Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer
File:                     AA3D7F503C99C0AB630D54C528383C3402D6AF21.cer (raw, json)
Hash identifier:          GM7zJ5+oEXV4YmS9FqozXz4JUDaIHxW3UVevUzq/Hvg=
Subject key identifier:   AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Certificate issuer:       /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial:       656124D792D8A9D7E91282924FF918A92BC78D6A
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Tue 15 Jul 2025 22:29:39 +0000
Certificate not after:    Tue 14 Jul 2026 22:34:39 +0000
Subordinate resources:    IP: 160.25.152.0/24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 24 Jul 2025 16:46:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:61:24:d7:92:d8:a9:d7:e9:12:82:92:4f:f9:18:a9:2b:c7:8d:6a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
        Validity
            Not Before: Jul 15 22:29:39 2025 GMT
            Not After : Jul 14 22:34:39 2026 GMT
        Subject: CN=AA3D7F503C99C0AB630D54C528383C3402D6AF21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:78:f6:a7:18:81:05:ff:24:6e:2f:de:6a:6c:
                    65:0a:b1:af:3b:1f:7c:d0:f0:a4:74:98:7b:79:56:
                    3b:eb:5c:f4:e0:e7:aa:f5:59:58:99:05:71:06:25:
                    0f:82:73:7f:1e:3c:65:5a:8d:f3:67:ce:1f:cd:2b:
                    cb:e8:a4:b6:64:7c:fd:c6:1d:7d:b4:44:df:58:6f:
                    15:cc:00:b8:80:16:52:94:3c:12:ef:81:fa:e0:b4:
                    11:53:cb:80:2d:6f:9e:33:41:46:73:4b:27:36:2a:
                    fd:dd:97:0a:44:b8:1c:25:b7:f1:9d:ad:dd:cd:79:
                    7d:64:eb:91:fc:32:ff:6c:2c:cc:9e:4d:48:80:52:
                    1a:90:f0:42:40:e7:67:7f:cb:77:af:f2:e7:b5:81:
                    10:83:ba:c1:42:fd:8d:c9:f1:07:91:5c:78:98:a8:
                    da:de:c8:75:1e:f6:e7:59:1f:24:0a:7c:47:34:81:
                    ed:97:18:1a:1c:6b:cf:50:83:4d:c4:99:10:12:b6:
                    c8:df:de:d1:86:f6:00:35:90:8a:ad:f4:1f:26:4c:
                    fd:7d:e3:ea:e5:6b:8b:60:58:f2:d3:fe:55:0f:5e:
                    ce:c1:46:ea:46:75:27:e3:8b:0e:4e:3b:d2:74:aa:
                    cb:ff:aa:ab:82:31:37:c7:6c:9b:f5:a1:ef:e7:a3:
                    4e:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                AA:3D:7F:50:3C:99:C0:AB:63:0D:54:C5:28:38:3C:34:02:D6:AF:21
            X509v3 Authority Key Identifier:
                keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/96cd0325-31af-4ffe-8beb-e77997e6c3e1/0/AA3D7F503C99C0AB630D54C528383C3402D6AF21.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.25.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:03:17:4c:f5:3b:52:4a:8f:b0:fa:3f:56:a4:a0:3e:c6:8e:
         ae:80:51:52:7f:bd:a4:55:4d:2f:db:0d:73:46:c8:2a:d8:f4:
         4a:38:ed:34:20:c0:9f:fb:f1:62:ad:92:7e:b5:81:68:bc:bf:
         4a:f5:6d:66:e4:b5:d1:79:18:a8:40:a7:9c:6e:b2:60:e9:ab:
         0a:6d:30:5f:1e:99:12:45:83:da:a6:55:94:88:91:3b:00:ec:
         8e:87:de:49:00:cc:3b:3d:6e:09:37:ba:16:3a:90:55:ca:be:
         2c:46:12:0e:8c:89:ba:eb:eb:05:d8:c1:4f:23:b6:45:7f:3e:
         b4:26:fa:08:41:18:a8:1b:19:bd:15:29:a3:c3:86:12:0c:d2:
         e1:09:6e:8c:86:a6:8b:1f:0f:a1:7f:17:1e:cb:24:cd:23:fe:
         8a:21:94:91:3b:f1:10:83:22:b2:59:9f:a6:88:01:9a:e9:62:
         44:3a:f6:9c:c6:13:bf:2d:80:14:01:e4:db:3e:f9:ae:dc:88:
         a2:93:e3:d0:77:5c:0d:d7:0d:5a:6c:67:87:c0:0d:2a:54:7b:
         c6:47:e1:2e:57:63:05:e6:fd:0b:f2:be:1a:9d:2d:6e:a0:49:
         07:20:b6:d8:94:6f:91:02:48:c7:91:0a:4e:5f:81:52:4e:1c:
         35:cb:e4:6f
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUZWEk15LYqdfpEoKST/kYqSvHjWowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDcxNTIyMjkzOVoX
DTI2MDcxNDIyMzQzOVowMzExMC8GA1UEAxMoQUEzRDdGNTAzQzk5QzBBQjYzMEQ1
NEM1MjgzODNDMzQwMkQ2QUYyMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMV49qcYgQX/JG4v3mpsZQqxrzsffNDwpHSYe3lWO+tc9ODnqvVZWJkFcQYl
D4Jzfx48ZVqN82fOH80ry+iktmR8/cYdfbRE31hvFcwAuIAWUpQ8Eu+B+uC0EVPL
gC1vnjNBRnNLJzYq/d2XCkS4HCW38Z2t3c15fWTrkfwy/2wszJ5NSIBSGpDwQkDn
Z3/Ld6/y57WBEIO6wUL9jcnxB5FceJio2t7IdR7251kfJAp8RzSB7ZcYGhxrz1CD
TcSZEBK2yN/e0Yb2ADWQiq30HyZM/X3j6uVri2BY8tP+VQ9ezsFG6kZ1J+OLDk47
0nSqy/+qq4IxN8dsm/Wh7+ejTl0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFKo9f1A8mcCrYw1UxSg4PDQC1q8hMB8GA1UdIwQYMBaAFGD4
vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x
LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ
aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by85NmNkMDMyNS0zMWFmLTRmZmUtOGJlYi1lNzc5OTdlNmMzZTEvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk2Y2QwMzI1
LTMxYWYtNGZmZS04YmViLWU3Nzk5N2U2YzNlMS8wL0FBM0Q3RjUwM0M5OUMwQUI2
MzBENTRDNTI4MzgzQzM0MDJENkFGMjEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACgGZgwDQYJKoZIhvcNAQELBQADggEBAIYDF0z1O1JKj7D6P1akoD7Gjq6AUVJ/
vaRVTS/bDXNGyCrY9Eo47TQgwJ/78WKtkn61gWi8v0r1bWbktdF5GKhAp5xusmDp
qwptMF8emRJFg9qmVZSIkTsA7I6H3kkAzDs9bgk3uhY6kFXKvixGEg6Mibrr6wXY
wU8jtkV/PrQm+ghBGKgbGb0VKaPDhhIM0uEJboyGposfD6F/Fx7LJM0j/oohlJE7
8RCDIrJZn6aIAZrpYkQ69pzGE78tgBQB5Ns++a7ciKKT49B3XA3XDVpsZ4fADSpU
e8ZH4S5XYwXm/QvyvhqdLW6gSQcgttiUb5ECSMeRCk5fgVJOHDXL5G8=
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:31:03 2025 by rpki-client