$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer File: 2AAFA81414EDCB1032235F2240FE06773F3E6F16.cer (raw, json) Hash identifier: WyU3cGtD4nSOsoIL/g6jKb+u1fbdgj0spjPLCgqaKTE= Subject key identifier: 2A:AF:A8:14:14:ED:CB:10:32:23:5F:22:40:FE:06:77:3F:3E:6F:16 Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B Certificate issuer: /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Certificate serial: 6672B1E5AB43BD94CEF0134713384D15CF9DF6EE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Manifest: rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft caRepository: rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/ Notify URL: https://repo-rpki.idnic.net/rrdp/notification.xml Certificate not before: Tue 04 Feb 2025 05:14:28 +0000 Certificate not after: Tue 03 Feb 2026 05:19:28 +0000 Subordinate resources: IP: 103.177.218.0/23 Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 20:52:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:72:b1:e5:ab:43:bd:94:ce:f0:13:47:13:38:4d:15:cf:9d:f6:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91862140000, serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B Validity Not Before: Feb 4 05:14:28 2025 GMT Not After : Feb 3 05:19:28 2026 GMT Subject: CN=2AAFA81414EDCB1032235F2240FE06773F3E6F16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:4c:39:c0:a1:a8:e0:77:23:1f:3f:b5:f4:e4: 50:10:01:52:08:d1:19:4f:02:9f:63:30:21:21:f0: 50:4f:34:8b:a9:2c:95:aa:d6:d1:f1:33:b6:1d:20: 5f:7d:97:df:90:56:53:74:10:b6:6e:83:d9:d5:66: 19:d3:b6:fa:2f:3b:ba:c2:1d:aa:bb:42:75:c3:13: 77:83:34:12:fa:3e:7f:a9:39:31:37:01:46:37:aa: ca:18:9a:c7:5b:14:e4:b7:93:23:be:a7:f5:ff:9b: d9:6d:79:b7:02:ab:4a:15:2f:64:7f:5e:9a:a4:f4: a5:d8:4c:39:f0:71:33:f4:39:91:fa:53:f0:84:b3: 3b:6a:6c:40:58:2c:19:7d:70:05:17:14:56:19:54: 36:31:67:d9:3b:81:5e:39:20:bc:83:37:f7:28:ce: c3:e6:7e:d6:92:8b:48:ec:71:85:3b:cd:6c:4d:b3: 33:46:52:c1:ee:fd:1f:71:0e:88:9a:2f:9c:ab:b4: 4b:8a:58:3e:78:29:ed:3b:17:d3:31:c3:17:70:d9: 81:d4:7a:3d:d1:25:01:dc:07:f5:3e:bf:4d:8f:fa: 43:86:b7:c4:0e:a8:5e:20:14:94:61:ef:b2:35:22: 88:a5:a2:9f:02:71:18:25:dd:aa:38:e3:d1:c2:da: f5:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 2A:AF:A8:14:14:ED:CB:10:32:23:5F:22:40:FE:06:77:3F:3E:6F:16 X509v3 Authority Key Identifier: keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer Subject Information Access: CA Repository - URI:rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0 RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/3ab8e60f-f993-4534-9da0-f285a8603f69/0/2AAFA81414EDCB1032235F2240FE06773F3E6F16.mft RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.177.218.0/23 Signature Algorithm: sha256WithRSAEncryption 1b:cb:8a:ef:35:14:c4:fa:80:84:92:33:f1:ca:d1:0d:74:fa: 46:31:f8:c5:cc:cc:ca:a9:a4:64:ad:22:f2:88:1d:49:55:d6: 3a:01:5b:77:92:d9:99:d1:2c:43:45:f4:56:b4:5b:93:ea:cd: db:84:d6:e9:2b:d8:44:48:03:b3:fa:0b:5a:53:0b:59:87:e5: be:52:c2:41:93:30:00:11:65:5b:09:3f:4d:8d:a6:b6:1c:45: fa:ad:19:7c:9a:c6:15:c9:85:50:94:a8:9e:fc:3c:ab:df:41: 76:dd:c3:20:4d:4f:1b:f3:fb:54:96:db:0c:d3:30:e7:de:be: d1:01:25:82:41:ff:c7:36:a9:d2:e6:4a:e6:a1:4e:cb:6c:02: 7b:31:f8:5d:7f:45:ff:8e:74:6c:6c:be:8f:2d:45:07:0b:ff: b6:6c:ed:17:52:84:a9:3a:2c:2c:1c:f7:f2:f2:ac:a6:79:44: 16:fc:13:8b:b1:cd:78:cf:47:aa:4d:42:f0:a3:dd:82:4f:71: 9b:f2:1b:9c:ea:78:b6:88:88:7e:fb:8a:39:40:4d:16:33:0f: f5:fb:09:58:5e:b3:4a:ad:95:11:e2:9a:85:33:17:b4:36:86: fc:05:53:65:a2:6a:7b:2d:86:da:1b:83:a6:e1:0e:1b:ba:e8: 5d:3d:1a:17 -----BEGIN CERTIFICATE----- MIIFxTCCBK2gAwIBAgIUZnKx5atDvZTO8BNHEzhNFc+d9u4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDIwNDA1MTQyOFoX DTI2MDIwMzA1MTkyOFowMzExMC8GA1UEAxMoMkFBRkE4MTQxNEVEQ0IxMDMyMjM1 RjIyNDBGRTA2NzczRjNFNkYxNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC ggEBAKhMOcChqOB3Ix8/tfTkUBABUgjRGU8Cn2MwISHwUE80i6kslarW0fEzth0g X32X35BWU3QQtm6D2dVmGdO2+i87usIdqrtCdcMTd4M0Evo+f6k5MTcBRjeqyhia x1sU5LeTI76n9f+b2W15twKrShUvZH9emqT0pdhMOfBxM/Q5kfpT8ISzO2psQFgs GX1wBRcUVhlUNjFn2TuBXjkgvIM39yjOw+Z+1pKLSOxxhTvNbE2zM0ZSwe79H3EO iJovnKu0S4pYPngp7TsX0zHDF3DZgdR6PdElAdwH9T6/TY/6Q4a3xA6oXiAUlGHv sjUiiKWinwJxGCXdqjjj0cLa9W8CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB Af8wHQYDVR0OBBYEFCqvqBQU7csQMiNfIkD+Bnc/Pm8WMB8GA1UdIwQYMBaAFLqP d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw by8zYWI4ZTYwZi1mOTkzLTQ1MzQtOWRhMC1mMjg1YTg2MDNmNjkvMDCBgAYIKwYB BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNhYjhlNjBm LWY5OTMtNDUzNC05ZGEwLWYyODVhODYwM2Y2OS8wLzJBQUZBODE0MTRFRENCMTAz MjIzNUYyMjQwRkUwNjc3M0YzRTZGMTYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAFnsdowDQYJKoZIhvcNAQELBQADggEBABvLiu81FMT6gISSM/HK0Q10+kYx+MXM zMqppGStIvKIHUlV1joBW3eS2ZnRLENF9Fa0W5PqzduE1ukr2ERIA7P6C1pTC1mH 5b5SwkGTMAARZVsJP02NprYcRfqtGXyaxhXJhVCUqJ78PKvfQXbdwyBNTxvz+1SW 2wzTMOfevtEBJYJB/8c2qdLmSuahTstsAnsx+F1/Rf+OdGxsvo8tRQcL/7Zs7RdS hKk6LCwc9/LyrKZ5RBb8E4uxzXjPR6pNQvCj3YJPcZvyG5zqeLaIiH77ijlATRYz D/X7CVhes0qtlRHimoUzF7Q2hvwFU2Wiansthtobg6bhDhu66F09Ghc= -----END CERTIFICATE-----Generated at Thu Apr 24 20:37:13 2025 by rpki-client on console.sobornost.net