$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/8989D0431453556F22D882A21B2BBB9F4E4A2C24.cer File: 8989D0431453556F22D882A21B2BBB9F4E4A2C24.cer (raw, json) Hash identifier: dnBa4yAQfaztBg6mCXcxnqC7jOGRM+Gq52Ihf21Tgr4= Subject key identifier: 89:89:D0:43:14:53:55:6F:22:D8:82:A2:1B:2B:BB:9F:4E:4A:2C:24 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 018C30126C309238085D2843CFF550457E251FEE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/4a87064b-5f27-4270-90e4-99f43ae84db7/0/8989D0431453556F22D882A21B2BBB9F4E4A2C24.mft caRepository: rsync://repo-rpki.idnic.net/repo/4a87064b-5f27-4270-90e4-99f43ae84db7/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 13 Mar 2024 09:27:23 +0000 Certificate not after: Wed 12 Mar 2025 09:32:23 +0000 Subordinate resources: IP: 103.130.82.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 03:34:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:8c:30:12:6c:30:92:38:08:5d:28:43:cf:f5:50:45:7e:25:1f:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 13 09:27:23 2024 GMT Not After : Mar 12 09:32:23 2025 GMT Subject: CN=8989D0431453556F22D882A21B2BBB9F4E4A2C24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:48:28:f3:83:ef:4e:43:a3:cf:bb:1c:a3:e6: f6:ce:bb:c5:e0:03:38:98:53:54:de:f5:a5:4f:12: 21:35:83:2c:1a:0b:fc:b1:6c:1c:5b:be:8f:44:a6: 14:b4:4b:a0:41:a7:c6:79:26:13:b5:7b:87:fb:d2: 37:af:89:7f:f7:b8:9c:4a:ba:8d:02:f5:d5:c0:a6: ad:62:61:1e:a8:8e:b3:db:54:b2:26:f5:82:83:fe: 81:49:3b:29:eb:51:af:44:f5:04:4b:a7:32:c0:52: 4b:9e:3d:95:86:a2:ef:fe:04:16:a2:23:b3:fc:3e: b9:1c:18:dc:4d:4e:81:fa:db:39:d8:3c:72:64:25: 51:81:13:47:d0:07:bf:4a:d5:94:30:2a:9f:ed:4d: 48:79:4e:6c:29:70:0a:5a:40:95:b9:be:fb:82:4f: 25:83:63:42:f9:fb:9b:55:98:34:04:2e:23:8b:c3: 92:fc:ed:7b:9a:ac:5f:4d:7a:db:79:fb:59:d2:80: 30:76:f3:7e:36:0a:40:18:77:a4:64:12:59:c9:fe: 35:43:a8:6b:bf:72:aa:8c:8e:bd:44:ab:9b:bb:ad: d0:02:f7:22:15:8f:d4:29:d7:67:eb:df:be:58:92: 00:d0:97:08:d1:2f:dd:f1:fa:f4:e5:0d:68:db:c7: e7:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 89:89:D0:43:14:53:55:6F:22:D8:82:A2:1B:2B:BB:9F:4E:4A:2C:24 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/4a87064b-5f27-4270-90e4-99f43ae84db7/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/4a87064b-5f27-4270-90e4-99f43ae84db7/0/8989D0431453556F22D882A21B2BBB9F4E4A2C24.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.130.82.0/23 Signature Algorithm: sha256WithRSAEncryption 4f:b3:69:03:d4:37:93:0f:e8:ae:28:bf:82:43:89:a0:05:73: 9c:f7:82:b0:ef:22:c7:ec:e2:6f:72:e5:49:30:91:88:02:ac: d8:ba:d4:67:a9:7c:f0:9c:7f:1c:66:7a:fd:35:a5:6e:7b:ce: 3d:3f:df:71:30:f2:47:8b:a0:c2:63:57:4c:9c:a9:8a:c4:3f: 6b:bb:3b:7e:e7:0c:73:fc:14:76:ad:8b:f4:6a:4a:67:a0:e3: 7b:71:e0:05:67:d6:04:c6:c7:a1:44:7a:86:cc:47:96:f7:72: 1f:9a:69:09:cb:1d:ce:c2:a0:a7:8f:f7:4a:b6:61:6b:49:7b: 65:2c:2f:47:76:89:a5:8f:38:01:1a:06:bd:cc:94:99:1d:f7: 43:48:9a:c4:25:d7:15:a4:70:8c:f1:a8:6e:3c:a3:84:7b:78: b1:af:07:03:90:80:0c:6f:57:b9:4d:92:44:b0:67:45:e2:96: 66:f2:4c:a1:78:e5:93:ac:6f:96:24:fa:97:f9:2f:f4:b3:5e: 22:9a:8a:22:78:cd:ab:91:49:41:ef:4f:8a:70:da:40:24:b5: f9:ff:46:99:df:a0:90:6a:a1:f9:e2:ae:17:59:53:9b:5c:64: ef:ed:1b:93:82:83:41:52:93:83:b3:17:40:4e:40:82:b0:07: 64:cc:4b:25 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUAYwwEmwwkjgIXShDz/VQRX4lH+4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDMxMzA5MjcyM1oX DTI1MDMxMjA5MzIyM1owMzExMC8GA1UEAxMoODk4OUQwNDMxNDUzNTU2RjIyRDg4 MkEyMUIyQkJCOUY0RTRBMkMyNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMpIKPOD705Do8+7HKPm9s67xeADOJhTVN71pU8SITWDLBoL/LFsHFu+j0Sm FLRLoEGnxnkmE7V7h/vSN6+Jf/e4nEq6jQL11cCmrWJhHqiOs9tUsib1goP+gUk7 KetRr0T1BEunMsBSS549lYai7/4EFqIjs/w+uRwY3E1OgfrbOdg8cmQlUYETR9AH v0rVlDAqn+1NSHlObClwClpAlbm++4JPJYNjQvn7m1WYNAQuI4vDkvzte5qsX016 23n7WdKAMHbzfjYKQBh3pGQSWcn+NUOoa79yqoyOvUSrm7ut0AL3IhWP1CnXZ+vf vliSANCXCNEv3fH69OUNaNvH55cCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFImJ0EMUU1VvItiCohsru59OSiwkMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by80YTg3MDY0Yi01ZjI3LTQyNzAtOTBlNC05OWY0M2FlODRkYjcvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRhODcwNjRi LTVmMjctNDI3MC05MGU0LTk5ZjQzYWU4NGRiNy8wLzg5ODlEMDQzMTQ1MzU1NkYy MkQ4ODJBMjFCMkJCQjlGNEU0QTJDMjQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnglIwDQYJKoZIhvcNAQELBQADggEBAE+zaQPUN5MP6K4ov4JDiaAFc5z3grDv Isfs4m9y5UkwkYgCrNi61GepfPCcfxxmev01pW57zj0/33Ew8keLoMJjV0ycqYrE P2u7O37nDHP8FHati/RqSmeg43tx4AVn1gTGx6FEeobMR5b3ch+aaQnLHc7CoKeP 90q2YWtJe2UsL0d2iaWPOAEaBr3MlJkd90NImsQl1xWkcIzxqG48o4R7eLGvBwOQ gAxvV7lNkkSwZ0XilmbyTKF45ZOsb5Yk+pf5L/SzXiKaiiJ4zauRSUHvT4pw2kAk tfn/RpnfoJBqofnirhdZU5tcZO/tG5OCg0FSk4OzF0BOQIKwB2TMSyU= -----END CERTIFICATE-----Generated at Wed May 8 21:02:18 2024 by rpki-client on console-fra.rpki-client.org