$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/B3A9686B1E95DCB68772ADA55BB138AE4D0E14DB.cer File: B3A9686B1E95DCB68772ADA55BB138AE4D0E14DB.cer (raw, json) Hash identifier: HFCoKqHAVVAFVYeQVjff/wi0lQ1+L2e0Qf28X4QePNA= Subject key identifier: B3:A9:68:6B:1E:95:DC:B6:87:72:AD:A5:5B:B1:38:AE:4D:0E:14:DB Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4BF505888908D9EB9309BE3EDFB7F0302B6366BF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/e58d6dca-6d7b-4811-862b-0dc5d57fa2d9/0/B3A9686B1E95DCB68772ADA55BB138AE4D0E14DB.mft caRepository: rsync://repo-rpki.idnic.net/repo/e58d6dca-6d7b-4811-862b-0dc5d57fa2d9/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Fri 15 Nov 2024 18:54:41 +0000 Certificate not after: Fri 14 Nov 2025 18:59:41 +0000 Subordinate resources: IP: 103.125.16.0/22 IP: 2403:ea40::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:f5:05:88:89:08:d9:eb:93:09:be:3e:df:b7:f0:30:2b:63:66:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Nov 15 18:54:41 2024 GMT Not After : Nov 14 18:59:41 2025 GMT Subject: CN=B3A9686B1E95DCB68772ADA55BB138AE4D0E14DB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:ab:29:d6:bb:4a:4c:0d:39:b2:44:fa:63:15: e7:74:c6:16:5b:52:ca:29:e2:1b:67:a6:c6:33:99: 50:be:2e:53:11:86:00:80:82:07:65:7b:84:97:01: e0:4e:29:4c:f3:8a:3c:b1:24:ba:61:45:d3:96:2d: 1d:be:c6:17:70:4c:f1:68:66:28:b0:b4:3d:9b:7c: 30:05:ac:da:4b:4c:80:39:50:f8:9a:00:04:48:45: 70:8a:bb:10:a6:b1:f8:5f:ea:f3:3e:d2:2a:e4:95: 6e:a2:91:41:24:a1:d0:9c:36:aa:17:77:e3:2d:e4: 5f:ad:ea:a4:6f:e7:ed:37:14:be:fa:2b:70:4b:29: b9:1d:ca:24:6c:6b:c2:68:04:07:d3:b9:01:93:1f: fb:8d:7d:b4:fe:31:46:05:48:b7:5d:c7:cb:cc:22: e9:27:67:4c:e7:4b:c0:14:e1:14:5d:3b:14:57:38: 07:c3:7a:6b:f8:cc:d6:17:54:ff:13:46:88:ee:4f: 55:b2:64:93:7e:e7:60:a0:73:48:41:f7:f9:d0:33: 27:84:db:da:c6:aa:2d:8f:a9:9c:0b:cd:60:7b:df: 60:5c:b2:02:31:1f:b0:ff:77:1f:f0:03:5a:58:35: b3:31:ac:d6:09:a1:8a:3b:36:cc:02:20:f2:a6:a3: 6d:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: B3:A9:68:6B:1E:95:DC:B6:87:72:AD:A5:5B:B1:38:AE:4D:0E:14:DB X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/e58d6dca-6d7b-4811-862b-0dc5d57fa2d9/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/e58d6dca-6d7b-4811-862b-0dc5d57fa2d9/0/B3A9686B1E95DCB68772ADA55BB138AE4D0E14DB.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.125.16.0/22 IPv6: 2403:ea40::/32 Signature Algorithm: sha256WithRSAEncryption 86:a1:16:ae:8b:e4:04:af:a5:f2:be:11:24:d9:3b:09:18:db: 22:f3:51:e9:7e:51:87:e1:9a:d2:66:45:83:54:8e:58:62:9a: 5f:9a:4a:d2:c9:ae:e1:81:2c:f7:c8:dd:0c:66:d6:05:20:71: 83:c4:76:46:b9:48:7d:10:f6:f0:94:e0:c6:7a:84:79:dd:2c: 37:36:88:08:c0:90:df:d2:ad:d6:b6:e9:ab:5e:0b:d7:6d:91: 6e:8c:8e:2b:2c:a4:d2:06:60:69:bb:e8:bd:c0:4c:04:60:92: 40:88:c9:7e:0c:40:cd:2b:f6:71:31:1b:83:a6:0a:27:6c:07: fa:a3:f8:b2:27:a1:10:38:4f:95:9f:80:2c:30:9c:ca:b9:e9: 37:31:3a:99:6e:4e:68:62:cc:62:7c:8e:d9:4a:11:0b:ef:96: 7b:f2:7b:7d:43:32:2a:3b:f5:21:d8:75:65:3f:b6:8f:b3:f8: f3:4d:0b:3d:e1:d0:80:7e:73:7b:2d:94:33:2c:ef:d4:52:32: 6e:67:e0:35:ae:38:20:10:41:66:29:a4:fc:57:18:72:93:2d: 4f:0a:8f:32:67:ac:e9:b1:55:d0:7f:83:db:d0:dc:32:7d:c7: be:41:67:e4:5f:d6:9a:45:fd:f7:98:9d:4c:b8:20:5c:d2:4b: 05:f7:25:22 -----BEGIN CERTIFICATE----- MIIF1DCCBLygAwIBAgIUS/UFiIkI2euTCb4+37fwMCtjZr8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTExNTE4NTQ0MVoX DTI1MTExNDE4NTk0MVowMzExMC8GA1UEAxMoQjNBOTY4NkIxRTk1RENCNjg3NzJB REE1NUJCMTM4QUU0RDBFMTREQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOarKda7SkwNObJE+mMV53TGFltSyiniG2emxjOZUL4uUxGGAICCB2V7hJcB 4E4pTPOKPLEkumFF05YtHb7GF3BM8WhmKLC0PZt8MAWs2ktMgDlQ+JoABEhFcIq7 EKax+F/q8z7SKuSVbqKRQSSh0Jw2qhd34y3kX63qpG/n7TcUvvorcEspuR3KJGxr wmgEB9O5AZMf+419tP4xRgVIt13Hy8wi6SdnTOdLwBThFF07FFc4B8N6a/jM1hdU /xNGiO5PVbJkk37nYKBzSEH3+dAzJ4Tb2saqLY+pnAvNYHvfYFyyAjEfsP93H/AD Wlg1szGs1gmhijs2zAIg8qajbecCAwEAAaOCAscwggLDMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFLOpaGseldy2h3KtpVuxOK5NDhTbMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9lNThkNmRjYS02ZDdiLTQ4MTEtODYyYi0wZGM1ZDU3ZmEyZDkvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U1OGQ2ZGNh LTZkN2ItNDgxMS04NjJiLTBkYzVkNTdmYTJkOS8wL0IzQTk2ODZCMUU5NURDQjY4 NzcyQURBNTVCQjEzOEFFNEQwRTE0REIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYD BAJnfRAwDQQCAAIwBwMFACQD6kAwDQYJKoZIhvcNAQELBQADggEBAIahFq6L5ASv pfK+ESTZOwkY2yLzUel+UYfhmtJmRYNUjlhiml+aStLJruGBLPfI3Qxm1gUgcYPE dka5SH0Q9vCU4MZ6hHndLDc2iAjAkN/Srda26ateC9dtkW6MjisspNIGYGm76L3A TARgkkCIyX4MQM0r9nExG4OmCidsB/qj+LInoRA4T5WfgCwwnMq56TcxOpluTmhi zGJ8jtlKEQvvlnvye31DMio79SHYdWU/to+z+PNNCz3h0IB+c3stlDMs79RSMm5n 4DWuOCAQQWYppPxXGHKTLU8KjzJnrOmxVdB/g9vQ3DJ9x75BZ+Rf1ppF/feYnUy4 IFzSSwX3JSI= -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:50 2024 by rpki-client on console-ams.rpki-client.org