBwZQn6YQ05WhCB/G/JGa6uDVoAXBIibSC3o3j0+Gn42Sec6O2WzGjR/f xVeDiODzfnx4Y38U5mNjLz7AOKFXvQzwLosJZtyCwHbAaGaOY4Q0dIQNTXyWhnM4 ty6tWT90eWoQJnFebTb7OdE4Ge+6GqTXhKKihGDbwtSxL4TBSNW96p0ofVepDABZ B4IBv7qpqr4dB6JhX2hWSKmLIrvhCBek01QS7tsEAKR/34Uub95penToQMrT4YFf KERjvr52M8uPVFn5Q3Xy96P5QfeApQ9H55z4GlXNypqbjNHebg8OEFcJ0vt/WmzP Sf1jTDrhKIawUdW45lkqbJaemCUCAwEAAaOCAscwggLDMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFGRcnURbJ5ZmLumKA+UMEk8+liyrMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8wNzMwNGI4My0zMGFhLTRiYmYtOWZkNy0yZmNlYWRiZjAwMzAvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA3MzA0Yjgz LTMwYWEtNGJiZi05ZmQ3LTJmY2VhZGJmMDAzMC8wLzY0NUM5RDQ0NUIyNzk2NjYy RUU5OEEwM0U1MEMxMjRGM0U5NjJDQUIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYD BAJnZKwwDQQCAAIwBwMFACQBvkAwDQYJKoZIhvcNAQELBQADggEBAEL0/DlrnVAi njdvbna+Ug0zc386UUDFgQZihbvrMUtmcPde7rNQJwyXm6GkWp0D3pt+mt2jca/c ps7yJFvxXwkgkpdGd5ibsO/27d04hMkcc1f8PANF6phTMMNJDhPjwsHRHEE6t6c8 QX8J24xJKRLejj8UbzYt2F1LF0lsh7pAAKIdBhhNA+AclFCnyp6yBgVKe1+pHYYh zrQKp7wXq5oY4XNDut5sxZKLiOfToHgT3QFpAUM8AQQCOxRXYdPlY0xwlf7L8GLX jUNWwcYPr6pR90tM17A4EV597MTO4MLqGQl3/yZuH7cG5m6+qYHvlQJtLGOEd7zV H+lnlPwYHIM= -----END CERTIFICATE-----Generated at Wed May 8 21:02:15 2024 by rpki-client on console-fra.rpki-client.org