$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/CEA3B53564D3F615E630CDDAA7BA5AE8FE7E9AEC.cer File: CEA3B53564D3F615E630CDDAA7BA5AE8FE7E9AEC.cer (raw, json) Hash identifier: pI0JpWORcmLUg4QQCZQFo8PXiZp3xAHSthy4dNzrfRs= Subject key identifier: CE:A3:B5:35:64:D3:F6:15:E6:30:CD:DA:A7:BA:5A:E8:FE:7E:9A:EC Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 4E534AEDC0CF99CE3A29A47818A70E262A8B2872 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/9ccc5f64-ed62-4848-8c38-42df48e34bb6/0/CEA3B53564D3F615E630CDDAA7BA5AE8FE7E9AEC.mft caRepository: rsync://repo-rpki.idnic.net/repo/9ccc5f64-ed62-4848-8c38-42df48e34bb6/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 18 Sep 2024 14:57:42 +0000 Certificate not after: Wed 17 Sep 2025 15:02:42 +0000 Subordinate resources: IP: 103.177.90.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 06:34:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:53:4a:ed:c0:cf:99:ce:3a:29:a4:78:18:a7:0e:26:2a:8b:28:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Sep 18 14:57:42 2024 GMT Not After : Sep 17 15:02:42 2025 GMT Subject: CN=CEA3B53564D3F615E630CDDAA7BA5AE8FE7E9AEC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:3b:f5:a9:ef:e9:f4:ba:ba:58:76:2f:3a:50: 86:c4:fc:24:43:88:98:d1:48:48:fe:81:9c:9a:78: 89:b3:ea:52:1c:34:2d:2b:dc:e1:5d:00:4e:77:ad: 64:09:3d:28:76:9c:ed:8c:fb:d4:30:2b:cc:05:f6: 89:af:f1:6d:a7:26:6a:5c:1f:90:93:fc:aa:22:bd: e3:68:2f:18:6d:1b:41:b7:85:8d:ef:24:a6:cf:19: 3c:1b:4c:e3:fa:13:1d:0b:68:44:97:e6:2e:6d:54: 5f:95:a0:72:e9:85:33:63:f8:be:d5:db:de:90:27: d2:8e:82:9e:b9:57:65:55:e2:12:84:8f:a9:bb:c0: 11:f7:c2:4a:3a:d7:8e:3a:91:19:9f:75:b2:96:64: fc:c7:d9:16:96:0d:cc:0a:5f:36:03:3f:cd:4c:85: 49:5f:3b:67:4e:54:90:31:5f:62:48:ff:b1:3d:d6: cf:d7:aa:8e:2f:86:52:be:d9:6c:be:ea:60:f3:47: dc:3c:4a:ed:68:62:d8:08:e8:c7:4e:71:5a:f9:1c: e3:6a:76:b3:4d:88:b5:32:d0:1c:86:2f:f0:98:65: f3:40:01:04:47:62:48:30:1c:b5:17:80:56:2b:8c: 30:31:33:84:a8:bc:30:bd:f2:87:75:61:d4:16:2c: 6c:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: CE:A3:B5:35:64:D3:F6:15:E6:30:CD:DA:A7:BA:5A:E8:FE:7E:9A:EC X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/9ccc5f64-ed62-4848-8c38-42df48e34bb6/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/9ccc5f64-ed62-4848-8c38-42df48e34bb6/0/CEA3B53564D3F615E630CDDAA7BA5AE8FE7E9AEC.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.177.90.0/23 Signature Algorithm: sha256WithRSAEncryption 29:4a:69:61:70:0a:dd:e0:83:ef:2a:2b:0c:f9:57:00:da:db: f8:26:82:45:06:6b:de:8f:16:01:8c:2f:6d:40:35:66:04:ab: af:68:52:fc:85:fd:65:da:35:4d:53:82:db:b5:93:ff:78:40: 80:9a:90:c7:0d:87:d8:77:51:46:4d:dc:32:c6:29:83:6a:41: 27:64:05:1e:66:4d:5b:2e:e9:82:10:5a:6a:78:22:83:68:74: 5a:81:e4:b5:a0:ba:4e:a7:01:75:3c:3d:53:aa:e2:95:66:e7: cf:24:1c:80:24:5c:a9:26:9f:3c:e4:00:e8:48:ee:6c:7e:f6: d7:28:58:3f:11:43:c3:3a:1c:e0:e8:51:49:60:17:11:a3:d0: 9b:1d:30:b3:04:22:bb:83:db:c3:11:cc:7b:34:03:95:26:34: fa:ac:e9:d9:55:b5:ea:f6:29:61:29:53:77:eb:dd:54:40:e3: cd:b0:36:c4:b3:e3:1b:6f:7f:b1:ac:69:0e:07:5a:eb:e6:76: fc:66:e0:33:06:d6:32:9c:ee:39:74:d7:00:a2:44:64:8d:df: 20:37:29:ad:39:72:e3:b8:1e:72:c1:cb:bc:bd:c9:9c:65:86: 24:a6:a1:0b:3b:53:7c:84:e4:e2:a8:ac:59:4d:f5:2a:07:12: af:9e:f1:ac -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUTlNK7cDPmc46KaR4GKcOJiqLKHIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDkxODE0NTc0MloX DTI1MDkxNzE1MDI0MlowMzExMC8GA1UEAxMoQ0VBM0I1MzU2NEQzRjYxNUU2MzBD RERBQTdCQTVBRThGRTdFOUFFQzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALg79anv6fS6ulh2LzpQhsT8JEOImNFISP6BnJp4ibPqUhw0LSvc4V0ATnet ZAk9KHac7Yz71DArzAX2ia/xbacmalwfkJP8qiK942gvGG0bQbeFje8kps8ZPBtM 4/oTHQtoRJfmLm1UX5WgcumFM2P4vtXb3pAn0o6CnrlXZVXiEoSPqbvAEffCSjrX jjqRGZ91spZk/MfZFpYNzApfNgM/zUyFSV87Z05UkDFfYkj/sT3Wz9eqji+GUr7Z bL7qYPNH3DxK7Whi2Ajox05xWvkc42p2s02ItTLQHIYv8Jhl80ABBEdiSDActReA ViuMMDEzhKi8ML3yh3Vh1BYsbDUCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFM6jtTVk0/YV5jDN2qe6Wuj+fprsMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by85Y2NjNWY2NC1lZDYyLTQ4NDgtOGMzOC00MmRmNDhlMzRiYjYvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzljY2M1ZjY0 LWVkNjItNDg0OC04YzM4LTQyZGY0OGUzNGJiNi8wL0NFQTNCNTM1NjREM0Y2MTVF NjMwQ0REQUE3QkE1QUU4RkU3RTlBRUMubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnsVowDQYJKoZIhvcNAQELBQADggEBAClKaWFwCt3gg+8qKwz5VwDa2/gmgkUG a96PFgGML21ANWYEq69oUvyF/WXaNU1Tgtu1k/94QICakMcNh9h3UUZN3DLGKYNq QSdkBR5mTVsu6YIQWmp4IoNodFqB5LWguk6nAXU8PVOq4pVm588kHIAkXKkmnzzk AOhI7mx+9tcoWD8RQ8M6HODoUUlgFxGj0JsdMLMEIruD28MRzHs0A5UmNPqs6dlV ter2KWEpU3fr3VRA482wNsSz4xtvf7GsaQ4HWuvmdvxm4DMG1jKc7jl01wCiRGSN 3yA3Ka05cuO4HnLBy7y9yZxlhiSmoQs7U3yE5OKorFlN9SoHEq+e8aw= -----END CERTIFICATE-----Generated at Sun Feb 16 20:47:25 2025 by rpki-client