$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/CEE21891B6F5736FAA7D9BED383243F3DF381781.cer File: CEE21891B6F5736FAA7D9BED383243F3DF381781.cer (raw, json) Hash identifier: 33lN7dzcAF69iRNHMWUCrZ8nEpGQqGSG0VaZjZWcJ8Q= Subject key identifier: CE:E2:18:91:B6:F5:73:6F:AA:7D:9B:ED:38:32:43:F3:DF:38:17:81 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 33F1B84691EE610E14BF317DD0A001D7C86725E6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/8af0031e-2a9e-47ca-9283-40e927e35993/0/CEE21891B6F5736FAA7D9BED383243F3DF381781.mft caRepository: rsync://repo-rpki.idnic.net/repo/8af0031e-2a9e-47ca-9283-40e927e35993/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 23 May 2024 02:58:36 +0000 Certificate not after: Thu 22 May 2025 03:03:36 +0000 Subordinate resources: IP: 103.168.186.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 20:39:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:f1:b8:46:91:ee:61:0e:14:bf:31:7d:d0:a0:01:d7:c8:67:25:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: May 23 02:58:36 2024 GMT Not After : May 22 03:03:36 2025 GMT Subject: CN=CEE21891B6F5736FAA7D9BED383243F3DF381781 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:cf:62:ff:75:22:86:0c:02:84:8c:1e:94:22: d1:55:f2:89:5e:47:cb:cb:95:cf:31:f5:44:7c:0f: 87:8c:c1:96:c1:f7:48:95:59:59:5c:07:f7:b1:0f: d9:c6:8e:d3:81:50:ac:78:8f:fe:1d:24:19:4c:d8: 03:99:44:02:44:50:19:a8:7e:84:b7:36:92:7a:cf: 69:57:ed:aa:7d:c7:ca:a2:e6:39:eb:b7:ca:a0:ec: 63:76:77:97:21:b8:f1:e7:d3:14:c0:19:f7:f1:f4: d4:83:4c:f3:a5:c3:b0:af:60:ec:4b:40:4d:a7:67: 43:fe:f6:8b:1f:ff:2d:02:30:14:d2:0f:1f:41:66: 4e:76:c8:0c:53:d3:dd:d6:43:78:72:4a:81:8f:96: 97:4f:ec:d5:1d:67:7e:23:2a:3c:97:dd:1c:ff:bd: 49:de:ba:4b:b2:60:98:45:93:60:3a:2f:54:77:c5: d5:b7:d7:b5:cb:7e:3a:ed:b1:4f:2c:92:f7:ac:f0: 2d:95:54:7a:3f:c7:9d:c7:fe:fb:48:24:b6:4a:7a: b2:70:dd:b7:6e:18:4d:8f:4a:3e:8b:1e:36:e0:ae: ce:29:ef:20:21:67:6e:26:33:b9:96:1b:9e:f6:d2: 72:6e:76:2b:00:dc:87:b9:79:bd:9f:de:71:c5:bd: 59:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: CE:E2:18:91:B6:F5:73:6F:AA:7D:9B:ED:38:32:43:F3:DF:38:17:81 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/8af0031e-2a9e-47ca-9283-40e927e35993/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/8af0031e-2a9e-47ca-9283-40e927e35993/0/CEE21891B6F5736FAA7D9BED383243F3DF381781.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.168.186.0/23 Signature Algorithm: sha256WithRSAEncryption 35:2a:30:73:a2:ff:6d:e1:4d:59:b7:2d:f7:5e:ea:36:06:5f: 68:1d:ec:ee:a0:b0:64:ff:ab:44:f3:0a:ce:e7:ca:6f:dd:d3: ce:bc:41:49:c2:26:d8:81:08:95:b6:54:4e:9f:f4:58:a3:b8: cd:2b:8e:85:d4:b8:1a:8f:f4:75:6d:58:d2:00:69:39:dd:16: a4:e1:d5:ee:92:88:60:2c:a2:85:13:f9:fc:22:87:6c:44:b3: b1:3e:f9:88:92:53:20:fe:c6:1b:b5:0d:eb:81:54:60:14:7a: 08:71:90:5f:8c:4a:38:fc:48:4d:47:7a:d9:cd:e9:08:4d:5c: 86:55:05:3b:ab:59:a8:8f:18:a1:2b:db:65:79:aa:c4:bb:a3: 1e:cd:ac:4c:44:8c:8d:f8:08:32:c4:4c:c8:f6:ca:ba:12:61: 07:1c:ac:6f:fb:39:08:5e:e0:86:00:80:89:29:cf:be:6e:f9: e0:17:58:da:45:8e:ba:43:b6:fa:f7:c0:03:60:04:58:a0:74: d3:4f:93:97:75:89:62:e9:8d:8c:20:f2:b0:c7:e8:25:1d:cc: 92:b1:7d:90:dc:b2:ff:a9:7a:fc:87:7f:c9:e7:b6:e6:e8:cd: 45:76:83:a4:72:f9:10:4f:1d:cc:9b:64:a5:a4:12:bb:d7:37: 18:40:18:e0 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUM/G4RpHuYQ4UvzF90KAB18hnJeYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDUyMzAyNTgzNloX DTI1MDUyMjAzMDMzNlowMzExMC8GA1UEAxMoQ0VFMjE4OTFCNkY1NzM2RkFBN0Q5 QkVEMzgzMjQzRjNERjM4MTc4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAJTPYv91IoYMAoSMHpQi0VXyiV5Hy8uVzzH1RHwPh4zBlsH3SJVZWVwH97EP 2caO04FQrHiP/h0kGUzYA5lEAkRQGah+hLc2knrPaVftqn3HyqLmOeu3yqDsY3Z3 lyG48efTFMAZ9/H01INM86XDsK9g7EtATadnQ/72ix//LQIwFNIPH0FmTnbIDFPT 3dZDeHJKgY+Wl0/s1R1nfiMqPJfdHP+9Sd66S7JgmEWTYDovVHfF1bfXtct+Ou2x TyyS96zwLZVUej/Hncf++0gktkp6snDdt24YTY9KPoseNuCuzinvICFnbiYzuZYb nvbScm52KwDch7l5vZ/eccW9Wa8CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFM7iGJG29XNvqn2b7TgyQ/PfOBeBMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by84YWYwMDMxZS0yYTllLTQ3Y2EtOTI4My00MGU5MjdlMzU5OTMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhhZjAwMzFl LTJhOWUtNDdjYS05MjgzLTQwZTkyN2UzNTk5My8wL0NFRTIxODkxQjZGNTczNkZB QTdEOUJFRDM4MzI0M0YzREYzODE3ODEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnqLowDQYJKoZIhvcNAQELBQADggEBADUqMHOi/23hTVm3Lfde6jYGX2gd7O6g sGT/q0TzCs7nym/d0868QUnCJtiBCJW2VE6f9FijuM0rjoXUuBqP9HVtWNIAaTnd FqTh1e6SiGAsooUT+fwih2xEs7E++YiSUyD+xhu1DeuBVGAUeghxkF+MSjj8SE1H etnN6QhNXIZVBTurWaiPGKEr22V5qsS7ox7NrExEjI34CDLETMj2yroSYQccrG/7 OQhe4IYAgIkpz75u+eAXWNpFjrpDtvr3wANgBFigdNNPk5d1iWLpjYwg8rDH6CUd zJKxfZDcsv+pevyHf8nntubozUV2g6Ry+RBPHcybZKWkErvXNxhAGOA= -----END CERTIFICATE-----Generated at Fri Nov 22 11:14:30 2024 by rpki-client on console-fra.rpki-client.org