Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/FAB081FCD86AB0F81D41C9E5FB9C3D32220F48CD.cer
File:                     FAB081FCD86AB0F81D41C9E5FB9C3D32220F48CD.cer (raw, json)
Hash identifier:          xsR/WcCLUkwgC/HAtJ9hLmn0lc5bEtdgPz10IUav61o=
Subject key identifier:   FA:B0:81:FC:D8:6A:B0:F8:1D:41:C9:E5:FB:9C:3D:32:22:0F:48:CD
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Certificate issuer:       /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial:       3509CCB0F889F846314724483A5820422D012AC7
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/994d1f62-8488-4086-8d4c-f2de5c76da3d/0/FAB081FCD86AB0F81D41C9E5FB9C3D32220F48CD.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/994d1f62-8488-4086-8d4c-f2de5c76da3d/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Wed 29 Jan 2025 23:54:24 +0000
Certificate not after:    Wed 28 Jan 2026 23:59:24 +0000
Subordinate resources:    IP: 157.10.0.0/23
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:09:cc:b0:f8:89:f8:46:31:47:24:48:3a:58:20:42:2d:01:2a:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000
        Validity
            Not Before: Jan 29 23:54:24 2025 GMT
            Not After : Jan 28 23:59:24 2026 GMT
        Subject: CN=FAB081FCD86AB0F81D41C9E5FB9C3D32220F48CD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:6d:d7:b7:81:03:98:b7:4b:66:41:28:e3:a9:
                    a3:86:d7:85:f9:40:e5:14:e9:60:63:7f:75:14:3f:
                    5b:c1:62:29:cd:cc:7f:c8:e8:6b:b7:17:13:d9:09:
                    9a:8f:7d:07:01:a2:e1:a0:13:eb:13:d1:99:61:6c:
                    1d:f4:d0:d7:fa:29:0d:22:d3:21:b7:b4:5b:98:5a:
                    d6:56:7b:54:fc:7e:a8:2b:12:c5:26:73:e0:67:1d:
                    be:05:ed:a3:a3:92:25:c3:ba:2a:b4:64:d4:26:ff:
                    ea:e0:bf:28:e0:07:32:0d:0f:5e:83:96:da:ba:40:
                    e0:f5:b8:37:cf:af:52:e6:99:44:80:a8:be:ea:9e:
                    6c:7d:59:ff:50:80:31:e4:de:06:5d:f4:6b:1d:83:
                    cc:5c:8f:67:70:a1:15:4b:3e:ba:f8:74:6c:53:5a:
                    18:7c:7a:b9:65:20:59:09:6c:c8:b1:84:50:63:56:
                    d1:b8:7d:6e:2b:b7:16:ac:2d:21:fb:83:58:05:18:
                    67:2b:f5:94:19:dd:c1:57:65:c9:85:5f:e5:ae:77:
                    d3:8e:70:87:2d:b0:e5:a8:f3:25:00:8a:b3:21:47:
                    4c:df:4c:f5:2d:ee:83:2a:98:1b:da:c8:a0:d9:8e:
                    e8:70:3c:95:d2:6c:f1:7c:83:fd:c4:a8:c2:59:a4:
                    24:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                FA:B0:81:FC:D8:6A:B0:F8:1D:41:C9:E5:FB:9C:3D:32:22:0F:48:CD
            X509v3 Authority Key Identifier:
                keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/994d1f62-8488-4086-8d4c-f2de5c76da3d/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/994d1f62-8488-4086-8d4c-f2de5c76da3d/0/FAB081FCD86AB0F81D41C9E5FB9C3D32220F48CD.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.10.0.0/23

    Signature Algorithm: sha256WithRSAEncryption
         33:a3:f1:bb:bb:09:e0:61:23:c7:9a:29:0a:68:fd:7e:f0:51:
         c2:7e:62:72:07:b1:fc:1b:2d:8c:5f:6b:93:41:95:43:3b:f0:
         c6:8b:3a:ef:77:5d:6e:8d:22:a4:5e:db:8c:4f:f8:c3:73:3c:
         e6:ec:3e:5d:ef:4b:29:de:13:d6:5a:2d:97:e0:cc:b4:30:eb:
         01:f3:27:ca:cd:c4:6d:e2:80:8c:0a:81:3c:c3:b9:a8:5d:44:
         08:c6:6e:d3:a2:52:0e:bf:1b:53:4a:ac:ff:a2:7b:88:2b:bc:
         cb:6f:26:c7:71:4c:f2:1a:f1:88:3d:45:e6:28:5f:2c:b6:a8:
         d7:dd:66:6a:43:64:6d:06:5a:7a:c8:99:38:58:c3:d6:16:89:
         31:fc:df:ff:a8:3f:61:8b:53:cd:61:03:56:cc:04:20:37:7f:
         47:f2:2e:db:41:29:0e:7c:09:b5:cf:07:3a:db:f7:88:20:b4:
         e2:08:06:3c:6e:12:a3:10:f6:b2:cc:b9:02:9d:c1:c2:bd:15:
         3b:09:ff:c5:08:1f:0f:f8:d6:78:ad:0e:b9:ed:2b:a7:90:ec:
         7c:bf:40:a4:0f:33:c3:1b:3e:e3:71:d3:14:b2:33:10:63:74:
         0f:16:68:36:6f:9d:42:07:c0:aa:92:79:72:2e:30:d3:3f:c1:
         14:51:1e:52
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUNQnMsPiJ+EYxRyRIOlggQi0BKscwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDEyOTIzNTQyNFoX
DTI2MDEyODIzNTkyNFowMzExMC8GA1UEAxMoRkFCMDgxRkNEODZBQjBGODFENDFD
OUU1RkI5QzNEMzIyMjBGNDhDRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlt17eBA5i3S2ZBKOOpo4bXhflA5RTpYGN/dRQ/W8FiKc3Mf8joa7cXE9kJ
mo99BwGi4aAT6xPRmWFsHfTQ1/opDSLTIbe0W5ha1lZ7VPx+qCsSxSZz4GcdvgXt
o6OSJcO6KrRk1Cb/6uC/KOAHMg0PXoOW2rpA4PW4N8+vUuaZRICovuqebH1Z/1CA
MeTeBl30ax2DzFyPZ3ChFUs+uvh0bFNaGHx6uWUgWQlsyLGEUGNW0bh9biu3Fqwt
IfuDWAUYZyv1lBndwVdlyYVf5a53045why2w5ajzJQCKsyFHTN9M9S3ugyqYG9rI
oNmO6HA8ldJs8XyD/cSowlmkJLMCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFPqwgfzYarD4HUHJ5fucPTIiD0jNMB8GA1UdIwQYMBaAFGD4
vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x
LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ
aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by85OTRkMWY2Mi04NDg4LTQwODYtOGQ0Yy1mMmRlNWM3NmRhM2QvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk5NGQxZjYy
LTg0ODgtNDA4Ni04ZDRjLWYyZGU1Yzc2ZGEzZC8wL0ZBQjA4MUZDRDg2QUIwRjgx
RDQxQzlFNUZCOUMzRDMyMjIwRjQ4Q0QubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAGdCgAwDQYJKoZIhvcNAQELBQADggEBADOj8bu7CeBhI8eaKQpo/X7wUcJ+YnIH
sfwbLYxfa5NBlUM78MaLOu93XW6NIqRe24xP+MNzPObsPl3vSyneE9ZaLZfgzLQw
6wHzJ8rNxG3igIwKgTzDuahdRAjGbtOiUg6/G1NKrP+ie4grvMtvJsdxTPIa8Yg9
ReYoXyy2qNfdZmpDZG0GWnrImThYw9YWiTH83/+oP2GLU81hA1bMBCA3f0fyLttB
KQ58CbXPBzrb94ggtOIIBjxuEqMQ9rLMuQKdwcK9FTsJ/8UIHw/41nitDrntK6eQ
7Hy/QKQPM8MbPuNx0xSyMxBjdA8WaDZvnUIHwKqSeXIuMNM/wRRRHlI=
-----END CERTIFICATE-----