$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/EAAF14D74C27E1502835CCF1541D5D92498C8427.cer File: EAAF14D74C27E1502835CCF1541D5D92498C8427.cer (raw, json) Hash identifier: C3M3oNkAtY+YZcx47wVKcpChmUWZq/YUUAHwfuC21Y8= Subject key identifier: EA:AF:14:D7:4C:27:E1:50:28:35:CC:F1:54:1D:5D:92:49:8C:84:27 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 32FBECD97704584D919181AD49102AF73EA34C85 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/ea4f7934-cdc7-4082-83fb-df7d4f8219af/1/EAAF14D74C27E1502835CCF1541D5D92498C8427.mft caRepository: rsync://repo-rpki.idnic.net/repo/ea4f7934-cdc7-4082-83fb-df7d4f8219af/1 Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Wed 27 Mar 2024 09:19:37 +0000 Certificate not after: Wed 26 Mar 2025 09:24:37 +0000 Subordinate resources: IP: 2001:df3:92c0::/48 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 11 May 2024 17:47:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:fb:ec:d9:77:04:58:4d:91:91:81:ad:49:10:2a:f7:3e:a3:4c:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 27 09:19:37 2024 GMT Not After : Mar 26 09:24:37 2025 GMT Subject: CN=EAAF14D74C27E1502835CCF1541D5D92498C8427 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:8c:c0:fb:34:b3:d7:60:df:c3:f8:b4:d3:db: 25:12:15:4c:95:03:f4:44:1e:7f:d1:3d:62:a0:fe: fb:b6:39:5a:57:0d:c0:1d:32:6b:f2:39:aa:24:9a: b6:8e:50:a8:c7:60:b7:ea:a7:a8:09:58:50:d8:47: 03:8c:ae:6b:0f:d2:fe:00:84:2f:67:23:61:fd:99: 87:c9:f0:65:0a:12:19:54:0f:9a:f1:d8:ae:13:29: 14:99:58:cf:82:87:5b:9d:3d:d7:98:bc:6a:a5:cc: e5:e9:7f:93:d9:99:06:3f:b7:3c:ab:d3:3c:01:1e: 12:87:81:a0:ae:21:79:05:89:e6:18:11:a7:e1:04: a8:1f:81:b9:1c:48:73:bc:75:21:7e:b7:15:f4:ba: 65:4c:14:17:c3:e8:f1:1f:d8:2c:64:cd:85:f2:31: 5c:71:45:84:df:47:45:60:c0:42:dc:f1:14:a0:3f: 7f:fd:ec:ad:c0:70:4f:ca:2f:6b:fc:5e:ec:44:a1: ba:9c:42:e0:49:4c:c1:03:a8:06:b3:8a:01:86:e3: 78:cd:1e:86:4d:ae:d9:dd:4f:3c:43:da:3d:16:ac: 1d:b2:85:20:4e:41:58:67:4e:85:4a:61:d4:ee:c7: d2:84:91:79:c9:6b:f6:34:88:e4:71:0a:18:04:c0: c3:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: EA:AF:14:D7:4C:27:E1:50:28:35:CC:F1:54:1D:5D:92:49:8C:84:27 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/ea4f7934-cdc7-4082-83fb-df7d4f8219af/1 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/ea4f7934-cdc7-4082-83fb-df7d4f8219af/1/EAAF14D74C27E1502835CCF1541D5D92498C8427.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:df3:92c0::/48 Signature Algorithm: sha256WithRSAEncryption 5e:4c:dc:c4:dc:34:90:92:a6:b8:55:bb:2a:46:a2:72:dd:13: dd:b2:8e:3c:91:97:de:dd:67:33:5a:0e:73:34:75:1e:fe:63: c0:fa:d0:dd:01:d6:f0:00:be:ec:aa:e3:3f:9e:2f:cb:22:79: 29:56:62:a5:4a:97:65:ff:c8:58:4b:64:53:75:2f:63:53:46: 6c:cd:45:ab:72:52:d2:fc:72:a6:f0:c4:92:a5:38:c7:e7:6d: f8:f4:6c:9a:ba:62:b2:46:e8:dc:39:d3:5f:3d:36:ef:c2:5f: 39:b6:6c:ac:b8:18:29:59:9d:3f:27:be:84:f5:0b:d2:e5:bd: 9d:5d:f9:69:f8:3b:c6:61:27:15:52:60:26:18:b0:ce:2b:d2: 06:ec:fe:2f:8b:34:b3:4f:12:c4:91:de:24:5e:f5:49:2d:8f: 1c:3e:e0:a6:6c:c7:54:95:2f:5e:15:5b:d9:c2:f3:c4:23:e0: cd:fe:ff:25:74:f4:70:a8:92:5c:86:54:69:04:3b:6b:8f:34: 52:5f:62:88:f0:4e:f4:db:bd:7f:c6:60:78:92:e1:d2:8e:f3: 6f:d9:5f:06:43:5e:00:eb:45:17:00:2b:a9:89:be:51:a5:41: 9f:68:bc:3a:f6:0a:0d:59:1c:e5:c6:22:a1:e2:2b:23:76:09: b5:82:10:3c -----BEGIN CERTIFICATE----- MIIFyDCCBLCgAwIBAgIUMvvs2XcEWE2RkYGtSRAq9z6jTIUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDMyNzA5MTkzN1oX DTI1MDMyNjA5MjQzN1owMzExMC8GA1UEAxMoRUFBRjE0RDc0QzI3RTE1MDI4MzVD Q0YxNTQxRDVEOTI0OThDODQyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBALuMwPs0s9dg38P4tNPbJRIVTJUD9EQef9E9YqD++7Y5WlcNwB0ya/I5qiSa to5QqMdgt+qnqAlYUNhHA4yuaw/S/gCEL2cjYf2Zh8nwZQoSGVQPmvHYrhMpFJlY z4KHW50915i8aqXM5el/k9mZBj+3PKvTPAEeEoeBoK4heQWJ5hgRp+EEqB+BuRxI c7x1IX63FfS6ZUwUF8Po8R/YLGTNhfIxXHFFhN9HRWDAQtzxFKA/f/3srcBwT8ov a/xe7EShupxC4ElMwQOoBrOKAYbjeM0ehk2u2d1PPEPaPRasHbKFIE5BWGdOhUph 1O7H0oSReclr9jSI5HEKGATAw3MCAwEAAaOCArswggK3MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFOqvFNdMJ+FQKDXM8VQdXZJJjIQnMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by9lYTRmNzkzNC1jZGM3LTQwODItODNmYi1kZjdkNGY4MjE5YWYvMTCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2VhNGY3OTM0 LWNkYzctNDA4Mi04M2ZiLWRmN2Q0ZjgyMTlhZi8xL0VBQUYxNEQ3NEMyN0UxNTAy ODM1Q0NGMTU0MUQ1RDkyNDk4Qzg0MjcubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD BwAgAQ3zksAwDQYJKoZIhvcNAQELBQADggEBAF5M3MTcNJCSprhVuypGonLdE92y jjyRl97dZzNaDnM0dR7+Y8D60N0B1vAAvuyq4z+eL8sieSlWYqVKl2X/yFhLZFN1 L2NTRmzNRatyUtL8cqbwxJKlOMfnbfj0bJq6YrJG6Nw50189Nu/CXzm2bKy4GClZ nT8nvoT1C9LlvZ1d+Wn4O8ZhJxVSYCYYsM4r0gbs/i+LNLNPEsSR3iRe9Uktjxw+ 4KZsx1SVL14VW9nC88Qj4M3+/yV09HCoklyGVGkEO2uPNFJfYojwTvTbvX/GYHiS 4dKO82/ZXwZDXgDrRRcAK6mJvlGlQZ9ovDr2Cg1ZHOXGIqHiKyN2CbWCEDw= -----END CERTIFICATE-----Generated at Wed May 8 15:00:00 2024 by rpki-client on console-ams.rpki-client.org