$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/6D958AAEBD8946E47C968284B2652E02A2017E9E.cer File: 6D958AAEBD8946E47C968284B2652E02A2017E9E.cer (raw, json) Hash identifier: nmeKwMY9wEHjezzUNtADubY4giP4j569o9SK7VLs+qk= Subject key identifier: 6D:95:8A:AE:BD:89:46:E4:7C:96:82:84:B2:65:2E:02:A2:01:7E:9E Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3B21C11C0A5DCCD326031017C6C0C6BF0044D980 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/d1803125-d777-4056-844d-8d1befd0163d/0/6D958AAEBD8946E47C968284B2652E02A2017E9E.mft caRepository: rsync://repo-rpki.idnic.net/repo/d1803125-d777-4056-844d-8d1befd0163d/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 07 Jan 2025 11:49:27 +0000 Certificate not after: Tue 06 Jan 2026 11:54:27 +0000 Subordinate resources: IP: 103.167.156.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:21:c1:1c:0a:5d:cc:d3:26:03:10:17:c6:c0:c6:bf:00:44:d9:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Jan 7 11:49:27 2025 GMT Not After : Jan 6 11:54:27 2026 GMT Subject: CN=6D958AAEBD8946E47C968284B2652E02A2017E9E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:c7:50:7c:7c:dc:a7:33:4b:9e:3c:9a:55:2e: 62:66:04:b0:dd:e2:01:9c:cf:28:11:04:4f:e9:b6: d3:9f:c7:fd:37:f6:c2:56:2c:27:2c:f1:b5:ab:8f: d8:c4:8a:ae:e8:ee:e2:5b:a5:ad:a8:41:f4:0b:f7: 05:d2:0e:47:5d:fa:73:08:30:e7:63:e7:00:ed:c8: 0c:f5:53:1f:93:f0:01:97:4a:d0:30:5c:af:96:e1: 74:59:e1:3a:2f:ac:ff:10:4f:e1:77:16:ef:be:d0: 94:58:7f:dd:9c:8a:8d:ac:c7:4a:4f:e7:0e:d7:6a: 28:fb:29:9f:1d:bc:34:32:96:55:8e:41:6e:f1:83: b3:c5:1e:6a:42:dc:8a:72:81:5a:c3:7f:04:7e:a9: 8a:3a:79:16:8a:cb:12:c3:aa:fc:e1:6c:5a:76:17: 71:fe:dd:95:cc:f2:72:b8:d4:9e:78:f8:e4:ac:3a: ca:63:51:3b:67:b8:d5:39:99:e6:04:51:95:88:63: 30:30:a8:48:2c:63:74:fb:c1:b6:e7:07:6f:ea:fc: 5e:2d:1a:9a:ce:a1:7f:a3:2e:33:29:a7:89:0e:ae: 61:ba:9e:8b:9b:aa:f1:fd:fa:52:f4:07:d9:af:42: 4a:96:c7:80:52:1b:8d:46:7d:bc:8b:c5:61:17:34: 4d:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 6D:95:8A:AE:BD:89:46:E4:7C:96:82:84:B2:65:2E:02:A2:01:7E:9E X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/d1803125-d777-4056-844d-8d1befd0163d/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/d1803125-d777-4056-844d-8d1befd0163d/0/6D958AAEBD8946E47C968284B2652E02A2017E9E.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.167.156.0/24 Signature Algorithm: sha256WithRSAEncryption 8f:1c:2a:2d:31:a2:dc:08:01:c1:1a:c1:78:3a:da:33:ac:38: 25:33:c6:8a:12:46:1d:e3:05:8f:de:6f:d2:e5:ce:fb:ae:6b: cc:7b:a9:72:c4:11:db:fd:81:72:81:d9:28:f5:b2:ff:ab:9f: 23:e0:66:b6:8c:e9:21:04:11:28:c2:62:f2:51:0b:d5:a4:13: f4:0d:41:5d:3a:89:65:7d:76:5d:02:f7:00:eb:5f:81:13:7e: a3:8b:8f:f6:04:d7:01:11:55:8c:26:ea:fd:cf:d5:3d:92:92: 46:7c:0a:c6:8e:8f:91:20:2f:99:44:bc:38:53:af:d2:5a:dc: 85:a8:1f:6f:2b:d3:3f:65:88:9c:51:51:f1:a9:89:8c:03:91: e3:95:84:fd:f6:63:34:4d:f7:71:5c:86:a0:b7:61:5c:a1:5d: f7:4b:6e:06:82:26:b7:6f:be:30:d9:1a:5c:30:ac:97:fb:92: 6d:6e:6f:98:5d:38:ff:80:32:46:8e:91:2b:37:f9:70:d7:ed: aa:50:9e:f8:fb:51:15:62:7c:23:aa:7b:09:f7:df:22:25:91: cb:cb:eb:2e:e9:ec:8c:c3:1a:23:0a:04:aa:00:3f:93:d9:f5: a9:ab:10:9a:5d:2f:f4:f0:39:69:86:73:2c:3a:e1:17:96:ea: 6b:a6:e0:c5 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUOyHBHApdzNMmAxAXxsDGvwBE2YAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDEwNzExNDkyN1oX DTI2MDEwNjExNTQyN1owMzExMC8GA1UEAxMoNkQ5NThBQUVCRDg5NDZFNDdDOTY4 Mjg0QjI2NTJFMDJBMjAxN0U5RTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKvHUHx83KczS548mlUuYmYEsN3iAZzPKBEET+m205/H/Tf2wlYsJyzxtauP 2MSKruju4lulrahB9Av3BdIOR136cwgw52PnAO3IDPVTH5PwAZdK0DBcr5bhdFnh Oi+s/xBP4XcW777QlFh/3ZyKjazHSk/nDtdqKPspnx28NDKWVY5BbvGDs8UeakLc inKBWsN/BH6pijp5ForLEsOq/OFsWnYXcf7dlczycrjUnnj45Kw6ymNRO2e41TmZ 5gRRlYhjMDCoSCxjdPvBtucHb+r8Xi0ams6hf6MuMymniQ6uYbqei5uq8f36UvQH 2a9CSpbHgFIbjUZ9vIvFYRc0TSsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFG2Viq69iUbkfJaChLJlLgKiAX6eMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9kMTgwMzEyNS1kNzc3LTQwNTYtODQ0ZC04ZDFiZWZkMDE2M2QvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QxODAzMTI1 LWQ3NzctNDA1Ni04NDRkLThkMWJlZmQwMTYzZC8wLzZEOTU4QUFFQkQ4OTQ2RTQ3 Qzk2ODI4NEIyNjUyRTAyQTIwMTdFOUUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnp5wwDQYJKoZIhvcNAQELBQADggEBAI8cKi0xotwIAcEawXg62jOsOCUzxooS Rh3jBY/eb9Llzvuua8x7qXLEEdv9gXKB2Sj1sv+rnyPgZraM6SEEESjCYvJRC9Wk E/QNQV06iWV9dl0C9wDrX4ETfqOLj/YE1wERVYwm6v3P1T2SkkZ8CsaOj5EgL5lE vDhTr9Ja3IWoH28r0z9liJxRUfGpiYwDkeOVhP32YzRN93FchqC3YVyhXfdLbgaC JrdvvjDZGlwwrJf7km1ub5hdOP+AMkaOkSs3+XDX7apQnvj7URVifCOqewn33yIl kcvL6y7p7IzDGiMKBKoAP5PZ9amrEJpdL/TwOWmGcyw64ReW6mum4MU= -----END CERTIFICATE-----Generated at Sat Apr 5 10:15:40 2025 by rpki-client