$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/9AF7BD047F3C54F9CE5826DC9196C2A32E4A7C5F.cer File: 9AF7BD047F3C54F9CE5826DC9196C2A32E4A7C5F.cer (raw, json) Hash identifier: /XuVyuchdyqlQdX7gmHuiQuK+20WZkRNPs8Hr1OE1tg= Subject key identifier: 9A:F7:BD:04:7F:3C:54:F9:CE:58:26:DC:91:96:C2:A3:2E:4A:7C:5F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 522A03AF7DC8C8EEF43FA561007BA6CAF9D4364C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/357fb17e-9d58-4d51-846e-0a84c8699142/0/9AF7BD047F3C54F9CE5826DC9196C2A32E4A7C5F.mft caRepository: rsync://repo-rpki.idnic.net/repo/357fb17e-9d58-4d51-846e-0a84c8699142/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 25 Oct 2023 11:44:43 +0000 Certificate not after: Wed 23 Oct 2024 11:49:43 +0000 Subordinate resources: IP: 103.255.98.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 10:29:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:2a:03:af:7d:c8:c8:ee:f4:3f:a5:61:00:7b:a6:ca:f9:d4:36:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Oct 25 11:44:43 2023 GMT Not After : Oct 23 11:49:43 2024 GMT Subject: CN=9AF7BD047F3C54F9CE5826DC9196C2A32E4A7C5F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:cb:43:49:e4:64:76:0e:1f:f2:14:6e:60:83: 87:9d:27:c0:aa:f2:02:44:e3:2b:49:f0:75:13:cf: 38:8a:c6:33:09:b3:6b:c2:ee:94:da:37:f2:8a:71: 89:cf:e1:d5:07:57:72:f4:41:0d:f6:b2:03:20:29: 35:53:17:6d:57:8f:f8:e2:2e:ce:21:71:c1:1e:d4: 5a:93:68:7a:e8:9e:5e:62:10:1f:d7:e5:b4:ab:75: 1f:72:f0:39:d8:e8:ed:c0:d8:0c:ec:fa:6d:99:43: 7b:44:e2:ef:00:42:95:0e:6b:e6:20:b7:2d:2e:10: ac:e2:8d:8b:d9:f4:aa:b6:ba:7c:1a:de:f1:1c:52: e1:aa:ce:fe:99:c1:e9:64:17:bc:a2:72:1c:70:3e: f2:37:ea:d8:de:5f:fe:29:15:c2:fd:03:3e:9e:23: 58:67:f6:4d:c3:1d:30:f3:e3:6d:cf:37:17:76:93: 26:00:80:7c:e6:71:97:83:a9:87:68:39:bd:e0:85: 66:d7:d4:80:b9:c7:eb:e6:5c:80:56:50:43:c8:ca: 2d:c6:da:95:71:3c:54:af:79:6b:67:3d:fd:c5:04: 17:08:c3:30:25:4b:4e:73:93:f0:c8:4b:c3:fd:e7: 49:10:a4:2f:95:5c:51:b1:76:5d:0b:c8:ca:e2:4b: c1:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 9A:F7:BD:04:7F:3C:54:F9:CE:58:26:DC:91:96:C2:A3:2E:4A:7C:5F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/357fb17e-9d58-4d51-846e-0a84c8699142/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/357fb17e-9d58-4d51-846e-0a84c8699142/0/9AF7BD047F3C54F9CE5826DC9196C2A32E4A7C5F.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.255.98.0/23 Signature Algorithm: sha256WithRSAEncryption 99:01:af:6b:f9:13:1e:c4:5f:a0:7e:de:88:70:93:34:df:03: 46:58:3a:8f:a4:2b:ac:ca:bf:82:41:b2:7e:7e:f0:fc:c4:45: 4b:42:ed:54:20:50:df:78:eb:34:fe:c9:66:62:93:91:67:a9: 40:87:a0:c2:b5:20:11:1d:59:87:21:c0:3d:14:a2:b6:d2:66: 2e:7c:21:3c:90:f2:8f:35:85:15:8c:ca:2e:f5:70:5b:de:eb: eb:ca:88:89:d4:da:25:fb:54:e5:3f:8c:c8:df:60:1d:ff:12: d8:bb:18:34:77:e7:72:a4:1e:e8:e9:73:d1:08:bb:ff:df:bb: f0:99:10:c3:34:97:c7:24:a2:ba:f5:13:9b:65:20:75:cf:c9: 25:0a:0e:fb:2b:7a:54:ae:7f:dc:0a:72:d0:fc:e6:ce:36:8d: 1c:bd:b0:61:16:a5:0f:4e:7f:9b:91:68:4e:3b:74:9f:00:a9: df:d8:34:70:50:f2:4d:5c:e1:7f:b9:8c:78:ca:18:99:70:4f: 7a:3d:9f:2b:41:05:5c:9d:da:a9:44:f7:44:f7:5a:16:6e:e1: 75:66:7f:2f:51:3f:fa:d6:a9:e3:98:0e:31:ce:fe:7a:d9:86: cd:64:50:1d:57:66:cb:b7:2b:db:4d:27:12:aa:5b:6a:ca:10: fd:02:5a:60 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUUioDr33IyO70P6VhAHumyvnUNkwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTAyNTExNDQ0M1oX DTI0MTAyMzExNDk0M1owMzExMC8GA1UEAxMoOUFGN0JEMDQ3RjNDNTRGOUNFNTgy NkRDOTE5NkMyQTMyRTRBN0M1RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMHLQ0nkZHYOH/IUbmCDh50nwKryAkTjK0nwdRPPOIrGMwmza8LulNo38opx ic/h1QdXcvRBDfayAyApNVMXbVeP+OIuziFxwR7UWpNoeuieXmIQH9fltKt1H3Lw Odjo7cDYDOz6bZlDe0Ti7wBClQ5r5iC3LS4QrOKNi9n0qra6fBre8RxS4arO/pnB 6WQXvKJyHHA+8jfq2N5f/ikVwv0DPp4jWGf2TcMdMPPjbc83F3aTJgCAfOZxl4Op h2g5veCFZtfUgLnH6+ZcgFZQQ8jKLcbalXE8VK95a2c9/cUEFwjDMCVLTnOT8MhL w/3nSRCkL5VcUbF2XQvIyuJLwZUCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFJr3vQR/PFT5zlgm3JGWwqMuSnxfMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zNTdmYjE3ZS05ZDU4LTRkNTEtODQ2ZS0wYTg0Yzg2OTkxNDIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzM1N2ZiMTdl LTlkNTgtNGQ1MS04NDZlLTBhODRjODY5OTE0Mi8wLzlBRjdCRDA0N0YzQzU0RjlD RTU4MjZEQzkxOTZDMkEzMkU0QTdDNUYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFn/2IwDQYJKoZIhvcNAQELBQADggEBAJkBr2v5Ex7EX6B+3ohwkzTfA0ZYOo+k K6zKv4JBsn5+8PzERUtC7VQgUN946zT+yWZik5FnqUCHoMK1IBEdWYchwD0UorbS Zi58ITyQ8o81hRWMyi71cFve6+vKiInU2iX7VOU/jMjfYB3/Eti7GDR353KkHujp c9EIu//fu/CZEMM0l8ckorr1E5tlIHXPySUKDvsrelSuf9wKctD85s42jRy9sGEW pQ9Of5uRaE47dJ8Aqd/YNHBQ8k1c4X+5jHjKGJlwT3o9nytBBVyd2qlE90T3WhZu 4XVmfy9RP/rWqeOYDjHO/nrZhs1kUB1XZsu3K9tNJxKqW2rKEP0CWmA= -----END CERTIFICATE-----Generated at Wed May 8 04:37:54 2024 by rpki-client on console-fra.rpki-client.org