Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/473225269441779F80E443B1EA516CC99E4ED4DA.cer
File:                     473225269441779F80E443B1EA516CC99E4ED4DA.cer (raw, json)
Hash identifier:          hxEhxQRicPPXYsfrzlDFT9Ibpp/A4OQ1EA2yZpAwwUU=
Subject key identifier:   47:32:25:26:94:41:77:9F:80:E4:43:B1:EA:51:6C:C9:9E:4E:D4:DA
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       4328627E24BC29E7BB31AD56BFB63EFB08BE9494
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/e0620cfc-b46c-457c-9fde-297710c546a9/0/473225269441779F80E443B1EA516CC99E4ED4DA.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/e0620cfc-b46c-457c-9fde-297710c546a9/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Tue 23 Apr 2024 08:37:40 +0000
Certificate not after:    Tue 22 Apr 2025 08:42:40 +0000
Subordinate resources:    IP: 103.121.186.0/23

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 22:23:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:28:62:7e:24:bc:29:e7:bb:31:ad:56:bf:b6:3e:fb:08:be:94:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Apr 23 08:37:40 2024 GMT
            Not After : Apr 22 08:42:40 2025 GMT
        Subject: CN=473225269441779F80E443B1EA516CC99E4ED4DA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:8e:d7:15:fd:04:2e:2b:ff:46:40:be:57:a4:
                    7a:a5:b9:a2:1c:32:1a:8f:d5:36:20:3e:bd:70:e4:
                    31:59:2b:84:45:f0:48:c9:41:cd:66:f5:7d:a1:18:
                    16:e0:f1:5a:dd:dd:34:7d:f6:4d:b7:b6:fc:1f:31:
                    97:dd:54:a2:ee:1b:7e:c7:2b:4f:ae:85:ea:83:e2:
                    1b:4e:81:db:65:d7:05:de:ea:03:44:1f:fe:e6:37:
                    b2:0b:5d:ba:12:07:2e:6b:c1:11:8b:88:23:d7:a8:
                    66:39:c1:e2:cc:0e:4d:76:85:24:a2:18:b7:f7:b7:
                    a8:b5:72:51:35:60:cc:86:f2:9f:f3:41:cd:a7:47:
                    93:1e:fe:22:39:66:7a:09:e7:9b:4d:01:1f:ec:c9:
                    2a:b7:58:92:2a:db:76:1f:b5:0a:dc:a3:4e:2a:84:
                    df:fa:06:e3:fd:8f:ed:ad:e4:31:42:bd:05:44:47:
                    3f:b5:22:df:a9:65:a7:ee:6f:f5:92:d5:4f:d9:9e:
                    09:33:91:1b:98:bc:df:3c:54:57:89:cf:a7:88:d3:
                    12:c8:f6:f1:b4:47:f2:09:21:a4:2a:2c:b7:e6:8d:
                    bb:fe:42:39:87:38:55:da:26:74:d3:33:3e:f1:dc:
                    72:ec:4c:22:d1:5e:6a:0a:d8:74:2b:f4:ab:b4:78:
                    f6:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                47:32:25:26:94:41:77:9F:80:E4:43:B1:EA:51:6C:C9:9E:4E:D4:DA
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/e0620cfc-b46c-457c-9fde-297710c546a9/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/e0620cfc-b46c-457c-9fde-297710c546a9/0/473225269441779F80E443B1EA516CC99E4ED4DA.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.121.186.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3c:d4:6d:8f:de:2b:51:9b:36:51:5f:da:3f:39:81:12:36:16:
         22:2b:e0:31:4c:b5:e8:5d:21:f7:41:4d:2e:37:96:f0:c9:85:
         2d:04:b5:1e:61:a8:b2:cb:b8:eb:65:9b:9b:8b:28:1f:95:10:
         e1:fb:54:f7:0a:93:6d:1b:f3:2a:d4:35:0e:3e:83:91:5e:69:
         f8:81:9f:d0:92:b3:dd:71:51:e1:f4:b6:84:3e:c1:8b:e1:17:
         46:71:d0:b5:c0:31:86:78:a8:ea:b3:50:1b:e9:7f:3f:27:f2:
         08:aa:42:ba:f6:47:62:59:5b:3b:b2:56:21:d3:28:41:f5:6b:
         e9:19:99:a8:2a:c3:81:2f:6c:0e:7f:7f:3d:82:9c:ca:59:ae:
         48:84:fd:88:ed:3d:ea:6b:1a:68:ab:35:90:01:ff:5c:38:54:
         b0:d6:89:9b:9d:c4:e5:32:6c:72:ed:48:67:55:b0:ae:f6:67:
         31:96:e2:26:40:55:0e:a0:2d:86:79:87:b2:10:9e:f2:27:07:
         92:f9:71:36:91:9c:55:64:ae:67:73:78:62:f5:66:1c:b5:1a:
         5e:e3:2e:8e:3f:cd:7b:17:04:9c:10:0c:22:af:a5:bd:b6:7f:
         d0:4b:3c:0d:3a:ec:96:84:73:bf:c0:f7:c9:13:c5:c5:b3:e0:
         2d:14:e3:ed
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUQyhifiS8Kee7Ma1Wv7Y++wi+lJQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDQyMzA4Mzc0MFoX
DTI1MDQyMjA4NDI0MFowMzExMC8GA1UEAxMoNDczMjI1MjY5NDQxNzc5RjgwRTQ0
M0IxRUE1MTZDQzk5RTRFRDREQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGO1xX9BC4r/0ZAvlekeqW5ohwyGo/VNiA+vXDkMVkrhEXwSMlBzWb1faEY
FuDxWt3dNH32Tbe2/B8xl91Uou4bfscrT66F6oPiG06B22XXBd7qA0Qf/uY3sgtd
uhIHLmvBEYuII9eoZjnB4swOTXaFJKIYt/e3qLVyUTVgzIbyn/NBzadHkx7+Ijlm
egnnm00BH+zJKrdYkirbdh+1CtyjTiqE3/oG4/2P7a3kMUK9BURHP7Ui36llp+5v
9ZLVT9meCTORG5i83zxUV4nPp4jTEsj28bRH8gkhpCost+aNu/5COYc4VdomdNMz
PvHccuxMItFeagrYdCv0q7R49okCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFEcyJSaUQXefgORDsepRbMmeTtTaMB8GA1UdIwQYMBaAFLqP
d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y
L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv
OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by9lMDYyMGNmYy1iNDZjLTQ1N2MtOWZkZS0yOTc3MTBjNTQ2YTkvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2UwNjIwY2Zj
LWI0NmMtNDU3Yy05ZmRlLTI5NzcxMGM1NDZhOS8wLzQ3MzIyNTI2OTQ0MTc3OUY4
MEU0NDNCMUVBNTE2Q0M5OUU0RUQ0REEubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFnebowDQYJKoZIhvcNAQELBQADggEBADzUbY/eK1GbNlFf2j85gRI2FiIr4DFM
tehdIfdBTS43lvDJhS0EtR5hqLLLuOtlm5uLKB+VEOH7VPcKk20b8yrUNQ4+g5Fe
afiBn9CSs91xUeH0toQ+wYvhF0Zx0LXAMYZ4qOqzUBvpfz8n8giqQrr2R2JZWzuy
ViHTKEH1a+kZmagqw4EvbA5/fz2CnMpZrkiE/YjtPeprGmirNZAB/1w4VLDWiZud
xOUybHLtSGdVsK72ZzGW4iZAVQ6gLYZ5h7IQnvInB5L5cTaRnFVkrmdzeGL1Zhy1
Gl7jLo4/zXsXBJwQDCKvpb22f9BLPA067JaEc7/A98kTxcWz4C0U4+0=
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:14:20 2024 by rpki-client on console-ams.rpki-client.org