$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AFEE1C7B016628482294E3D894CFC6851BBB63BE.cer File: AFEE1C7B016628482294E3D894CFC6851BBB63BE.cer (raw, json) Hash identifier: Gfqs9IG527JiW4eGUOUeLc84FGMTcQS43bC6XoNOrPA= Subject key identifier: AF:EE:1C:7B:01:66:28:48:22:94:E3:D8:94:CF:C6:85:1B:BB:63:BE Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 5226A620C585B36EACB0E0DE6951A953CA639BE0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/31ab8a58-f13f-4f71-9dde-aed57ea6dca7/0/AFEE1C7B016628482294E3D894CFC6851BBB63BE.mft caRepository: rsync://repo-rpki.idnic.net/repo/31ab8a58-f13f-4f71-9dde-aed57ea6dca7/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 16 Nov 2024 23:58:23 +0000 Certificate not after: Sun 16 Nov 2025 00:03:23 +0000 Subordinate resources: IP: 103.179.72.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:26:a6:20:c5:85:b3:6e:ac:b0:e0:de:69:51:a9:53:ca:63:9b:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 16 23:58:23 2024 GMT Not After : Nov 16 00:03:23 2025 GMT Subject: CN=AFEE1C7B016628482294E3D894CFC6851BBB63BE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:ef:9f:f2:93:05:34:37:8f:3e:2f:f5:b1:dd: 4f:22:10:8e:c9:55:df:bc:da:09:54:92:bc:08:53: 97:57:ff:a6:85:d2:03:63:07:68:43:4d:16:17:53: 4a:83:85:4c:aa:48:05:5b:f6:ce:24:b5:97:dc:65: 4d:63:92:78:3c:fb:80:ff:51:59:01:9c:ed:ec:02: 7d:30:3f:70:61:28:5e:3c:cf:83:20:f7:ba:79:fe: cc:76:0a:e2:4f:a3:2d:d5:40:b6:a5:2e:8d:0a:26: cd:a5:3f:83:3f:b7:ab:0f:03:b4:72:85:3e:16:ca: a2:c7:ae:26:9c:9b:3e:70:55:e3:0a:62:66:0b:6e: e9:6e:a0:b0:f7:99:3c:60:e9:de:b9:92:4b:37:82: 7a:78:e4:9b:7a:e5:c6:05:f2:22:7c:e0:58:92:a2: c3:a5:bc:ad:7d:10:fc:ea:5a:f3:90:03:08:b5:3e: 07:07:ad:05:40:0b:40:1c:6a:65:62:ca:05:46:d2: b9:71:8f:b6:33:46:88:1c:fd:d0:58:1e:1c:59:04: a0:db:85:92:00:e2:c1:fb:17:ac:d6:b8:d8:03:f1: 68:73:83:17:f2:2f:72:92:57:35:f3:59:96:5f:fd: de:57:cb:a0:2f:80:17:de:aa:e9:1f:3e:f5:3c:00: 4e:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: AF:EE:1C:7B:01:66:28:48:22:94:E3:D8:94:CF:C6:85:1B:BB:63:BE X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/31ab8a58-f13f-4f71-9dde-aed57ea6dca7/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/31ab8a58-f13f-4f71-9dde-aed57ea6dca7/0/AFEE1C7B016628482294E3D894CFC6851BBB63BE.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.179.72.0/23 Signature Algorithm: sha256WithRSAEncryption 39:0c:78:22:99:a1:42:97:40:57:dc:02:2e:9a:3e:af:04:ab: d6:ce:b9:30:8a:1c:dc:d0:5d:0a:65:96:5c:57:47:2e:77:d3: 2d:87:ef:d6:e2:45:1b:8f:3d:b5:30:5c:72:6b:04:47:4b:08: d9:b1:ce:2e:7c:8b:7d:7d:39:f8:17:1c:83:fc:61:cb:7a:77: b2:0d:ff:bc:86:02:1e:9e:1d:e9:3a:b3:61:2f:09:ab:34:2d: c8:6d:1e:a3:88:2f:7c:61:28:4f:a8:92:9a:b4:28:fb:ec:b0: b6:67:da:be:81:1e:f9:29:24:7c:e5:8d:a4:c3:70:b5:1f:f3: c9:4a:f4:b5:ab:2f:f7:a2:fb:47:ad:3a:ce:18:94:d1:30:91: e0:3e:34:e2:01:f8:84:9d:e9:00:a5:67:c6:a6:38:41:7f:06: cd:55:77:67:81:f8:58:a5:68:68:02:19:e6:fa:f6:5b:22:e4: 2c:c6:d9:a6:75:32:2a:2a:f7:1c:6c:8e:2c:7e:fb:32:09:4d: 95:e2:34:79:88:5d:1b:96:7a:ad:f7:11:82:c0:67:de:c0:3b: b9:6c:1a:b5:28:ec:fe:c2:c7:27:e4:04:23:d9:d0:9c:b4:fb: ea:f1:b5:14:0e:0a:c0:8e:bf:32:d3:6d:55:c3:1c:10:26:79: cf:32:94:4b -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUUiamIMWFs26ssODeaVGpU8pjm+AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTExNjIzNTgyM1oX DTI1MTExNjAwMDMyM1owMzExMC8GA1UEAxMoQUZFRTFDN0IwMTY2Mjg0ODIyOTRF M0Q4OTRDRkM2ODUxQkJCNjNCRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKvvn/KTBTQ3jz4v9bHdTyIQjslV37zaCVSSvAhTl1f/poXSA2MHaENNFhdT SoOFTKpIBVv2ziS1l9xlTWOSeDz7gP9RWQGc7ewCfTA/cGEoXjzPgyD3unn+zHYK 4k+jLdVAtqUujQomzaU/gz+3qw8DtHKFPhbKoseuJpybPnBV4wpiZgtu6W6gsPeZ PGDp3rmSSzeCenjkm3rlxgXyInzgWJKiw6W8rX0Q/Opa85ADCLU+BwetBUALQBxq ZWLKBUbSuXGPtjNGiBz90FgeHFkEoNuFkgDiwfsXrNa42APxaHODF/IvcpJXNfNZ ll/93lfLoC+AF96q6R8+9TwATnsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFK/uHHsBZihIIpTj2JTPxoUbu2O+MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zMWFiOGE1OC1mMTNmLTRmNzEtOWRkZS1hZWQ1N2VhNmRjYTcvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMxYWI4YTU4 LWYxM2YtNGY3MS05ZGRlLWFlZDU3ZWE2ZGNhNy8wL0FGRUUxQzdCMDE2NjI4NDgy Mjk0RTNEODk0Q0ZDNjg1MUJCQjYzQkUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFns0gwDQYJKoZIhvcNAQELBQADggEBADkMeCKZoUKXQFfcAi6aPq8Eq9bOuTCK HNzQXQplllxXRy530y2H79biRRuPPbUwXHJrBEdLCNmxzi58i319OfgXHIP8Yct6 d7IN/7yGAh6eHek6s2EvCas0LchtHqOIL3xhKE+okpq0KPvssLZn2r6BHvkpJHzl jaTDcLUf88lK9LWrL/ei+0etOs4YlNEwkeA+NOIB+ISd6QClZ8amOEF/Bs1Vd2eB +FilaGgCGeb69lsi5CzG2aZ1Mioq9xxsjix++zIJTZXiNHmIXRuWeq33EYLAZ97A O7lsGrUo7P7CxyfkBCPZ0Jy0++rxtRQOCsCOvzLTbVXDHBAmec8ylEs= -----END CERTIFICATE-----Generated at Mon Nov 25 13:14:26 2024 by rpki-client on console-ams.rpki-client.org