Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/292C6CF5F336CE0D758E47F5DF9778633CDCA769.cer
File:                     292C6CF5F336CE0D758E47F5DF9778633CDCA769.cer (raw, json)
Hash identifier:          y7AzaKEiHgY7DAJRchV6xUTw8wwzJc3x9zAKiqTkd8I=
Subject key identifier:   29:2C:6C:F5:F3:36:CE:0D:75:8E:47:F5:DF:97:78:63:3C:DC:A7:69
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       601D5CD5056BB9B446FE71FC92D41EC364CCBE47
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/a634c8dc-8853-4f65-8209-4fbee7ab4252/0/292C6CF5F336CE0D758E47F5DF9778633CDCA769.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/a634c8dc-8853-4f65-8209-4fbee7ab4252/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Fri 28 Mar 2025 23:43:35 +0000
Certificate not after:    Fri 27 Mar 2026 23:48:35 +0000
Subordinate resources:    IP: 103.166.136.0/23
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:1d:5c:d5:05:6b:b9:b4:46:fe:71:fc:92:d4:1e:c3:64:cc:be:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000
        Validity
            Not Before: Mar 28 23:43:35 2025 GMT
            Not After : Mar 27 23:48:35 2026 GMT
        Subject: CN=292C6CF5F336CE0D758E47F5DF9778633CDCA769
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:1b:7d:1b:de:d4:55:bc:6e:cc:09:ba:60:0c:
                    03:42:f9:41:9f:e1:04:06:a3:7c:2d:44:42:f9:55:
                    32:85:0b:2c:3d:df:9c:d5:1e:c0:0f:4f:70:39:b5:
                    d1:82:66:67:fe:38:57:a2:a8:15:05:70:9c:93:c7:
                    c9:8d:b3:c3:7e:9b:e8:5c:ee:31:d9:dd:bc:f5:d4:
                    a4:5c:d9:48:7f:d9:31:7e:52:1b:15:7c:ef:80:70:
                    44:df:33:76:20:e1:1d:38:2e:43:26:e2:20:aa:df:
                    5c:67:81:cf:13:c5:4f:8d:b1:2e:7e:56:35:a4:a1:
                    d6:33:50:8e:14:99:ef:2e:8c:f7:d0:71:4e:57:5f:
                    66:ec:39:04:60:44:0b:9d:75:c5:93:9a:86:cf:c2:
                    a5:92:46:2f:b6:a1:f2:72:14:0a:7d:2e:50:82:dd:
                    93:01:28:f2:5b:25:1e:7f:78:e2:ea:eb:83:04:5c:
                    51:33:f6:75:d4:40:33:da:6e:79:f2:3a:98:30:18:
                    88:1e:e7:15:0e:06:a9:6c:98:58:fd:f1:3e:e8:6d:
                    91:4d:68:44:42:4f:1e:d9:7c:51:9f:61:90:34:f4:
                    49:ae:3d:ca:cb:f7:be:db:9f:67:8e:2c:5f:c1:02:
                    b2:7a:2d:17:00:a2:73:f7:d9:a3:0c:89:5c:c4:ef:
                    af:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                29:2C:6C:F5:F3:36:CE:0D:75:8E:47:F5:DF:97:78:63:3C:DC:A7:69
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/a634c8dc-8853-4f65-8209-4fbee7ab4252/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/a634c8dc-8853-4f65-8209-4fbee7ab4252/0/292C6CF5F336CE0D758E47F5DF9778633CDCA769.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.166.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2b:eb:d6:a3:dc:34:7a:14:5e:37:9c:30:47:ad:6a:bd:b9:21:
         78:67:9d:94:78:37:36:df:df:23:c0:c5:44:e7:b7:73:ae:f4:
         92:54:66:42:e9:4f:ff:c6:c2:7e:f8:7c:ac:5d:6a:af:0e:dd:
         92:f3:f4:7d:dd:a2:05:31:4a:06:14:4d:96:4c:4a:4d:6f:e8:
         20:b3:dc:cd:61:f8:a6:75:4f:ff:1a:08:fc:d5:4d:08:90:3d:
         9d:8d:81:87:cb:73:6e:18:7d:48:d6:36:3c:e2:95:b8:8c:e1:
         98:ca:2f:41:da:17:54:cc:62:5d:b2:93:52:c7:90:4a:0a:dc:
         59:28:25:17:24:0a:6d:a8:f5:95:3e:fb:8e:30:bd:9f:5a:3f:
         ba:6b:6a:24:d0:e2:5b:16:ba:03:13:e6:79:a4:5e:5a:8a:e1:
         89:bc:8b:80:dd:7f:f1:09:0f:37:dd:b1:63:00:49:59:8c:2d:
         5d:ee:f7:60:ec:c3:5c:bc:02:9e:5a:72:78:39:64:3c:97:8d:
         56:23:ea:6c:6c:f3:b1:e4:00:62:9c:22:02:b5:ed:63:51:38:
         2c:a8:67:8a:19:84:dc:2e:e9:2b:04:e7:2d:89:08:67:9d:4a:
         ac:3b:3a:f3:1e:61:d2:30:4d:1a:a3:8f:d1:51:4b:2f:2a:36:
         97:a2:4b:12
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUYB1c1QVrubRG/nH8ktQew2TMvkcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDMyODIzNDMzNVoX
DTI2MDMyNzIzNDgzNVowMzExMC8GA1UEAxMoMjkyQzZDRjVGMzM2Q0UwRDc1OEU0
N0Y1REY5Nzc4NjMzQ0RDQTc2OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkbfRve1FW8bswJumAMA0L5QZ/hBAajfC1EQvlVMoULLD3fnNUewA9PcDm1
0YJmZ/44V6KoFQVwnJPHyY2zw36b6FzuMdndvPXUpFzZSH/ZMX5SGxV874BwRN8z
diDhHTguQybiIKrfXGeBzxPFT42xLn5WNaSh1jNQjhSZ7y6M99BxTldfZuw5BGBE
C511xZOahs/CpZJGL7ah8nIUCn0uUILdkwEo8lslHn944urrgwRcUTP2ddRAM9pu
efI6mDAYiB7nFQ4GqWyYWP3xPuhtkU1oREJPHtl8UZ9hkDT0Sa49ysv3vtufZ44s
X8ECsnotFwCic/fZowyJXMTvrxkCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFCksbPXzNs4NdY5H9d+XeGM83KdpMB8GA1UdIwQYMBaAFLqP
d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y
L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv
OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by9hNjM0YzhkYy04ODUzLTRmNjUtODIwOS00ZmJlZTdhYjQyNTIvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E2MzRjOGRj
LTg4NTMtNGY2NS04MjA5LTRmYmVlN2FiNDI1Mi8wLzI5MkM2Q0Y1RjMzNkNFMEQ3
NThFNDdGNURGOTc3ODYzM0NEQ0E3NjkubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFnpogwDQYJKoZIhvcNAQELBQADggEBACvr1qPcNHoUXjecMEetar25IXhnnZR4
Nzbf3yPAxUTnt3Ou9JJUZkLpT//Gwn74fKxdaq8O3ZLz9H3dogUxSgYUTZZMSk1v
6CCz3M1h+KZ1T/8aCPzVTQiQPZ2NgYfLc24YfUjWNjzilbiM4ZjKL0HaF1TMYl2y
k1LHkEoK3FkoJRckCm2o9ZU++44wvZ9aP7praiTQ4lsWugMT5nmkXlqK4Ym8i4Dd
f/EJDzfdsWMASVmMLV3u92Dsw1y8Ap5acng5ZDyXjVYj6mxs87HkAGKcIgK17WNR
OCyoZ4oZhNwu6SsE5y2JCGedSqw7OvMeYdIwTRqjj9FRSy8qNpeiSxI=
-----END CERTIFICATE-----