$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/878DF4B7E3C776B2EDC1752FCCBC5E289C453BEE.cer File: 878DF4B7E3C776B2EDC1752FCCBC5E289C453BEE.cer (raw, json) Hash identifier: psaW9TzG8BLEw6E2+w5Np5yDPVeqZ6h+KFcOTa4g5Sk= Subject key identifier: 87:8D:F4:B7:E3:C7:76:B2:ED:C1:75:2F:CC:BC:5E:28:9C:45:3B:EE Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 2328BBE12501B3533523CD7F41A773CE06E16A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/5c897c4a-e0ff-4652-a591-ff2d48e72c91/0/878DF4B7E3C776B2EDC1752FCCBC5E289C453BEE.mft caRepository: rsync://repo-rpki.idnic.net/repo/5c897c4a-e0ff-4652-a591-ff2d48e72c91/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 21 Sep 2023 08:21:25 +0000 Certificate not after: Thu 19 Sep 2024 08:26:25 +0000 Subordinate resources: IP: 103.156.96.0/24 IP: 2406:8440::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 00:20:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:28:bb:e1:25:01:b3:53:35:23:cd:7f:41:a7:73:ce:06:e1:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 21 08:21:25 2023 GMT Not After : Sep 19 08:26:25 2024 GMT Subject: CN=878DF4B7E3C776B2EDC1752FCCBC5E289C453BEE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:24:39:3a:8a:af:1a:75:7e:f1:1b:a7:00:6c: 97:a5:fa:1b:f4:9d:eb:92:63:43:8d:d2:f4:4f:d9: 71:11:48:6a:a6:b2:10:9e:a5:51:86:7b:b6:c4:6e: 42:1e:d3:1f:a1:3e:14:48:77:2f:90:92:0a:dc:b8: 5c:d1:10:26:70:25:04:2b:35:e6:91:60:e4:3c:14: e8:b8:98:e5:a6:61:e0:55:aa:f5:76:86:ce:20:e5: 52:65:4b:68:05:be:9d:1e:fb:19:b1:dd:cd:0e:eb: bf:e5:c4:ea:dc:62:19:8c:9f:21:5c:81:1a:62:74: f4:0c:7f:1a:78:15:9d:0b:d3:76:29:af:55:b5:58: 5b:9b:3f:9d:ca:ff:90:74:4f:be:6e:c6:47:94:e9: 68:7f:e0:1c:68:2c:78:ff:14:b8:63:eb:0b:4a:8e: 52:7b:e9:22:34:9e:e9:57:61:69:6e:58:c6:37:c9: e3:e5:ae:de:8e:a6:92:0c:f8:b7:89:2c:d6:83:23: af:33:68:96:54:8c:12:56:52:ee:1f:fc:67:1e:76: ee:c2:3d:cd:f5:b2:d3:03:7d:c1:3f:12:1a:94:b3: 21:3b:4f:c9:b0:8c:04:5a:65:19:4c:a1:80:32:66: 76:22:7a:01:9e:7f:65:42:95:14:ef:53:0f:3f:ab: 0d:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 87:8D:F4:B7:E3:C7:76:B2:ED:C1:75:2F:CC:BC:5E:28:9C:45:3B:EE X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/5c897c4a-e0ff-4652-a591-ff2d48e72c91/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/5c897c4a-e0ff-4652-a591-ff2d48e72c91/0/878DF4B7E3C776B2EDC1752FCCBC5E289C453BEE.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.156.96.0/24 IPv6: 2406:8440::/32 Signature Algorithm: sha256WithRSAEncryption 4e:2b:5f:4c:06:82:9c:fa:33:f6:51:c3:a9:fd:0b:ef:8f:30: 9e:d7:06:78:58:82:9d:20:f8:7e:d5:88:b7:1f:7f:2f:e2:87: 00:87:3c:aa:7b:4d:f6:5d:fe:06:37:61:99:6d:13:5b:12:2e: 23:43:dd:ed:92:f3:3c:50:ae:92:9d:c4:70:11:7e:7a:35:bd: a8:a7:ae:1f:d9:a4:66:86:aa:d8:a9:de:30:9e:6c:23:98:4b: 30:1a:6a:78:a0:20:11:d9:df:76:d7:45:33:2f:a5:f1:25:64: 3d:cc:05:90:56:70:40:bf:d1:85:d5:fb:e6:68:52:88:8d:9d: de:46:83:03:72:b1:05:ef:cd:ab:c3:0b:94:8c:12:66:7c:74: 7d:00:dd:72:3a:c5:a3:e0:e1:c7:cd:6e:f3:8d:3b:aa:86:6d: 34:1a:f9:8a:8c:e7:2a:77:68:aa:11:14:09:71:f5:f0:b7:10: 4c:ee:3b:a2:8f:5c:ad:a7:f7:6d:ab:36:8e:e2:d2:d3:94:fa: c4:4e:b6:23:bc:f1:43:1f:dc:9a:29:30:2c:ed:c3:e7:3a:a3: ae:ac:2b:dc:37:1e:c2:de:6a:dc:d5:2c:2c:14:24:8c:04:30: 6e:d8:d1:59:8e:8b:d3:2e:f4:84:6d:2f:72:ac:62:0f:cc:b8: 78:82:55:6a -----BEGIN CERTIFICATE----- MIIF0zCCBLugAwIBAgITIyi74SUBs1M1I81/QadzzgbhajANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTE4NjIxNDAwMDAxMTAvBgNVBAUTKEJBOEY3N0QyMUU1 OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIwHhcNMjMwOTIxMDgyMTI1WhcN MjQwOTE5MDgyNjI1WjAzMTEwLwYDVQQDEyg4NzhERjRCN0UzQzc3NkIyRURDMTc1 MkZDQ0JDNUUyODlDNDUzQkVFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5yQ5OoqvGnV+8RunAGyXpfob9J3rkmNDjdL0T9lxEUhqprIQnqVRhnu2xG5C HtMfoT4USHcvkJIK3Lhc0RAmcCUEKzXmkWDkPBTouJjlpmHgVar1dobOIOVSZUto Bb6dHvsZsd3NDuu/5cTq3GIZjJ8hXIEaYnT0DH8aeBWdC9N2Ka9VtVhbmz+dyv+Q dE++bsZHlOlof+AcaCx4/xS4Y+sLSo5Se+kiNJ7pV2FpbljGN8nj5a7ejqaSDPi3 iSzWgyOvM2iWVIwSVlLuH/xnHnbuwj3N9bLTA33BPxIalLMhO0/JsIwEWmUZTKGA MmZ2InoBnn9lQpUU71MPP6sN3wIDAQABo4ICxzCCAsMwDwYDVR0TAQH/BAUwAwEB /zAdBgNVHQ4EFgQUh430t+PHdrLtwXUvzLxeKJxFO+4wHwYDVR0jBBgwFoAUuo93 0h5Y/pyTmmtw4lhWF+GDN2swDgYDVR0PAQH/BAQDAgEGMGkGA1UdHwRiMGAwXqBc oFqGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL0lETklDLUlELzIv QkE4Rjc3RDIxRTU4RkU5QzkzOUE2QjcwRTI1ODU2MTdFMTgzMzc2Qi5jcmwwfgYI KwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0 L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvdW85 MzBoNVlfcHlUbW10dzRsaFdGLUdETjJzLmNlcjCCASkGCCsGAQUFBwELBIIBGzCC ARcwUwYIKwYBBQUHMAWGR3JzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv LzVjODk3YzRhLWUwZmYtNDY1Mi1hNTkxLWZmMmQ0OGU3MmM5MS8wMIGABggrBgEF BQcwCoZ0cnN5bmM6Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNWM4OTdjNGEt ZTBmZi00NjUyLWE1OTEtZmYyZDQ4ZTcyYzkxLzAvODc4REY0QjdFM0M3NzZCMkVE QzE3NTJGQ0NCQzVFMjg5QzQ1M0JFRS5tZnQwPQYIKwYBBQUHMA2GMWh0dHBzOi8v cmVwby1ycGtpLmlkbmljLm5ldC9ycmRwL25vdGlmaWNhdGlvbi54bWwwGAYDVR0g AQH/BA4wDDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgME AGecYDANBAIAAjAHAwUAJAaEQDANBgkqhkiG9w0BAQsFAAOCAQEATitfTAaCnPoz 9lHDqf0L748wntcGeFiCnSD4ftWItx9/L+KHAIc8qntN9l3+BjdhmW0TWxIuI0Pd 7ZLzPFCukp3EcBF+ejW9qKeuH9mkZoaq2KneMJ5sI5hLMBpqeKAgEdnfdtdFMy+l 8SVkPcwFkFZwQL/RhdX75mhSiI2d3kaDA3KxBe/Nq8MLlIwSZnx0fQDdcjrFo+Dh x81u8407qoZtNBr5ioznKndoqhEUCXH18LcQTO47oo9craf3bas2juLS05T6xE62 I7zxQx/cmikwLO3D5zqjrqwr3Dcewt5q3NUsLBQkjAQwbtjRWY6L0y70hG0vcqxi D8y4eIJVag== -----END CERTIFICATE-----Generated at Thu May 9 00:37:02 2024 by rpki-client on console-fra.rpki-client.org