$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/FFCC3C879250F6351654AFE2ED137EED71DCACA1.cer File: FFCC3C879250F6351654AFE2ED137EED71DCACA1.cer (raw, json) Hash identifier: OCMKQ7sZytSosl8zoLss6QW5DwgEJxJ3ha+RaKumuvQ= Subject key identifier: FF:CC:3C:87:92:50:F6:35:16:54:AF:E2:ED:13:7E:ED:71:DC:AC:A1 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 7175E680A693CE76812D69972EB616D4AFBC8B9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/60eea08c-3fd2-488e-a574-9f9bb631a62b/0/FFCC3C879250F6351654AFE2ED137EED71DCACA1.mft caRepository: rsync://repo-rpki.idnic.net/repo/60eea08c-3fd2-488e-a574-9f9bb631a62b/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 24 Dec 2024 14:57:56 +0000 Certificate not after: Tue 23 Dec 2025 15:02:56 +0000 Subordinate resources: IP: 103.84.206.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Feb 2025 06:34:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:75:e6:80:a6:93:ce:76:81:2d:69:97:2e:b6:16:d4:af:bc:8b:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000 Validity Not Before: Dec 24 14:57:56 2024 GMT Not After : Dec 23 15:02:56 2025 GMT Subject: CN=FFCC3C879250F6351654AFE2ED137EED71DCACA1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:ce:ba:fc:cc:6c:57:32:9b:32:90:91:ad:51: 5d:9c:d8:e1:cc:45:ba:3a:57:22:de:a3:c8:5a:34: 0a:be:30:64:60:9f:1a:a4:9a:10:e5:80:4f:bc:58: 53:35:1b:2e:a9:09:69:09:4b:83:21:fe:d3:28:d2: e6:f9:5a:8f:a5:dd:9c:d5:b9:55:92:eb:40:b0:7a: 52:74:7f:e6:6f:cf:9b:66:8b:3e:6a:3f:01:a0:c3: d9:d0:89:e7:35:a9:0d:8b:e6:48:63:3e:ba:68:6a: 0f:dd:44:11:a0:1e:3c:a0:6c:48:48:92:ee:97:d3: b9:7f:82:81:17:31:3b:8c:79:62:a1:c4:d2:b6:2a: 67:fd:55:7b:38:eb:97:89:04:bb:d8:4c:4a:1b:88: a2:74:1e:70:ef:6f:0a:82:ae:54:8f:0e:b3:6d:73: ef:4b:c1:1e:07:77:bb:bc:19:b4:7c:22:a6:b4:e1: 34:83:17:4f:20:19:e3:ea:09:1e:06:be:b9:81:34: d7:8e:33:d5:42:1f:8c:36:13:a0:51:f4:fb:1c:13: 40:41:3e:61:3c:40:9c:e4:f5:4c:2c:36:02:11:3b: 12:a9:fe:98:f2:51:4a:bf:40:85:53:d4:66:ab:7b: 6f:dc:ce:cc:a3:f1:64:76:e8:13:99:6e:54:ea:f2: 51:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: FF:CC:3C:87:92:50:F6:35:16:54:AF:E2:ED:13:7E:ED:71:DC:AC:A1 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/60eea08c-3fd2-488e-a574-9f9bb631a62b/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/60eea08c-3fd2-488e-a574-9f9bb631a62b/0/FFCC3C879250F6351654AFE2ED137EED71DCACA1.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.84.206.0/23 Signature Algorithm: sha256WithRSAEncryption 33:30:79:2e:2a:3c:8a:ee:2d:b9:f1:e5:d7:63:76:c5:c1:50: 82:f2:5c:c4:f6:25:62:d7:6f:17:de:63:10:8d:a4:0c:aa:9c: 26:77:42:06:63:6e:d9:49:64:17:a5:27:af:f7:89:13:af:70: c4:e4:c3:57:11:c3:5d:07:0d:36:f3:3b:82:d1:6f:26:c8:18: 6e:aa:ae:39:c6:b3:28:55:20:5f:eb:bf:5e:8c:ea:db:98:95: 53:92:9c:e1:93:6b:b5:4e:31:9c:49:45:4e:ab:27:14:1f:d0: 13:68:ec:e0:14:53:77:dc:71:0d:c5:28:aa:f2:d4:e7:e1:e0: b9:25:c1:f3:31:60:4e:87:c5:71:ab:a3:e6:61:fd:0b:7c:ad: a3:5b:4a:54:16:de:fd:a9:de:f3:77:c4:b3:c8:43:52:c5:ed: 1e:84:0a:c7:f2:71:56:e1:7a:27:31:fd:07:73:55:75:34:42: ac:97:d9:84:06:6f:ba:7f:08:b7:8c:5a:bd:9f:c7:57:4a:9d: 6b:3c:56:3f:e2:94:ee:f1:c7:69:39:9d:d5:d2:d7:5a:01:af: 5c:37:d4:05:03:1c:ea:9e:87:80:22:3a:4b:5d:07:b9:69:93: 10:f9:48:de:74:70:f8:a6:99:dc:a4:dc:10:88:a1:5d:05:8e: 36:99:33:42 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUcXXmgKaTznaBLWmXLrYW1K+8i5owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIyNDE0NTc1NloX DTI1MTIyMzE1MDI1NlowMzExMC8GA1UEAxMoRkZDQzNDODc5MjUwRjYzNTE2NTRB RkUyRUQxMzdFRUQ3MURDQUNBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKnOuvzMbFcymzKQka1RXZzY4cxFujpXIt6jyFo0Cr4wZGCfGqSaEOWAT7xY UzUbLqkJaQlLgyH+0yjS5vlaj6XdnNW5VZLrQLB6UnR/5m/Pm2aLPmo/AaDD2dCJ 5zWpDYvmSGM+umhqD91EEaAePKBsSEiS7pfTuX+CgRcxO4x5YqHE0rYqZ/1Vezjr l4kEu9hMShuIonQecO9vCoKuVI8Os21z70vBHgd3u7wZtHwiprThNIMXTyAZ4+oJ Hga+uYE0144z1UIfjDYToFH0+xwTQEE+YTxAnOT1TCw2AhE7Eqn+mPJRSr9AhVPU Zqt7b9zOzKPxZHboE5luVOryUXUCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFP/MPIeSUPY1FlSv4u0Tfu1x3KyhMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by82MGVlYTA4Yy0zZmQyLTQ4OGUtYTU3NC05ZjliYjYzMWE2MmIvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzYwZWVhMDhj LTNmZDItNDg4ZS1hNTc0LTlmOWJiNjMxYTYyYi8wL0ZGQ0MzQzg3OTI1MEY2MzUx NjU0QUZFMkVEMTM3RUVENzFEQ0FDQTEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnVM4wDQYJKoZIhvcNAQELBQADggEBADMweS4qPIruLbnx5ddjdsXBUILyXMT2 JWLXbxfeYxCNpAyqnCZ3QgZjbtlJZBelJ6/3iROvcMTkw1cRw10HDTbzO4LRbybI GG6qrjnGsyhVIF/rv16M6tuYlVOSnOGTa7VOMZxJRU6rJxQf0BNo7OAUU3fccQ3F KKry1Ofh4LklwfMxYE6HxXGro+Zh/Qt8raNbSlQW3v2p3vN3xLPIQ1LF7R6ECsfy cVbheicx/QdzVXU0QqyX2YQGb7p/CLeMWr2fx1dKnWs8Vj/ilO7xx2k5ndXS11oB r1w31AUDHOqeh4AiOktdB7lpkxD5SN50cPimmdyk3BCIoV0FjjaZM0I= -----END CERTIFICATE-----Generated at Sun Feb 16 20:59:35 2025 by rpki-client