$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/9AF7BD047F3C54F9CE5826DC9196C2A32E4A7C5F.cer File: 9AF7BD047F3C54F9CE5826DC9196C2A32E4A7C5F.cer (raw, json) Hash identifier: YzurC7v4vAEUQVjJ4dxqoKEXJnaZje0f5nZxsDZG4EM= Subject key identifier: 9A:F7:BD:04:7F:3C:54:F9:CE:58:26:DC:91:96:C2:A3:2E:4A:7C:5F Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5CC9456884B7EC96E14B18961B1147C94DD34E95 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/357fb17e-9d58-4d51-846e-0a84c8699142/0/9AF7BD047F3C54F9CE5826DC9196C2A32E4A7C5F.mft caRepository: rsync://repo-rpki.idnic.net/repo/357fb17e-9d58-4d51-846e-0a84c8699142/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 25 Sep 2024 15:09:37 +0000 Certificate not after: Wed 24 Sep 2025 15:14:37 +0000 Subordinate resources: IP: 103.255.98.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:c9:45:68:84:b7:ec:96:e1:4b:18:96:1b:11:47:c9:4d:d3:4e:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 25 15:09:37 2024 GMT Not After : Sep 24 15:14:37 2025 GMT Subject: CN=9AF7BD047F3C54F9CE5826DC9196C2A32E4A7C5F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:cb:43:49:e4:64:76:0e:1f:f2:14:6e:60:83: 87:9d:27:c0:aa:f2:02:44:e3:2b:49:f0:75:13:cf: 38:8a:c6:33:09:b3:6b:c2:ee:94:da:37:f2:8a:71: 89:cf:e1:d5:07:57:72:f4:41:0d:f6:b2:03:20:29: 35:53:17:6d:57:8f:f8:e2:2e:ce:21:71:c1:1e:d4: 5a:93:68:7a:e8:9e:5e:62:10:1f:d7:e5:b4:ab:75: 1f:72:f0:39:d8:e8:ed:c0:d8:0c:ec:fa:6d:99:43: 7b:44:e2:ef:00:42:95:0e:6b:e6:20:b7:2d:2e:10: ac:e2:8d:8b:d9:f4:aa:b6:ba:7c:1a:de:f1:1c:52: e1:aa:ce:fe:99:c1:e9:64:17:bc:a2:72:1c:70:3e: f2:37:ea:d8:de:5f:fe:29:15:c2:fd:03:3e:9e:23: 58:67:f6:4d:c3:1d:30:f3:e3:6d:cf:37:17:76:93: 26:00:80:7c:e6:71:97:83:a9:87:68:39:bd:e0:85: 66:d7:d4:80:b9:c7:eb:e6:5c:80:56:50:43:c8:ca: 2d:c6:da:95:71:3c:54:af:79:6b:67:3d:fd:c5:04: 17:08:c3:30:25:4b:4e:73:93:f0:c8:4b:c3:fd:e7: 49:10:a4:2f:95:5c:51:b1:76:5d:0b:c8:ca:e2:4b: c1:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 9A:F7:BD:04:7F:3C:54:F9:CE:58:26:DC:91:96:C2:A3:2E:4A:7C:5F X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/357fb17e-9d58-4d51-846e-0a84c8699142/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/357fb17e-9d58-4d51-846e-0a84c8699142/0/9AF7BD047F3C54F9CE5826DC9196C2A32E4A7C5F.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.255.98.0/23 Signature Algorithm: sha256WithRSAEncryption 20:ea:0e:aa:61:0f:77:44:43:41:a9:36:be:cf:e1:11:42:e3: 47:01:fb:94:97:fe:c6:ba:15:17:ff:af:3f:59:a8:17:70:81: 03:8c:66:da:f2:c2:60:e3:c8:f4:08:38:14:fd:80:08:c8:2d: e6:64:2e:c7:b5:dd:a7:da:6a:c6:f2:45:bf:d4:6f:fa:45:4a: 84:82:a0:90:4a:12:65:09:08:39:4f:54:11:02:1f:77:f5:40: 4e:ef:b2:1a:27:78:c8:9c:48:21:63:a3:ad:e9:7e:ae:eb:c6: ab:32:ed:5d:88:f0:1d:fc:5e:4b:4d:db:e9:bb:98:02:e5:d5: 91:c3:0b:00:62:55:51:a6:2b:21:1c:50:36:ce:be:99:2e:24: fb:59:47:a8:c6:c7:7e:5d:76:9d:6d:a9:c4:ff:6e:1e:e1:64: c0:ec:40:23:00:70:f3:41:05:5b:bc:e4:c1:2e:1c:c2:54:a5: 5d:99:db:b0:a0:5d:ff:9e:06:e8:fb:f1:ca:25:10:08:e2:69: 98:c3:89:98:19:15:4b:1b:81:20:a2:89:9e:6c:b1:3a:52:8e: f4:f5:9e:16:70:0c:93:ae:41:76:ea:bc:b7:42:f6:43:c4:b7: b6:3b:39:24:71:2f:b0:2e:99:e0:d0:cb:b5:69:44:ec:c5:31: 58:3b:10:ef -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUXMlFaIS37JbhSxiWGxFHyU3TTpUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDkyNTE1MDkzN1oX DTI1MDkyNDE1MTQzN1owMzExMC8GA1UEAxMoOUFGN0JEMDQ3RjNDNTRGOUNFNTgy NkRDOTE5NkMyQTMyRTRBN0M1RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMHLQ0nkZHYOH/IUbmCDh50nwKryAkTjK0nwdRPPOIrGMwmza8LulNo38opx ic/h1QdXcvRBDfayAyApNVMXbVeP+OIuziFxwR7UWpNoeuieXmIQH9fltKt1H3Lw Odjo7cDYDOz6bZlDe0Ti7wBClQ5r5iC3LS4QrOKNi9n0qra6fBre8RxS4arO/pnB 6WQXvKJyHHA+8jfq2N5f/ikVwv0DPp4jWGf2TcMdMPPjbc83F3aTJgCAfOZxl4Op h2g5veCFZtfUgLnH6+ZcgFZQQ8jKLcbalXE8VK95a2c9/cUEFwjDMCVLTnOT8MhL w/3nSRCkL5VcUbF2XQvIyuJLwZUCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFJr3vQR/PFT5zlgm3JGWwqMuSnxfMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zNTdmYjE3ZS05ZDU4LTRkNTEtODQ2ZS0wYTg0Yzg2OTkxNDIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzM1N2ZiMTdl LTlkNTgtNGQ1MS04NDZlLTBhODRjODY5OTE0Mi8wLzlBRjdCRDA0N0YzQzU0RjlD RTU4MjZEQzkxOTZDMkEzMkU0QTdDNUYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFn/2IwDQYJKoZIhvcNAQELBQADggEBACDqDqphD3dEQ0GpNr7P4RFC40cB+5SX /sa6FRf/rz9ZqBdwgQOMZtrywmDjyPQIOBT9gAjILeZkLse13afaasbyRb/Ub/pF SoSCoJBKEmUJCDlPVBECH3f1QE7vshoneMicSCFjo63pfq7rxqsy7V2I8B38XktN 2+m7mALl1ZHDCwBiVVGmKyEcUDbOvpkuJPtZR6jGx35ddp1tqcT/bh7hZMDsQCMA cPNBBVu85MEuHMJUpV2Z27CgXf+eBuj78colEAjiaZjDiZgZFUsbgSCiiZ5ssTpS jvT1nhZwDJOuQXbqvLdC9kPEt7Y7OSRxL7AumeDQy7VpROzFMVg7EO8= -----END CERTIFICATE-----Generated at Mon Nov 25 13:14:24 2024 by rpki-client on console-ams.rpki-client.org