$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/F7A5C0897A1AB31BFD31BE0AF21D825C5AA6972D.cer File: F7A5C0897A1AB31BFD31BE0AF21D825C5AA6972D.cer (raw, json) Hash identifier: JhxkzVhqv8kB4rAZcvPIEZaWW/0Zw0HKqMZSFXSovIk= Subject key identifier: F7:A5:C0:89:7A:1A:B3:1B:FD:31:BE:0A:F2:1D:82:5C:5A:A6:97:2D Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 71F5ED5F0FB6A3D784D3A26703F206F27DAFB853 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/3cdd5774-30dd-4a00-b1a9-9b12826930c2/0/F7A5C0897A1AB31BFD31BE0AF21D825C5AA6972D.mft caRepository: rsync://repo-rpki.idnic.net/repo/3cdd5774-30dd-4a00-b1a9-9b12826930c2/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Mon 11 Mar 2024 20:05:45 +0000 Certificate not after: Mon 10 Mar 2025 20:10:45 +0000 Subordinate resources: IP: 103.159.196.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 22:23:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:f5:ed:5f:0f:b6:a3:d7:84:d3:a2:67:03:f2:06:f2:7d:af:b8:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Mar 11 20:05:45 2024 GMT Not After : Mar 10 20:10:45 2025 GMT Subject: CN=F7A5C0897A1AB31BFD31BE0AF21D825C5AA6972D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:a3:1d:3d:f3:54:23:20:b1:1f:8e:57:b6:53: e4:40:4a:22:5a:df:fa:c4:a7:ab:94:78:8f:8f:e3: 81:8e:42:20:d2:04:5f:c0:a9:6e:e0:b5:e5:01:5a: d1:7b:01:8a:ed:55:df:8f:fb:bc:25:3e:22:aa:b8: 27:59:8d:61:aa:b8:66:d8:ff:11:2f:41:f9:22:c9: fe:02:10:d8:bf:91:97:2f:62:cc:ae:cf:03:d3:43: 13:5d:2e:5e:09:c4:10:5e:4a:00:b3:d5:7f:02:3d: fd:09:9f:32:6e:c4:a9:90:54:f3:0e:bb:b3:96:21: 38:61:f9:80:ce:0e:21:8f:92:e7:40:3b:09:1e:f7: a0:be:6d:4b:f6:ec:cf:4f:ac:f9:2d:ce:e9:77:33: e1:64:ac:70:5a:3c:08:47:5a:9e:42:46:14:8e:9c: dd:6b:da:27:f9:f8:85:99:a3:74:98:e5:33:1d:92: 97:ad:1f:cb:b0:4a:c8:d4:37:b1:b3:5d:2d:ec:33: 43:53:59:86:ae:9a:fe:57:e6:9d:b7:c4:e7:af:90: 2d:89:e1:87:c1:55:c0:4c:df:f0:2d:f8:18:c1:a6: 66:bc:59:51:e9:b1:13:80:e1:65:fb:10:88:ee:cd: 76:78:a7:4d:73:2c:9c:2d:63:ea:65:73:a9:12:14: e0:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: F7:A5:C0:89:7A:1A:B3:1B:FD:31:BE:0A:F2:1D:82:5C:5A:A6:97:2D X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/3cdd5774-30dd-4a00-b1a9-9b12826930c2/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/3cdd5774-30dd-4a00-b1a9-9b12826930c2/0/F7A5C0897A1AB31BFD31BE0AF21D825C5AA6972D.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.159.196.0/23 Signature Algorithm: sha256WithRSAEncryption 98:3b:8b:ed:65:e2:6a:37:42:90:b7:56:0b:23:8b:6f:a7:3b: 4f:38:70:c1:54:b4:5f:2b:dc:44:95:62:a2:22:fc:4c:d9:01: 44:85:c1:63:b3:db:32:86:db:83:30:6d:da:a8:6f:33:b5:f5: 7d:aa:89:54:7c:5b:b7:7c:18:ce:d8:bf:e2:f8:02:48:a9:8d: 89:09:09:5b:1d:55:df:c8:63:74:05:c1:e9:50:ae:91:a0:bd: bf:a0:3e:67:82:0d:b4:ae:a9:cc:f2:0f:02:d0:36:05:10:01: c4:80:ed:df:19:d2:a7:58:86:1d:73:8f:ee:7b:a1:26:0e:85: ae:9d:79:31:a8:fd:a0:ae:0f:19:6e:ee:7b:0f:16:17:9f:af: 47:2f:9a:5a:6a:e1:c5:2c:1e:3a:fb:31:8e:6b:56:47:70:ca: bd:c6:01:46:a3:83:54:f9:d6:6e:8f:01:21:46:4c:e6:19:02: 04:2e:ea:f0:12:81:7f:3b:16:ec:47:e1:de:d1:c6:e3:35:e3: 64:a3:02:be:bf:0a:fd:91:9e:9e:67:71:1f:a6:db:77:fa:35: 1f:ae:8a:67:12:13:5d:a2:1a:0d:38:9b:11:f7:2e:f8:12:c2: b1:e7:94:b6:d5:54:a3:ce:c8:98:57:34:28:5c:17:98:db:cf: 99:7b:41:f6 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUcfXtXw+2o9eE06JnA/IG8n2vuFMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDMxMTIwMDU0NVoX DTI1MDMxMDIwMTA0NVowMzExMC8GA1UEAxMoRjdBNUMwODk3QTFBQjMxQkZEMzFC RTBBRjIxRDgyNUM1QUE2OTcyRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKujHT3zVCMgsR+OV7ZT5EBKIlrf+sSnq5R4j4/jgY5CINIEX8CpbuC15QFa 0XsBiu1V34/7vCU+Iqq4J1mNYaq4Ztj/ES9B+SLJ/gIQ2L+Rly9izK7PA9NDE10u XgnEEF5KALPVfwI9/QmfMm7EqZBU8w67s5YhOGH5gM4OIY+S50A7CR73oL5tS/bs z0+s+S3O6Xcz4WSscFo8CEdankJGFI6c3WvaJ/n4hZmjdJjlMx2Sl60fy7BKyNQ3 sbNdLewzQ1NZhq6a/lfmnbfE56+QLYnhh8FVwEzf8C34GMGmZrxZUemxE4DhZfsQ iO7NdninTXMsnC1j6mVzqRIU4LsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFPelwIl6GrMb/TG+CvIdglxappctMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zY2RkNTc3NC0zMGRkLTRhMDAtYjFhOS05YjEyODI2OTMwYzIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNjZGQ1Nzc0 LTMwZGQtNGEwMC1iMWE5LTliMTI4MjY5MzBjMi8wL0Y3QTVDMDg5N0ExQUIzMUJG RDMxQkUwQUYyMUQ4MjVDNUFBNjk3MkQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnn8QwDQYJKoZIhvcNAQELBQADggEBAJg7i+1l4mo3QpC3Vgsji2+nO084cMFU tF8r3ESVYqIi/EzZAUSFwWOz2zKG24MwbdqobzO19X2qiVR8W7d8GM7Yv+L4Akip jYkJCVsdVd/IY3QFwelQrpGgvb+gPmeCDbSuqczyDwLQNgUQAcSA7d8Z0qdYhh1z j+57oSYOha6deTGo/aCuDxlu7nsPFhefr0cvmlpq4cUsHjr7MY5rVkdwyr3GAUaj g1T51m6PASFGTOYZAgQu6vASgX87FuxH4d7RxuM142SjAr6/Cv2Rnp5ncR+m23f6 NR+uimcSE12iGg04mxH3LvgSwrHnlLbVVKPOyJhXNChcF5jbz5l7QfY= -----END CERTIFICATE-----Generated at Mon Nov 25 13:14:35 2024 by rpki-client on console-ams.rpki-client.org