Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/21AC220B77A77D0516BC73B4C29C8363DD00911B.cer
File:                     21AC220B77A77D0516BC73B4C29C8363DD00911B.cer (raw, json)
Hash identifier:          67qtAZhe1YBMC5/MxJR5JZOuYlgQm3KXpmcs4oXMyXw=
Subject key identifier:   21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       3150DC45DEDEE4A1DD43EF25E8AE2C88491B6231
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Wed 18 Sep 2024 00:44:53 +0000
Certificate not after:    Wed 17 Sep 2025 00:49:53 +0000
Subordinate resources:    IP: 103.94.168.0/22
                          IP: 103.119.140.0 -- 103.119.147.255
                          IP: 202.10.56.0/22
                          IP: 2401:48c0::/32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:50:dc:45:de:de:e4:a1:dd:43:ef:25:e8:ae:2c:88:49:1b:62:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000
        Validity
            Not Before: Sep 18 00:44:53 2024 GMT
            Not After : Sep 17 00:49:53 2025 GMT
        Subject: CN=21AC220B77A77D0516BC73B4C29C8363DD00911B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:eb:38:c7:01:28:91:28:bd:01:1c:a0:98:9c:
                    df:d7:be:6e:a8:9a:02:1f:e4:11:df:b8:42:36:4d:
                    22:37:85:6d:4c:d8:22:1c:57:78:36:63:88:4c:6e:
                    86:6e:57:06:91:10:f4:f9:1f:aa:e5:65:46:4e:6e:
                    88:06:ea:75:c3:5d:b1:96:a2:6a:85:3e:7e:3b:33:
                    74:33:ff:78:ef:05:9b:d7:28:95:54:3e:d8:62:d8:
                    58:5b:f3:0e:4f:7f:d0:21:7c:82:6a:96:99:40:12:
                    07:8c:e7:cd:bd:9b:62:8f:92:ee:01:40:03:72:76:
                    fa:29:59:22:69:1d:a6:31:d8:6a:0b:cd:2e:9f:91:
                    01:12:83:cb:48:c9:b3:53:54:f1:21:67:87:1a:1d:
                    14:f1:70:ee:7d:e3:ec:46:99:04:d2:e9:97:ca:34:
                    0e:4e:8b:ee:62:48:63:22:8d:fd:a1:64:b2:de:ce:
                    7a:7c:4c:1f:d9:cc:5d:c5:74:7d:ec:b8:cc:ea:0c:
                    43:1b:28:5e:63:4b:53:83:ac:63:5b:c2:78:a4:99:
                    a1:17:27:b3:88:06:cc:26:64:ae:32:fd:a5:bb:cf:
                    6a:1b:45:b7:ef:d7:73:96:c4:bf:a1:a6:80:2c:25:
                    99:f3:03:7a:03:5b:fc:16:3d:e0:59:fc:bb:41:1a:
                    6e:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                21:AC:22:0B:77:A7:7D:05:16:BC:73:B4:C2:9C:83:63:DD:00:91:1B
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/bdabc0ba-9222-4c45-8342-eb8643c4967d/0/21AC220B77A77D0516BC73B4C29C8363DD00911B.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.94.168.0/22
                  103.119.140.0-103.119.147.255
                  202.10.56.0/22
                IPv6:
                  2401:48c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         0d:bc:0a:17:3d:8a:1f:d1:a3:cf:85:0a:8c:63:dc:ed:25:21:
         14:ab:df:c7:62:cc:ae:17:92:e7:cf:de:f2:60:ce:f1:8c:8b:
         9f:0f:22:c6:7c:72:b8:fa:05:5c:37:ea:e7:be:75:3f:78:c2:
         41:bb:d7:35:b2:44:79:86:e9:b5:45:20:18:21:c9:a7:95:51:
         b9:64:2d:f9:91:08:25:b8:b6:a4:86:f0:88:57:ea:11:50:77:
         e7:80:b3:2e:e6:ff:69:92:a3:08:98:79:30:ad:10:43:ce:f6:
         f9:0b:f0:09:10:00:4e:cb:71:ad:1d:6f:06:89:c1:b4:5e:3d:
         22:39:da:90:83:63:c1:7c:5d:31:f0:86:cc:e4:71:1b:f6:3c:
         03:f6:ec:f7:81:81:e2:b1:bc:17:ec:4b:be:37:52:f1:2b:44:
         19:43:2e:06:52:81:f8:80:8e:df:1e:0e:37:c5:72:d7:22:c4:
         79:a9:16:cf:7e:99:e6:6a:14:94:85:43:e9:4a:25:e9:fe:c2:
         8c:ac:2f:13:c2:88:31:b8:92:f3:8f:93:61:f3:c5:d1:8b:b4:
         e9:4b:52:0d:fd:7d:dd:29:d5:68:1e:b5:7f:94:3e:de:02:58:
         29:9d:a4:9b:b3:65:c8:86:eb:5f:a0:66:77:2e:16:b1:48:c8:
         3e:3d:fe:5d
-----BEGIN CERTIFICATE-----
MIIF6DCCBNCgAwIBAgIUMVDcRd7e5KHdQ+8l6K4siEkbYjEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDkxODAwNDQ1M1oX
DTI1MDkxNzAwNDk1M1owMzExMC8GA1UEAxMoMjFBQzIyMEI3N0E3N0QwNTE2QkM3
M0I0QzI5QzgzNjNERDAwOTExQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnrOMcBKJEovQEcoJic39e+bqiaAh/kEd+4QjZNIjeFbUzYIhxXeDZjiExu
hm5XBpEQ9PkfquVlRk5uiAbqdcNdsZaiaoU+fjszdDP/eO8Fm9colVQ+2GLYWFvz
Dk9/0CF8gmqWmUASB4znzb2bYo+S7gFAA3J2+ilZImkdpjHYagvNLp+RARKDy0jJ
s1NU8SFnhxodFPFw7n3j7EaZBNLpl8o0Dk6L7mJIYyKN/aFkst7OenxMH9nMXcV0
fey4zOoMQxsoXmNLU4OsY1vCeKSZoRcns4gGzCZkrjL9pbvPahtFt+/Xc5bEv6Gm
gCwlmfMDegNb/BY94Fn8u0EabtMCAwEAAaOCAtswggLXMA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFCGsIgt3p30FFrxztMKcg2PdAJEbMB8GA1UdIwQYMBaAFLqP
d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y
L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv
OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by9iZGFiYzBiYS05MjIyLTRjNDUtODM0Mi1lYjg2NDNjNDk2N2QvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2JkYWJjMGJh
LTkyMjItNGM0NS04MzQyLWViODY0M2M0OTY3ZC8wLzIxQUMyMjBCNzdBNzdEMDUx
NkJDNzNCNEMyOUM4MzYzREQwMDkxMUIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwQgYIKwYBBQUHAQcBAf8EMzAxMCAEAgABMBoD
BAJnXqgwDAMEAmd3jAMEAmd3kAMEAsoKODANBAIAAjAHAwUAJAFIwDANBgkqhkiG
9w0BAQsFAAOCAQEADbwKFz2KH9Gjz4UKjGPc7SUhFKvfx2LMrheS58/e8mDO8YyL
nw8ixnxyuPoFXDfq5751P3jCQbvXNbJEeYbptUUgGCHJp5VRuWQt+ZEIJbi2pIbw
iFfqEVB354CzLub/aZKjCJh5MK0QQ872+QvwCRAATstxrR1vBonBtF49IjnakINj
wXxdMfCGzORxG/Y8A/bs94GB4rG8F+xLvjdS8StEGUMuBlKB+ICO3x4ON8Vy1yLE
eakWz36Z5moUlIVD6Uol6f7CjKwvE8KIMbiS84+TYfPF0Yu06UtSDf193SnVaB61
f5Q+3gJYKZ2km7NlyIbrX6Bmdy4WsUjIPj3+XQ==
-----END CERTIFICATE-----