$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/CBB5E8D87996C4897C9F5DC0CB32864F4F0C5A7A.cer File: CBB5E8D87996C4897C9F5DC0CB32864F4F0C5A7A.cer (raw, json) Hash identifier: /RgCYgJ6+ZU7R+u0/clIODLQVWPgQh8ZIVuZ6GksweU= Subject key identifier: CB:B5:E8:D8:79:96:C4:89:7C:9F:5D:C0:CB:32:86:4F:4F:0C:5A:7A Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 68C7F5F51A043C97862FA21ADB1061AEA7011927 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/57f6e57b-4c26-442b-8afc-0329eedafb72/0/CBB5E8D87996C4897C9F5DC0CB32864F4F0C5A7A.mft caRepository: rsync://repo-rpki.idnic.net/repo/57f6e57b-4c26-442b-8afc-0329eedafb72/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 03 Jan 2024 17:31:33 +0000 Certificate not after: Wed 01 Jan 2025 17:36:33 +0000 Subordinate resources: IP: 103.129.68.0/22 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 00:20:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:c7:f5:f5:1a:04:3c:97:86:2f:a2:1a:db:10:61:ae:a7:01:19:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 3 17:31:33 2024 GMT Not After : Jan 1 17:36:33 2025 GMT Subject: CN=CBB5E8D87996C4897C9F5DC0CB32864F4F0C5A7A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:bb:1f:7d:9f:14:50:a0:54:d7:25:d4:8f:11: a7:7f:ef:9b:90:6c:87:09:8a:bb:54:2e:21:e2:b7: f8:09:f8:8e:e3:72:b0:78:e1:c2:f9:f3:a9:a7:ac: 56:08:4a:9d:15:98:25:9e:4b:5f:14:f7:fe:ce:3b: ca:f1:3b:c2:b9:12:2f:2f:e2:1f:a1:1e:b7:f7:4c: 19:51:19:f7:ce:02:a8:e9:69:40:7b:df:0a:a2:e0: 15:b1:8c:d0:33:51:ec:94:42:c4:7f:64:56:48:e5: 52:59:79:ae:ec:5e:43:62:23:ec:52:51:4f:5c:8e: 0b:80:01:c2:35:c7:ca:0d:af:d8:12:06:7a:38:99: 1c:f5:59:ca:a2:32:e7:4e:7a:46:53:f1:d5:7b:63: ee:67:39:41:b4:bf:2c:a7:7b:68:fd:a7:d3:47:a4: c0:b3:4a:78:47:1d:2b:56:64:2e:59:57:3f:58:46: be:a1:55:50:48:e2:75:1f:df:ca:7d:5d:00:78:b6: 3d:18:03:16:47:2e:39:8d:cb:1a:8e:c6:3c:d9:de: 42:1c:49:67:a8:64:1d:35:bd:e4:bf:a1:83:72:4a: 1b:93:97:36:e8:b4:ad:46:cc:a4:d6:5f:e8:f2:45: 59:9a:f6:31:07:54:af:40:57:bf:06:0b:51:06:10: 77:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: CB:B5:E8:D8:79:96:C4:89:7C:9F:5D:C0:CB:32:86:4F:4F:0C:5A:7A X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/57f6e57b-4c26-442b-8afc-0329eedafb72/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/57f6e57b-4c26-442b-8afc-0329eedafb72/0/CBB5E8D87996C4897C9F5DC0CB32864F4F0C5A7A.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.129.68.0/22 Signature Algorithm: sha256WithRSAEncryption 47:e2:99:28:a4:65:f8:3c:41:a6:96:b0:93:09:84:b2:72:70: f6:07:21:76:52:a5:40:99:80:9e:26:41:9f:a9:8b:51:94:86: 25:0e:f5:49:94:f9:e0:32:cd:6c:5c:a1:6f:af:1b:8f:0e:9c: c6:86:79:a2:87:ee:80:91:7c:6d:6d:89:1b:cd:90:27:58:cb: ee:81:e8:ce:d8:7f:0c:af:5b:67:e6:28:7b:6c:d1:32:8d:d6: be:84:8d:0a:bf:15:f3:45:34:4d:43:a0:85:dd:ff:3f:52:b5: e0:bf:20:78:86:00:ba:fa:4b:c1:e5:2a:f6:97:f0:3c:c7:38: af:ba:c4:3c:f0:7b:7c:1e:f0:bd:44:54:c4:8e:84:92:16:cb: 79:c8:2b:53:82:d6:65:11:c7:7f:6d:bc:3e:d2:f6:9d:95:ad: 46:65:f7:8d:3c:40:7c:58:a4:45:37:c3:40:00:c5:9e:67:3d: 4f:40:f0:71:30:5e:7d:a3:69:45:fd:0e:b1:d8:1d:4f:25:5d: 99:af:c0:df:29:4b:ee:25:cb:62:0d:e1:11:20:3d:3f:4b:f6: f9:f5:9a:db:9e:6b:3f:a5:11:ae:11:50:8d:a4:41:b5:3f:aa: 82:14:5b:61:18:3a:93:b3:71:cc:6a:1c:39:91:4a:cd:ab:22: 04:e6:15:91 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUaMf19RoEPJeGL6Ia2xBhrqcBGScwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwMzE3MzEzM1oX DTI1MDEwMTE3MzYzM1owMzExMC8GA1UEAxMoQ0JCNUU4RDg3OTk2QzQ4OTdDOUY1 REMwQ0IzMjg2NEY0RjBDNUE3QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMq7H32fFFCgVNcl1I8Rp3/vm5BshwmKu1QuIeK3+An4juNysHjhwvnzqaes VghKnRWYJZ5LXxT3/s47yvE7wrkSLy/iH6Eet/dMGVEZ984CqOlpQHvfCqLgFbGM 0DNR7JRCxH9kVkjlUll5ruxeQ2Ij7FJRT1yOC4ABwjXHyg2v2BIGejiZHPVZyqIy 5056RlPx1Xtj7mc5QbS/LKd7aP2n00ekwLNKeEcdK1ZkLllXP1hGvqFVUEjidR/f yn1dAHi2PRgDFkcuOY3LGo7GPNneQhxJZ6hkHTW95L+hg3JKG5OXNui0rUbMpNZf 6PJFWZr2MQdUr0BXvwYLUQYQd+kCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFMu16Nh5lsSJfJ9dwMsyhk9PDFp6MB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by81N2Y2ZTU3Yi00YzI2LTQ0MmItOGFmYy0wMzI5ZWVkYWZiNzIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU3ZjZlNTdi LTRjMjYtNDQyYi04YWZjLTAzMjllZWRhZmI3Mi8wL0NCQjVFOEQ4Nzk5NkM0ODk3 QzlGNURDMENCMzI4NjRGNEYwQzVBN0EubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJngUQwDQYJKoZIhvcNAQELBQADggEBAEfimSikZfg8QaaWsJMJhLJycPYHIXZS pUCZgJ4mQZ+pi1GUhiUO9UmU+eAyzWxcoW+vG48OnMaGeaKH7oCRfG1tiRvNkCdY y+6B6M7YfwyvW2fmKHts0TKN1r6EjQq/FfNFNE1DoIXd/z9SteC/IHiGALr6S8Hl KvaX8DzHOK+6xDzwe3we8L1EVMSOhJIWy3nIK1OC1mURx39tvD7S9p2VrUZl9408 QHxYpEU3w0AAxZ5nPU9A8HEwXn2jaUX9DrHYHU8lXZmvwN8pS+4ly2IN4REgPT9L 9vn1mtueaz+lEa4RUI2kQbU/qoIUW2EYOpOzccxqHDmRSs2rIgTmFZE= -----END CERTIFICATE-----Generated at Thu May 9 00:29:18 2024 by rpki-client on console-ams.rpki-client.org