Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/45422D0C59556C680872F58CC42068EF3ED1BA2E.cer
File:                     45422D0C59556C680872F58CC42068EF3ED1BA2E.cer (raw, json)
Hash identifier:          wNOOmINW56Gb+oOQK8yrRb332W3ARiSel+L9wFtF14w=
Subject key identifier:   45:42:2D:0C:59:55:6C:68:08:72:F5:8C:C4:20:68:EF:3E:D1:BA:2E
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       31D38DDC899804E7A501D115375EEA7FDBC17067
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/78d774f4-2300-4e69-a6ca-7cf48002e2fb/0/45422D0C59556C680872F58CC42068EF3ED1BA2E.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/78d774f4-2300-4e69-a6ca-7cf48002e2fb/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Tue 30 Jan 2024 18:03:37 +0000
Certificate not after:    Tue 28 Jan 2025 18:08:37 +0000
Subordinate resources:    IP: 103.172.120.0/23

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 22:23:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:d3:8d:dc:89:98:04:e7:a5:01:d1:15:37:5e:ea:7f:db:c1:70:67
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Jan 30 18:03:37 2024 GMT
            Not After : Jan 28 18:08:37 2025 GMT
        Subject: CN=45422D0C59556C680872F58CC42068EF3ED1BA2E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:4f:88:e9:95:ae:c3:76:52:9e:34:09:54:d1:
                    41:78:da:72:8f:c1:5e:0a:72:06:1f:ce:d9:92:eb:
                    55:cf:4e:bf:e1:fa:7b:b1:cb:1d:76:0e:25:cb:70:
                    a0:0c:4f:e3:1f:2b:6d:c6:e8:ea:a7:52:f6:a2:fe:
                    c7:da:e1:25:66:aa:a1:fd:21:64:d4:b1:6b:28:e8:
                    65:68:9f:65:a9:42:e4:3b:b5:df:e6:9e:50:b0:87:
                    d0:bd:f8:4c:b8:82:32:5d:43:85:4e:4c:bc:43:22:
                    69:55:d2:fc:98:14:0e:fd:68:86:fc:81:bd:04:a7:
                    34:d5:b6:50:78:d8:0e:d0:68:f2:9a:80:00:62:f9:
                    d8:30:fa:36:9c:8a:09:dd:41:d3:d1:28:1b:a5:57:
                    4e:9b:6d:89:67:73:5b:f4:9e:20:95:b6:6d:df:fb:
                    fa:0f:be:41:29:6a:94:21:38:75:da:3c:23:a6:4f:
                    13:2e:66:c8:e0:04:aa:9d:1e:05:14:29:e0:a1:c3:
                    e8:f1:b4:6e:e2:25:35:f0:ee:c4:06:f8:8c:ae:71:
                    60:5f:1a:f7:84:c5:83:00:0f:5b:73:ea:ce:50:f4:
                    34:15:16:5f:d8:ae:98:55:a3:d3:14:a6:26:33:39:
                    7b:09:72:3e:f1:2f:0a:f0:1b:fa:b4:7b:cf:10:d5:
                    dc:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                45:42:2D:0C:59:55:6C:68:08:72:F5:8C:C4:20:68:EF:3E:D1:BA:2E
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/78d774f4-2300-4e69-a6ca-7cf48002e2fb/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/78d774f4-2300-4e69-a6ca-7cf48002e2fb/0/45422D0C59556C680872F58CC42068EF3ED1BA2E.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.120.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7e:cb:f3:81:77:df:00:7b:c9:38:7e:4e:64:05:af:3e:db:80:
         67:dd:2c:6d:a7:cb:71:69:8f:2e:b1:6c:5b:3a:88:ab:db:af:
         e2:50:52:2f:87:f5:9e:c8:20:1a:78:d6:5e:47:51:3e:7d:9a:
         27:a7:7d:ff:f8:0d:0f:c7:12:ce:46:bc:fa:86:39:00:53:82:
         5a:fa:e4:1b:83:fc:af:d9:9f:8c:2a:c6:8d:d8:88:8a:3e:df:
         dc:c5:f4:d1:d7:19:4f:b7:4c:1d:d6:f4:78:ff:5e:15:be:b8:
         60:c4:f6:bc:d6:1f:90:73:73:42:d8:2f:3f:fe:aa:d3:67:77:
         ab:cb:cf:4d:da:89:85:ab:c4:05:d0:5c:29:cd:f6:44:48:83:
         0b:d1:71:df:5a:a8:99:c6:7e:b5:f5:f9:68:72:29:8e:23:48:
         d3:d8:be:0d:95:ce:1a:dc:3a:6f:7f:06:fa:43:4c:f2:1c:19:
         25:64:9f:b4:8e:50:8c:7f:cb:f2:19:2e:93:fb:c2:a1:f5:36:
         72:5c:6a:f2:45:a5:ab:76:30:62:1f:5a:19:88:c9:a3:bc:38:
         78:03:68:b9:5a:e9:6a:34:4c:ee:f0:27:81:a8:ef:13:b8:fe:
         f0:f2:4d:93:07:d7:a1:79:68:4a:21:97:5c:89:44:11:05:ab:
         b4:e4:b2:1d
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUMdON3ImYBOelAdEVN17qf9vBcGcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEzMDE4MDMzN1oX
DTI1MDEyODE4MDgzN1owMzExMC8GA1UEAxMoNDU0MjJEMEM1OTU1NkM2ODA4NzJG
NThDQzQyMDY4RUYzRUQxQkEyRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRPiOmVrsN2Up40CVTRQXjaco/BXgpyBh/O2ZLrVc9Ov+H6e7HLHXYOJctw
oAxP4x8rbcbo6qdS9qL+x9rhJWaqof0hZNSxayjoZWifZalC5Du13+aeULCH0L34
TLiCMl1DhU5MvEMiaVXS/JgUDv1ohvyBvQSnNNW2UHjYDtBo8pqAAGL52DD6NpyK
Cd1B09EoG6VXTpttiWdzW/SeIJW2bd/7+g++QSlqlCE4ddo8I6ZPEy5myOAEqp0e
BRQp4KHD6PG0buIlNfDuxAb4jK5xYF8a94TFgwAPW3PqzlD0NBUWX9iumFWj0xSm
JjM5ewlyPvEvCvAb+rR7zxDV3I0CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFEVCLQxZVWxoCHL1jMQgaO8+0bouMB8GA1UdIwQYMBaAFLqP
d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y
L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv
OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by83OGQ3NzRmNC0yMzAwLTRlNjktYTZjYS03Y2Y0ODAwMmUyZmIvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzc4ZDc3NGY0
LTIzMDAtNGU2OS1hNmNhLTdjZjQ4MDAyZTJmYi8wLzQ1NDIyRDBDNTk1NTZDNjgw
ODcyRjU4Q0M0MjA2OEVGM0VEMUJBMkUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFnrHgwDQYJKoZIhvcNAQELBQADggEBAH7L84F33wB7yTh+TmQFrz7bgGfdLG2n
y3Fpjy6xbFs6iKvbr+JQUi+H9Z7IIBp41l5HUT59mienff/4DQ/HEs5GvPqGOQBT
glr65BuD/K/Zn4wqxo3YiIo+39zF9NHXGU+3TB3W9Hj/XhW+uGDE9rzWH5Bzc0LY
Lz/+qtNnd6vLz03aiYWrxAXQXCnN9kRIgwvRcd9aqJnGfrX1+WhyKY4jSNPYvg2V
zhrcOm9/BvpDTPIcGSVkn7SOUIx/y/IZLpP7wqH1NnJcavJFpat2MGIfWhmIyaO8
OHgDaLla6Wo0TO7wJ4Go7xO4/vDyTZMH16F5aEohl1yJRBEFq7Tksh0=
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:14:20 2024 by rpki-client on console-ams.rpki-client.org