$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AFCF00A90B7E9EA1E30182B0BFF934BE4DC0971C.cer File: AFCF00A90B7E9EA1E30182B0BFF934BE4DC0971C.cer (raw, json) Hash identifier: 5MqTr9azNrXvaSydzszzweZND02DUK2T/mXj9515Pd4= Subject key identifier: AF:CF:00:A9:0B:7E:9E:A1:E3:01:82:B0:BF:F9:34:BE:4D:C0:97:1C Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 48952191E17F70D295D08B4578B3BC56F4375457 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/2565a1cf-2950-47dc-a212-f653b8c3f5a9/0/AFCF00A90B7E9EA1E30182B0BFF934BE4DC0971C.mft caRepository: rsync://repo-rpki.idnic.net/repo/2565a1cf-2950-47dc-a212-f653b8c3f5a9/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 31 Aug 2023 14:01:01 +0000 Certificate not after: Thu 29 Aug 2024 14:06:01 +0000 Subordinate resources: IP: 103.30.212.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:95:21:91:e1:7f:70:d2:95:d0:8b:45:78:b3:bc:56:f4:37:54:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Aug 31 14:01:01 2023 GMT Not After : Aug 29 14:06:01 2024 GMT Subject: CN=AFCF00A90B7E9EA1E30182B0BFF934BE4DC0971C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:84:35:16:0c:e3:9d:4e:79:ae:cd:56:16:4b: 20:76:96:28:66:c7:ab:b3:0b:de:89:c8:48:5c:77: 11:ab:f5:01:c4:e3:89:81:dd:29:2c:f7:11:2f:f3: 58:49:bf:73:1c:a8:3d:d7:27:c8:ec:da:3c:e3:5f: 59:7f:6f:ab:c4:9c:0a:48:54:57:0d:c5:b2:05:12: 61:05:32:40:55:df:23:0a:31:a5:ac:11:ac:3d:3a: 19:68:43:57:0e:bc:3a:a4:27:ac:21:78:24:8a:25: 04:46:fc:5f:f8:2e:12:8a:79:8b:ed:ba:08:ad:a2: 95:b8:cc:03:b7:e2:5b:0b:51:14:fb:cf:d1:86:83: 36:ba:33:3a:2a:46:90:36:b2:ec:94:5b:a6:dd:94: 3c:10:21:9f:cd:13:9c:85:de:ee:23:dc:e1:b3:06: 17:a1:59:e9:87:83:73:4c:97:24:b5:9c:26:7e:36: 86:e1:aa:3c:7a:1b:16:93:d5:01:87:9e:26:ac:b3: 1e:38:5c:2c:cc:25:2b:19:f8:6e:79:1d:16:fd:38: a9:b7:78:89:ec:83:85:5b:84:b1:a9:5f:d3:29:b1: 2f:03:d9:7e:8c:85:00:55:cf:46:53:03:fc:a0:51: 6c:36:73:8a:f4:73:76:66:47:9f:10:04:90:30:cb: 9b:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AF:CF:00:A9:0B:7E:9E:A1:E3:01:82:B0:BF:F9:34:BE:4D:C0:97:1C X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/2565a1cf-2950-47dc-a212-f653b8c3f5a9/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/2565a1cf-2950-47dc-a212-f653b8c3f5a9/0/AFCF00A90B7E9EA1E30182B0BFF934BE4DC0971C.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.30.212.0/24 Signature Algorithm: sha256WithRSAEncryption 7f:6b:d5:b7:00:97:92:ae:bb:43:73:f3:c0:7e:4d:7e:fa:05: 9a:d4:c8:3e:3b:25:bd:85:ee:2c:bf:fb:fe:0b:8a:95:03:18: d9:b1:9b:e9:42:73:89:38:82:b8:c7:ea:93:9b:26:cb:4d:f4: 6d:a0:f6:ee:71:05:8b:18:e1:41:3e:2e:6b:4f:f8:a6:76:9a: d9:fa:69:66:0c:97:be:e9:a2:6c:d6:4f:dd:36:ed:1d:7a:81: 6a:54:f0:02:42:08:f7:4f:ec:e2:8c:22:ac:0c:fd:65:4e:cf: 1a:3d:71:11:a6:a9:fe:0b:53:a8:a7:3a:f1:6a:a1:10:37:7e: 54:a9:1b:a2:ff:57:9b:23:ee:e5:3f:8f:1f:8d:76:6b:25:9a: cf:b8:02:a4:cc:d9:70:14:98:6b:d1:22:4c:c7:d1:48:27:ca: a3:fe:74:91:50:da:85:92:ab:5f:52:00:34:ad:fb:b8:c0:e1: 51:f3:0d:15:c7:d5:bc:e7:e8:e2:2e:2e:af:cf:b5:ba:d6:cf: 90:52:7c:27:03:61:58:49:cc:42:4b:60:cb:21:b9:34:61:3b: 39:19:7e:a8:c3:9e:6e:91:eb:07:08:93:89:7d:c9:63:be:a4: 6c:30:3b:bf:75:87:98:a6:a8:26:15:7e:8b:cc:df:64:3c:e8: 52:74:99:40 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUSJUhkeF/cNKV0ItFeLO8VvQ3VFcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDgzMTE0MDEwMVoX DTI0MDgyOTE0MDYwMVowMzExMC8GA1UEAxMoQUZDRjAwQTkwQjdFOUVBMUUzMDE4 MkIwQkZGOTM0QkU0REMwOTcxQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMeENRYM451Oea7NVhZLIHaWKGbHq7ML3onISFx3Eav1AcTjiYHdKSz3ES/z WEm/cxyoPdcnyOzaPONfWX9vq8ScCkhUVw3FsgUSYQUyQFXfIwoxpawRrD06GWhD Vw68OqQnrCF4JIolBEb8X/guEop5i+26CK2ilbjMA7fiWwtRFPvP0YaDNrozOipG kDay7JRbpt2UPBAhn80TnIXe7iPc4bMGF6FZ6YeDc0yXJLWcJn42huGqPHobFpPV AYeeJqyzHjhcLMwlKxn4bnkdFv04qbd4ieyDhVuEsalf0ymxLwPZfoyFAFXPRlMD /KBRbDZzivRzdmZHnxAEkDDLm6ECAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFK/PAKkLfp6h4wGCsL/5NL5NwJccMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8yNTY1YTFjZi0yOTUwLTQ3ZGMtYTIxMi1mNjUzYjhjM2Y1YTkvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzI1NjVhMWNm LTI5NTAtNDdkYy1hMjEyLWY2NTNiOGMzZjVhOS8wL0FGQ0YwMEE5MEI3RTlFQTFF MzAxODJCMEJGRjkzNEJFNERDMDk3MUMubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnHtQwDQYJKoZIhvcNAQELBQADggEBAH9r1bcAl5Kuu0Nz88B+TX76BZrUyD47 Jb2F7iy/+/4LipUDGNmxm+lCc4k4grjH6pObJstN9G2g9u5xBYsY4UE+LmtP+KZ2 mtn6aWYMl77pomzWT9027R16gWpU8AJCCPdP7OKMIqwM/WVOzxo9cRGmqf4LU6in OvFqoRA3flSpG6L/V5sj7uU/jx+Ndmslms+4AqTM2XAUmGvRIkzH0UgnyqP+dJFQ 2oWSq19SADSt+7jA4VHzDRXH1bzn6OIuLq/PtbrWz5BSfCcDYVhJzEJLYMshuTRh OzkZfqjDnm6R6wcIk4l9yWO+pGwwO791h5imqCYVfovM32Q86FJ0mUA= -----END CERTIFICATE-----Generated at Wed May 8 09:50:35 2024 by rpki-client on console-fra.rpki-client.org