$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.cer File: AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.cer (raw, json) Hash identifier: 91QOeBe02/RkeC2/tMyDMJ/3yQCOUl+XFbv4lfbPYRM= Subject key identifier: AF:4B:58:D4:B1:65:30:B9:F6:91:9D:BF:4F:53:DC:3A:E4:D5:FD:E6 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 44F1D9A496D67B0F1562BBFE8769A9104BA7B9ED Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.mft caRepository: rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 02 Jul 2024 02:32:27 +0000 Certificate not after: Tue 01 Jul 2025 02:37:27 +0000 Subordinate resources: IP: 43.240.228.0/22 IP: 103.10.120.0/22 IP: 103.11.28.0/22 IP: 116.68.160.0/22 IP: 116.68.167.0 -- 116.68.169.255 IP: 2404:fd00::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:f1:d9:a4:96:d6:7b:0f:15:62:bb:fe:87:69:a9:10:4b:a7:b9:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 2 02:32:27 2024 GMT Not After : Jul 1 02:37:27 2025 GMT Subject: CN=AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ed:9e:15:20:0e:b1:cc:7a:e7:7f:26:c7:a1: 12:7d:2a:c0:6c:33:f9:42:00:f9:ea:98:ed:05:07: c5:b2:ea:08:0d:92:ae:f5:df:31:89:29:d1:07:4c: 96:7a:dd:23:5b:a0:32:33:9f:68:be:7f:46:a1:65: 6f:14:87:50:f0:30:52:57:77:b8:34:fc:ff:8a:05: 3e:60:91:e2:9b:c9:4c:34:43:2b:69:47:a0:7a:75: 4f:ef:0c:ca:4d:26:2e:f4:9e:86:97:b8:20:a7:b1: 53:2f:53:ef:fc:8d:79:3e:d3:e3:96:85:33:62:0c: 28:00:83:a4:3e:2b:bc:99:a6:4d:83:b3:c0:7f:b2: 4a:8d:bc:7b:f5:8d:bf:3f:49:2a:51:da:3a:f4:52: 00:fa:14:78:29:12:46:1c:6c:25:0b:0a:a0:55:5b: dc:b3:63:f8:12:d7:3f:53:f5:df:84:ee:4c:f7:06: 61:8a:e4:25:b8:14:68:8c:03:37:fa:06:18:1b:e7: f2:a3:d3:27:36:e4:ae:00:37:b6:eb:ba:83:ea:7e: 42:de:38:ce:84:22:dd:63:7d:77:f7:f2:19:b6:1d: 1f:f2:8f:9f:80:52:fc:8f:82:26:e0:73:e0:e1:8b: 7c:e6:5a:ef:9a:37:3b:ff:94:8e:0b:90:86:89:b9: 40:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AF:4B:58:D4:B1:65:30:B9:F6:91:9D:BF:4F:53:DC:3A:E4:D5:FD:E6 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/5d227dbe-4a1c-40b0-94a6-793bdbda3777/0/AF4B58D4B16530B9F6919DBF4F53DC3AE4D5FDE6.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.240.228.0/22 103.10.120.0/22 103.11.28.0/22 116.68.160.0/22 116.68.167.0-116.68.169.255 IPv6: 2404:fd00::/32 Signature Algorithm: sha256WithRSAEncryption 1b:d1:f8:a9:63:c7:a5:59:d8:c5:3d:b1:91:1f:a9:ea:01:19: 02:4c:8a:2a:ae:c9:2a:6f:1e:01:04:d0:73:ed:71:77:48:bb: d0:07:ca:ad:f8:5d:46:f4:f3:64:00:aa:29:4b:08:86:eb:52: cf:b2:86:b8:9f:90:59:a9:86:f5:f2:d3:9e:80:7c:e2:07:7d: a9:33:b8:c6:29:c3:e6:77:fa:3e:cc:4b:b3:9f:c8:84:0d:b0: cb:32:6c:66:07:d5:91:ae:6c:91:90:6f:2b:1a:db:25:95:a9: e8:7e:72:9c:dc:39:2d:2f:63:b1:42:89:5f:ab:64:3a:1b:d6: 06:85:9b:88:63:61:f8:66:9a:72:37:ad:90:7a:0d:df:48:64: 71:41:b3:e3:54:42:69:3c:1f:cb:80:17:44:b6:21:33:ae:c4: 84:79:f1:d4:c4:55:73:7c:87:af:07:a0:41:56:40:cf:19:3b: 30:78:85:2c:22:9a:f6:f1:3c:56:cb:84:20:0e:2c:9d:67:a8: e2:19:0d:26:86:08:44:fc:b6:cf:ae:55:5e:03:3b:96:4a:51: 09:c8:af:c7:47:19:5d:bc:cb:47:39:92:f3:fd:8a:22:e7:54: 26:1e:1d:26:27:37:c3:a4:9a:56:0c:0d:c7:f8:50:c3:5e:e8: 10:64:11:2e -----BEGIN CERTIFICATE----- MIIF9DCCBNygAwIBAgIURPHZpJbWew8VYrv+h2mpEEunue0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDcwMjAyMzIyN1oX DTI1MDcwMTAyMzcyN1owMzExMC8GA1UEAxMoQUY0QjU4RDRCMTY1MzBCOUY2OTE5 REJGNEY1M0RDM0FFNEQ1RkRFNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALztnhUgDrHMeud/JsehEn0qwGwz+UIA+eqY7QUHxbLqCA2SrvXfMYkp0QdM lnrdI1ugMjOfaL5/RqFlbxSHUPAwUld3uDT8/4oFPmCR4pvJTDRDK2lHoHp1T+8M yk0mLvSehpe4IKexUy9T7/yNeT7T45aFM2IMKACDpD4rvJmmTYOzwH+ySo28e/WN vz9JKlHaOvRSAPoUeCkSRhxsJQsKoFVb3LNj+BLXP1P134TuTPcGYYrkJbgUaIwD N/oGGBvn8qPTJzbkrgA3tuu6g+p+Qt44zoQi3WN9d/fyGbYdH/KPn4BS/I+CJuBz 4OGLfOZa75o3O/+UjguQhom5QAsCAwEAAaOCAucwggLjMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFK9LWNSxZTC59pGdv09T3Drk1f3mMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by81ZDIyN2RiZS00YTFjLTQwYjAtOTRhNi03OTNiZGJkYTM3NzcvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVkMjI3ZGJl LTRhMWMtNDBiMC05NGE2LTc5M2JkYmRhMzc3Ny8wL0FGNEI1OEQ0QjE2NTMwQjlG NjkxOURCRjRGNTNEQzNBRTRENUZERTYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwTgYIKwYBBQUHAQcBAf8EPzA9MCwEAgABMCYD BAIr8OQDBAJnCngDBAJnCxwDBAJ0RKAwDAMEAHREpwMEAXREqDANBAIAAjAHAwUA JAT9ADANBgkqhkiG9w0BAQsFAAOCAQEAG9H4qWPHpVnYxT2xkR+p6gEZAkyKKq7J Km8eAQTQc+1xd0i70AfKrfhdRvTzZACqKUsIhutSz7KGuJ+QWamG9fLTnoB84gd9 qTO4xinD5nf6PsxLs5/IhA2wyzJsZgfVka5skZBvKxrbJZWp6H5ynNw5LS9jsUKJ X6tkOhvWBoWbiGNh+GaacjetkHoN30hkcUGz41RCaTwfy4AXRLYhM67EhHnx1MRV c3yHrwegQVZAzxk7MHiFLCKa9vE8VsuEIA4snWeo4hkNJoYIRPy2z65VXgM7lkpR Ccivx0cZXbzLRzmS8/2KIudUJh4dJic3w6SaVgwNx/hQw17oEGQRLg== -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:23 2024 by rpki-client on console-fra.rpki-client.org