$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/A8104CA9AA31459E18BB7A597857DDA711E3E7FA.cer File: A8104CA9AA31459E18BB7A597857DDA711E3E7FA.cer (raw, json) Hash identifier: 4kZ5wyZMRd4RzWHG6uT+9RMve+vUPjvPDHs31JQFsHE= Subject key identifier: A8:10:4C:A9:AA:31:45:9E:18:BB:7A:59:78:57:DD:A7:11:E3:E7:FA Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4F3E14E498A7B144D1B80D25A5B0D6B2E76B0F80 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/9e47847c-bc2c-40da-b2aa-915951428aad/0/A8104CA9AA31459E18BB7A597857DDA711E3E7FA.mft caRepository: rsync://repo-rpki.idnic.net/repo/9e47847c-bc2c-40da-b2aa-915951428aad/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 26 Jun 2023 10:12:49 +0000 Certificate not after: Mon 24 Jun 2024 10:17:49 +0000 Subordinate resources: IP: 103.191.216.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:3e:14:e4:98:a7:b1:44:d1:b8:0d:25:a5:b0:d6:b2:e7:6b:0f:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jun 26 10:12:49 2023 GMT Not After : Jun 24 10:17:49 2024 GMT Subject: CN=A8104CA9AA31459E18BB7A597857DDA711E3E7FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b6:5d:b3:e8:10:7e:19:38:58:4b:85:2c:e2: 6a:11:76:4e:38:8d:6e:f2:ba:10:ed:36:b2:34:38: 61:e1:2b:b9:fb:29:2e:c3:7a:be:0b:4c:93:0b:56: 64:19:5a:e6:09:bd:7a:82:ad:12:c6:44:8f:c4:82: 54:83:4e:2d:9a:12:fa:5b:1c:80:71:8b:a7:fb:ec: f6:26:8c:34:04:ab:90:87:3d:1a:e5:c9:6d:1f:d4: 74:c5:54:6d:08:63:9e:57:87:d5:55:47:5f:7c:c7: 45:46:38:29:11:f8:e0:14:fd:08:96:ed:9f:e4:ed: 0b:ef:82:78:cb:61:59:12:37:e1:6f:24:09:8b:20: f7:a1:21:3d:f4:5b:b0:e8:33:f7:27:c3:2c:6a:e4: 7b:e0:be:c1:66:96:7f:f4:98:5b:48:7e:22:2e:f2: 74:33:84:53:63:f3:b7:77:c7:cf:73:eb:b5:32:8e: 01:ba:8e:7c:fe:7c:2d:41:71:46:92:48:ca:97:c6: 35:b6:ef:cc:03:7a:a2:7c:50:e0:72:cd:10:24:c1: 4f:69:9d:97:aa:fe:d6:b4:28:66:70:5e:d1:15:05: d0:97:20:ea:69:53:fc:ed:71:dc:9c:be:41:0c:ab: 39:59:7b:cf:98:46:dd:73:88:c6:d3:b6:2e:29:15: be:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: A8:10:4C:A9:AA:31:45:9E:18:BB:7A:59:78:57:DD:A7:11:E3:E7:FA X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/9e47847c-bc2c-40da-b2aa-915951428aad/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/9e47847c-bc2c-40da-b2aa-915951428aad/0/A8104CA9AA31459E18BB7A597857DDA711E3E7FA.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.191.216.0/23 Signature Algorithm: sha256WithRSAEncryption 87:69:d2:0f:b3:6f:d2:11:e5:ce:51:2c:77:5e:d7:03:f6:e7: 68:86:c9:07:88:54:12:fb:4d:ba:f1:fb:53:99:2b:f7:ad:f1: 38:59:ed:2d:5c:57:b8:be:09:8a:da:56:86:cf:da:86:6e:9d: 8e:72:38:c4:64:26:c5:9a:bd:19:2a:bb:e0:5d:30:ca:f2:78: 39:ed:82:fe:b7:93:62:8f:b4:10:c5:0b:be:06:41:28:51:b6: 93:a1:f7:b6:39:a3:df:c6:24:76:db:8c:77:24:5c:a5:01:d8: 15:bf:44:0f:80:a3:c3:f4:66:3c:b5:f3:eb:de:7b:ab:06:f6: c1:0f:27:70:f1:7d:b8:09:70:d7:75:f2:fc:fc:a5:b1:58:7a: 56:5c:a1:ed:5d:58:f5:b5:ef:4d:10:ae:4f:f5:6a:fa:45:11: 1d:10:12:cc:a3:f7:e0:74:18:af:6b:d6:db:d4:a0:2c:93:91: 7c:6f:25:64:46:a7:80:50:b8:c9:59:5b:49:67:83:cc:08:50: db:3a:cf:c8:28:94:0a:98:dc:7d:9a:ad:23:1a:45:46:6e:3b: 30:4f:ce:10:b0:4d:78:e4:f6:21:f1:4f:ea:f4:14:b6:7f:74: 15:15:ba:b6:43:18:ad:3e:7a:09:74:20:46:db:f1:00:2b:8c: 7a:6a:2e:b5 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUTz4U5JinsUTRuA0lpbDWsudrD4AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDYyNjEwMTI0OVoX DTI0MDYyNDEwMTc0OVowMzExMC8GA1UEAxMoQTgxMDRDQTlBQTMxNDU5RTE4QkI3 QTU5Nzg1N0REQTcxMUUzRTdGQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAK62XbPoEH4ZOFhLhSziahF2TjiNbvK6EO02sjQ4YeErufspLsN6vgtMkwtW ZBla5gm9eoKtEsZEj8SCVINOLZoS+lscgHGLp/vs9iaMNASrkIc9GuXJbR/UdMVU bQhjnleH1VVHX3zHRUY4KRH44BT9CJbtn+TtC++CeMthWRI34W8kCYsg96EhPfRb sOgz9yfDLGrke+C+wWaWf/SYW0h+Ii7ydDOEU2Pzt3fHz3PrtTKOAbqOfP58LUFx RpJIypfGNbbvzAN6onxQ4HLNECTBT2mdl6r+1rQoZnBe0RUF0Jcg6mlT/O1x3Jy+ QQyrOVl7z5hG3XOIxtO2LikVvo0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFKgQTKmqMUWeGLt6WXhX3acR4+f6MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by85ZTQ3ODQ3Yy1iYzJjLTQwZGEtYjJhYS05MTU5NTE0MjhhYWQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzllNDc4NDdj LWJjMmMtNDBkYS1iMmFhLTkxNTk1MTQyOGFhZC8wL0E4MTA0Q0E5QUEzMTQ1OUUx OEJCN0E1OTc4NTdEREE3MTFFM0U3RkEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnv9gwDQYJKoZIhvcNAQELBQADggEBAIdp0g+zb9IR5c5RLHde1wP252iGyQeI VBL7Tbrx+1OZK/et8ThZ7S1cV7i+CYraVobP2oZunY5yOMRkJsWavRkqu+BdMMry eDntgv63k2KPtBDFC74GQShRtpOh97Y5o9/GJHbbjHckXKUB2BW/RA+Ao8P0Zjy1 8+vee6sG9sEPJ3DxfbgJcNd18vz8pbFYelZcoe1dWPW1700Qrk/1avpFER0QEsyj 9+B0GK9r1tvUoCyTkXxvJWRGp4BQuMlZW0lng8wIUNs6z8golAqY3H2arSMaRUZu OzBPzhCwTXjk9iHxT+r0FLZ/dBUVurZDGK0+egl0IEbb8QArjHpqLrU= -----END CERTIFICATE-----Generated at Wed May 8 09:50:35 2024 by rpki-client on console-fra.rpki-client.org