$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AFEE1C7B016628482294E3D894CFC6851BBB63BE.cer File: AFEE1C7B016628482294E3D894CFC6851BBB63BE.cer (raw, json) Hash identifier: zMsHmtyK4OUDwbEBN/A29Id239rPd1Z8iVp7DRsJ+0U= Subject key identifier: AF:EE:1C:7B:01:66:28:48:22:94:E3:D8:94:CF:C6:85:1B:BB:63:BE Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 69517470E1439A8B56AED9B7C07287F36B3C3AC8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/31ab8a58-f13f-4f71-9dde-aed57ea6dca7/0/AFEE1C7B016628482294E3D894CFC6851BBB63BE.mft caRepository: rsync://repo-rpki.idnic.net/repo/31ab8a58-f13f-4f71-9dde-aed57ea6dca7/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 16 Dec 2023 17:02:12 +0000 Certificate not after: Sat 14 Dec 2024 17:07:12 +0000 Subordinate resources: IP: 103.179.72.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 13:23:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:51:74:70:e1:43:9a:8b:56:ae:d9:b7:c0:72:87:f3:6b:3c:3a:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Dec 16 17:02:12 2023 GMT Not After : Dec 14 17:07:12 2024 GMT Subject: CN=AFEE1C7B016628482294E3D894CFC6851BBB63BE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:ef:9f:f2:93:05:34:37:8f:3e:2f:f5:b1:dd: 4f:22:10:8e:c9:55:df:bc:da:09:54:92:bc:08:53: 97:57:ff:a6:85:d2:03:63:07:68:43:4d:16:17:53: 4a:83:85:4c:aa:48:05:5b:f6:ce:24:b5:97:dc:65: 4d:63:92:78:3c:fb:80:ff:51:59:01:9c:ed:ec:02: 7d:30:3f:70:61:28:5e:3c:cf:83:20:f7:ba:79:fe: cc:76:0a:e2:4f:a3:2d:d5:40:b6:a5:2e:8d:0a:26: cd:a5:3f:83:3f:b7:ab:0f:03:b4:72:85:3e:16:ca: a2:c7:ae:26:9c:9b:3e:70:55:e3:0a:62:66:0b:6e: e9:6e:a0:b0:f7:99:3c:60:e9:de:b9:92:4b:37:82: 7a:78:e4:9b:7a:e5:c6:05:f2:22:7c:e0:58:92:a2: c3:a5:bc:ad:7d:10:fc:ea:5a:f3:90:03:08:b5:3e: 07:07:ad:05:40:0b:40:1c:6a:65:62:ca:05:46:d2: b9:71:8f:b6:33:46:88:1c:fd:d0:58:1e:1c:59:04: a0:db:85:92:00:e2:c1:fb:17:ac:d6:b8:d8:03:f1: 68:73:83:17:f2:2f:72:92:57:35:f3:59:96:5f:fd: de:57:cb:a0:2f:80:17:de:aa:e9:1f:3e:f5:3c:00: 4e:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AF:EE:1C:7B:01:66:28:48:22:94:E3:D8:94:CF:C6:85:1B:BB:63:BE X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/31ab8a58-f13f-4f71-9dde-aed57ea6dca7/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/31ab8a58-f13f-4f71-9dde-aed57ea6dca7/0/AFEE1C7B016628482294E3D894CFC6851BBB63BE.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.179.72.0/23 Signature Algorithm: sha256WithRSAEncryption 7d:3f:87:11:fd:cd:59:1c:b8:95:a7:17:a9:02:36:ab:04:75: b5:07:df:f4:57:bc:e5:96:7a:48:97:10:76:0c:0c:d3:4f:cd: e1:03:11:eb:97:95:be:cd:5b:3a:bb:9e:cb:d0:11:9a:b7:9a: d1:9d:27:62:61:e5:1e:d4:d5:9b:a5:9b:01:ab:8f:ed:95:6f: 72:7a:3c:24:29:68:55:9e:76:26:d9:2a:17:31:fd:ad:b1:37: 1b:1f:fc:1b:ca:09:87:c7:73:b7:e7:63:d8:da:64:47:37:ee: 52:5e:81:5d:89:f7:34:89:bc:7a:28:4a:e9:fa:1f:69:59:ae: dd:4e:a1:2f:25:7d:93:6d:3c:32:28:8f:b8:7d:be:e2:3a:b5: 83:99:bf:1c:76:ed:75:d4:de:43:80:3a:b7:41:82:24:97:4f: e3:d9:30:61:49:16:49:46:15:04:14:41:d7:89:ab:9f:78:12: b1:69:2b:03:bb:b6:31:6a:7d:cd:8e:46:26:c6:3c:43:bf:d8: 53:b5:45:62:b0:14:ff:30:59:f1:da:b9:f4:1e:88:e6:77:38: a3:6a:04:df:df:9d:5b:cb:53:ea:75:23:76:3e:56:bc:8b:85: 06:87:65:7b:53:38:09:9b:a1:93:09:fe:7a:a0:83:fb:01:e7: 4e:fc:64:f9 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUaVF0cOFDmotWrtm3wHKH82s8OsgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMTIxNjE3MDIxMloX DTI0MTIxNDE3MDcxMlowMzExMC8GA1UEAxMoQUZFRTFDN0IwMTY2Mjg0ODIyOTRF M0Q4OTRDRkM2ODUxQkJCNjNCRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKvvn/KTBTQ3jz4v9bHdTyIQjslV37zaCVSSvAhTl1f/poXSA2MHaENNFhdT SoOFTKpIBVv2ziS1l9xlTWOSeDz7gP9RWQGc7ewCfTA/cGEoXjzPgyD3unn+zHYK 4k+jLdVAtqUujQomzaU/gz+3qw8DtHKFPhbKoseuJpybPnBV4wpiZgtu6W6gsPeZ PGDp3rmSSzeCenjkm3rlxgXyInzgWJKiw6W8rX0Q/Opa85ADCLU+BwetBUALQBxq ZWLKBUbSuXGPtjNGiBz90FgeHFkEoNuFkgDiwfsXrNa42APxaHODF/IvcpJXNfNZ ll/93lfLoC+AF96q6R8+9TwATnsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFK/uHHsBZihIIpTj2JTPxoUbu2O+MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zMWFiOGE1OC1mMTNmLTRmNzEtOWRkZS1hZWQ1N2VhNmRjYTcvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMxYWI4YTU4 LWYxM2YtNGY3MS05ZGRlLWFlZDU3ZWE2ZGNhNy8wL0FGRUUxQzdCMDE2NjI4NDgy Mjk0RTNEODk0Q0ZDNjg1MUJCQjYzQkUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFns0gwDQYJKoZIhvcNAQELBQADggEBAH0/hxH9zVkcuJWnF6kCNqsEdbUH3/RX vOWWekiXEHYMDNNPzeEDEeuXlb7NWzq7nsvQEZq3mtGdJ2Jh5R7U1ZulmwGrj+2V b3J6PCQpaFWedibZKhcx/a2xNxsf/BvKCYfHc7fnY9jaZEc37lJegV2J9zSJvHoo Sun6H2lZrt1OoS8lfZNtPDIoj7h9vuI6tYOZvxx27XXU3kOAOrdBgiSXT+PZMGFJ FklGFQQUQdeJq594ErFpKwO7tjFqfc2ORibGPEO/2FO1RWKwFP8wWfHaufQeiOZ3 OKNqBN/fnVvLU+p1I3Y+VryLhQaHZXtTOAmboZMJ/nqgg/sB5078ZPk= -----END CERTIFICATE-----Generated at Wed May 8 10:06:51 2024 by rpki-client on console-ams.rpki-client.org