$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/821F16581F931A19A14B40DBF1E2B053A9C0B6A0.cer File: 821F16581F931A19A14B40DBF1E2B053A9C0B6A0.cer (raw, json) Hash identifier: qjESogW7mE75d4a9H2XOo/5rO1MShcOUtjMEJlfSApw= Subject key identifier: 82:1F:16:58:1F:93:1A:19:A1:4B:40:DB:F1:E2:B0:53:A9:C0:B6:A0 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 1F04490FD18A023BDA111FB3672256FC06E36408 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/fadd7c0f-02d3-4217-9fc3-0047ae1836dc/0/821F16581F931A19A14B40DBF1E2B053A9C0B6A0.mft caRepository: rsync://repo-rpki.idnic.net/repo/fadd7c0f-02d3-4217-9fc3-0047ae1836dc/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 01 Jul 2024 22:27:25 +0000 Certificate not after: Mon 30 Jun 2025 22:32:25 +0000 Subordinate resources: IP: 103.52.16.0/22 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:04:49:0f:d1:8a:02:3b:da:11:1f:b3:67:22:56:fc:06:e3:64:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 1 22:27:25 2024 GMT Not After : Jun 30 22:32:25 2025 GMT Subject: CN=821F16581F931A19A14B40DBF1E2B053A9C0B6A0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:cb:bd:fa:51:90:8f:5b:5b:3e:3e:36:f8:9c: 41:81:ea:51:9d:b6:fe:6b:32:70:ff:12:06:ab:16: 33:8c:d0:a5:41:94:90:a0:c0:19:ab:c1:dc:ee:da: e3:9e:56:67:22:49:b3:a4:02:46:25:fd:0c:e8:77: 0e:55:e1:16:e8:d1:12:9c:12:d0:8b:73:36:d9:70: ce:58:39:f5:e2:6d:d4:12:a6:eb:a0:ef:ff:b6:d8: d5:b6:6c:20:94:e7:4e:0a:c4:0e:e2:a7:1d:4f:25: ea:46:3f:cb:24:94:1e:e1:65:bd:25:2e:70:ba:11: 1e:2f:15:c1:3f:bf:0a:2a:14:24:ac:be:49:f0:75: 66:86:db:ca:4a:63:f6:7a:bf:b3:d5:fa:18:b3:24: 5d:76:b0:07:88:3c:6a:f9:56:2f:c2:51:1b:e7:06: ad:86:74:24:38:fc:2f:1a:73:9d:9d:8a:65:78:44: 80:b6:84:7c:22:1a:d9:aa:21:6d:6c:42:ff:68:60: 33:1b:2d:58:fe:2f:c2:08:00:c1:b3:38:31:15:36: 3e:8d:b7:40:69:0c:88:ab:70:ba:6f:ee:69:79:f1: 22:54:76:8a:0a:6c:9e:78:37:90:58:15:1c:3f:5a: 0e:64:1a:09:06:71:17:44:53:d0:0b:21:49:82:c0: 6e:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 82:1F:16:58:1F:93:1A:19:A1:4B:40:DB:F1:E2:B0:53:A9:C0:B6:A0 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/fadd7c0f-02d3-4217-9fc3-0047ae1836dc/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/fadd7c0f-02d3-4217-9fc3-0047ae1836dc/0/821F16581F931A19A14B40DBF1E2B053A9C0B6A0.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.52.16.0/22 Signature Algorithm: sha256WithRSAEncryption 8b:0b:a5:4a:f2:5f:bd:ed:2e:97:15:0b:54:b0:e1:87:c8:ba: 55:3c:bb:2a:19:85:c1:17:78:5e:ae:b2:dc:7a:d7:98:93:6e: dc:c6:cf:56:54:18:7c:28:03:76:94:6d:20:c8:0a:83:4c:61: 29:1c:54:47:2e:ed:ad:a4:c9:25:e9:d2:7e:eb:dc:12:08:cd: 34:48:44:53:5e:be:c0:76:6a:13:b8:32:f1:09:71:b2:67:b1: 75:1d:d6:6c:be:bc:23:90:fa:10:72:57:09:00:57:97:33:0a: 2e:07:b0:84:3f:39:1f:35:ad:b9:ac:be:84:58:1a:c7:06:25: 9b:f2:ab:ab:b6:e7:4f:12:af:93:fd:34:ec:29:30:cc:86:43: 0c:0c:67:d1:44:46:64:2a:b3:29:35:31:4c:c9:5f:75:93:b4: 63:af:0e:f7:4e:a2:37:d3:f4:2b:22:bd:f5:07:80:eb:77:88: 77:50:ee:9d:27:9b:52:e7:6b:40:90:02:d5:b5:67:58:88:e0: 2d:bb:bb:bf:85:21:5a:22:b0:dd:56:e9:d4:96:7e:0e:45:62: e8:24:98:ba:5e:94:33:9f:15:b4:bc:29:34:83:18:61:13:f5: 1a:77:11:0b:32:e3:27:99:e3:a1:53:3a:35:55:61:2a:fd:74: d3:ea:31:6b -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUHwRJD9GKAjvaER+zZyJW/AbjZAgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDcwMTIyMjcyNVoX DTI1MDYzMDIyMzIyNVowMzExMC8GA1UEAxMoODIxRjE2NTgxRjkzMUExOUExNEI0 MERCRjFFMkIwNTNBOUMwQjZBMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALDLvfpRkI9bWz4+NvicQYHqUZ22/msycP8SBqsWM4zQpUGUkKDAGavB3O7a 455WZyJJs6QCRiX9DOh3DlXhFujREpwS0ItzNtlwzlg59eJt1BKm66Dv/7bY1bZs IJTnTgrEDuKnHU8l6kY/yySUHuFlvSUucLoRHi8VwT+/CioUJKy+SfB1Zobbykpj 9nq/s9X6GLMkXXawB4g8avlWL8JRG+cGrYZ0JDj8LxpznZ2KZXhEgLaEfCIa2aoh bWxC/2hgMxstWP4vwggAwbM4MRU2Po23QGkMiKtwum/uaXnxIlR2igpsnng3kFgV HD9aDmQaCQZxF0RT0AshSYLAbu0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFIIfFlgfkxoZoUtA2/HisFOpwLagMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9mYWRkN2MwZi0wMmQzLTQyMTctOWZjMy0wMDQ3YWUxODM2ZGMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ZhZGQ3YzBm LTAyZDMtNDIxNy05ZmMzLTAwNDdhZTE4MzZkYy8wLzgyMUYxNjU4MUY5MzFBMTlB MTRCNDBEQkYxRTJCMDUzQTlDMEI2QTAubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJnNBAwDQYJKoZIhvcNAQELBQADggEBAIsLpUryX73tLpcVC1Sw4YfIulU8uyoZ hcEXeF6ustx615iTbtzGz1ZUGHwoA3aUbSDICoNMYSkcVEcu7a2kySXp0n7r3BII zTRIRFNevsB2ahO4MvEJcbJnsXUd1my+vCOQ+hByVwkAV5czCi4HsIQ/OR81rbms voRYGscGJZvyq6u2508Sr5P9NOwpMMyGQwwMZ9FERmQqsyk1MUzJX3WTtGOvDvdO ojfT9CsivfUHgOt3iHdQ7p0nm1Lna0CQAtW1Z1iI4C27u7+FIVoisN1W6dSWfg5F YugkmLpelDOfFbS8KTSDGGET9Rp3EQsy4yeZ46FTOjVVYSr9dNPqMWs= -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:44 2024 by rpki-client on console-ams.rpki-client.org