Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/491B0EA5440563BE9B0F167DA76C05E85A9D2F95.cer
File:                     491B0EA5440563BE9B0F167DA76C05E85A9D2F95.cer (raw, json)
Hash identifier:          VuK/jgOne8psmdGYFdXkLAzapkRKmiOt626GPYAuqR8=
Subject key identifier:   49:1B:0E:A5:44:05:63:BE:9B:0F:16:7D:A7:6C:05:E8:5A:9D:2F:95
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       2F4A9EBF7F543C2818FBEE027B96CD24F5E48DD6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/491B0EA5440563BE9B0F167DA76C05E85A9D2F95.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Wed 21 Aug 2024 06:40:59 +0000
Certificate not after:    Wed 20 Aug 2025 06:45:59 +0000
Subordinate resources:    IP: 103.122.152.0/22
                          IP: 2403:90c0::/32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:4a:9e:bf:7f:54:3c:28:18:fb:ee:02:7b:96:cd:24:f5:e4:8d:d6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000
        Validity
            Not Before: Aug 21 06:40:59 2024 GMT
            Not After : Aug 20 06:45:59 2025 GMT
        Subject: CN=491B0EA5440563BE9B0F167DA76C05E85A9D2F95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:64:5c:4b:94:d3:d8:3f:53:08:69:ca:53:bc:
                    24:90:54:60:d3:25:64:b4:a9:1c:0c:9b:9d:77:f3:
                    53:54:40:ed:8b:0b:96:ee:be:1f:5f:81:92:d8:3d:
                    b0:ba:58:4c:d0:95:4d:4c:d6:c5:c8:e8:23:6a:ee:
                    69:7b:c0:77:45:eb:ae:97:89:7f:5a:f4:18:a8:36:
                    11:95:d3:29:ae:ca:a7:4a:ad:20:ba:f8:7e:57:4d:
                    2a:70:d0:0e:79:07:c1:6c:13:cc:4e:2c:58:37:ad:
                    53:32:11:35:a3:a6:a0:75:6f:ad:45:ac:c6:ca:01:
                    3d:d4:de:23:27:0b:43:95:eb:7c:07:39:e6:9f:52:
                    ad:d9:7f:a0:d6:9e:50:28:de:a6:6c:d4:18:63:1b:
                    66:dd:92:73:1f:9b:28:4c:ea:82:06:b5:12:f0:e4:
                    22:1f:a2:c3:99:50:4c:37:e4:b3:a6:e0:9d:58:6b:
                    e6:19:88:62:78:08:54:4b:a2:a6:21:5b:40:9f:2c:
                    2d:17:7d:17:14:2d:4b:45:72:71:7d:3a:97:db:72:
                    49:2e:08:ad:37:97:a2:aa:37:07:ad:4e:1c:46:2e:
                    91:93:58:c6:57:af:cd:8d:1a:00:c5:80:af:31:98:
                    ed:df:e0:b1:74:0d:3a:b1:ed:12:c5:0c:d2:bf:26:
                    b3:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                49:1B:0E:A5:44:05:63:BE:9B:0F:16:7D:A7:6C:05:E8:5A:9D:2F:95
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/7229781a-8ac9-4452-b25f-54e7edf7d4a4/0/491B0EA5440563BE9B0F167DA76C05E85A9D2F95.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.122.152.0/22
                IPv6:
                  2403:90c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         95:4a:07:89:dd:c8:f1:32:fc:73:1a:62:e9:1d:04:d2:cc:38:
         34:b0:6a:40:19:ef:6c:c3:d0:de:ae:08:0b:e2:25:c3:b2:55:
         57:3e:73:9e:9f:22:2a:ee:61:2c:d8:6f:00:d6:42:8c:dd:62:
         17:72:24:03:b5:49:d2:21:4a:97:9c:74:cf:47:c0:f9:4f:b7:
         47:0e:1c:4f:03:1a:5e:7b:9e:c6:45:74:39:d3:9d:23:68:07:
         b1:66:ad:e8:61:49:af:62:2c:93:6f:6b:3b:3d:59:ce:92:6b:
         34:67:e7:da:af:f8:17:0b:62:d3:86:34:23:be:16:31:84:bc:
         9a:97:ff:de:d6:26:a5:5f:c8:19:83:bb:5e:9d:23:e5:2f:6e:
         11:25:00:32:4e:e7:ee:1b:88:92:88:83:31:b9:d7:91:16:7f:
         80:39:64:84:9e:70:fa:1c:67:2c:99:61:0b:03:2c:a4:ba:fd:
         d9:f2:81:12:77:d0:67:b2:67:f6:25:56:a4:07:69:a7:7e:74:
         ee:d1:07:f2:b2:08:3b:ce:8d:34:6c:b4:0f:0e:68:db:8b:19:
         02:d4:96:19:a6:e7:19:5c:d8:b8:54:b1:28:6e:5f:df:f4:68:
         4e:92:8c:62:22:82:96:f1:54:d9:70:4b:d7:5f:75:a2:b1:39:
         4e:c1:d2:18
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIUL0qev39UPCgY++4Ce5bNJPXkjdYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDgyMTA2NDA1OVoX
DTI1MDgyMDA2NDU1OVowMzExMC8GA1UEAxMoNDkxQjBFQTU0NDA1NjNCRTlCMEYx
NjdEQTc2QzA1RTg1QTlEMkY5NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANRkXEuU09g/UwhpylO8JJBUYNMlZLSpHAybnXfzU1RA7YsLlu6+H1+Bktg9
sLpYTNCVTUzWxcjoI2ruaXvAd0XrrpeJf1r0GKg2EZXTKa7Kp0qtILr4fldNKnDQ
DnkHwWwTzE4sWDetUzIRNaOmoHVvrUWsxsoBPdTeIycLQ5XrfAc55p9Srdl/oNae
UCjepmzUGGMbZt2Scx+bKEzqgga1EvDkIh+iw5lQTDfks6bgnVhr5hmIYngIVEui
piFbQJ8sLRd9FxQtS0VycX06l9tySS4IrTeXoqo3B61OHEYukZNYxlevzY0aAMWA
rzGY7d/gsXQNOrHtEsUM0r8mswsCAwEAAaOCAscwggLDMA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFEkbDqVEBWO+mw8WfadsBehanS+VMB8GA1UdIwQYMBaAFLqP
d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y
L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv
OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by83MjI5NzgxYS04YWM5LTQ0NTItYjI1Zi01NGU3ZWRmN2Q0YTQvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzcyMjk3ODFh
LThhYzktNDQ1Mi1iMjVmLTU0ZTdlZGY3ZDRhNC8wLzQ5MUIwRUE1NDQwNTYzQkU5
QjBGMTY3REE3NkMwNUU4NUE5RDJGOTUubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYD
BAJnepgwDQQCAAIwBwMFACQDkMAwDQYJKoZIhvcNAQELBQADggEBAJVKB4ndyPEy
/HMaYukdBNLMODSwakAZ72zD0N6uCAviJcOyVVc+c56fIiruYSzYbwDWQozdYhdy
JAO1SdIhSpecdM9HwPlPt0cOHE8DGl57nsZFdDnTnSNoB7FmrehhSa9iLJNvazs9
Wc6SazRn59qv+BcLYtOGNCO+FjGEvJqX/97WJqVfyBmDu16dI+UvbhElADJO5+4b
iJKIgzG515EWf4A5ZISecPocZyyZYQsDLKS6/dnygRJ30GeyZ/YlVqQHaad+dO7R
B/KyCDvOjTRstA8OaNuLGQLUlhmm5xlc2LhUsShuX9/0aE6SjGIigpbxVNlwS9df
daKxOU7B0hg=
-----END CERTIFICATE-----