$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/9BF72C8BB7CA359BE46741ABCE4EB69F056DF094.cer File: 9BF72C8BB7CA359BE46741ABCE4EB69F056DF094.cer (raw, json) Hash identifier: u53ncn9+DfBGl4qHvpwd0A5YItNM6vyFboLy/M6WV98= Subject key identifier: 9B:F7:2C:8B:B7:CA:35:9B:E4:67:41:AB:CE:4E:B6:9F:05:6D:F0:94 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3CBDF11F101DCDBC3D6B09881C4FD4D3FED01E6F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/21db6c9b-d8fc-4d8c-80cb-fd2241208dde/0/9BF72C8BB7CA359BE46741ABCE4EB69F056DF094.mft caRepository: rsync://repo-rpki.idnic.net/repo/21db6c9b-d8fc-4d8c-80cb-fd2241208dde/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 17 Jul 2024 15:07:43 +0000 Certificate not after: Wed 16 Jul 2025 15:12:43 +0000 Subordinate resources: IP: 103.172.170.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:bd:f1:1f:10:1d:cd:bc:3d:6b:09:88:1c:4f:d4:d3:fe:d0:1e:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 17 15:07:43 2024 GMT Not After : Jul 16 15:12:43 2025 GMT Subject: CN=9BF72C8BB7CA359BE46741ABCE4EB69F056DF094 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:bb:f9:15:3d:28:2e:56:82:7c:f5:18:4b:80: d5:14:8a:d0:a0:e2:87:3a:c5:e5:3b:65:18:97:81: 5e:3f:1c:0e:a3:ea:34:b9:2f:3f:22:eb:c4:9d:de: 1a:b6:8e:be:d0:b3:08:d9:10:9a:50:ea:15:cd:b2: e2:db:74:12:0b:45:29:0f:df:ad:c6:6a:cb:e1:5e: 63:a1:f8:56:56:44:60:3b:89:f5:c8:8d:08:8f:91: ba:65:1b:a6:52:35:5c:37:d9:d4:a1:57:58:3d:5e: 1c:f2:b2:1c:c2:4e:57:08:f0:06:30:2a:ba:33:f3: 5a:79:57:ee:65:79:69:fd:c8:f7:f8:ab:92:a2:d5: db:a0:7c:fc:d4:2b:1e:10:72:41:0a:e1:4d:f0:54: 23:4b:2e:db:73:8c:7b:c2:fa:1d:87:3a:b2:d4:ff: 4c:7e:3b:99:0b:65:de:c0:1a:f9:c0:86:85:08:58: 13:22:12:e8:a5:5a:b8:24:cd:8c:15:b5:ea:de:96: 5d:48:b9:49:02:94:ca:98:c2:62:91:85:71:59:31: c9:9f:d5:05:10:8a:2c:bd:98:ea:ca:f4:a5:00:ec: c6:f5:be:0a:30:b0:1e:a7:33:92:20:86:bb:2f:ba: 8c:ba:90:f4:2e:12:59:f1:5d:17:ff:cf:ca:11:f9: c2:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 9B:F7:2C:8B:B7:CA:35:9B:E4:67:41:AB:CE:4E:B6:9F:05:6D:F0:94 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/21db6c9b-d8fc-4d8c-80cb-fd2241208dde/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/21db6c9b-d8fc-4d8c-80cb-fd2241208dde/0/9BF72C8BB7CA359BE46741ABCE4EB69F056DF094.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.172.170.0/23 Signature Algorithm: sha256WithRSAEncryption 9c:da:43:21:bd:38:e5:7d:a5:2e:1d:1b:2b:24:7a:5b:f3:0f: 92:16:25:aa:8b:3d:a6:7d:7a:6e:34:7e:5a:a4:98:46:99:01: 1d:5b:1e:d2:3c:28:84:f3:dc:a6:21:14:50:31:71:d8:cd:9f: 6f:4e:0c:9c:f0:f3:09:66:62:ed:e6:71:bf:50:c0:d3:5f:80: da:ee:70:d9:94:51:ce:7e:9e:18:f8:29:e3:17:98:85:a6:37: ea:0f:61:8b:8c:62:dc:91:3e:7d:cc:d2:1c:5e:58:c3:45:8c: 77:ec:5e:f2:b1:5f:5b:a1:85:3c:92:4b:7d:44:c7:39:24:60: 69:0a:59:6a:07:a2:f2:a2:40:34:87:5a:32:e2:fe:ab:c8:18: 32:0b:97:f3:07:31:a2:02:d5:22:02:df:98:51:85:53:0a:9a: 22:39:98:26:92:33:11:76:02:bf:fa:1c:fe:bc:86:5a:44:0e: dd:71:76:1b:cc:5d:b0:61:89:b0:24:f6:f8:32:31:4e:84:56: b5:08:88:e9:e8:47:33:8c:a1:9a:60:aa:c7:68:6e:3a:15:8d: 52:b0:3c:86:4a:63:88:88:38:4a:c7:95:f2:d9:07:a6:5d:aa: 58:b9:4b:a1:a6:5f:e4:0e:1b:08:54:93:d3:19:86:20:e9:8b: 2e:f8:89:12 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUPL3xHxAdzbw9awmIHE/U0/7QHm8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDcxNzE1MDc0M1oX DTI1MDcxNjE1MTI0M1owMzExMC8GA1UEAxMoOUJGNzJDOEJCN0NBMzU5QkU0Njc0 MUFCQ0U0RUI2OUYwNTZERjA5NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAL+7+RU9KC5Wgnz1GEuA1RSK0KDihzrF5TtlGJeBXj8cDqPqNLkvPyLrxJ3e GraOvtCzCNkQmlDqFc2y4tt0EgtFKQ/frcZqy+FeY6H4VlZEYDuJ9ciNCI+RumUb plI1XDfZ1KFXWD1eHPKyHMJOVwjwBjAqujPzWnlX7mV5af3I9/irkqLV26B8/NQr HhByQQrhTfBUI0su23OMe8L6HYc6stT/TH47mQtl3sAa+cCGhQhYEyIS6KVauCTN jBW16t6WXUi5SQKUypjCYpGFcVkxyZ/VBRCKLL2Y6sr0pQDsxvW+CjCwHqczkiCG uy+6jLqQ9C4SWfFdF//PyhH5wmMCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFJv3LIu3yjWb5GdBq85Otp8FbfCUMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8yMWRiNmM5Yi1kOGZjLTRkOGMtODBjYi1mZDIyNDEyMDhkZGUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIxZGI2Yzli LWQ4ZmMtNGQ4Yy04MGNiLWZkMjI0MTIwOGRkZS8wLzlCRjcyQzhCQjdDQTM1OUJF NDY3NDFBQkNFNEVCNjlGMDU2REYwOTQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnrKowDQYJKoZIhvcNAQELBQADggEBAJzaQyG9OOV9pS4dGyskelvzD5IWJaqL PaZ9em40flqkmEaZAR1bHtI8KITz3KYhFFAxcdjNn29ODJzw8wlmYu3mcb9QwNNf gNrucNmUUc5+nhj4KeMXmIWmN+oPYYuMYtyRPn3M0hxeWMNFjHfsXvKxX1uhhTyS S31ExzkkYGkKWWoHovKiQDSHWjLi/qvIGDILl/MHMaIC1SIC35hRhVMKmiI5mCaS MxF2Ar/6HP68hlpEDt1xdhvMXbBhibAk9vgyMU6EVrUIiOnoRzOMoZpgqsdobjoV jVKwPIZKY4iIOErHlfLZB6Zdqli5S6GmX+QOGwhUk9MZhiDpiy74iRI= -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:45 2024 by rpki-client on console-ams.rpki-client.org