$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/BD809D8A065DB595DC069383736A1A9C4A96B267.cer File: BD809D8A065DB595DC069383736A1A9C4A96B267.cer (raw, json) Hash identifier: cO82HrFoz95ktxWyoMiXpstMoTrJ01otW2sDlwcLfzg= Subject key identifier: BD:80:9D:8A:06:5D:B5:95:DC:06:93:83:73:6A:1A:9C:4A:96:B2:67 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 42C7AE720768786C63582E15C6793AF49EDC6B46 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/d3f8f55c-9e35-4ce2-890f-0de3e2404611/0/BD809D8A065DB595DC069383736A1A9C4A96B267.mft caRepository: rsync://repo-rpki.idnic.net/repo/d3f8f55c-9e35-4ce2-890f-0de3e2404611/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 01 Jul 2024 19:24:06 +0000 Certificate not after: Mon 30 Jun 2025 19:29:06 +0000 Subordinate resources: IP: 45.127.132.0/22 IP: 103.56.204.0/22 IP: 2001:df5:1c00::/48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:c7:ae:72:07:68:78:6c:63:58:2e:15:c6:79:3a:f4:9e:dc:6b:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 1 19:24:06 2024 GMT Not After : Jun 30 19:29:06 2025 GMT Subject: CN=BD809D8A065DB595DC069383736A1A9C4A96B267 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:4d:c0:33:45:c6:1e:4e:ea:00:ce:61:72:e2: a0:37:e8:66:08:4d:27:1d:47:3d:e8:ce:2c:1c:69: a9:09:10:e7:b9:d5:8a:1f:83:47:d5:1d:1a:fc:ba: 28:e9:72:be:0a:df:3e:b9:83:d6:1f:d5:97:f8:e8: 59:e7:94:ca:16:22:2e:fb:19:17:49:98:d1:cf:64: 17:94:d9:15:a7:88:3e:37:77:97:e9:79:5d:7c:c6: 49:d5:5f:97:44:58:6e:d5:a8:d2:65:d7:76:70:01: b3:35:7b:13:d1:86:5c:69:56:3c:7f:2b:39:8b:cd: 55:48:b5:86:eb:bb:c1:d5:12:75:67:65:0c:ac:46: d1:bd:f8:1e:6b:96:0b:62:5b:2d:6f:e4:c0:72:d8: bc:16:3d:03:f8:e9:97:23:f5:33:96:22:d6:dd:3a: ed:2f:f8:69:1b:d3:88:59:8b:d1:19:f0:4f:1b:84: fe:ae:91:5c:bf:79:fd:20:42:af:a1:d2:bc:b8:fd: 19:e2:12:d1:2c:c3:65:36:78:93:77:45:de:3f:91: ec:11:5f:74:3a:f8:a4:78:b5:48:d3:87:e4:a7:23: 29:e9:e9:21:e8:7f:f1:53:87:08:9b:4d:14:02:14: 77:a7:6e:3c:4b:a3:f9:a7:99:3a:e6:3d:f7:1d:4c: 63:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: BD:80:9D:8A:06:5D:B5:95:DC:06:93:83:73:6A:1A:9C:4A:96:B2:67 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/d3f8f55c-9e35-4ce2-890f-0de3e2404611/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/d3f8f55c-9e35-4ce2-890f-0de3e2404611/0/BD809D8A065DB595DC069383736A1A9C4A96B267.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.127.132.0/22 103.56.204.0/22 IPv6: 2001:df5:1c00::/48 Signature Algorithm: sha256WithRSAEncryption 51:a6:ef:8e:dd:f7:5c:04:00:85:93:08:80:3f:26:a4:f0:8a: cf:25:96:68:55:9d:6f:95:a9:b7:67:a8:e4:f7:32:ec:ab:40: a2:f3:fd:59:44:e6:79:46:b7:da:51:b6:05:a3:8a:87:54:14: 09:32:d2:0f:bd:b7:4f:5a:76:64:11:4f:bd:d7:e1:45:fe:d7: ca:83:7d:fb:23:38:86:a9:2b:f2:93:1f:ed:60:c0:29:73:25: aa:5a:42:6e:2b:12:0a:f4:64:a1:b7:47:49:5f:cf:c2:4c:65: 7f:9d:e1:e8:8b:3a:5c:01:e5:f4:73:5d:37:8a:11:04:a1:54: 4d:f5:4f:3e:69:a6:e8:b9:81:8f:53:55:bd:e2:3c:e8:87:7d: be:9b:9b:3b:96:1c:5a:83:a7:4d:c3:6f:fd:db:ee:25:49:72: 06:75:94:a7:b3:a3:66:6e:2c:04:e8:80:78:5b:ba:73:73:eb: b5:0a:68:64:3d:13:89:1b:2b:a4:8f:39:19:68:87:03:58:c8: 4e:7d:e0:d5:2c:f1:ed:2b:14:46:5e:0e:07:1c:90:8d:53:92: be:5e:db:18:a6:a3:3a:f5:ff:ff:ac:db:a6:d1:82:39:17:54: f0:1b:30:ea:c3:42:90:d4:9e:3a:5c:26:b8:24:d9:43:33:07: 3e:96:1e:fb -----BEGIN CERTIFICATE----- MIIF3DCCBMSgAwIBAgIUQseucgdoeGxjWC4Vxnk69J7ca0YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDcwMTE5MjQwNloX DTI1MDYzMDE5MjkwNlowMzExMC8GA1UEAxMoQkQ4MDlEOEEwNjVEQjU5NURDMDY5 MzgzNzM2QTFBOUM0QTk2QjI2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOhNwDNFxh5O6gDOYXLioDfoZghNJx1HPejOLBxpqQkQ57nVih+DR9UdGvy6 KOlyvgrfPrmD1h/Vl/joWeeUyhYiLvsZF0mY0c9kF5TZFaeIPjd3l+l5XXzGSdVf l0RYbtWo0mXXdnABszV7E9GGXGlWPH8rOYvNVUi1huu7wdUSdWdlDKxG0b34HmuW C2JbLW/kwHLYvBY9A/jplyP1M5Yi1t067S/4aRvTiFmL0RnwTxuE/q6RXL95/SBC r6HSvLj9GeIS0SzDZTZ4k3dF3j+R7BFfdDr4pHi1SNOH5KcjKenpIeh/8VOHCJtN FAIUd6duPEuj+aeZOuY99x1MY6ECAwEAAaOCAs8wggLLMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFL2AnYoGXbWV3AaTg3NqGpxKlrJnMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9kM2Y4ZjU1Yy05ZTM1LTRjZTItODkwZi0wZGUzZTI0MDQ2MTEvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QzZjhmNTVj LTllMzUtNGNlMi04OTBmLTBkZTNlMjQwNDYxMS8wL0JEODA5RDhBMDY1REI1OTVE QzA2OTM4MzczNkExQTlDNEE5NkIyNjcubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwD BAItf4QDBAJnOMwwDwQCAAIwCQMHACABDfUcADANBgkqhkiG9w0BAQsFAAOCAQEA Uabvjt33XAQAhZMIgD8mpPCKzyWWaFWdb5Wpt2eo5Pcy7KtAovP9WUTmeUa32lG2 BaOKh1QUCTLSD723T1p2ZBFPvdfhRf7XyoN9+yM4hqkr8pMf7WDAKXMlqlpCbisS CvRkobdHSV/Pwkxlf53h6Is6XAHl9HNdN4oRBKFUTfVPPmmm6LmBj1NVveI86Id9 vpubO5YcWoOnTcNv/dvuJUlyBnWUp7OjZm4sBOiAeFu6c3PrtQpoZD0TiRsrpI85 GWiHA1jITn3g1Szx7SsURl4OBxyQjVOSvl7bGKajOvX//6zbptGCORdU8Bsw6sNC kNSeOlwmuCTZQzMHPpYe+w== -----END CERTIFICATE-----Generated at Fri Nov 22 11:43:51 2024 by rpki-client on console-ams.rpki-client.org