$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.cer File: DF19949CE17DC116E7B7C2248C933405B7A1AEF2.cer (raw, json) Hash identifier: xid/V3ebpPW6EvJzt6KfA8jV+PxyTHoE44S51h3jgM8= Subject key identifier: DF:19:94:9C:E1:7D:C1:16:E7:B7:C2:24:8C:93:34:05:B7:A1:AE:F2 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 189D31FC7367ECC4A58F7C4FAAFE8F8DA1BCFC81 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft caRepository: rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Thu 04 Jan 2024 09:52:53 +0000 Certificate not after: Thu 02 Jan 2025 09:57:53 +0000 Subordinate resources: IP: 103.166.234.0/24 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 10:29:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:9d:31:fc:73:67:ec:c4:a5:8f:7c:4f:aa:fe:8f:8d:a1:bc:fc:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Jan 4 09:52:53 2024 GMT Not After : Jan 2 09:57:53 2025 GMT Subject: CN=DF19949CE17DC116E7B7C2248C933405B7A1AEF2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:68:db:59:30:e2:be:e5:03:82:68:8d:47:52: a1:f4:ff:0c:ec:cf:2d:7a:56:72:82:a8:4e:dc:08: 7a:8d:c8:29:a0:df:3b:1e:4e:ad:d0:2b:0b:0a:12: ce:13:79:44:89:b3:33:53:c2:22:13:9d:d6:40:e7: 26:4d:7a:20:55:c7:59:8b:e4:b1:21:df:d6:ac:71: 64:38:d1:84:fc:2b:6f:94:cd:f5:3f:c1:ce:84:69: 12:f5:89:6c:2a:59:33:eb:65:9d:f0:81:4c:cd:a9: 77:84:ae:8c:c7:f6:65:6b:52:03:19:bf:a8:14:4d: 37:6a:31:19:2b:eb:dd:df:72:cd:86:fd:05:db:34: 70:70:ca:66:26:93:90:e8:f8:b8:00:22:0c:c0:27: be:ef:ab:88:e4:22:55:94:4c:4d:60:7c:15:41:13: a6:7a:75:3e:8e:0f:ec:d4:a0:c1:9b:83:2b:42:47: 9d:a9:60:16:04:ab:00:83:7c:96:f0:98:aa:16:f9: bb:6e:dd:d5:1c:a6:79:51:85:64:f8:71:bb:99:48: a6:eb:9c:41:0e:16:45:36:4b:65:81:b0:95:c4:b3: fc:9e:e0:d3:3c:ba:8e:5d:bb:ed:83:74:bf:17:ce: fb:c4:4c:7e:0d:85:a7:59:14:a6:63:9b:13:1e:9e: cd:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: DF:19:94:9C:E1:7D:C1:16:E7:B7:C2:24:8C:93:34:05:B7:A1:AE:F2 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/3aef786b-6226-44af-852d-1fb045c4deb3/0/DF19949CE17DC116E7B7C2248C933405B7A1AEF2.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.166.234.0/24 Signature Algorithm: sha256WithRSAEncryption 59:43:d7:86:90:09:da:41:3d:03:e0:96:d1:af:5b:98:a8:25: 99:b0:72:ed:cb:9c:f1:c5:e5:11:27:82:9f:ad:72:1e:a1:36: 7e:d2:0a:bf:fd:d6:f8:75:10:11:79:73:3c:1e:2d:69:79:b9: 26:3b:b1:79:d7:50:67:73:56:cb:b0:2f:24:4b:50:e4:d6:f2: ae:32:01:e4:9e:0a:52:b5:75:9a:2d:95:b7:ab:69:be:5c:cd: f4:06:02:20:a3:60:c1:b1:e5:36:1e:71:69:73:13:75:1b:61: 02:c2:d2:fc:ce:de:dd:cb:84:e8:82:65:d7:66:33:db:46:a0: 8f:01:af:69:3d:28:61:21:c3:66:39:cb:be:2f:8f:02:04:54: 63:1c:42:ae:f6:bd:45:a2:e8:d0:bf:84:42:e0:f5:57:b0:99: bf:1f:d8:8b:d1:0d:eb:75:35:ae:f2:72:04:c2:2e:eb:b5:68: 28:07:8f:8e:be:dc:89:48:1c:09:78:3e:af:f0:ad:55:a5:71: 0d:05:b2:13:35:b6:81:8a:df:f2:32:27:7c:a9:14:d7:ce:f4: e8:c1:ad:0a:3a:6b:a0:9e:2c:78:aa:43:38:31:b4:d5:ae:9a: bc:90:ae:1d:b8:af:a8:e9:d6:14:43:5a:09:53:18:37:33:f4: 83:98:5c:dd -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUGJ0x/HNn7MSlj3xPqv6PjaG8/IEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwNDA5NTI1M1oX DTI1MDEwMjA5NTc1M1owMzExMC8GA1UEAxMoREYxOTk0OUNFMTdEQzExNkU3QjdD MjI0OEM5MzM0MDVCN0ExQUVGMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAMZo21kw4r7lA4JojUdSofT/DOzPLXpWcoKoTtwIeo3IKaDfOx5OrdArCwoS zhN5RImzM1PCIhOd1kDnJk16IFXHWYvksSHf1qxxZDjRhPwrb5TN9T/BzoRpEvWJ bCpZM+tlnfCBTM2pd4SujMf2ZWtSAxm/qBRNN2oxGSvr3d9yzYb9Bds0cHDKZiaT kOj4uAAiDMAnvu+riOQiVZRMTWB8FUETpnp1Po4P7NSgwZuDK0JHnalgFgSrAIN8 lvCYqhb5u27d1RymeVGFZPhxu5lIpuucQQ4WRTZLZYGwlcSz/J7g0zy6jl277YN0 vxfO+8RMfg2Fp1kUpmObEx6ezccCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFN8ZlJzhfcEW57fCJIyTNAW3oa7yMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zYWVmNzg2Yi02MjI2LTQ0YWYtODUyZC0xZmIwNDVjNGRlYjMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNhZWY3ODZi LTYyMjYtNDRhZi04NTJkLTFmYjA0NWM0ZGViMy8wL0RGMTk5NDlDRTE3REMxMTZF N0I3QzIyNDhDOTMzNDA1QjdBMUFFRjIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABnpuowDQYJKoZIhvcNAQELBQADggEBAFlD14aQCdpBPQPgltGvW5ioJZmwcu3L nPHF5REngp+tch6hNn7SCr/91vh1EBF5czweLWl5uSY7sXnXUGdzVsuwLyRLUOTW 8q4yAeSeClK1dZotlberab5czfQGAiCjYMGx5TYecWlzE3UbYQLC0vzO3t3LhOiC ZddmM9tGoI8Br2k9KGEhw2Y5y74vjwIEVGMcQq72vUWi6NC/hELg9Vewmb8f2IvR Det1Na7ycgTCLuu1aCgHj46+3IlIHAl4Pq/wrVWlcQ0FshM1toGK3/IyJ3ypFNfO 9OjBrQo6a6CeLHiqQzgxtNWumryQrh24r6jp1hRDWglTGDcz9IOYXN0= -----END CERTIFICATE-----Generated at Wed May 8 04:38:02 2024 by rpki-client on console-fra.rpki-client.org