Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/EF7CA82C5B45FD412DE892CB6DA7A8CA15C85B17.cer
File:                     EF7CA82C5B45FD412DE892CB6DA7A8CA15C85B17.cer (raw, json)
Hash identifier:          zXQ7TF7HHgfaIxwI5nYJii1+PETNuQ7q22cvGk2+0EA=
Subject key identifier:   EF:7C:A8:2C:5B:45:FD:41:2D:E8:92:CB:6D:A7:A8:CA:15:C8:5B:17
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Certificate issuer:       /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial:       156C3737D8A3767179EAB75905E85FD441427D30
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/f87dd597-40cd-409b-b3c5-2852ce014889/0/EF7CA82C5B45FD412DE892CB6DA7A8CA15C85B17.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/f87dd597-40cd-409b-b3c5-2852ce014889/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Fri 14 Jun 2024 04:31:53 +0000
Certificate not after:    Fri 13 Jun 2025 04:36:53 +0000
Subordinate resources:    IP: 157.66.86.0/23

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 23 Nov 2024 14:24:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:6c:37:37:d8:a3:76:71:79:ea:b7:59:05:e8:5f:d4:41:42:7d:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
        Validity
            Not Before: Jun 14 04:31:53 2024 GMT
            Not After : Jun 13 04:36:53 2025 GMT
        Subject: CN=EF7CA82C5B45FD412DE892CB6DA7A8CA15C85B17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:45:77:b6:d7:1e:1a:05:b0:dd:47:cc:b3:ff:
                    42:99:82:e3:5d:f4:76:24:bf:96:25:66:05:ac:67:
                    30:67:33:ef:8c:aa:6b:24:54:02:19:7e:5a:c3:94:
                    08:16:19:2d:ed:ff:55:2a:3e:87:ab:70:6f:7d:1f:
                    79:39:43:5c:cc:82:29:ad:1b:8b:e2:21:12:0f:f3:
                    be:bc:12:7a:95:ab:e4:d9:9c:f0:6d:49:55:e2:e4:
                    e5:62:6d:0c:4d:eb:be:2d:9f:cc:73:bc:86:63:77:
                    64:8f:95:ef:8d:ac:ca:22:c3:37:04:16:41:e9:97:
                    21:a9:b0:b1:87:f0:27:eb:74:ae:68:ca:70:d3:0c:
                    5b:d2:9b:02:bf:ae:a1:72:8f:09:6a:e2:9b:5d:dd:
                    4b:70:cb:75:c6:67:b9:f9:6d:fe:d6:a8:1e:37:e0:
                    93:52:b3:b9:bb:d3:a1:a6:6c:9a:4f:7c:dd:5b:cf:
                    b5:33:da:fb:40:fb:bb:c6:da:8f:a1:f4:3d:4a:ef:
                    49:73:14:54:85:4d:47:ff:23:7b:6b:53:54:08:e9:
                    01:3b:54:9f:8a:da:7c:48:f0:57:5b:8f:56:f8:52:
                    8d:b7:6a:10:18:8c:03:fb:c1:d3:b3:59:f2:f7:88:
                    3c:1c:19:ca:4c:40:da:d0:ab:0f:fa:67:7a:5b:ff:
                    82:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                EF:7C:A8:2C:5B:45:FD:41:2D:E8:92:CB:6D:A7:A8:CA:15:C8:5B:17
            X509v3 Authority Key Identifier:
                keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/f87dd597-40cd-409b-b3c5-2852ce014889/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/f87dd597-40cd-409b-b3c5-2852ce014889/0/EF7CA82C5B45FD412DE892CB6DA7A8CA15C85B17.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.66.86.0/23

    Signature Algorithm: sha256WithRSAEncryption
         16:cb:a0:a6:66:80:a7:f6:1e:a3:6d:ef:59:e4:8b:8c:2f:14:
         f8:7a:54:34:8a:8a:20:54:25:2c:d4:42:a0:5b:bc:36:3b:71:
         2b:70:cc:aa:44:be:68:05:16:78:a3:36:52:e4:94:e7:81:52:
         5f:ce:c6:4b:e3:68:b7:7e:91:a4:7e:06:9d:6f:f7:7a:77:cd:
         46:c8:d9:50:96:72:58:00:e2:39:f2:ea:65:74:b1:f8:e2:3c:
         6e:5c:3a:56:e8:25:4c:1b:ab:67:cd:3b:d8:e6:cc:be:0d:4b:
         8e:59:51:11:b3:af:5f:dd:08:e5:ac:ca:49:f2:ba:90:0b:cd:
         98:dc:1e:59:15:06:ab:eb:4f:97:af:c4:37:6f:a1:fd:1c:6a:
         e7:87:e7:1b:90:86:7b:06:69:fd:17:57:2b:14:55:eb:6e:5f:
         14:4d:de:d6:57:05:1e:90:80:0f:3d:13:93:d7:aa:18:68:df:
         ab:e6:3e:25:50:cb:88:1a:bf:46:59:34:a7:04:f4:44:87:57:
         53:36:7f:d1:58:2c:58:ac:45:31:c9:eb:48:9a:7b:da:41:8f:
         a6:60:8c:e8:cd:60:70:00:a0:ea:10:f1:a2:d2:cd:d7:06:4d:
         63:8a:eb:64:a0:0c:bc:08:ca:fe:ca:25:ab:a1:43:54:ea:dd:
         01:a6:c6:32
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUFWw3N9ijdnF56rdZBehf1EFCfTAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI0MDYxNDA0MzE1M1oX
DTI1MDYxMzA0MzY1M1owMzExMC8GA1UEAxMoRUY3Q0E4MkM1QjQ1RkQ0MTJERTg5
MkNCNkRBN0E4Q0ExNUM4NUIxNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9Fd7bXHhoFsN1HzLP/QpmC4130diS/liVmBaxnMGcz74yqayRUAhl+WsOU
CBYZLe3/VSo+h6twb30feTlDXMyCKa0bi+IhEg/zvrwSepWr5Nmc8G1JVeLk5WJt
DE3rvi2fzHO8hmN3ZI+V742syiLDNwQWQemXIamwsYfwJ+t0rmjKcNMMW9KbAr+u
oXKPCWrim13dS3DLdcZnuflt/taoHjfgk1KzubvToaZsmk983VvPtTPa+0D7u8ba
j6H0PUrvSXMUVIVNR/8je2tTVAjpATtUn4rafEjwV1uPVvhSjbdqEBiMA/vB07NZ
8veIPBwZykxA2tCrD/pnelv/gi0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFO98qCxbRf1BLeiSy22nqMoVyFsXMB8GA1UdIwQYMBaAFGD4
vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x
LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ
aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by9mODdkZDU5Ny00MGNkLTQwOWItYjNjNS0yODUyY2UwMTQ4ODkvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Y4N2RkNTk3
LTQwY2QtNDA5Yi1iM2M1LTI4NTJjZTAxNDg4OS8wL0VGN0NBODJDNUI0NUZENDEy
REU4OTJDQjZEQTdBOENBMTVDODVCMTcubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAGdQlYwDQYJKoZIhvcNAQELBQADggEBABbLoKZmgKf2HqNt71nki4wvFPh6VDSK
iiBUJSzUQqBbvDY7cStwzKpEvmgFFnijNlLklOeBUl/OxkvjaLd+kaR+Bp1v93p3
zUbI2VCWclgA4jny6mV0sfjiPG5cOlboJUwbq2fNO9jmzL4NS45ZURGzr1/dCOWs
yknyupALzZjcHlkVBqvrT5evxDdvof0caueH5xuQhnsGaf0XVysUVetuXxRN3tZX
BR6QgA89E5PXqhho36vmPiVQy4gav0ZZNKcE9ESHV1M2f9FYLFisRTHJ60iae9pB
j6ZgjOjNYHAAoOoQ8aLSzdcGTWOK62SgDLwIyv7KJauhQ1Tq3QGmxjI=
-----END CERTIFICATE-----
Generated at Wed Nov 20 05:42:54 2024 by rpki-client on console-fra.rpki-client.org