$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/917A9D24BF1EAD6FA4A1F8FD81D53137EF52E784.cer File: 917A9D24BF1EAD6FA4A1F8FD81D53137EF52E784.cer (raw, json) Hash identifier: +e7OSmtLuC+d9TZLVsalwZK+1hokI5hVPjGWZK/j2xs= Subject key identifier: 91:7A:9D:24:BF:1E:AD:6F:A4:A1:F8:FD:81:D5:31:37:EF:52:E7:84 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4B9D7C072A97A7387DC5315309603EA2817E41A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/1bdff819-2bad-483d-9fa8-b6ebc484031a/0/917A9D24BF1EAD6FA4A1F8FD81D53137EF52E784.mft caRepository: rsync://repo-rpki.idnic.net/repo/1bdff819-2bad-483d-9fa8-b6ebc484031a/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 05 Dec 2024 05:18:07 +0000 Certificate not after: Thu 04 Dec 2025 05:23:07 +0000 Subordinate resources: IP: 103.164.12.0/23 IP: 2400:4be0::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Apr 2025 17:17:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:9d:7c:07:2a:97:a7:38:7d:c5:31:53:09:60:3e:a2:81:7e:41:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Dec 5 05:18:07 2024 GMT Not After : Dec 4 05:23:07 2025 GMT Subject: CN=917A9D24BF1EAD6FA4A1F8FD81D53137EF52E784 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:2f:9c:ee:f9:04:0a:ed:3a:94:7a:c5:9d:e1: 28:e7:64:a6:96:95:24:c0:44:bf:6c:b1:6f:6b:3e: 03:0d:84:a3:d6:30:e5:7a:08:fa:4c:d8:4c:72:a5: 1c:ba:5b:26:5e:38:e6:3b:cb:93:14:d9:8c:be:60: bf:b3:de:82:a7:d1:6c:cd:ee:74:0d:79:c9:be:4d: 9f:00:c3:77:13:62:5a:54:b8:53:46:0d:bb:c7:a4: 98:53:29:2d:11:b5:7e:01:fe:fd:2b:75:07:01:86: c1:00:55:df:a9:4c:3b:17:fb:a1:2f:56:01:9d:8b: fc:7b:7d:d3:6e:74:20:da:27:d7:a7:bd:61:2e:4d: d9:68:bc:7f:54:33:a5:76:2a:9f:6a:19:20:c7:a3: 35:5d:45:81:f4:44:21:f5:97:93:c1:d8:99:26:02: 72:57:30:5c:b0:08:b3:03:f8:c6:f5:07:98:04:b6: 00:2d:43:27:5c:92:94:70:4b:6a:9c:78:e6:1a:d0: b3:0f:cf:d0:dc:a5:4b:c5:5f:d9:6a:34:5a:2f:d7: db:54:3d:00:5c:35:5d:92:1b:ce:7e:29:ae:93:88: 27:ae:a2:16:41:76:20:a5:d6:11:c1:19:4b:6e:b9: ff:1b:61:28:13:5b:00:59:27:a9:83:89:06:87:0d: 4b:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 91:7A:9D:24:BF:1E:AD:6F:A4:A1:F8:FD:81:D5:31:37:EF:52:E7:84 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/1bdff819-2bad-483d-9fa8-b6ebc484031a/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/1bdff819-2bad-483d-9fa8-b6ebc484031a/0/917A9D24BF1EAD6FA4A1F8FD81D53137EF52E784.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.164.12.0/23 IPv6: 2400:4be0::/32 Signature Algorithm: sha256WithRSAEncryption 0e:cb:b6:bd:69:a1:87:d1:cc:59:bd:cf:68:df:42:4d:60:45: 7a:d8:fe:e5:ed:ef:62:fa:3c:74:1c:ae:e6:cf:f2:7e:06:50: d1:61:61:84:c3:b1:33:bb:d9:dd:9c:f3:03:ab:ae:db:97:72: 7a:26:ac:c2:67:72:d6:f3:ba:48:ed:fd:1b:3a:4c:b2:cd:43: 31:c5:0e:81:49:8f:c0:22:22:9d:7d:65:33:29:8a:c3:2c:c1: d4:fd:17:88:c9:de:f1:5c:d4:7e:ed:80:ec:54:2c:d6:1a:1b: 9a:c9:77:9f:52:82:6a:3e:9a:26:3f:45:60:04:f8:1f:e1:8a: d7:6c:0c:41:e5:6b:31:a0:ff:30:c7:b1:a7:cb:60:a1:47:26: 43:4a:7b:76:0d:f7:80:9e:1e:f7:27:30:9c:0c:c4:81:b2:f2: f8:ce:d9:9b:1b:d2:36:bf:be:ae:3b:85:e4:bd:1a:8b:d1:b4: 48:63:e2:bd:d2:8f:c7:94:3b:0f:4b:9e:77:45:37:9f:94:97: 8c:53:7d:5d:37:0b:c4:72:61:db:fa:11:f6:c7:ee:d3:55:fc: 26:cb:74:cc:57:eb:aa:93:d3:0d:e0:9f:18:5c:41:ca:eb:d0: 40:22:69:c9:0e:10:e7:45:5f:97:ec:3d:ce:0e:3c:40:c5:ea: 95:e3:d5:ed -----BEGIN CERTIFICATE----- MIIF1DCCBLygAwIBAgIUS518ByqXpzh9xTFTCWA+ooF+QaIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIwNTA1MTgwN1oX DTI1MTIwNDA1MjMwN1owMzExMC8GA1UEAxMoOTE3QTlEMjRCRjFFQUQ2RkE0QTFG OEZEODFENTMxMzdFRjUyRTc4NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALcvnO75BArtOpR6xZ3hKOdkppaVJMBEv2yxb2s+Aw2Eo9Yw5XoI+kzYTHKl HLpbJl445jvLkxTZjL5gv7PegqfRbM3udA15yb5NnwDDdxNiWlS4U0YNu8ekmFMp LRG1fgH+/St1BwGGwQBV36lMOxf7oS9WAZ2L/Ht90250INon16e9YS5N2Wi8f1Qz pXYqn2oZIMejNV1FgfREIfWXk8HYmSYCclcwXLAIswP4xvUHmAS2AC1DJ1ySlHBL apx45hrQsw/P0NylS8Vf2Wo0Wi/X21Q9AFw1XZIbzn4prpOIJ66iFkF2IKXWEcEZ S265/xthKBNbAFknqYOJBocNSx8CAwEAAaOCAscwggLDMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFJF6nSS/Hq1vpKH4/YHVMTfvUueEMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8xYmRmZjgxOS0yYmFkLTQ4M2QtOWZhOC1iNmViYzQ4NDAzMWEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFiZGZmODE5 LTJiYWQtNDgzZC05ZmE4LWI2ZWJjNDg0MDMxYS8wLzkxN0E5RDI0QkYxRUFENkZB NEExRjhGRDgxRDUzMTM3RUY1MkU3ODQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYD BAFnpAwwDQQCAAIwBwMFACQAS+AwDQYJKoZIhvcNAQELBQADggEBAA7Ltr1poYfR zFm9z2jfQk1gRXrY/uXt72L6PHQcrubP8n4GUNFhYYTDsTO72d2c8wOrrtuXcnom rMJnctbzukjt/Rs6TLLNQzHFDoFJj8AiIp19ZTMpisMswdT9F4jJ3vFc1H7tgOxU LNYaG5rJd59Sgmo+miY/RWAE+B/hitdsDEHlazGg/zDHsafLYKFHJkNKe3YN94Ce HvcnMJwMxIGy8vjO2Zsb0ja/vq47heS9GovRtEhj4r3Sj8eUOw9LnndFN5+Ul4xT fV03C8RyYdv6EfbH7tNV/CbLdMxX66qT0w3gnxhcQcrr0EAiackOEOdFX5fsPc4O PEDF6pXj1e0= -----END CERTIFICATE-----Generated at Sat Apr 5 10:18:02 2025 by rpki-client