$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.cer File: AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.cer (raw, json) Hash identifier: 1h+pu7wtbzsR7haDsXwfuDW3A2gM/+M4ah2HeH7QbUU= Subject key identifier: AF:5A:2A:D0:C9:E5:CB:1D:9E:F8:5E:6F:8F:44:03:10:F1:00:CE:38 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3A0C38A3E147D54EE89D119FCDED5BFA1075DBB4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/041e4ac9-c06b-4343-8526-3a1f1b1b5d82/0/AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.mft caRepository: rsync://repo-rpki.idnic.net/repo/041e4ac9-c06b-4343-8526-3a1f1b1b5d82/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 27 Apr 2024 19:38:36 +0000 Certificate not after: Sat 26 Apr 2025 19:43:36 +0000 Subordinate resources: IP: 103.169.4.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:0c:38:a3:e1:47:d5:4e:e8:9d:11:9f:cd:ed:5b:fa:10:75:db:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Apr 27 19:38:36 2024 GMT Not After : Apr 26 19:43:36 2025 GMT Subject: CN=AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:0a:fc:f6:c6:51:fc:38:84:cf:50:4a:67:fa: 0c:eb:5e:54:1f:42:26:90:b1:96:bd:66:b8:97:96: 74:14:19:ef:1f:05:8d:1f:e9:e1:eb:68:45:8d:46: 72:ec:19:90:ab:71:1c:79:f5:f3:19:5a:34:0b:b2: c2:47:27:cc:b3:68:22:34:64:62:40:e1:3d:69:8f: ba:90:55:ab:7a:4a:37:08:97:2c:ab:b3:83:31:33: 5e:b7:11:51:8b:14:36:bc:41:9a:49:3d:12:88:2a: 98:77:a7:ac:50:f4:49:eb:65:b6:14:6b:59:34:2c: d3:1d:fc:ce:0a:ac:f0:e0:ca:4e:82:a4:f5:53:27: f9:48:34:87:0e:67:fe:21:c5:e5:de:3b:d8:da:8d: 29:6a:f7:2b:da:9d:f6:98:bd:3d:a7:9d:91:38:ef: 50:20:83:ad:2e:0b:67:d7:c3:ea:03:84:ec:52:da: a6:95:04:2f:6c:45:46:f9:85:a8:5d:f6:5f:56:af: c7:7f:1e:53:06:32:ba:e2:c1:c2:23:46:f8:c7:75: 9d:f2:f1:8f:c3:51:24:80:bf:ac:97:de:be:51:1b: 0b:1c:7e:d5:c4:81:bf:21:ed:2a:4e:33:a9:e8:46: 09:c7:f8:6e:a6:91:ba:75:7b:80:45:c2:98:33:07: dd:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AF:5A:2A:D0:C9:E5:CB:1D:9E:F8:5E:6F:8F:44:03:10:F1:00:CE:38 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/041e4ac9-c06b-4343-8526-3a1f1b1b5d82/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/041e4ac9-c06b-4343-8526-3a1f1b1b5d82/0/AF5A2AD0C9E5CB1D9EF85E6F8F440310F100CE38.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.169.4.0/23 Signature Algorithm: sha256WithRSAEncryption 83:da:76:31:86:0f:05:90:f4:7f:e6:ce:2f:79:60:86:4c:92: 35:0e:9d:60:0d:8e:7c:b2:3f:6f:c6:7c:23:6a:6f:74:21:15: 5b:21:c0:36:55:d6:0e:d6:82:f5:88:a9:61:b5:e7:c4:5c:18: 81:25:39:98:0d:63:6b:63:6c:0d:2e:7e:ab:96:d9:15:a1:ed: e8:18:ad:3e:d9:f2:dc:00:9d:fd:c3:f6:57:12:47:3f:27:d7: e2:58:64:58:74:29:0c:fd:5b:24:af:ce:46:d8:a0:02:c3:27: e2:cf:e6:0b:a8:02:b2:cb:e9:ec:85:d3:79:cd:62:34:5a:01: 68:30:56:cb:d0:e3:8e:36:7c:66:39:43:36:44:ef:88:5c:63: c4:e3:0f:fd:88:14:3c:3e:92:f9:c2:96:6c:86:4f:28:1b:50: 53:ca:4f:cd:fb:4c:ea:f3:ee:c6:63:2a:5f:e8:41:0c:84:62: 37:31:d2:87:20:30:1e:2f:cd:c4:91:b8:6b:72:93:40:ae:39: 36:3e:58:3c:8f:10:cb:36:51:b5:93:9c:de:2a:90:33:d8:22: 83:f5:bf:1d:2d:4e:e1:c4:1f:58:62:42:da:89:a7:ad:7a:42: 42:00:d3:8c:19:c7:09:71:2f:c6:a9:26:21:ae:8d:38:4b:ef: 23:f6:c9:16 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUOgw4o+FH1U7onRGfze1b+hB127QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDQyNzE5MzgzNloX DTI1MDQyNjE5NDMzNlowMzExMC8GA1UEAxMoQUY1QTJBRDBDOUU1Q0IxRDlFRjg1 RTZGOEY0NDAzMTBGMTAwQ0UzODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALQK/PbGUfw4hM9QSmf6DOteVB9CJpCxlr1muJeWdBQZ7x8FjR/p4etoRY1G cuwZkKtxHHn18xlaNAuywkcnzLNoIjRkYkDhPWmPupBVq3pKNwiXLKuzgzEzXrcR UYsUNrxBmkk9EogqmHenrFD0SetlthRrWTQs0x38zgqs8ODKToKk9VMn+Ug0hw5n /iHF5d472NqNKWr3K9qd9pi9PaedkTjvUCCDrS4LZ9fD6gOE7FLappUEL2xFRvmF qF32X1avx38eUwYyuuLBwiNG+Md1nfLxj8NRJIC/rJfevlEbCxx+1cSBvyHtKk4z qehGCcf4bqaRunV7gEXCmDMH3UECAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFK9aKtDJ5csdnvheb49EAxDxAM44MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8wNDFlNGFjOS1jMDZiLTQzNDMtODUyNi0zYTFmMWIxYjVkODIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA0MWU0YWM5 LWMwNmItNDM0My04NTI2LTNhMWYxYjFiNWQ4Mi8wL0FGNUEyQUQwQzlFNUNCMUQ5 RUY4NUU2RjhGNDQwMzEwRjEwMENFMzgubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnqQQwDQYJKoZIhvcNAQELBQADggEBAIPadjGGDwWQ9H/mzi95YIZMkjUOnWAN jnyyP2/GfCNqb3QhFVshwDZV1g7WgvWIqWG158RcGIElOZgNY2tjbA0ufquW2RWh 7egYrT7Z8twAnf3D9lcSRz8n1+JYZFh0KQz9WySvzkbYoALDJ+LP5guoArLL6eyF 03nNYjRaAWgwVsvQ4442fGY5QzZE74hcY8TjD/2IFDw+kvnClmyGTygbUFPKT837 TOrz7sZjKl/oQQyEYjcx0ocgMB4vzcSRuGtyk0CuOTY+WDyPEMs2UbWTnN4qkDPY IoP1vx0tTuHEH1hiQtqJp616QkIA04wZxwlxL8apJiGujThL7yP2yRY= -----END CERTIFICATE-----Generated at Wed May 8 10:06:51 2024 by rpki-client on console-ams.rpki-client.org