$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/7DA5F7B42931EE3A414B9A5B7996703DF70BD897.cer File: 7DA5F7B42931EE3A414B9A5B7996703DF70BD897.cer (raw, json) Hash identifier: EJHTRHlJdr1RGspUdGZMG3d8upvxA9LyKwwU1yA5wjo= Subject key identifier: 7D:A5:F7:B4:29:31:EE:3A:41:4B:9A:5B:79:96:70:3D:F7:0B:D8:97 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3156801EAF0156986AD87EFF6635B6FF0111FA37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/4227b176-4c17-4244-badf-f496bcb15e20/0/7DA5F7B42931EE3A414B9A5B7996703DF70BD897.mft caRepository: rsync://repo-rpki.idnic.net/repo/4227b176-4c17-4244-badf-f496bcb15e20/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 20 Oct 2023 09:01:56 +0000 Certificate not after: Fri 18 Oct 2024 09:06:56 +0000 Subordinate resources: IP: 103.27.192.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 17:47:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:56:80:1e:af:01:56:98:6a:d8:7e:ff:66:35:b6:ff:01:11:fa:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Oct 20 09:01:56 2023 GMT Not After : Oct 18 09:06:56 2024 GMT Subject: CN=7DA5F7B42931EE3A414B9A5B7996703DF70BD897 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:0e:81:5e:a5:0a:a0:da:50:5d:3e:49:a5:d4: e3:4a:ac:d6:b7:c0:26:0d:5a:e3:c5:38:a4:20:c8: 09:04:b1:56:b4:8b:d7:b3:f2:be:41:2b:62:ad:60: 0c:f0:8e:21:a6:2f:84:e6:4c:5c:66:4d:a4:d7:7d: 1c:7b:7d:a2:5a:f0:29:ed:7e:c7:65:38:38:c3:45: 4e:49:27:f3:07:74:5f:b8:bb:56:bb:94:e5:55:1d: fa:8b:73:af:4e:fc:1a:5c:97:82:7f:75:23:89:da: 24:33:af:8a:45:12:27:7c:21:f2:ae:de:60:50:2f: 22:87:5f:52:d4:19:fe:35:d2:cb:f1:58:05:f4:ca: 98:77:06:74:f7:1e:a3:ac:45:d6:64:22:f5:36:f3: fa:a7:d2:3b:df:88:53:3e:fc:b0:30:a0:bd:7c:bd: 0a:6e:77:9c:48:28:19:79:6d:ae:59:c9:98:1f:ff: fd:d7:c4:1f:f6:48:af:cd:02:1f:87:45:b9:eb:82: ab:d0:ea:90:3f:f7:22:92:1a:e1:53:24:6a:3e:fc: 65:c1:5e:19:96:cd:09:bd:f7:36:fb:80:c5:83:72: 46:bc:50:ba:2c:47:46:3c:fa:89:56:18:bb:94:92: b2:5b:72:81:09:09:64:73:d0:d8:db:29:56:48:28: 6f:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 7D:A5:F7:B4:29:31:EE:3A:41:4B:9A:5B:79:96:70:3D:F7:0B:D8:97 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/4227b176-4c17-4244-badf-f496bcb15e20/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/4227b176-4c17-4244-badf-f496bcb15e20/0/7DA5F7B42931EE3A414B9A5B7996703DF70BD897.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.27.192.0/23 Signature Algorithm: sha256WithRSAEncryption 50:8b:9d:d6:d5:9d:2d:1f:6d:49:f8:e7:3d:b8:bb:d9:41:8e: 70:c5:4c:30:2f:bb:73:22:6a:33:68:46:50:b0:a6:d2:bb:55: 7d:de:44:81:32:78:a5:08:74:ae:af:10:a8:45:63:d1:fd:29: e7:88:20:9a:b7:c2:09:15:cd:49:a1:11:c5:a1:18:c9:a4:b4: c2:08:27:d7:f0:ab:62:ca:ef:06:66:3e:e9:7c:75:d5:e5:c6: e7:fc:ac:2b:36:4d:e1:e5:d0:94:27:d4:27:a4:bd:78:65:d7: e7:52:ae:1f:31:3f:2e:a3:38:6d:25:3e:f2:46:9f:65:c6:6b: aa:c4:d7:38:e0:44:f6:37:7d:09:2c:70:f1:8d:8b:8c:03:80: 14:98:1e:11:4a:25:28:29:c9:52:28:3c:d1:b9:6d:d0:cb:43: 8d:7a:f0:1a:03:42:71:76:8f:16:42:5a:ab:25:40:f6:ae:81: d4:09:47:4b:31:fd:97:2c:16:ef:f4:fb:47:63:2c:26:94:9c: 8d:76:9b:ff:6f:8e:8e:2b:86:75:c4:37:f2:7f:55:9f:35:4a: 63:9b:75:98:38:8a:dc:59:5a:e1:ba:20:7f:7c:ee:43:c7:3f: 7c:16:ce:78:77:9d:41:d9:81:8c:17:60:5b:d1:4c:8e:99:14: 75:61:86:17 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUMVaAHq8BVphq2H7/ZjW2/wER+jcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTAyMDA5MDE1NloX DTI0MTAxODA5MDY1NlowMzExMC8GA1UEAxMoN0RBNUY3QjQyOTMxRUUzQTQxNEI5 QTVCNzk5NjcwM0RGNzBCRDg5NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMsOgV6lCqDaUF0+SaXU40qs1rfAJg1a48U4pCDICQSxVrSL17PyvkErYq1g DPCOIaYvhOZMXGZNpNd9HHt9olrwKe1+x2U4OMNFTkkn8wd0X7i7VruU5VUd+otz r078GlyXgn91I4naJDOvikUSJ3wh8q7eYFAvIodfUtQZ/jXSy/FYBfTKmHcGdPce o6xF1mQi9Tbz+qfSO9+IUz78sDCgvXy9Cm53nEgoGXltrlnJmB///dfEH/ZIr80C H4dFueuCq9DqkD/3IpIa4VMkaj78ZcFeGZbNCb33NvuAxYNyRrxQuixHRjz6iVYY u5SSsltygQkJZHPQ2NspVkgob+MCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFH2l97QpMe46QUuaW3mWcD33C9iXMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by80MjI3YjE3Ni00YzE3LTQyNDQtYmFkZi1mNDk2YmNiMTVlMjAvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQyMjdiMTc2 LTRjMTctNDI0NC1iYWRmLWY0OTZiY2IxNWUyMC8wLzdEQTVGN0I0MjkzMUVFM0E0 MTRCOUE1Qjc5OTY3MDNERjcwQkQ4OTcubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnG8AwDQYJKoZIhvcNAQELBQADggEBAFCLndbVnS0fbUn45z24u9lBjnDFTDAv u3MiajNoRlCwptK7VX3eRIEyeKUIdK6vEKhFY9H9KeeIIJq3wgkVzUmhEcWhGMmk tMIIJ9fwq2LK7wZmPul8ddXlxuf8rCs2TeHl0JQn1CekvXhl1+dSrh8xPy6jOG0l PvJGn2XGa6rE1zjgRPY3fQkscPGNi4wDgBSYHhFKJSgpyVIoPNG5bdDLQ4168BoD QnF2jxZCWqslQPaugdQJR0sx/ZcsFu/0+0djLCaUnI12m/9vjo4rhnXEN/J/VZ81 SmObdZg4itxZWuG6IH987kPHP3wWznh3nUHZgYwXYFvRTI6ZFHVhhhc= -----END CERTIFICATE-----Generated at Wed May 8 14:59:53 2024 by rpki-client on console-ams.rpki-client.org