$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.cer File: 8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.cer (raw, json) Hash identifier: 4z0fXrL7+MpNHGgJf+kzJjeK2KYPdz+yoRszPKsKnOM= Subject key identifier: 8B:A2:B5:E0:7F:AD:57:28:C7:DE:FB:F4:FC:10:BD:04:43:53:F6:FF Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3B65D201A4EB876E3DA02417E95376C6F62D2D0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft caRepository: rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 16 Jul 2024 05:16:06 +0000 Certificate not after: Tue 15 Jul 2025 05:21:06 +0000 Subordinate resources: IP: 103.133.144.0/22 IP: 2404:4ec0::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:65:d2:01:a4:eb:87:6e:3d:a0:24:17:e9:53:76:c6:f6:2d:2d:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 16 05:16:06 2024 GMT Not After : Jul 15 05:21:06 2025 GMT Subject: CN=8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:e7:df:ff:f0:88:c2:90:d0:4a:40:83:b3:5e: de:30:5a:94:1a:75:c6:f3:89:f8:a2:44:29:ed:86: 73:8e:17:c0:4a:04:54:60:41:7a:87:fb:43:31:3c: 3b:18:10:cb:45:4d:3a:c6:bb:85:89:50:97:b0:4c: 19:59:98:e9:5f:4c:63:75:8f:55:77:8d:24:0d:d7: be:4b:ac:a9:1d:09:e9:97:6c:5a:6e:d5:9c:b9:4e: d9:f5:93:63:7e:37:86:1e:c1:c1:7b:7d:d1:aa:8d: 72:45:d1:a0:82:b9:18:4c:9c:80:fe:74:83:ef:18: e0:8c:66:5f:6e:71:2c:43:bb:c1:fe:6a:58:5f:40: 96:15:ce:7a:a1:ac:51:83:a1:f6:84:65:55:6e:37: 93:70:07:45:ed:bb:da:b3:04:3b:95:f0:d3:5b:b0: 99:7a:97:dd:c4:0e:26:1c:30:59:7c:21:df:0a:70: 20:3f:a8:99:ab:8e:90:5e:f0:bf:75:93:1a:51:a6: dd:ca:b6:f4:cc:62:4d:23:09:c8:b5:8f:41:4e:7b: 63:ff:90:78:d2:f1:79:cf:ac:ca:97:57:5e:48:fd: bb:2a:13:50:74:44:03:29:d4:ad:ae:f4:5e:59:d3: d5:bb:f3:c9:a0:f3:8a:43:bb:ee:f5:84:52:11:9b: 6c:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 8B:A2:B5:E0:7F:AD:57:28:C7:DE:FB:F4:FC:10:BD:04:43:53:F6:FF X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/8c76c85f-9a4f-4afc-969b-8da2536c5c24/0/8BA2B5E07FAD5728C7DEFBF4FC10BD044353F6FF.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.133.144.0/22 IPv6: 2404:4ec0::/32 Signature Algorithm: sha256WithRSAEncryption 7e:67:3f:4e:85:cf:e4:0d:ff:d4:6b:ec:8e:d8:de:a1:4b:db: 7d:bf:1d:eb:2b:a1:16:69:ab:a1:5d:76:6d:9f:ab:43:e1:08: b4:99:22:2a:05:96:fc:a5:76:2a:f5:91:e9:43:da:02:55:0f: b2:f3:43:7d:d7:f3:ef:d4:9d:bd:08:b6:2d:60:60:01:cb:ae: 51:95:77:be:1e:92:15:12:be:22:3b:72:ce:4a:4f:90:bb:81: 26:db:d7:f6:c0:4d:b4:4e:d4:d9:3b:ff:c0:d4:9c:13:c4:fd: e2:4e:7c:2b:d5:fe:a8:9d:32:0f:30:fe:d3:d3:d0:34:f1:30: d7:2a:f6:b8:98:c4:e6:89:0d:42:3e:78:52:80:9b:73:d8:67: f5:33:4c:b8:64:e3:9f:53:4e:b6:b5:97:01:62:7d:27:8d:1a: 0c:8f:7c:3e:5d:44:a8:f7:6b:6c:2b:fe:69:8c:7a:50:95:da: 64:59:e9:b5:0b:7d:0a:59:83:a2:94:5c:9f:fd:d0:d9:0d:4e: ae:d1:cf:f8:d9:4b:dc:0e:d8:cb:b4:22:f7:0f:c6:f5:17:7b: 88:85:6c:85:1b:ea:d8:0b:6f:1f:82:53:be:23:9c:fc:2d:a1: 50:b5:4c:9c:38:7e:d5:b0:e8:2a:39:78:e4:fa:2e:90:ad:ee: 88:d5:03:26 -----BEGIN CERTIFICATE----- MIIF1DCCBLygAwIBAgIUO2XSAaTrh249oCQX6VN2xvYtLQowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDcxNjA1MTYwNloX DTI1MDcxNTA1MjEwNlowMzExMC8GA1UEAxMoOEJBMkI1RTA3RkFENTcyOEM3REVG QkY0RkMxMEJEMDQ0MzUzRjZGRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMfn3//wiMKQ0EpAg7Ne3jBalBp1xvOJ+KJEKe2Gc44XwEoEVGBBeof7QzE8 OxgQy0VNOsa7hYlQl7BMGVmY6V9MY3WPVXeNJA3XvkusqR0J6ZdsWm7VnLlO2fWT Y343hh7BwXt90aqNckXRoIK5GEycgP50g+8Y4IxmX25xLEO7wf5qWF9AlhXOeqGs UYOh9oRlVW43k3AHRe272rMEO5Xw01uwmXqX3cQOJhwwWXwh3wpwID+omauOkF7w v3WTGlGm3cq29MxiTSMJyLWPQU57Y/+QeNLxec+sypdXXkj9uyoTUHREAynUra70 XlnT1bvzyaDzikO77vWEUhGbbOcCAwEAAaOCAscwggLDMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFIuiteB/rVcox9779PwQvQRDU/b/MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by84Yzc2Yzg1Zi05YTRmLTRhZmMtOTY5Yi04ZGEyNTM2YzVjMjQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhjNzZjODVm LTlhNGYtNGFmYy05NjliLThkYTI1MzZjNWMyNC8wLzhCQTJCNUUwN0ZBRDU3MjhD N0RFRkJGNEZDMTBCRDA0NDM1M0Y2RkYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYD BAJnhZAwDQQCAAIwBwMFACQETsAwDQYJKoZIhvcNAQELBQADggEBAH5nP06Fz+QN /9Rr7I7Y3qFL232/HesroRZpq6Fddm2fq0PhCLSZIioFlvyldir1kelD2gJVD7Lz Q33X8+/Unb0Iti1gYAHLrlGVd74ekhUSviI7cs5KT5C7gSbb1/bATbRO1Nk7/8DU nBPE/eJOfCvV/qidMg8w/tPT0DTxMNcq9riYxOaJDUI+eFKAm3PYZ/UzTLhk459T Tra1lwFifSeNGgyPfD5dRKj3a2wr/mmMelCV2mRZ6bULfQpZg6KUXJ/90NkNTq7R z/jZS9wO2Mu0IvcPxvUXe4iFbIUb6tgLbx+CU74jnPwtoVC1TJw4ftWw6Co5eOT6 LpCt7ojVAyY= -----END CERTIFICATE-----Generated at Mon Nov 25 13:01:51 2024 by rpki-client on console-fra.rpki-client.org