$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/849E9E240A6BF4423B1E7D2205D41EC80D6EAB4F.cer File: 849E9E240A6BF4423B1E7D2205D41EC80D6EAB4F.cer (raw, json) Hash identifier: +Otc/Xbi9F333fwe57u4sEph4iLbopSSkqBIhqW1wtU= Subject key identifier: 84:9E:9E:24:0A:6B:F4:42:3B:1E:7D:22:05:D4:1E:C8:0D:6E:AB:4F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 0BBAB166E4B82A16176182F561CFC092954F4A00 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/9eeb45de-5183-4a3a-b06d-8bb8d4506b06/0/849E9E240A6BF4423B1E7D2205D41EC80D6EAB4F.mft caRepository: rsync://repo-rpki.idnic.net/repo/9eeb45de-5183-4a3a-b06d-8bb8d4506b06/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 17 Sep 2024 19:32:52 +0000 Certificate not after: Tue 16 Sep 2025 19:37:52 +0000 Subordinate resources: IP: 103.6.166.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 06:34:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:ba:b1:66:e4:b8:2a:16:17:61:82:f5:61:cf:c0:92:95:4f:4a:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Sep 17 19:32:52 2024 GMT Not After : Sep 16 19:37:52 2025 GMT Subject: CN=849E9E240A6BF4423B1E7D2205D41EC80D6EAB4F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:43:88:74:fa:d8:b5:df:e5:f2:fa:85:b2:b8: e8:18:a1:33:9d:4e:2a:a8:3f:fa:5f:d0:28:b7:00: e6:85:eb:c2:24:0e:cb:4f:a4:d0:d7:64:3d:02:d0: 0e:1d:e3:f5:7d:af:de:25:75:bb:56:6d:82:b6:e9: 3a:9c:0c:df:85:b1:10:13:26:97:cf:58:b9:87:05: 2d:b5:cd:92:b4:d4:1b:64:8f:ec:bf:95:ce:94:e3: 06:b6:78:e8:e1:38:c2:80:34:61:76:50:8c:f2:81: ea:d5:a0:a9:22:f8:a9:e2:55:b4:2f:cd:be:8b:cc: b4:89:d0:06:58:f7:3a:55:cc:63:60:e7:a6:bc:04: e3:3b:73:cc:5e:2d:dd:05:4c:25:09:30:89:1d:cc: f5:95:54:a9:08:84:d6:87:95:47:09:73:c0:43:3f: 14:4b:5f:2c:de:8d:9e:6d:fc:9a:29:23:a0:39:ab: 79:6f:78:54:76:5e:bb:cd:31:d6:d5:b7:e0:07:13: 80:04:ae:34:55:7b:c1:b9:bc:b4:50:5c:60:b4:4f: 0a:47:4a:db:96:96:68:f3:a0:a4:38:b9:5a:10:fa: 4e:0c:d2:48:1a:4d:78:9b:13:01:0b:2f:d0:2e:59: 62:fd:05:79:13:d2:39:2e:28:cd:2f:ef:02:c2:00: 8b:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 84:9E:9E:24:0A:6B:F4:42:3B:1E:7D:22:05:D4:1E:C8:0D:6E:AB:4F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/9eeb45de-5183-4a3a-b06d-8bb8d4506b06/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/9eeb45de-5183-4a3a-b06d-8bb8d4506b06/0/849E9E240A6BF4423B1E7D2205D41EC80D6EAB4F.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.6.166.0/24 Signature Algorithm: sha256WithRSAEncryption 85:20:13:a3:95:a9:97:4c:19:e7:ea:67:c3:6d:05:4b:a1:e4: 10:27:f2:a1:ca:42:aa:2a:49:12:5f:93:05:dc:04:53:88:e0: 51:a0:aa:06:5f:b3:04:19:de:57:0f:ae:ad:0c:d9:4d:54:02: c0:a3:05:1c:3c:62:23:cd:24:f7:87:7b:6d:78:08:25:6e:6f: fa:1f:76:a6:39:fe:c3:30:5f:3d:0a:63:6c:bf:62:80:1f:b7: 11:53:29:57:fa:68:88:d7:39:bd:25:47:fc:9f:fd:07:4b:5d: 27:a7:24:14:71:cf:ce:b4:fd:4b:f3:93:62:59:cb:8c:45:0f: 94:57:19:35:8f:f5:8f:5a:fb:ea:d6:a4:27:c9:ae:87:7b:89: ae:5b:7a:57:3d:e9:42:37:7e:d7:9a:40:3f:92:20:37:39:20: 57:f9:33:39:61:c1:0d:58:9e:7e:b1:c7:47:df:71:5b:d6:33: db:90:75:50:c7:ae:13:ff:59:41:36:44:bc:e7:77:29:84:e4: 29:fa:67:f4:f7:50:7a:37:a9:72:2f:d3:7c:42:f2:4e:b4:14: 34:6b:fa:fe:85:27:aa:41:eb:79:af:02:d4:b1:6e:2d:45:0a: 60:61:d9:46:4f:4d:02:57:b9:96:31:62:c1:d9:71:0e:7c:45: ca:03:7c:67 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUC7qxZuS4KhYXYYL1Yc/AkpVPSgAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDkxNzE5MzI1MloX DTI1MDkxNjE5Mzc1MlowMzExMC8GA1UEAxMoODQ5RTlFMjQwQTZCRjQ0MjNCMUU3 RDIyMDVENDFFQzgwRDZFQUI0RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANdDiHT62LXf5fL6hbK46BihM51OKqg/+l/QKLcA5oXrwiQOy0+k0NdkPQLQ Dh3j9X2v3iV1u1ZtgrbpOpwM34WxEBMml89YuYcFLbXNkrTUG2SP7L+VzpTjBrZ4 6OE4woA0YXZQjPKB6tWgqSL4qeJVtC/NvovMtInQBlj3OlXMY2DnprwE4ztzzF4t 3QVMJQkwiR3M9ZVUqQiE1oeVRwlzwEM/FEtfLN6Nnm38mikjoDmreW94VHZeu80x 1tW34AcTgASuNFV7wbm8tFBcYLRPCkdK25aWaPOgpDi5WhD6TgzSSBpNeJsTAQsv 0C5ZYv0FeRPSOS4ozS/vAsIAi98CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFISeniQKa/RCOx59IgXUHsgNbqtPMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by85ZWViNDVkZS01MTgzLTRhM2EtYjA2ZC04YmI4ZDQ1MDZiMDYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzllZWI0NWRl LTUxODMtNGEzYS1iMDZkLThiYjhkNDUwNmIwNi8wLzg0OUU5RTI0MEE2QkY0NDIz QjFFN0QyMjA1RDQxRUM4MEQ2RUFCNEYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnBqYwDQYJKoZIhvcNAQELBQADggEBAIUgE6OVqZdMGefqZ8NtBUuh5BAn8qHK QqoqSRJfkwXcBFOI4FGgqgZfswQZ3lcPrq0M2U1UAsCjBRw8YiPNJPeHe214CCVu b/ofdqY5/sMwXz0KY2y/YoAftxFTKVf6aIjXOb0lR/yf/QdLXSenJBRxz860/Uvz k2JZy4xFD5RXGTWP9Y9a++rWpCfJrod7ia5belc96UI3fteaQD+SIDc5IFf5Mzlh wQ1Ynn6xx0ffcVvWM9uQdVDHrhP/WUE2RLzndymE5Cn6Z/T3UHo3qXIv03xC8k60 FDRr+v6FJ6pB63mvAtSxbi1FCmBh2UZPTQJXuZYxYsHZcQ58RcoDfGc= -----END CERTIFICATE-----Generated at Sun Feb 16 20:57:08 2025 by rpki-client