Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/4ACFA054E26D225A10C6B0FD316D21263924491E.cer
File:                     4ACFA054E26D225A10C6B0FD316D21263924491E.cer (raw, json)
Hash identifier:          Zk2Se72/L6GO5wvvCJ9fUOn1xFI81fy/RfJdVyV6Ah0=
Subject key identifier:   4A:CF:A0:54:E2:6D:22:5A:10:C6:B0:FD:31:6D:21:26:39:24:49:1E
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       40CA9123CF9287FB07681A4E82553C5B4258971F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/0e46a305-df77-4587-8703-a905c53779ac/0/4ACFA054E26D225A10C6B0FD316D21263924491E.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/0e46a305-df77-4587-8703-a905c53779ac/0
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Mon 31 Jul 2023 08:35:55 +0000
Certificate not after:    Mon 29 Jul 2024 08:40:55 +0000
Subordinate resources:    IP: 103.24.212.0/22
                          IP: 2406:e900::/32

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 01 Apr 2024 16:09:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:ca:91:23:cf:92:87:fb:07:68:1a:4e:82:55:3c:5b:42:58:97:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Jul 31 08:35:55 2023 GMT
            Not After : Jul 29 08:40:55 2024 GMT
        Subject: CN=4ACFA054E26D225A10C6B0FD316D21263924491E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:fe:7c:fe:82:a4:30:ac:f7:1b:4b:d4:3a:54:
                    a9:7a:54:8c:34:d3:2f:ab:53:a6:df:5f:ab:97:17:
                    2e:ce:04:05:21:90:20:90:c0:5c:8e:07:cf:73:67:
                    9e:f7:17:51:d1:00:c9:63:53:f5:1e:15:8e:30:08:
                    43:01:16:7a:5c:3e:8c:c7:6b:a8:52:1a:7e:e8:d7:
                    15:e5:a0:02:9c:57:1a:22:90:48:07:38:0e:6d:1c:
                    5b:bb:91:29:49:b4:59:e7:1c:dc:14:95:a1:d5:c7:
                    c3:fc:ee:83:94:b4:cf:44:05:2a:64:f6:fc:45:37:
                    7b:ea:01:fe:e4:14:5d:b4:fd:5d:c0:ca:5c:0a:8c:
                    52:68:67:19:5a:78:58:af:0e:a4:a4:d3:c6:f9:fd:
                    90:81:e9:80:94:72:7b:18:12:f8:13:36:36:56:c0:
                    6e:a0:8a:2a:46:4d:81:44:dd:56:b4:e8:23:86:f9:
                    30:65:17:5e:25:9b:09:a6:fc:26:ee:28:0e:b7:60:
                    63:44:17:32:35:af:c7:ba:e2:2f:7d:f3:9e:02:b5:
                    dc:8f:3e:ad:56:87:75:c0:f0:c9:9c:54:7c:cf:9c:
                    10:9c:28:dd:3d:9b:9e:3a:08:f4:86:61:86:42:4b:
                    a9:05:f5:77:c4:5b:8f:b4:47:f7:c2:95:ed:3d:1e:
                    1c:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                4A:CF:A0:54:E2:6D:22:5A:10:C6:B0:FD:31:6D:21:26:39:24:49:1E
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/0e46a305-df77-4587-8703-a905c53779ac/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/0e46a305-df77-4587-8703-a905c53779ac/0/4ACFA054E26D225A10C6B0FD316D21263924491E.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.24.212.0/22
                IPv6:
                  2406:e900::/32

    Signature Algorithm: sha256WithRSAEncryption
         9b:4d:37:c0:29:d8:72:56:a2:c4:ba:a4:2f:fe:e9:17:df:1d:
         e7:c6:7a:7a:b6:ef:23:95:d8:79:d8:a5:20:43:d2:ab:24:61:
         39:81:78:c1:20:9d:7a:1f:2f:10:c2:b9:9c:fb:3e:c6:51:3b:
         a7:a0:c3:f3:b0:21:7b:e0:c4:cc:61:4c:de:ae:96:e0:49:dc:
         7c:d7:7c:31:f4:e6:ec:72:bc:86:37:88:fc:27:f7:18:87:02:
         14:92:9c:32:8f:c8:91:b3:5a:db:bd:1c:4d:cb:f7:d6:3a:fa:
         ac:6b:c3:1e:89:d2:fc:6f:7f:c4:5b:f8:ab:fa:fd:55:e8:17:
         b8:dd:eb:f5:80:33:49:6b:b8:a5:7b:fe:47:f7:da:36:6a:f3:
         73:21:6d:db:7b:4e:1d:c1:fd:9b:00:d5:f5:57:e7:1c:f9:ad:
         89:d4:f9:d3:10:c8:84:c6:06:33:00:0f:85:e7:bd:05:47:a8:
         3e:4b:64:78:05:bd:eb:eb:e1:ba:ab:82:7f:e0:a7:70:0d:14:
         51:b7:96:8c:99:5a:b5:9c:4a:cb:f3:6c:92:22:6e:b2:f3:a7:
         b1:d8:46:cf:45:e6:7a:60:02:d5:f8:46:a5:a4:60:1b:2d:25:
         88:0b:e0:3d:10:4b:e0:d3:8a:f7:cb:bf:e4:f2:0a:fe:53:c4:
         1b:6f:66:6a
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIUQMqRI8+Sh/sHaBpOglU8W0JYlx8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDczMTA4MzU1NVoX
DTI0MDcyOTA4NDA1NVowMzExMC8GA1UEAxMoNEFDRkEwNTRFMjZEMjI1QTEwQzZC
MEZEMzE2RDIxMjYzOTI0NDkxRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMP+fP6CpDCs9xtL1DpUqXpUjDTTL6tTpt9fq5cXLs4EBSGQIJDAXI4Hz3Nn
nvcXUdEAyWNT9R4VjjAIQwEWelw+jMdrqFIafujXFeWgApxXGiKQSAc4Dm0cW7uR
KUm0Wecc3BSVodXHw/zug5S0z0QFKmT2/EU3e+oB/uQUXbT9XcDKXAqMUmhnGVp4
WK8OpKTTxvn9kIHpgJRyexgS+BM2NlbAbqCKKkZNgUTdVrToI4b5MGUXXiWbCab8
Ju4oDrdgY0QXMjWvx7riL33zngK13I8+rVaHdcDwyZxUfM+cEJwo3T2bnjoI9IZh
hkJLqQX1d8Rbj7RH98KV7T0eHEcCAwEAAaOCAscwggLDMA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFErPoFTibSJaEMaw/TFtISY5JEkeMB8GA1UdIwQYMBaAFLqP
d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y
L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv
OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by8wZTQ2YTMwNS1kZjc3LTQ1ODctODcwMy1hOTA1YzUzNzc5YWMvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBlNDZhMzA1
LWRmNzctNDU4Ny04NzAzLWE5MDVjNTM3NzlhYy8wLzRBQ0ZBMDU0RTI2RDIyNUEx
MEM2QjBGRDMxNkQyMTI2MzkyNDQ5MUUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYD
BAJnGNQwDQQCAAIwBwMFACQG6QAwDQYJKoZIhvcNAQELBQADggEBAJtNN8Ap2HJW
osS6pC/+6RffHefGenq27yOV2HnYpSBD0qskYTmBeMEgnXofLxDCuZz7PsZRO6eg
w/OwIXvgxMxhTN6uluBJ3HzXfDH05uxyvIY3iPwn9xiHAhSSnDKPyJGzWtu9HE3L
99Y6+qxrwx6J0vxvf8Rb+Kv6/VXoF7jd6/WAM0lruKV7/kf32jZq83Mhbdt7Th3B
/ZsA1fVX5xz5rYnU+dMQyITGBjMAD4XnvQVHqD5LZHgFvevr4bqrgn/gp3ANFFG3
loyZWrWcSsvzbJIibrLzp7HYRs9F5npgAtX4RqWkYBstJYgL4D0QS+DTivfLv+Ty
Cv5TxBtvZmo=
-----END CERTIFICATE-----
Generated at Fri Mar 29 12:21:53 2024 by rpki-client on console-fra.rpki-client.org