Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/2FB994CD1282292E6D2907FCECD7F9E472F49985.cer
File:                     2FB994CD1282292E6D2907FCECD7F9E472F49985.cer (raw, json)
Hash identifier:          L6O1JvA1c9GZsz8suyUg3hps0b/K84zh2xBn2enfHiU=
Subject key identifier:   2F:B9:94:CD:12:82:29:2E:6D:29:07:FC:EC:D7:F9:E4:72:F4:99:85
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       2A763D487C79486C2079470A2EA0EEE8F9BCF103
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/2da773dd-95aa-447e-993d-4cf4a1273b31/0/2FB994CD1282292E6D2907FCECD7F9E472F49985.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/2da773dd-95aa-447e-993d-4cf4a1273b31/0
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Mon 31 Jul 2023 03:13:29 +0000
Certificate not after:    Mon 29 Jul 2024 03:18:29 +0000
Subordinate resources:    IP: 103.110.8.0/22
                          IP: 2001:df4:5700::/48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:76:3d:48:7c:79:48:6c:20:79:47:0a:2e:a0:ee:e8:f9:bc:f1:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Jul 31 03:13:29 2023 GMT
            Not After : Jul 29 03:18:29 2024 GMT
        Subject: CN=2FB994CD1282292E6D2907FCECD7F9E472F49985
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:e9:e0:70:5e:f0:fc:38:d1:a8:a0:32:d0:ac:
                    41:2a:28:4c:65:65:61:74:2d:e6:ce:ca:7e:31:79:
                    19:1d:30:ce:20:e6:78:13:3c:ba:b8:ec:c1:a7:9a:
                    93:a0:61:65:60:1b:4c:ca:dd:cc:52:b0:b5:f0:b9:
                    8e:ce:6c:a5:ee:b9:b9:66:ba:c6:91:d0:d9:0b:41:
                    c8:f5:5a:29:5d:e5:a2:fb:e6:ec:65:ad:72:a1:24:
                    72:d6:12:39:4d:48:ba:ad:36:99:7d:81:13:14:c2:
                    19:54:cf:a6:a2:b1:53:37:1d:ed:51:ac:64:39:90:
                    bd:19:d8:8e:19:e6:78:da:6a:d5:e4:13:33:03:fa:
                    6c:eb:1d:cc:16:68:4b:47:d5:4f:ac:d4:10:c5:32:
                    83:49:69:bb:65:6a:9e:c0:a8:c5:7a:09:29:9d:78:
                    09:2b:33:60:b2:8d:3b:ae:c2:7f:b9:10:c3:6f:59:
                    93:f9:46:db:2e:08:87:4c:88:72:c6:06:4b:78:f0:
                    d7:02:8b:13:03:f9:b9:fd:60:4f:03:b4:63:f6:f0:
                    c8:73:0d:2b:23:96:c5:f4:db:0a:5f:ce:bc:e6:ed:
                    34:20:93:0d:16:52:fc:79:11:4d:5c:f4:79:8c:62:
                    7a:d9:0f:ec:aa:bf:f1:a3:0f:8d:82:df:a5:8d:d8:
                    43:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                2F:B9:94:CD:12:82:29:2E:6D:29:07:FC:EC:D7:F9:E4:72:F4:99:85
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/2da773dd-95aa-447e-993d-4cf4a1273b31/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/2da773dd-95aa-447e-993d-4cf4a1273b31/0/2FB994CD1282292E6D2907FCECD7F9E472F49985.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.110.8.0/22
                IPv6:
                  2001:df4:5700::/48

    Signature Algorithm: sha256WithRSAEncryption
         26:8f:b2:9b:5d:8a:38:38:a8:7f:65:ac:05:c9:3b:13:45:6d:
         bd:44:84:39:76:0f:20:05:54:75:28:db:a0:4f:5a:4a:4b:04:
         1a:1d:fd:cc:6e:13:eb:d6:2c:69:7a:11:55:a3:d2:da:89:be:
         76:eb:3d:4e:23:56:f4:13:2c:99:2e:0e:a9:de:dd:9a:3a:88:
         1d:2d:6b:6f:a0:93:74:5c:0a:64:86:f5:64:1d:a2:62:5f:26:
         61:b9:85:a7:d0:e4:c6:37:a6:85:5c:02:66:d3:4f:c1:16:ee:
         6e:35:d9:48:26:c0:f3:43:ae:e5:5f:3a:66:c9:41:81:bb:e3:
         57:6c:52:01:79:3e:6e:c1:46:5d:ed:b3:14:81:06:aa:06:ec:
         07:f9:c0:36:c4:e6:db:ae:00:f1:46:4d:7c:83:9e:9e:1f:f2:
         51:d0:d0:20:a0:a8:4d:01:e4:41:01:5d:4a:36:c6:46:5b:3f:
         e6:a3:bc:8e:2c:ec:9e:4d:37:fc:06:78:b1:f8:74:7d:0d:97:
         d8:3b:23:df:c9:60:b9:e0:65:ca:6e:9b:4f:41:84:ba:09:ce:
         d9:b1:53:d8:6e:b2:9d:de:60:b2:73:f5:38:51:c4:5a:49:e0:
         01:0b:f5:7f:5b:bf:be:ae:a7:c9:7c:cf:44:ee:9e:b9:63:5a:
         5e:46:62:ed
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIUKnY9SHx5SGwgeUcKLqDu6Pm88QMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDczMTAzMTMyOVoX
DTI0MDcyOTAzMTgyOVowMzExMC8GA1UEAxMoMkZCOTk0Q0QxMjgyMjkyRTZEMjkw
N0ZDRUNEN0Y5RTQ3MkY0OTk4NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzp4HBe8Pw40aigMtCsQSooTGVlYXQt5s7KfjF5GR0wziDmeBM8urjswaea
k6BhZWAbTMrdzFKwtfC5js5spe65uWa6xpHQ2QtByPVaKV3lovvm7GWtcqEkctYS
OU1Iuq02mX2BExTCGVTPpqKxUzcd7VGsZDmQvRnYjhnmeNpq1eQTMwP6bOsdzBZo
S0fVT6zUEMUyg0lpu2VqnsCoxXoJKZ14CSszYLKNO67Cf7kQw29Zk/lG2y4Ih0yI
csYGS3jw1wKLEwP5uf1gTwO0Y/bwyHMNKyOWxfTbCl/OvObtNCCTDRZS/HkRTVz0
eYxietkP7Kq/8aMPjYLfpY3YQx0CAwEAAaOCAskwggLFMA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFC+5lM0SgikubSkH/OzX+eRy9JmFMB8GA1UdIwQYMBaAFLqP
d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y
L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv
OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by8yZGE3NzNkZC05NWFhLTQ0N2UtOTkzZC00Y2Y0YTEyNzNiMzEvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJkYTc3M2Rk
LTk1YWEtNDQ3ZS05OTNkLTRjZjRhMTI3M2IzMS8wLzJGQjk5NENEMTI4MjI5MkU2
RDI5MDdGQ0VDRDdGOUU0NzJGNDk5ODUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYD
BAJnbggwDwQCAAIwCQMHACABDfRXADANBgkqhkiG9w0BAQsFAAOCAQEAJo+ym12K
ODiof2WsBck7E0VtvUSEOXYPIAVUdSjboE9aSksEGh39zG4T69YsaXoRVaPS2om+
dus9TiNW9BMsmS4Oqd7dmjqIHS1rb6CTdFwKZIb1ZB2iYl8mYbmFp9DkxjemhVwC
ZtNPwRbubjXZSCbA80Ou5V86ZslBgbvjV2xSAXk+bsFGXe2zFIEGqgbsB/nANsTm
264A8UZNfIOenh/yUdDQIKCoTQHkQQFdSjbGRls/5qO8jizsnk03/AZ4sfh0fQ2X
2Dsj38lgueBlym6bT0GEugnO2bFT2G6ynd5gsnP1OFHEWkngAQv1f1u/vq6nyXzP
RO6euWNaXkZi7Q==
-----END CERTIFICATE-----
Generated at Thu Mar 28 18:49:16 2024 by rpki-client on console-ams.rpki-client.org