$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/CF0CF43F294A5C8416E3F7A6FDBF077B234CA446.cer File: CF0CF43F294A5C8416E3F7A6FDBF077B234CA446.cer (raw, json) Hash identifier: zikYpT/EX4X5nd0YlEnhB3T3Tt9mndFh+ryHGfAIjEg= Subject key identifier: CF:0C:F4:3F:29:4A:5C:84:16:E3:F7:A6:FD:BF:07:7B:23:4C:A4:46 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3C447004E776980D539AB1329DF894DF4F843690 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/582f2b38-addf-4bd3-9249-e5ba56cd052e/0/CF0CF43F294A5C8416E3F7A6FDBF077B234CA446.mft caRepository: rsync://repo-rpki.idnic.net/repo/582f2b38-addf-4bd3-9249-e5ba56cd052e/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 19 Sep 2024 10:34:22 +0000 Certificate not after: Thu 18 Sep 2025 10:39:22 +0000 Subordinate resources: IP: 103.6.204.0/22 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:44:70:04:e7:76:98:0d:53:9a:b1:32:9d:f8:94:df:4f:84:36:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 19 10:34:22 2024 GMT Not After : Sep 18 10:39:22 2025 GMT Subject: CN=CF0CF43F294A5C8416E3F7A6FDBF077B234CA446 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:0f:c4:18:67:d0:b4:ab:85:1a:cf:49:33:97: 28:0a:68:68:8d:4e:f4:d0:e9:f3:88:a5:4e:c8:d9: a3:49:a8:83:1e:5d:cb:33:82:96:da:82:c6:b6:0d: 7f:96:c9:0d:cc:8e:75:89:6d:fc:61:83:c0:fa:e9: d1:cc:c7:f1:33:7b:6e:5b:c2:dd:53:f2:79:d2:41: f6:2f:2e:f4:4c:3e:d9:94:ae:9e:36:02:a1:03:73: 99:dd:20:09:c0:a9:c4:ac:40:5d:de:9c:c2:b8:7f: 74:14:d8:9c:86:b9:96:87:c9:03:08:04:43:d5:89: 53:87:d8:1d:c8:c2:76:b4:59:f8:b5:73:bd:d3:c2: c9:22:e7:ce:08:6e:d7:09:f0:f2:c6:01:9c:c9:52: 96:d3:97:32:40:a0:c6:f7:a8:4f:9b:90:99:56:72: ee:e9:f9:e7:d2:de:01:0f:9f:10:27:61:9c:f2:fa: 92:4a:a8:bc:c0:a6:63:78:d2:28:d9:41:33:a3:7e: 04:52:52:22:7f:d5:05:33:85:90:79:b2:b9:fb:f0: 7e:46:de:93:9e:73:3c:e1:12:90:db:a7:d9:25:75: e8:66:f2:a4:1e:24:46:26:84:f3:6b:b5:a8:75:18: 85:80:c7:cd:31:bc:b7:64:48:12:fa:b5:a5:56:0f: e2:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: CF:0C:F4:3F:29:4A:5C:84:16:E3:F7:A6:FD:BF:07:7B:23:4C:A4:46 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/582f2b38-addf-4bd3-9249-e5ba56cd052e/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/582f2b38-addf-4bd3-9249-e5ba56cd052e/0/CF0CF43F294A5C8416E3F7A6FDBF077B234CA446.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.6.204.0/22 Signature Algorithm: sha256WithRSAEncryption 65:91:03:07:8f:c0:f2:94:f6:20:78:11:e2:27:d2:1c:73:6d: d9:60:aa:fb:c7:96:98:9f:e1:47:4d:ac:aa:6d:e4:84:5b:c6: b2:4a:e5:30:43:5f:26:47:cc:bb:98:36:ae:c5:36:74:91:49: 47:53:ad:42:e3:0e:27:24:50:f6:d4:f1:b8:b5:48:2a:40:ba: a8:13:25:8c:d2:33:3b:c7:54:cf:d7:04:d6:03:14:17:ae:f2: a1:db:a3:9d:49:a5:b3:31:0c:2e:a2:d7:eb:84:87:4a:fb:8a: be:5e:a1:d7:eb:19:a6:85:5a:66:49:7f:5e:85:cb:34:1f:4a: 36:26:cd:b5:66:35:47:31:dd:2c:d1:36:99:7c:85:55:87:6e: 8d:eb:cf:ce:c6:44:39:9b:96:32:46:1f:f0:ae:d9:8e:26:9e: f8:e9:f3:73:a9:42:7d:ba:48:1b:e3:64:fa:11:6a:51:af:74: e4:d8:78:1a:b2:6e:a4:89:6f:71:d5:ef:a9:10:6a:45:cf:e3: 7a:b1:89:6e:27:4b:f2:eb:36:d5:fe:39:0c:25:7c:69:9f:b6: 3c:49:89:58:75:f8:52:c0:c8:2b:6a:6a:5f:15:1c:1a:1b:fa: 44:d9:9e:55:fb:40:26:23:1d:5a:6c:51:3d:d5:7a:d4:5f:81: e8:21:6b:26 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUPERwBOd2mA1TmrEynfiU30+ENpAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDkxOTEwMzQyMloX DTI1MDkxODEwMzkyMlowMzExMC8GA1UEAxMoQ0YwQ0Y0M0YyOTRBNUM4NDE2RTNG N0E2RkRCRjA3N0IyMzRDQTQ0NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBANMPxBhn0LSrhRrPSTOXKApoaI1O9NDp84ilTsjZo0mogx5dyzOCltqCxrYN f5bJDcyOdYlt/GGDwPrp0czH8TN7blvC3VPyedJB9i8u9Ew+2ZSunjYCoQNzmd0g CcCpxKxAXd6cwrh/dBTYnIa5lofJAwgEQ9WJU4fYHcjCdrRZ+LVzvdPCySLnzghu 1wnw8sYBnMlSltOXMkCgxveoT5uQmVZy7un559LeAQ+fECdhnPL6kkqovMCmY3jS KNlBM6N+BFJSIn/VBTOFkHmyufvwfkbek55zPOESkNun2SV16GbypB4kRiaE82u1 qHUYhYDHzTG8t2RIEvq1pVYP4hMCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFM8M9D8pSlyEFuP3pv2/B3sjTKRGMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by81ODJmMmIzOC1hZGRmLTRiZDMtOTI0OS1lNWJhNTZjZDA1MmUvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU4MmYyYjM4 LWFkZGYtNGJkMy05MjQ5LWU1YmE1NmNkMDUyZS8wL0NGMENGNDNGMjk0QTVDODQx NkUzRjdBNkZEQkYwNzdCMjM0Q0E0NDYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJnBswwDQYJKoZIhvcNAQELBQADggEBAGWRAwePwPKU9iB4EeIn0hxzbdlgqvvH lpif4UdNrKpt5IRbxrJK5TBDXyZHzLuYNq7FNnSRSUdTrULjDickUPbU8bi1SCpA uqgTJYzSMzvHVM/XBNYDFBeu8qHbo51JpbMxDC6i1+uEh0r7ir5eodfrGaaFWmZJ f16FyzQfSjYmzbVmNUcx3SzRNpl8hVWHbo3rz87GRDmbljJGH/Cu2Y4mnvjp83Op Qn26SBvjZPoRalGvdOTYeBqybqSJb3HV76kQakXP43qxiW4nS/LrNtX+OQwlfGmf tjxJiVh1+FLAyCtqal8VHBob+kTZnlX7QCYjHVpsUT3VetRfgeghayY= -----END CERTIFICATE-----Generated at Mon Nov 25 13:02:00 2024 by rpki-client on console-fra.rpki-client.org