$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/B956E5764D9917A7389654D67836D02779ED9E22.cer File: B956E5764D9917A7389654D67836D02779ED9E22.cer (raw, json) Hash identifier: Abvmycmj1/lDayvsMXNYSsj2dfOJHbH+ZS4Lr00zgGc= Subject key identifier: B9:56:E5:76:4D:99:17:A7:38:96:54:D6:78:36:D0:27:79:ED:9E:22 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 35D605C76DAB31BC8158B20A2B414BDA940C3586 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/b8117ca8-b4e5-467a-88a8-a4b63e40c3ed/0/B956E5764D9917A7389654D67836D02779ED9E22.mft caRepository: rsync://repo-rpki.idnic.net/repo/b8117ca8-b4e5-467a-88a8-a4b63e40c3ed/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 11 Jul 2024 09:30:48 +0000 Certificate not after: Thu 10 Jul 2025 09:35:48 +0000 Subordinate resources: IP: 103.44.19.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:d6:05:c7:6d:ab:31:bc:81:58:b2:0a:2b:41:4b:da:94:0c:35:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 11 09:30:48 2024 GMT Not After : Jul 10 09:35:48 2025 GMT Subject: CN=B956E5764D9917A7389654D67836D02779ED9E22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:d7:e3:48:14:f1:9b:42:c1:65:2a:b5:9c:c6: 3f:57:88:de:c5:aa:1f:6f:71:3e:ef:97:b5:18:20: 3d:8d:20:eb:d1:db:7d:f0:ac:a6:97:1f:db:60:48: f2:97:77:b3:8d:d8:25:31:b3:58:c8:f3:39:f3:6b: 2e:74:e5:f7:04:52:4c:a8:9c:0e:34:3f:5e:e8:67: 02:8a:57:21:52:9f:e4:58:cd:17:93:38:23:d8:1a: 19:1e:ff:71:20:98:7d:a8:b6:03:50:35:9e:0d:41: 68:18:b2:c0:1d:11:9c:4a:79:15:53:c6:68:aa:c3: bf:89:eb:02:8d:37:7b:1d:c1:d0:5a:35:fe:74:4f: 71:68:91:32:22:d5:24:88:95:7f:02:55:89:07:f7: 8e:b2:4c:76:63:0d:2e:46:37:86:36:db:0a:7f:09: d2:15:0e:54:40:55:6b:54:38:64:ab:a7:57:ee:21: 7e:ba:23:e0:70:35:bb:c6:1b:e6:f5:a0:da:bd:3d: 98:42:df:d4:59:f2:a3:f7:e9:56:5f:2f:da:fe:b5: 56:34:b4:1e:d6:7a:b2:67:ca:e2:27:e6:17:11:35: 23:5e:39:cc:53:86:9f:f9:08:a6:eb:9d:f6:1f:2c: 58:7a:f9:db:1e:a6:7e:e1:40:37:3c:77:6b:4b:f5: a6:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: B9:56:E5:76:4D:99:17:A7:38:96:54:D6:78:36:D0:27:79:ED:9E:22 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/b8117ca8-b4e5-467a-88a8-a4b63e40c3ed/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/b8117ca8-b4e5-467a-88a8-a4b63e40c3ed/0/B956E5764D9917A7389654D67836D02779ED9E22.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.44.19.0/24 Signature Algorithm: sha256WithRSAEncryption 82:e1:e2:18:e7:54:33:cd:a9:8f:81:5b:66:04:f7:80:00:0b: d5:b0:46:04:a1:5b:61:85:f9:50:d3:64:e4:e1:e9:06:0b:ee: c5:67:af:fd:38:1f:d4:03:07:cf:73:70:37:a1:4e:f0:28:af: 80:6a:09:04:7a:6b:34:fa:ee:9b:8d:5e:1c:21:10:2e:10:06: 18:b7:07:1b:44:4e:86:0a:88:7f:52:91:fb:e8:53:ce:bd:73: af:d0:f4:00:5d:03:b4:71:7d:ca:a2:88:d7:48:4e:54:fd:02: 44:30:6d:b6:d0:96:9b:7b:e6:c1:c7:2c:82:34:1a:e9:0e:b3: 77:aa:05:3c:1b:07:52:40:ef:ed:f1:cd:01:9b:fd:d4:1d:a8: ef:8e:2b:5e:0f:5d:51:e1:64:ab:4d:e4:a2:22:03:ff:1c:fa: a6:bc:50:df:fb:39:6a:1c:2b:01:6a:29:d4:f6:86:ac:d4:db: f2:93:8e:b3:28:3a:2b:72:2c:df:5d:5f:17:91:8b:55:de:48: db:8c:4a:b5:fb:74:e2:00:14:3c:0f:88:05:02:8b:d0:ac:7e: 19:67:15:ee:98:23:d3:3b:11:78:b4:e9:3d:c0:92:4f:7d:2d: fe:4c:53:71:5b:f2:c0:5f:e8:31:80:0e:34:4a:22:29:8e:69: 51:03:c3:46 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUNdYFx22rMbyBWLIKK0FL2pQMNYYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDcxMTA5MzA0OFoX DTI1MDcxMDA5MzU0OFowMzExMC8GA1UEAxMoQjk1NkU1NzY0RDk5MTdBNzM4OTY1 NEQ2NzgzNkQwMjc3OUVEOUUyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJjX40gU8ZtCwWUqtZzGP1eI3sWqH29xPu+XtRggPY0g69HbffCsppcf22BI 8pd3s43YJTGzWMjzOfNrLnTl9wRSTKicDjQ/XuhnAopXIVKf5FjNF5M4I9gaGR7/ cSCYfai2A1A1ng1BaBiywB0RnEp5FVPGaKrDv4nrAo03ex3B0Fo1/nRPcWiRMiLV JIiVfwJViQf3jrJMdmMNLkY3hjbbCn8J0hUOVEBVa1Q4ZKunV+4hfroj4HA1u8Yb 5vWg2r09mELf1Fnyo/fpVl8v2v61VjS0HtZ6smfK4ifmFxE1I145zFOGn/kIpuud 9h8sWHr52x6mfuFANzx3a0v1pusCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFLlW5XZNmRenOJZU1ng20Cd57Z4iMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9iODExN2NhOC1iNGU1LTQ2N2EtODhhOC1hNGI2M2U0MGMzZWQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2I4MTE3Y2E4 LWI0ZTUtNDY3YS04OGE4LWE0YjYzZTQwYzNlZC8wL0I5NTZFNTc2NEQ5OTE3QTcz ODk2NTRENjc4MzZEMDI3NzlFRDlFMjIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnLBMwDQYJKoZIhvcNAQELBQADggEBAILh4hjnVDPNqY+BW2YE94AAC9WwRgSh W2GF+VDTZOTh6QYL7sVnr/04H9QDB89zcDehTvAor4BqCQR6azT67puNXhwhEC4Q Bhi3BxtEToYKiH9SkfvoU869c6/Q9ABdA7RxfcqiiNdITlT9AkQwbbbQlpt75sHH LII0GukOs3eqBTwbB1JA7+3xzQGb/dQdqO+OK14PXVHhZKtN5KIiA/8c+qa8UN/7 OWocKwFqKdT2hqzU2/KTjrMoOityLN9dXxeRi1XeSNuMSrX7dOIAFDwPiAUCi9Cs fhlnFe6YI9M7EXi06T3Akk99Lf5MU3Fb8sBf6DGADjRKIimOaVEDw0Y= -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:29 2024 by rpki-client on console-fra.rpki-client.org