Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/D8D82E797873C8877988A42E5C473D1919238C2A.cer
File:                     D8D82E797873C8877988A42E5C473D1919238C2A.cer (raw, json)
Hash identifier:          jaQYrTto+ms0UUcjc5uUmZURWQYf+2OA/STCMioknQo=
Subject key identifier:   D8:D8:2E:79:78:73:C8:87:79:88:A4:2E:5C:47:3D:19:19:23:8C:2A
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Certificate issuer:       /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial:       3DA3A135BAC8829E621EE7A197F36825F19FBCD2
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/e5de71ac-7f9f-47d4-9533-9df82afc5973/0/D8D82E797873C8877988A42E5C473D1919238C2A.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/e5de71ac-7f9f-47d4-9533-9df82afc5973/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Tue 07 Jan 2025 02:42:41 +0000
Certificate not after:    Tue 06 Jan 2026 02:47:41 +0000
Subordinate resources:    IP: 157.15.42.0/23
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:a3:a1:35:ba:c8:82:9e:62:1e:e7:a1:97:f3:68:25:f1:9f:bc:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000
        Validity
            Not Before: Jan  7 02:42:41 2025 GMT
            Not After : Jan  6 02:47:41 2026 GMT
        Subject: CN=D8D82E797873C8877988A42E5C473D1919238C2A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:74:eb:4f:31:5a:1b:d6:cc:2f:48:f4:50:00:
                    3a:ec:96:0f:82:14:0f:ba:b2:76:fd:e4:1e:55:49:
                    18:3f:27:30:ae:95:2b:8e:68:93:70:8e:b6:2b:ba:
                    d2:a8:ba:7e:3c:95:45:90:53:02:49:03:15:34:f8:
                    fa:3b:08:c5:0f:b1:53:c1:ca:70:f6:8d:5a:b0:d7:
                    34:4c:39:25:69:71:cf:76:f6:47:cd:35:b4:3c:60:
                    f2:30:65:5b:40:c8:ed:0a:14:0a:78:b0:7d:69:4c:
                    e3:13:0b:99:a8:09:e6:b2:0e:02:99:7d:64:b0:17:
                    ff:82:f3:51:14:9d:f2:f4:8a:72:80:fb:1b:07:e3:
                    b5:74:92:21:63:5a:7e:b1:60:a8:97:43:83:3b:fd:
                    71:38:f1:9d:52:fa:8b:52:1e:57:68:4c:83:d1:c9:
                    b0:c0:c0:ad:64:a0:7e:97:5e:68:9e:b2:73:b5:a5:
                    8b:14:17:86:21:64:26:cd:e0:87:bb:41:a2:28:60:
                    ae:11:4b:90:bf:a2:5a:4b:f0:0f:29:97:6c:46:80:
                    24:02:ba:72:7f:20:54:72:fe:35:35:f1:d9:4d:e5:
                    46:38:7d:5e:72:fc:42:0a:dc:b6:0d:57:44:66:a7:
                    79:ed:67:1f:8f:4b:6d:17:d6:24:e6:c0:ec:ff:10:
                    73:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                D8:D8:2E:79:78:73:C8:87:79:88:A4:2E:5C:47:3D:19:19:23:8C:2A
            X509v3 Authority Key Identifier:
                keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/e5de71ac-7f9f-47d4-9533-9df82afc5973/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/e5de71ac-7f9f-47d4-9533-9df82afc5973/0/D8D82E797873C8877988A42E5C473D1919238C2A.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.15.42.0/23

    Signature Algorithm: sha256WithRSAEncryption
         4d:bb:95:03:6b:b7:19:23:10:ca:ca:0a:e3:c8:fc:fa:24:c8:
         bc:8c:74:7c:0a:ad:86:dc:10:bf:f8:85:95:31:60:94:69:1c:
         65:01:95:a3:2e:0e:3d:a8:a8:39:d6:02:c7:83:d4:37:f0:f3:
         3a:80:14:fd:3f:de:11:f4:72:34:9d:d0:ed:04:3b:6b:d2:72:
         81:f2:7e:d2:71:05:e0:55:df:5a:8b:f0:5b:dc:ad:5a:8e:ef:
         cd:e1:7e:41:6a:f0:38:e1:44:78:ba:e2:5c:48:ff:91:dc:8f:
         3f:8f:9e:f2:9b:5d:aa:cd:8f:91:c7:3d:b8:2e:6b:76:84:ca:
         0e:f7:27:1e:7e:18:b4:82:1d:7c:d3:a3:d3:fb:36:8a:0b:b4:
         b1:1a:5b:20:b8:e4:53:94:99:a9:66:b2:38:f7:d6:3f:90:b1:
         63:fd:dc:0d:1a:66:fd:79:6b:00:98:7e:8c:08:15:c4:57:37:
         d5:31:39:8f:22:dc:8e:99:72:63:32:ed:92:6b:10:72:5a:d1:
         50:d9:ea:1f:f3:4a:ff:f3:37:1c:83:7f:60:1a:2f:d8:a8:6f:
         47:6b:93:f0:28:e5:e6:2d:6a:c1:83:35:f2:f3:06:11:f7:f0:
         e5:c5:16:ed:8b:15:d4:a7:68:55:90:65:89:3d:7a:04:44:bf:
         cc:fb:a7:ca
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUPaOhNbrIgp5iHuehl/NoJfGfvNIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDEwNzAyNDI0MVoX
DTI2MDEwNjAyNDc0MVowMzExMC8GA1UEAxMoRDhEODJFNzk3ODczQzg4Nzc5ODhB
NDJFNUM0NzNEMTkxOTIzOEMyQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALh0608xWhvWzC9I9FAAOuyWD4IUD7qydv3kHlVJGD8nMK6VK45ok3COtiu6
0qi6fjyVRZBTAkkDFTT4+jsIxQ+xU8HKcPaNWrDXNEw5JWlxz3b2R801tDxg8jBl
W0DI7QoUCniwfWlM4xMLmagJ5rIOApl9ZLAX/4LzURSd8vSKcoD7GwfjtXSSIWNa
frFgqJdDgzv9cTjxnVL6i1IeV2hMg9HJsMDArWSgfpdeaJ6yc7WlixQXhiFkJs3g
h7tBoihgrhFLkL+iWkvwDymXbEaAJAK6cn8gVHL+NTXx2U3lRjh9XnL8Qgrctg1X
RGanee1nH49LbRfWJObA7P8Qc2kCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFNjYLnl4c8iHeYikLlxHPRkZI4wqMB8GA1UdIwQYMBaAFGD4
vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x
LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ
aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by9lNWRlNzFhYy03ZjlmLTQ3ZDQtOTUzMy05ZGY4MmFmYzU5NzMvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U1ZGU3MWFj
LTdmOWYtNDdkNC05NTMzLTlkZjgyYWZjNTk3My8wL0Q4RDgyRTc5Nzg3M0M4ODc3
OTg4QTQyRTVDNDczRDE5MTkyMzhDMkEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAGdDyowDQYJKoZIhvcNAQELBQADggEBAE27lQNrtxkjEMrKCuPI/PokyLyMdHwK
rYbcEL/4hZUxYJRpHGUBlaMuDj2oqDnWAseD1Dfw8zqAFP0/3hH0cjSd0O0EO2vS
coHyftJxBeBV31qL8FvcrVqO783hfkFq8DjhRHi64lxI/5Hcjz+PnvKbXarNj5HH
Pbgua3aEyg73Jx5+GLSCHXzTo9P7NooLtLEaWyC45FOUmalmsjj31j+QsWP93A0a
Zv15awCYfowIFcRXN9UxOY8i3I6ZcmMy7ZJrEHJa0VDZ6h/zSv/zNxyDf2AaL9io
b0drk/Ao5eYtasGDNfLzBhH38OXFFu2LFdSnaFWQZYk9egREv8z7p8o=
-----END CERTIFICATE-----