Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/986EFE1C2BB8B0E4E1472E9DAA5B775AA4F6689F.cer
File:                     986EFE1C2BB8B0E4E1472E9DAA5B775AA4F6689F.cer (raw, json)
Hash identifier:          TPAo2cwBOPTHoOlYxZ7YX/dUm7O/xU1TLHQGqdvp0jQ=
Subject key identifier:   98:6E:FE:1C:2B:B8:B0:E4:E1:47:2E:9D:AA:5B:77:5A:A4:F6:68:9F
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       71324BC41578C6B8D3C9D0045B3F7E5FFC9574E2
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/3162d15b-102b-431f-a539-0a932b31366c/0/986EFE1C2BB8B0E4E1472E9DAA5B775AA4F6689F.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/3162d15b-102b-431f-a539-0a932b31366c/0
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Sun 30 Jul 2023 21:59:00 +0000
Certificate not after:    Sun 28 Jul 2024 22:04:00 +0000
Subordinate resources:    IP: 103.126.56.0/22
                          IP: 2001:df7:3b00::/48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 01 Apr 2024 16:09:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:32:4b:c4:15:78:c6:b8:d3:c9:d0:04:5b:3f:7e:5f:fc:95:74:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Jul 30 21:59:00 2023 GMT
            Not After : Jul 28 22:04:00 2024 GMT
        Subject: CN=986EFE1C2BB8B0E4E1472E9DAA5B775AA4F6689F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:47:54:b2:f7:57:12:fb:d4:78:30:a2:f4:5d:
                    c7:47:73:58:9c:b0:43:3e:47:f6:67:51:b2:a7:75:
                    54:9c:f8:79:9a:c9:f8:be:c3:6b:a0:8f:f2:8e:72:
                    96:6a:b6:50:a0:31:bc:a9:98:57:d1:76:27:5a:b8:
                    bb:1a:77:b7:64:d4:10:80:b5:d7:dd:50:08:0b:90:
                    23:93:e1:ad:ff:a6:07:1a:60:5b:f4:5c:33:06:e2:
                    99:e8:e1:6e:5c:6f:c0:08:d8:f4:22:b5:d2:d2:87:
                    41:15:1f:e5:af:b4:19:13:9b:09:11:9a:c7:83:ea:
                    84:33:8e:b3:ba:7b:af:8c:49:1d:0d:c9:fd:e8:cf:
                    dd:3a:0a:ec:d9:9f:03:e9:39:3d:b4:6a:16:03:20:
                    1f:4a:04:d5:44:2c:53:67:00:24:8b:60:34:ea:30:
                    61:20:38:a4:11:cb:f7:98:b8:bb:e5:62:09:a2:4b:
                    bc:d5:2c:7c:f7:7d:d2:e2:95:eb:96:e0:c1:93:e7:
                    42:a0:bc:cf:91:a2:1d:83:2c:d2:9a:d6:af:e6:d9:
                    16:db:f4:47:b8:d1:4f:c6:7d:4c:4b:bf:7f:6f:ea:
                    91:df:57:80:22:89:bd:99:67:2c:5e:51:b2:81:5b:
                    83:f2:1c:54:25:10:e0:bb:91:73:61:6c:de:34:99:
                    ec:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                98:6E:FE:1C:2B:B8:B0:E4:E1:47:2E:9D:AA:5B:77:5A:A4:F6:68:9F
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/3162d15b-102b-431f-a539-0a932b31366c/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/3162d15b-102b-431f-a539-0a932b31366c/0/986EFE1C2BB8B0E4E1472E9DAA5B775AA4F6689F.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.126.56.0/22
                IPv6:
                  2001:df7:3b00::/48

    Signature Algorithm: sha256WithRSAEncryption
         38:12:7c:64:dc:d7:4f:c4:8d:5d:82:5b:b7:2c:e0:00:df:a3:
         60:d9:e8:a5:a1:38:70:11:54:2c:20:d9:e1:13:a8:74:5a:49:
         a2:a7:ce:bd:77:06:c5:c9:d6:5e:25:82:b1:d7:99:57:43:4c:
         83:e4:ef:ab:c9:76:c4:fb:ae:d3:0d:12:06:8a:cb:b5:71:e4:
         c4:0b:f4:6f:b3:d1:c6:e6:1d:5c:6e:ea:3c:87:e1:21:74:0f:
         29:63:39:de:88:ba:7f:ab:b4:57:ac:88:a8:ee:12:cb:a8:b9:
         3d:bc:07:39:5c:09:0d:0f:cc:c3:ba:fc:60:ba:dc:67:80:2e:
         11:31:9e:2b:8a:d1:03:5f:f8:83:6c:3e:97:8a:67:8a:8e:c1:
         1d:3a:83:ce:f2:00:5c:11:a0:b6:be:6d:33:29:8f:7f:3f:15:
         5e:0b:6c:70:ad:02:a3:bf:92:7a:61:c5:9a:87:0d:66:b0:ae:
         1b:c4:05:ad:ef:a5:27:5c:26:43:0a:2a:f7:4e:83:39:14:86:
         c8:34:e4:64:20:33:a2:ce:94:74:5f:81:43:a4:fe:d8:1c:17:
         ef:a0:7c:ba:6f:45:d3:78:66:29:1b:a9:38:d2:ce:0d:87:d3:
         46:29:05:40:f1:67:36:f7:11:5b:57:94:9d:b8:96:65:07:31:
         ec:14:e7:ba
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIUcTJLxBV4xrjTydAEWz9+X/yVdOIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTIzMDczMDIxNTkwMFoX
DTI0MDcyODIyMDQwMFowMzExMC8GA1UEAxMoOTg2RUZFMUMyQkI4QjBFNEUxNDcy
RTlEQUE1Qjc3NUFBNEY2Njg5RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhHVLL3VxL71HgwovRdx0dzWJywQz5H9mdRsqd1VJz4eZrJ+L7Da6CP8o5y
lmq2UKAxvKmYV9F2J1q4uxp3t2TUEIC1191QCAuQI5Phrf+mBxpgW/RcMwbimejh
blxvwAjY9CK10tKHQRUf5a+0GRObCRGax4PqhDOOs7p7r4xJHQ3J/ejP3ToK7Nmf
A+k5PbRqFgMgH0oE1UQsU2cAJItgNOowYSA4pBHL95i4u+ViCaJLvNUsfPd90uKV
65bgwZPnQqC8z5GiHYMs0prWr+bZFtv0R7jRT8Z9TEu/f2/qkd9XgCKJvZlnLF5R
soFbg/IcVCUQ4LuRc2Fs3jSZ7LECAwEAAaOCAskwggLFMA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFJhu/hwruLDk4Ucunapbd1qk9mifMB8GA1UdIwQYMBaAFLqP
d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y
L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv
OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by8zMTYyZDE1Yi0xMDJiLTQzMWYtYTUzOS0wYTkzMmIzMTM2NmMvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMxNjJkMTVi
LTEwMmItNDMxZi1hNTM5LTBhOTMyYjMxMzY2Yy8wLzk4NkVGRTFDMkJCOEIwRTRF
MTQ3MkU5REFBNUI3NzVBQTRGNjY4OUYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYD
BAJnfjgwDwQCAAIwCQMHACABDfc7ADANBgkqhkiG9w0BAQsFAAOCAQEAOBJ8ZNzX
T8SNXYJbtyzgAN+jYNnopaE4cBFULCDZ4ROodFpJoqfOvXcGxcnWXiWCsdeZV0NM
g+Tvq8l2xPuu0w0SBorLtXHkxAv0b7PRxuYdXG7qPIfhIXQPKWM53oi6f6u0V6yI
qO4Sy6i5PbwHOVwJDQ/Mw7r8YLrcZ4AuETGeK4rRA1/4g2w+l4pnio7BHTqDzvIA
XBGgtr5tMymPfz8VXgtscK0Co7+SemHFmocNZrCuG8QFre+lJ1wmQwoq906DORSG
yDTkZCAzos6UdF+BQ6T+2BwX76B8um9F03hmKRupONLODYfTRikFQPFnNvcRW1eU
nbiWZQcx7BTnug==
-----END CERTIFICATE-----
Generated at Fri Mar 29 12:21:57 2024 by rpki-client on console-fra.rpki-client.org