Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/4617272EE875B55CD5F2A88330A95F6410A3EB1B.cer
File:                     4617272EE875B55CD5F2A88330A95F6410A3EB1B.cer (raw, json)
Hash identifier:          xyoGRRokyKnIr1ts8ngooXhUvgxCy7fXK8xdazqbFTA=
Subject key identifier:   46:17:27:2E:E8:75:B5:5C:D5:F2:A8:83:30:A9:5F:64:10:A3:EB:1B
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Certificate issuer:       /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial:       4C44CF35777B30BEA3756B34DFD4F92C2A387446
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/9fdaf06a-f624-42cf-bb19-b6bbf931aac8/0/4617272EE875B55CD5F2A88330A95F6410A3EB1B.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/9fdaf06a-f624-42cf-bb19-b6bbf931aac8/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Fri 29 Mar 2024 05:39:13 +0000
Certificate not after:    Fri 28 Mar 2025 05:44:13 +0000
Subordinate resources:    IP: 157.15.44.0/23

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 23 Nov 2024 14:24:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:44:cf:35:77:7b:30:be:a3:75:6b:34:df:d4:f9:2c:2a:38:74:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
        Validity
            Not Before: Mar 29 05:39:13 2024 GMT
            Not After : Mar 28 05:44:13 2025 GMT
        Subject: CN=4617272EE875B55CD5F2A88330A95F6410A3EB1B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:47:af:46:af:6e:1c:52:a4:5a:90:60:13:02:
                    56:69:62:b9:7b:0c:e7:7e:fa:64:76:27:3c:b2:75:
                    66:66:ac:e2:86:0b:82:90:7c:e8:3b:e0:fa:c1:4c:
                    69:13:fb:b6:01:32:62:ea:9c:e3:93:e2:e8:3d:6c:
                    32:54:1c:a1:65:ce:cc:a3:62:5a:cd:fd:29:b9:96:
                    5e:84:87:f6:5a:0b:63:3e:06:0c:ca:3e:22:dd:fc:
                    6a:0d:4d:fe:5a:e1:fb:97:c2:e1:eb:b9:7b:e4:d7:
                    a1:25:22:92:6b:56:c9:5c:5e:f3:1f:3b:0c:96:f4:
                    5c:82:c7:3c:80:d2:83:8b:e8:77:48:5c:79:62:f5:
                    f7:d2:5c:a5:2b:1c:ea:2a:a7:4a:e9:b5:64:c3:7f:
                    c9:2e:dd:07:3c:95:d0:be:53:48:9e:35:9c:32:d4:
                    88:db:ae:4d:7b:b5:28:ba:72:f0:98:23:ba:71:70:
                    d5:4d:4f:2a:6b:e3:b8:fd:ad:16:76:93:35:7a:81:
                    ef:c5:19:d6:6b:6a:e3:d0:3a:76:54:7d:9b:63:d0:
                    b4:74:d3:ce:61:fb:97:ec:46:80:01:33:46:2d:44:
                    9f:39:95:cb:df:06:9e:93:bc:5b:76:13:67:39:05:
                    eb:5f:2c:3d:d2:6b:b8:26:76:7c:a8:9a:6f:5b:52:
                    d1:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                46:17:27:2E:E8:75:B5:5C:D5:F2:A8:83:30:A9:5F:64:10:A3:EB:1B
            X509v3 Authority Key Identifier:
                keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/9fdaf06a-f624-42cf-bb19-b6bbf931aac8/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/9fdaf06a-f624-42cf-bb19-b6bbf931aac8/0/4617272EE875B55CD5F2A88330A95F6410A3EB1B.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.15.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3d:b0:01:07:cd:93:e8:a1:87:a3:eb:96:d0:ce:24:03:dc:e1:
         8e:f5:ba:9c:94:23:27:f5:e3:07:f2:99:f7:21:cf:9a:0b:61:
         cc:0c:6a:5c:81:39:80:ab:67:5f:ec:51:44:f0:b6:82:a1:2f:
         ca:3f:79:0d:8f:9c:d8:a4:ea:a7:4f:5b:f9:01:50:82:5d:14:
         78:9a:db:85:f5:a4:32:5a:e8:76:d4:0a:df:11:de:4b:ca:34:
         1a:f6:bf:5a:c0:1b:f6:cc:6a:97:74:3c:92:10:cc:00:91:e5:
         3c:fa:59:8e:9f:5b:0c:12:a0:90:a6:e5:cf:9f:0c:b2:b8:85:
         d7:f5:a8:70:b5:6c:07:02:bb:eb:bc:79:ec:3f:2d:a5:2a:10:
         de:36:f0:be:fc:d9:fe:32:5c:7d:a8:15:84:a3:2d:96:82:51:
         33:35:ab:3f:ef:fa:d0:0d:08:cc:a6:70:f3:33:ae:52:06:6a:
         3c:e5:7a:f4:31:96:be:db:ef:7c:55:60:b2:87:32:d3:bc:77:
         ba:3e:82:21:44:b2:79:5b:b4:41:df:18:79:eb:55:8f:10:5b:
         3a:98:b4:d3:43:bf:1a:92:47:92:94:07:fc:03:26:fd:eb:bc:
         7f:f9:b5:af:cb:e5:0a:f8:c3:bf:4f:3b:02:97:88:86:06:c2:
         06:73:3c:5b
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUTETPNXd7ML6jdWs039T5LCo4dEYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDMyOTA1MzkxM1oX
DTI1MDMyODA1NDQxM1owMzExMC8GA1UEAxMoNDYxNzI3MkVFODc1QjU1Q0Q1RjJB
ODgzMzBBOTVGNjQxMEEzRUIxQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhHr0avbhxSpFqQYBMCVmliuXsM5376ZHYnPLJ1Zmas4oYLgpB86Dvg+sFM
aRP7tgEyYuqc45Pi6D1sMlQcoWXOzKNiWs39KbmWXoSH9loLYz4GDMo+It38ag1N
/lrh+5fC4eu5e+TXoSUikmtWyVxe8x87DJb0XILHPIDSg4vod0hceWL199JcpSsc
6iqnSum1ZMN/yS7dBzyV0L5TSJ41nDLUiNuuTXu1KLpy8JgjunFw1U1PKmvjuP2t
FnaTNXqB78UZ1mtq49A6dlR9m2PQtHTTzmH7l+xGgAEzRi1EnzmVy98GnpO8W3YT
ZzkF618sPdJruCZ2fKiab1tS0d0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFEYXJy7odbVc1fKogzCpX2QQo+sbMB8GA1UdIwQYMBaAFGD4
vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x
LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ
aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by85ZmRhZjA2YS1mNjI0LTQyY2YtYmIxOS1iNmJiZjkzMWFhYzgvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzlmZGFmMDZh
LWY2MjQtNDJjZi1iYjE5LWI2YmJmOTMxYWFjOC8wLzQ2MTcyNzJFRTg3NUI1NUNE
NUYyQTg4MzMwQTk1RjY0MTBBM0VCMUIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAGdDywwDQYJKoZIhvcNAQELBQADggEBAD2wAQfNk+ihh6PrltDOJAPc4Y71upyU
Iyf14wfymfchz5oLYcwMalyBOYCrZ1/sUUTwtoKhL8o/eQ2PnNik6qdPW/kBUIJd
FHia24X1pDJa6HbUCt8R3kvKNBr2v1rAG/bMapd0PJIQzACR5Tz6WY6fWwwSoJCm
5c+fDLK4hdf1qHC1bAcCu+u8eew/LaUqEN428L782f4yXH2oFYSjLZaCUTM1qz/v
+tANCMymcPMzrlIGajzlevQxlr7b73xVYLKHMtO8d7o+giFEsnlbtEHfGHnrVY8Q
WzqYtNNDvxqSR5KUB/wDJv3rvH/5ta/L5Qr4w79POwKXiIYGwgZzPFs=
-----END CERTIFICATE-----
Generated at Wed Nov 20 05:42:54 2024 by rpki-client on console-fra.rpki-client.org