$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/D7F23D7B54890F0EECF550FFA42799B64D9BD4C9.cer File: D7F23D7B54890F0EECF550FFA42799B64D9BD4C9.cer (raw, json) Hash identifier: 6JjLHBc7YVmhGDAkiBsxPT9saBFiE2xelZ+Mdkg9Mfk= Subject key identifier: D7:F2:3D:7B:54:89:0F:0E:EC:F5:50:FF:A4:27:99:B6:4D:9B:D4:C9 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 43CCB48A27E1B2281BC5590133EBEC62ED789E0D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/bb9851b1-5a6d-4e75-9fff-c03a9c49cf69/0/D7F23D7B54890F0EECF550FFA42799B64D9BD4C9.mft caRepository: rsync://repo-rpki.idnic.net/repo/bb9851b1-5a6d-4e75-9fff-c03a9c49cf69/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Sat 17 Feb 2024 08:01:47 +0000 Certificate not after: Sat 15 Feb 2025 08:06:47 +0000 Subordinate resources: IP: 103.222.255.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 03:34:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:cc:b4:8a:27:e1:b2:28:1b:c5:59:01:33:eb:ec:62:ed:78:9e:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Feb 17 08:01:47 2024 GMT Not After : Feb 15 08:06:47 2025 GMT Subject: CN=D7F23D7B54890F0EECF550FFA42799B64D9BD4C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:38:02:f1:c0:19:7c:99:5e:7a:43:c5:61:3b: bf:6a:03:f0:44:68:ac:d9:cf:69:98:1c:f6:17:34: 8d:17:77:d9:60:d1:59:b3:54:9e:6c:e9:f0:d2:55: c1:a4:82:d8:d6:6d:aa:9c:f1:d9:27:e9:0b:48:2c: 04:a5:32:72:52:f2:77:9f:06:a3:68:71:8d:24:15: 23:f2:64:d8:88:2f:41:3d:c0:dd:4d:54:dd:cc:6e: 4c:39:ca:e7:b5:25:d6:c8:39:bf:a1:e2:81:81:63: 03:44:23:8b:02:44:94:4e:62:15:65:a3:58:e0:24: 22:bd:ba:1b:14:56:27:cd:93:4b:bf:1b:a5:d0:23: f8:35:a7:aa:c2:cc:d8:97:17:66:83:ec:d5:59:53: ec:f2:90:48:64:4f:38:8d:da:e4:26:57:71:cb:81: d4:86:12:3c:ee:d1:22:df:70:f4:fd:a9:01:d5:a5: c6:83:55:0f:5e:13:47:af:66:6c:58:f7:23:38:4d: 52:27:b4:74:76:a4:47:04:24:d8:ed:2c:cd:32:fa: 3a:4b:a7:ea:82:98:db:e8:2d:c2:c2:ac:f5:43:0a: ab:f0:c0:f9:25:67:7c:80:58:87:9c:a6:53:33:92: df:42:ad:09:67:78:b5:de:d2:d0:a7:27:86:6e:6e: bf:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: D7:F2:3D:7B:54:89:0F:0E:EC:F5:50:FF:A4:27:99:B6:4D:9B:D4:C9 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/bb9851b1-5a6d-4e75-9fff-c03a9c49cf69/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/bb9851b1-5a6d-4e75-9fff-c03a9c49cf69/0/D7F23D7B54890F0EECF550FFA42799B64D9BD4C9.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.222.255.0/24 Signature Algorithm: sha256WithRSAEncryption 4d:3f:cb:3c:0a:65:87:5e:6d:61:94:d1:ff:04:78:c9:21:73: 82:65:71:fb:0f:81:43:85:24:77:f1:2a:23:cd:ec:33:d1:96: c5:88:a6:12:e8:2b:e4:d9:5d:cd:c1:ef:89:1d:1c:a7:20:4a: ae:dd:8a:f3:35:2a:46:63:30:e1:c9:e4:eb:50:37:0d:2e:39: d6:85:c1:df:cf:97:f5:a2:3f:fa:dd:ff:6d:b7:a4:d3:25:c8: 40:f7:5d:68:aa:0a:26:c4:02:6b:e7:69:ac:67:6d:82:d8:0b: 48:99:0a:8a:88:c3:a7:0a:ac:6d:02:27:db:46:d1:4f:5a:eb: 76:97:d7:f1:1e:ae:2b:13:1c:b6:40:bf:0c:47:74:30:40:cd: d5:01:68:22:8d:b3:f2:62:ab:e9:55:d4:69:98:94:60:a2:5d: 03:12:a3:e7:51:cf:ca:23:5c:6f:da:52:c0:26:bf:06:47:c4: 18:12:0c:72:cd:57:1e:9d:5c:f3:b1:ee:24:7d:e6:f8:98:f1: 76:e5:11:a4:fd:61:16:cb:54:2d:c2:d3:3d:f2:a3:88:54:87: 5f:f9:10:61:c1:06:b0:6b:4d:aa:cc:92:c5:5a:de:a5:6d:16: dd:51:78:f4:7d:fe:7a:32:d6:41:b0:30:ea:f1:f4:35:4a:e3: 4a:47:f2:48 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUQ8y0iifhsigbxVkBM+vsYu14ng0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDIxNzA4MDE0N1oX DTI1MDIxNTA4MDY0N1owMzExMC8GA1UEAxMoRDdGMjNEN0I1NDg5MEYwRUVDRjU1 MEZGQTQyNzk5QjY0RDlCRDRDOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAOE4AvHAGXyZXnpDxWE7v2oD8ERorNnPaZgc9hc0jRd32WDRWbNUnmzp8NJV waSC2NZtqpzx2SfpC0gsBKUyclLyd58Go2hxjSQVI/Jk2IgvQT3A3U1U3cxuTDnK 57Ul1sg5v6HigYFjA0QjiwJElE5iFWWjWOAkIr26GxRWJ82TS78bpdAj+DWnqsLM 2JcXZoPs1VlT7PKQSGRPOI3a5CZXccuB1IYSPO7RIt9w9P2pAdWlxoNVD14TR69m bFj3IzhNUie0dHakRwQk2O0szTL6Okun6oKY2+gtwsKs9UMKq/DA+SVnfIBYh5ym UzOS30KtCWd4td7S0Kcnhm5uv20CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFNfyPXtUiQ8O7PVQ/6QnmbZNm9TJMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9iYjk4NTFiMS01YTZkLTRlNzUtOWZmZi1jMDNhOWM0OWNmNjkvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JiOTg1MWIx LTVhNmQtNGU3NS05ZmZmLWMwM2E5YzQ5Y2Y2OS8wL0Q3RjIzRDdCNTQ4OTBGMEVF Q0Y1NTBGRkE0Mjc5OUI2NEQ5QkQ0QzkubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABn3v8wDQYJKoZIhvcNAQELBQADggEBAE0/yzwKZYdebWGU0f8EeMkhc4JlcfsP gUOFJHfxKiPN7DPRlsWIphLoK+TZXc3B74kdHKcgSq7divM1KkZjMOHJ5OtQNw0u OdaFwd/Pl/WiP/rd/223pNMlyED3XWiqCibEAmvnaaxnbYLYC0iZCoqIw6cKrG0C J9tG0U9a63aX1/EerisTHLZAvwxHdDBAzdUBaCKNs/Jiq+lV1GmYlGCiXQMSo+dR z8ojXG/aUsAmvwZHxBgSDHLNVx6dXPOx7iR95viY8XblEaT9YRbLVC3C0z3yo4hU h1/5EGHBBrBrTarMksVa3qVtFt1RePR9/noy1kGwMOrx9DVK40pH8kg= -----END CERTIFICATE-----Generated at Wed May 8 21:02:28 2024 by rpki-client on console-fra.rpki-client.org