$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.cer File: F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.cer (raw, json) Hash identifier: F6gcr5L0Hl5WWdl7K171BLalS9MveO+rQokY6Uva2Lw= Subject key identifier: F3:99:A1:A0:C1:8F:E8:DB:DA:23:CE:21:75:E0:CB:23:D6:7D:65:11 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 3F6CF5B1CE68111FA78CC823CC7133B6BBEC1FE0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.mft caRepository: rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 10 Sep 2024 04:20:25 +0000 Certificate not after: Tue 09 Sep 2025 04:25:25 +0000 Subordinate resources: IP: 27.131.248.0/22 IP: 103.80.92.0/22 IP: 110.35.80.0/21 IP: 116.254.96.0/22 IP: 119.110.112.0/20 IP: 202.59.160.0/20 IP: 202.125.100.0/23 IP: 2402:2fc0::/32 IP: 2404:c000::/32 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:6c:f5:b1:ce:68:11:1f:a7:8c:c8:23:cc:71:33:b6:bb:ec:1f:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Sep 10 04:20:25 2024 GMT Not After : Sep 9 04:25:25 2025 GMT Subject: CN=F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:57:3b:09:77:d6:ce:63:d1:ab:38:3e:b6:c9: e1:c3:44:f8:7a:7f:4b:d3:79:f7:e7:ae:04:67:a0: 4e:6d:f6:dc:c2:9e:62:ba:c8:fa:7f:85:8c:5b:8a: e2:b6:b2:83:d4:99:41:c8:5d:4a:4c:d6:04:53:d5: d8:c6:40:82:45:41:6b:46:3b:c9:15:22:1c:c7:97: 41:51:73:99:aa:1f:5f:24:dd:dc:b3:6f:cc:97:d1: 3d:ad:fc:31:c1:37:76:df:80:16:a8:b4:ac:84:88: 38:9a:8f:c6:71:85:35:22:af:49:49:87:2f:7c:12: 46:3e:22:d5:6d:e1:34:0c:a0:fb:f4:3d:ba:d5:13: f8:f2:c4:3a:09:8e:b1:3c:5e:e6:54:c8:51:4d:d9: 26:51:97:35:84:ef:4a:7e:5d:88:58:aa:d2:29:ea: c1:cb:54:e6:ac:46:eb:d5:06:c9:2b:4a:7e:f7:21: ba:33:94:ef:2d:ea:a9:ed:89:c1:c1:e5:c8:f4:d1: 74:3c:11:6b:c2:61:f8:f7:3a:b6:88:1b:f0:91:05: 84:73:16:91:2c:33:b1:15:4a:ca:d7:9d:aa:a7:5f: 37:9a:74:a4:eb:d4:bd:38:7c:75:b1:df:42:7b:6e: 98:49:bd:19:1f:4d:7a:5a:f2:c3:0c:05:ae:79:90: 1a:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: F3:99:A1:A0:C1:8F:E8:DB:DA:23:CE:21:75:E0:CB:23:D6:7D:65:11 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/635f7a2f-725e-4399-869a-4b1fcf2c6a0c/0/F399A1A0C18FE8DBDA23CE2175E0CB23D67D6511.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 27.131.248.0/22 103.80.92.0/22 110.35.80.0/21 116.254.96.0/22 119.110.112.0/20 202.59.160.0/20 202.125.100.0/23 IPv6: 2402:2fc0::/32 2404:c000::/32 Signature Algorithm: sha256WithRSAEncryption 73:c2:68:3f:54:7c:45:51:b6:d1:de:92:cf:f5:2e:7f:e3:79: 49:c5:94:54:a1:05:a5:38:a9:ac:5e:2c:1b:3d:13:c1:fc:f2: 75:b5:98:85:13:23:75:28:da:d3:0c:02:fe:de:26:44:06:a7: b7:eb:af:b3:74:c7:b3:14:63:d1:bf:6d:62:89:43:83:6e:98: d4:06:e5:58:fb:e5:ae:ff:0b:be:46:b1:9c:bd:ff:a4:7a:6d: 45:c7:a6:2e:8f:28:99:40:bc:5c:9e:c3:82:55:9d:da:e8:33: 65:57:39:ed:44:95:93:da:3f:9f:09:31:29:2a:f0:5e:5f:5d: 12:a9:67:36:ca:54:09:28:e2:dc:66:99:5d:c4:64:59:9f:99: 09:7c:6f:ef:c6:c1:85:29:fe:ad:4c:e1:b9:d5:75:10:6c:c7: 09:42:76:5c:e0:09:08:93:c0:a0:1f:18:cd:d6:1a:c0:01:18: ee:32:c6:c6:b5:48:3f:32:b9:89:5a:94:c3:f3:70:ab:49:e4: e9:b1:86:d5:8d:18:77:85:4e:10:3b:62:5b:69:47:83:36:1d: 97:13:9d:7e:3c:97:2c:ad:2a:ad:a0:55:a2:0e:16:3f:a2:f8: e1:9b:6b:f4:80:19:e1:61:61:d0:13:ab:dc:46:35:ac:29:9f: 28:ed:8e:3e -----BEGIN CERTIFICATE----- MIIF/zCCBOegAwIBAgIUP2z1sc5oER+njMgjzHEztrvsH+AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDkxMDA0MjAyNVoX DTI1MDkwOTA0MjUyNVowMzExMC8GA1UEAxMoRjM5OUExQTBDMThGRThEQkRBMjND RTIxNzVFMENCMjNENjdENjUxMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAM1XOwl31s5j0as4PrbJ4cNE+Hp/S9N59+euBGegTm323MKeYrrI+n+FjFuK 4rayg9SZQchdSkzWBFPV2MZAgkVBa0Y7yRUiHMeXQVFzmaofXyTd3LNvzJfRPa38 McE3dt+AFqi0rISIOJqPxnGFNSKvSUmHL3wSRj4i1W3hNAyg+/Q9utUT+PLEOgmO sTxe5lTIUU3ZJlGXNYTvSn5diFiq0inqwctU5qxG69UGyStKfvchujOU7y3qqe2J wcHlyPTRdDwRa8Jh+Pc6togb8JEFhHMWkSwzsRVKytedqqdfN5p0pOvUvTh8dbHf QntumEm9GR9NelrywwwFrnmQGtkCAwEAAaOCAvIwggLuMA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFPOZoaDBj+jb2iPOIXXgyyPWfWURMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by82MzVmN2EyZi03MjVlLTQzOTktODY5YS00YjFmY2YyYzZhMGMvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzYzNWY3YTJm LTcyNWUtNDM5OS04NjlhLTRiMWZjZjJjNmEwYy8wL0YzOTlBMUEwQzE4RkU4REJE QTIzQ0UyMTc1RTBDQjIzRDY3RDY1MTEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwWQYIKwYBBQUHAQcBAf8ESjBIMDAEAgABMCoD BAIbg/gDBAJnUFwDBANuI1ADBAJ0/mADBAR3bnADBATKO6ADBAHKfWQwFAQCAAIw DgMFACQCL8ADBQAkBMAAMA0GCSqGSIb3DQEBCwUAA4IBAQBzwmg/VHxFUbbR3pLP 9S5/43lJxZRUoQWlOKmsXiwbPRPB/PJ1tZiFEyN1KNrTDAL+3iZEBqe366+zdMez FGPRv21iiUODbpjUBuVY++Wu/wu+RrGcvf+kem1Fx6YujyiZQLxcnsOCVZ3a6DNl VzntRJWT2j+fCTEpKvBeX10SqWc2ylQJKOLcZpldxGRZn5kJfG/vxsGFKf6tTOG5 1XUQbMcJQnZc4AkIk8CgHxjN1hrAARjuMsbGtUg/MrmJWpTD83CrSeTpsYbVjRh3 hU4QO2JbaUeDNh2XE51+PJcsrSqtoFWiDhY/ovjhm2v0gBnhYWHQE6vcRjWsKZ8o 7Y4+ -----END CERTIFICATE-----Generated at Mon Nov 25 13:02:02 2024 by rpki-client on console-fra.rpki-client.org