Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/394BCC5C0310DB0117DDC1DC1A176026DB421D88.cer
File:                     394BCC5C0310DB0117DDC1DC1A176026DB421D88.cer (raw, json)
Hash identifier:          lF1rQTFOuxq8fEQd14JU8FR+/YVErrbyZtekPauU/+w=
Subject key identifier:   39:4B:CC:5C:03:10:DB:01:17:DD:C1:DC:1A:17:60:26:DB:42:1D:88
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Certificate issuer:       /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial:       7C49B3CDCF3C60CD526AD656FAEE1BF51A4B2CB9
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/97134f18-11e1-41ae-bb05-9fbf48212b7d/0/394BCC5C0310DB0117DDC1DC1A176026DB421D88.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/97134f18-11e1-41ae-bb05-9fbf48212b7d/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Thu 30 May 2024 07:24:23 +0000
Certificate not after:    Thu 29 May 2025 07:29:23 +0000
Subordinate resources:    IP: 157.66.190.0/24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:49:b3:cd:cf:3c:60:cd:52:6a:d6:56:fa:ee:1b:f5:1a:4b:2c:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000
        Validity
            Not Before: May 30 07:24:23 2024 GMT
            Not After : May 29 07:29:23 2025 GMT
        Subject: CN=394BCC5C0310DB0117DDC1DC1A176026DB421D88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:21:c3:f3:25:f7:70:54:22:30:c7:3c:e6:b6:
                    c9:31:34:57:de:ed:bd:f6:d0:3e:98:09:8e:dd:7d:
                    b4:67:f0:ed:f6:9a:c8:0b:90:9f:38:4c:a4:b2:bc:
                    6d:40:2c:b0:e7:4e:ea:b0:f4:03:62:f0:8e:9f:15:
                    9d:79:a0:e1:db:89:e9:32:0a:99:a5:e2:52:23:61:
                    fa:24:a0:4c:be:4c:20:a8:60:c7:32:71:00:bb:74:
                    27:fd:69:19:e3:87:4e:40:04:62:05:44:f9:c4:c7:
                    d5:0d:f3:56:b2:5e:cb:5e:de:9c:1b:a6:94:cb:54:
                    d0:69:3e:9b:ea:73:9f:55:e0:b0:c5:82:af:d0:04:
                    4f:88:0e:ad:e0:8e:72:86:cb:31:79:ec:e8:1a:d9:
                    a1:cf:1b:5e:ed:07:2d:7a:d9:f5:6b:ba:c3:1a:3a:
                    7f:46:9c:ee:af:e9:97:4e:e8:54:b1:87:fe:a6:5f:
                    6f:38:75:c9:12:6b:ae:77:08:8f:50:b5:d6:88:24:
                    0e:56:96:a3:4e:8b:94:08:d6:8b:3f:fe:11:b7:70:
                    8c:c2:cd:1d:02:52:69:94:f5:83:ed:e1:93:54:44:
                    30:fd:c2:96:57:a9:26:dc:95:7b:de:f5:f0:49:11:
                    37:c1:5e:d9:76:00:82:fb:29:40:02:31:c9:76:ec:
                    ef:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                39:4B:CC:5C:03:10:DB:01:17:DD:C1:DC:1A:17:60:26:DB:42:1D:88
            X509v3 Authority Key Identifier:
                keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/97134f18-11e1-41ae-bb05-9fbf48212b7d/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/97134f18-11e1-41ae-bb05-9fbf48212b7d/0/394BCC5C0310DB0117DDC1DC1A176026DB421D88.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.66.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:9c:78:3a:a2:f3:a1:a3:1b:63:34:d2:e5:f6:71:da:01:35:
         d5:8e:00:30:45:7e:1a:01:41:c7:50:f0:2d:5e:58:a6:fd:d0:
         8d:d3:09:5f:0d:20:75:96:06:9b:02:27:5e:75:fc:74:82:57:
         01:f0:1d:2f:79:86:11:11:bc:b2:c4:3e:1c:9e:15:23:c4:7e:
         b0:71:be:37:2b:c5:b4:0f:b2:68:9c:8f:d2:de:ee:06:4a:46:
         e3:fc:3b:30:a1:95:28:e0:2d:ec:96:6a:ba:83:95:c6:ea:4e:
         fe:52:64:ae:9c:87:83:03:37:56:10:84:18:24:b2:8c:7f:b3:
         5a:80:1b:02:65:60:16:5a:0f:30:b2:a5:06:5f:b2:29:02:71:
         37:5f:a8:09:09:a8:39:32:ae:e0:ac:df:fc:d1:b2:69:c2:be:
         fe:43:90:e8:f1:57:8b:f0:e8:2b:63:fe:26:54:77:47:de:1b:
         0f:6c:ef:ef:27:a3:13:30:ca:2f:89:79:36:81:ec:e0:e2:0b:
         e7:68:91:7d:80:7b:23:c2:e4:53:0e:54:bc:b0:a1:dc:2b:58:
         c7:99:ed:b1:26:9d:e1:2f:17:d2:ed:e8:ed:f5:57:23:0e:5a:
         2a:b4:db:95:89:32:a3:b5:f3:a5:a0:89:8f:b5:a8:a2:1f:0f:
         8d:8e:d5:64
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUfEmzzc88YM1SatZW+u4b9RpLLLkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDUzMDA3MjQyM1oX
DTI1MDUyOTA3MjkyM1owMzExMC8GA1UEAxMoMzk0QkNDNUMwMzEwREIwMTE3RERD
MURDMUExNzYwMjZEQjQyMUQ4ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQhw/Ml93BUIjDHPOa2yTE0V97tvfbQPpgJjt19tGfw7faayAuQnzhMpLK8
bUAssOdO6rD0A2Lwjp8VnXmg4duJ6TIKmaXiUiNh+iSgTL5MIKhgxzJxALt0J/1p
GeOHTkAEYgVE+cTH1Q3zVrJey17enBumlMtU0Gk+m+pzn1XgsMWCr9AET4gOreCO
cobLMXns6BrZoc8bXu0HLXrZ9Wu6wxo6f0ac7q/pl07oVLGH/qZfbzh1yRJrrncI
j1C11ogkDlaWo06LlAjWiz/+EbdwjMLNHQJSaZT1g+3hk1REMP3CllepJtyVe971
8EkRN8Fe2XYAgvspQAIxyXbs7zsCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFDlLzFwDENsBF93B3BoXYCbbQh2IMB8GA1UdIwQYMBaAFGD4
vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x
LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ
aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by85NzEzNGYxOC0xMWUxLTQxYWUtYmIwNS05ZmJmNDgyMTJiN2QvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk3MTM0ZjE4
LTExZTEtNDFhZS1iYjA1LTlmYmY0ODIxMmI3ZC8wLzM5NEJDQzVDMDMxMERCMDEx
N0REQzFEQzFBMTc2MDI2REI0MjFEODgubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACdQr4wDQYJKoZIhvcNAQELBQADggEBAAKceDqi86GjG2M00uX2cdoBNdWOADBF
fhoBQcdQ8C1eWKb90I3TCV8NIHWWBpsCJ151/HSCVwHwHS95hhERvLLEPhyeFSPE
frBxvjcrxbQPsmicj9Le7gZKRuP8OzChlSjgLeyWarqDlcbqTv5SZK6ch4MDN1YQ
hBgksox/s1qAGwJlYBZaDzCypQZfsikCcTdfqAkJqDkyruCs3/zRsmnCvv5DkOjx
V4vw6Ctj/iZUd0feGw9s7+8noxMwyi+JeTaB7ODiC+dokX2AeyPC5FMOVLywodwr
WMeZ7bEmneEvF9Lt6O31VyMOWiq025WJMqO186WgiY+1qKIfD42O1WQ=
-----END CERTIFICATE-----