$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/C00163880F235714759920507217F2A7D557C953.cer File: C00163880F235714759920507217F2A7D557C953.cer (raw, json) Hash identifier: Ye3uoGcpzAaqcLfIvCyDV1TFwfaSU6JRi+0x6+buu2Y= Subject key identifier: C0:01:63:88:0F:23:57:14:75:99:20:50:72:17:F2:A7:D5:57:C9:53 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 295A5F1170D4C49D9BDCDDDEA1BEDA6AAC2E4727 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/aea7a115-b8b8-490b-8320-c9e59a1003dd/0/C00163880F235714759920507217F2A7D557C953.mft caRepository: rsync://repo-rpki.idnic.net/repo/aea7a115-b8b8-490b-8320-c9e59a1003dd/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 01 Jul 2024 19:33:36 +0000 Certificate not after: Mon 30 Jun 2025 19:38:36 +0000 Subordinate resources: IP: 43.252.156.0/22 IP: 49.128.176.0/21 IP: 103.17.244.0/22 IP: 103.247.120.0/22 IP: 103.255.240.0/22 IP: 111.68.24.0/21 IP: 112.78.32.0/21 IP: 116.254.112.0/21 IP: 119.2.48.0/21 IP: 202.145.6.0/23 IP: 203.30.236.0/23 IP: 2401:1700::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:5a:5f:11:70:d4:c4:9d:9b:dc:dd:de:a1:be:da:6a:ac:2e:47:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jul 1 19:33:36 2024 GMT Not After : Jun 30 19:38:36 2025 GMT Subject: CN=C00163880F235714759920507217F2A7D557C953 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:f9:b5:8a:ea:c0:fd:68:f2:5c:61:df:7e:5b: 9d:ef:d1:7b:e8:3e:08:6f:6e:e6:5e:5f:c2:c7:67: 06:27:b7:c7:e1:11:74:26:3d:65:d0:0e:2e:5c:fb: cc:3b:6f:d4:f9:6d:1b:fc:24:6f:e9:ac:d4:47:f3: 62:90:b9:a4:dc:86:26:4e:5b:2b:6d:f8:c7:23:f3: 32:45:a8:c9:35:08:82:21:a1:54:32:6a:b3:22:e2: 0a:92:d0:87:57:de:a6:07:d5:2d:9d:1b:0d:ed:40: f7:eb:8f:cc:63:7d:8e:8b:24:04:0f:c1:f4:fe:55: 65:6a:e6:1f:19:18:7c:4e:60:2e:77:8f:0b:26:d1: 81:64:d9:b4:5c:b8:30:a8:e4:ad:a3:65:f7:9e:a3: f6:71:56:f8:79:c7:1f:04:b2:ba:05:00:31:27:4f: 11:13:ed:6c:e3:1f:da:6b:0d:1d:ee:88:18:50:32: d5:7c:39:e7:ae:5a:e7:9d:14:6b:aa:7f:ee:a5:01: 58:e5:2a:f7:16:f7:b6:36:76:b9:65:4a:5b:d7:e9: 75:5e:6c:a6:6b:87:0e:f1:bc:a8:9d:42:27:00:5e: 97:ad:eb:19:da:be:54:77:ff:c8:d6:61:e5:19:fe: 72:35:9c:0c:78:95:98:74:b1:c6:40:42:5e:6a:2a: b4:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: C0:01:63:88:0F:23:57:14:75:99:20:50:72:17:F2:A7:D5:57:C9:53 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/aea7a115-b8b8-490b-8320-c9e59a1003dd/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/aea7a115-b8b8-490b-8320-c9e59a1003dd/0/C00163880F235714759920507217F2A7D557C953.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.252.156.0/22 49.128.176.0/21 103.17.244.0/22 103.247.120.0/22 103.255.240.0/22 111.68.24.0/21 112.78.32.0/21 116.254.112.0/21 119.2.48.0/21 202.145.6.0/23 203.30.236.0/23 IPv6: 2401:1700::/32 Signature Algorithm: sha256WithRSAEncryption 7d:53:d4:92:7a:1c:36:71:7b:db:b6:b5:3b:cd:53:40:1a:f7: 2e:0d:cb:e0:0a:41:27:e7:51:1b:bc:42:f5:f8:ed:c3:0c:a8: 9f:cd:0f:ce:2a:d0:e4:2a:76:04:e2:ed:26:6d:ca:c0:a7:9c: 3d:4b:0a:5d:e4:3e:23:b8:e3:fb:b0:61:18:3a:69:77:c0:98: fa:d1:5b:28:41:1b:84:cd:59:46:52:7e:ac:6c:17:b3:aa:b3: 91:e9:3e:85:ea:f7:2e:a5:77:ff:b0:cd:49:10:20:0b:d2:b0: d3:f6:32:0c:d3:da:8e:e4:d7:cc:23:58:74:0f:5c:43:89:ac: 24:20:39:f0:e6:e6:80:d2:ad:01:c2:a6:16:85:4b:cc:fb:6b: 0c:b4:a5:14:55:1d:19:c6:cb:51:b3:c2:b7:17:97:9f:89:07: 79:0a:48:2f:03:03:09:67:9d:85:3b:75:87:47:45:37:ed:e9: 29:1e:ee:2d:dd:3e:ca:a1:64:ae:38:d3:8b:e8:8b:cb:c8:1f: 73:90:ca:3d:0c:70:11:be:f4:40:73:01:a0:fc:42:94:08:ae: 87:da:a0:5f:07:4c:48:ac:32:cd:51:70:f6:87:97:5d:29:37: 2f:6c:c6:b0:ec:d0:bb:85:2f:cd:cb:35:f2:89:a4:4d:32:8d: 9d:99:4c:3b -----BEGIN CERTIFICATE----- MIIGEDCCBPigAwIBAgIUKVpfEXDUxJ2b3N3eob7aaqwuRycwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDcwMTE5MzMzNloX DTI1MDYzMDE5MzgzNlowMzExMC8GA1UEAxMoQzAwMTYzODgwRjIzNTcxNDc1OTky MDUwNzIxN0YyQTdENTU3Qzk1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOn5tYrqwP1o8lxh335bne/Re+g+CG9u5l5fwsdnBie3x+ERdCY9ZdAOLlz7 zDtv1PltG/wkb+ms1EfzYpC5pNyGJk5bK234xyPzMkWoyTUIgiGhVDJqsyLiCpLQ h1fepgfVLZ0bDe1A9+uPzGN9joskBA/B9P5VZWrmHxkYfE5gLnePCybRgWTZtFy4 MKjkraNl956j9nFW+HnHHwSyugUAMSdPERPtbOMf2msNHe6IGFAy1Xw5565a550U a6p/7qUBWOUq9xb3tjZ2uWVKW9fpdV5spmuHDvG8qJ1CJwBel63rGdq+VHf/yNZh 5Rn+cjWcDHiVmHSxxkBCXmoqtNUCAwEAAaOCAwMwggL/MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFMABY4gPI1cUdZkgUHIX8qfVV8lTMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9hZWE3YTExNS1iOGI4LTQ5MGItODMyMC1jOWU1OWExMDAzZGQvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2FlYTdhMTE1 LWI4YjgtNDkwYi04MzIwLWM5ZTU5YTEwMDNkZC8wL0MwMDE2Mzg4MEYyMzU3MTQ3 NTk5MjA1MDcyMTdGMkE3RDU1N0M5NTMubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwagYIKwYBBQUHAQcBAf8EWzBZMEgEAgABMEID BAIr/JwDBAMxgLADBAJnEfQDBAJn93gDBAJn//ADBANvRBgDBANwTiADBAN0/nAD BAN3AjADBAHKkQYDBAHLHuwwDQQCAAIwBwMFACQBFwAwDQYJKoZIhvcNAQELBQAD ggEBAH1T1JJ6HDZxe9u2tTvNU0Aa9y4Ny+AKQSfnURu8QvX47cMMqJ/ND84q0OQq dgTi7SZtysCnnD1LCl3kPiO44/uwYRg6aXfAmPrRWyhBG4TNWUZSfqxsF7Oqs5Hp PoXq9y6ld/+wzUkQIAvSsNP2MgzT2o7k18wjWHQPXEOJrCQgOfDm5oDSrQHCphaF S8z7awy0pRRVHRnGy1GzwrcXl5+JB3kKSC8DAwlnnYU7dYdHRTft6Ske7i3dPsqh ZK4404voi8vIH3OQyj0McBG+9EBzAaD8QpQIrofaoF8HTEisMs1RcPaHl10pNy9s xrDs0LuFL83LNfKJpE0yjZ2ZTDs= -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:29 2024 by rpki-client on console-fra.rpki-client.org