Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/4A243A1EC4991C40D3A6148515E3C51981B425F7.cer
File:                     4A243A1EC4991C40D3A6148515E3C51981B425F7.cer (raw, json)
Hash identifier:          POZggU75ijU81J4dgsvbO507bb6/HYpBNOtwRA89WxU=
Subject key identifier:   4A:24:3A:1E:C4:99:1C:40:D3:A6:14:85:15:E3:C5:19:81:B4:25:F7
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       595922BCD798A25B37F230C5DE0C9B4E9505B480
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/ec8892eb-ddc0-4cb6-957c-b653f28bbf39/0/4A243A1EC4991C40D3A6148515E3C51981B425F7.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/ec8892eb-ddc0-4cb6-957c-b653f28bbf39/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Fri 31 Jan 2025 17:26:35 +0000
Certificate not after:    Fri 30 Jan 2026 17:31:35 +0000
Subordinate resources:    IP: 103.109.206.0/23
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:59:22:bc:d7:98:a2:5b:37:f2:30:c5:de:0c:9b:4e:95:05:b4:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000
        Validity
            Not Before: Jan 31 17:26:35 2025 GMT
            Not After : Jan 30 17:31:35 2026 GMT
        Subject: CN=4A243A1EC4991C40D3A6148515E3C51981B425F7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:10:36:75:14:c5:a3:c8:8c:1e:8c:42:b1:48:
                    9a:c7:cc:c4:34:59:76:56:f8:55:ef:87:80:30:03:
                    51:37:ab:3d:ea:02:55:f9:49:5a:39:36:51:88:db:
                    f3:58:a2:dd:43:47:a7:0c:80:96:6d:8a:36:5c:bd:
                    8f:d5:da:b5:ae:7b:d6:dc:f7:0f:73:6a:91:09:bc:
                    06:45:9e:f3:60:c9:64:9d:3d:1a:66:c4:05:06:d8:
                    0b:69:6c:e0:3c:2f:41:a2:7c:9f:4e:35:77:ff:8d:
                    98:7f:9c:3e:5d:ae:7f:43:73:df:11:33:62:17:1e:
                    67:bd:6d:89:8d:55:9e:da:3e:2c:b2:ef:4d:53:3b:
                    9a:d1:88:c9:29:8e:1a:cd:79:8f:e3:a9:29:69:c3:
                    3b:c8:10:7b:78:e0:6e:32:a7:b7:59:c1:00:03:a2:
                    8e:1e:3d:b3:97:e6:e3:d0:d4:ee:de:3c:b0:5a:78:
                    71:20:16:d5:cc:78:19:25:86:55:d4:d4:45:20:89:
                    0e:2d:91:8d:ef:01:30:3e:6c:7f:53:fa:76:f5:47:
                    7f:c0:df:b8:27:d2:49:cf:2b:2d:23:3d:06:1f:7f:
                    aa:e0:17:67:88:dd:f2:11:a7:36:e8:3e:b3:c5:55:
                    7b:a6:db:e0:6e:ac:5a:01:80:31:88:51:cf:64:8a:
                    ea:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                4A:24:3A:1E:C4:99:1C:40:D3:A6:14:85:15:E3:C5:19:81:B4:25:F7
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/ec8892eb-ddc0-4cb6-957c-b653f28bbf39/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/ec8892eb-ddc0-4cb6-957c-b653f28bbf39/0/4A243A1EC4991C40D3A6148515E3C51981B425F7.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.109.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0a:9e:76:1c:58:2e:25:3d:60:08:47:04:c4:f0:b9:36:0e:a9:
         3d:c0:7b:ac:d1:30:58:8b:a3:5e:7e:0c:e6:99:2e:28:23:97:
         37:61:11:f7:24:36:c3:f7:65:38:39:df:e0:7c:17:f0:2d:d2:
         b7:bb:4c:c9:c0:ef:40:01:fb:be:80:a0:9d:5d:65:3c:e6:d9:
         15:40:2b:5e:8d:01:91:17:25:26:25:c8:4d:29:98:0c:17:e0:
         f7:e8:4b:19:9e:36:54:3d:d1:3a:39:fc:96:d4:fb:22:3b:46:
         e6:06:e9:d1:d0:63:18:2f:77:77:45:99:9f:c3:21:70:d3:f7:
         1a:e6:11:f7:ba:cf:45:00:53:13:d3:1e:c4:9c:40:77:38:50:
         c3:14:57:de:9f:46:01:1a:c1:af:36:13:16:01:74:7e:ac:8c:
         bf:94:2c:e6:43:05:84:7f:ad:41:e6:b6:ec:7f:d3:43:06:4e:
         a3:4a:57:61:e8:42:34:f2:73:39:cc:bd:0e:89:b2:fa:a2:23:
         f3:57:a2:bb:43:35:b4:4e:11:3a:5c:7c:88:87:fd:d2:de:6e:
         05:35:ec:d6:1a:9f:e3:cd:ad:2f:e0:ed:30:2f:e6:6c:23:e5:
         5a:f5:38:24:74:e3:c8:bc:e6:ca:f6:7c:8f:8b:12:46:86:02:
         73:90:c9:fd
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUWVkivNeYols38jDF3gybTpUFtIAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDEzMTE3MjYzNVoX
DTI2MDEzMDE3MzEzNVowMzExMC8GA1UEAxMoNEEyNDNBMUVDNDk5MUM0MEQzQTYx
NDg1MTVFM0M1MTk4MUI0MjVGNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIQNnUUxaPIjB6MQrFImsfMxDRZdlb4Ve+HgDADUTerPeoCVflJWjk2UYjb
81ii3UNHpwyAlm2KNly9j9Xata571tz3D3NqkQm8BkWe82DJZJ09GmbEBQbYC2ls
4DwvQaJ8n041d/+NmH+cPl2uf0Nz3xEzYhceZ71tiY1Vnto+LLLvTVM7mtGIySmO
Gs15j+OpKWnDO8gQe3jgbjKnt1nBAAOijh49s5fm49DU7t48sFp4cSAW1cx4GSWG
VdTURSCJDi2Rje8BMD5sf1P6dvVHf8DfuCfSSc8rLSM9Bh9/quAXZ4jd8hGnNug+
s8VVe6bb4G6sWgGAMYhRz2SK6mMCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFEokOh7EmRxA06YUhRXjxRmBtCX3MB8GA1UdIwQYMBaAFLqP
d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y
L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv
OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by9lYzg4OTJlYi1kZGMwLTRjYjYtOTU3Yy1iNjUzZjI4YmJmMzkvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2VjODg5MmVi
LWRkYzAtNGNiNi05NTdjLWI2NTNmMjhiYmYzOS8wLzRBMjQzQTFFQzQ5OTFDNDBE
M0E2MTQ4NTE1RTNDNTE5ODFCNDI1RjcubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFnbc4wDQYJKoZIhvcNAQELBQADggEBAAqedhxYLiU9YAhHBMTwuTYOqT3Ae6zR
MFiLo15+DOaZLigjlzdhEfckNsP3ZTg53+B8F/At0re7TMnA70AB+76AoJ1dZTzm
2RVAK16NAZEXJSYlyE0pmAwX4PfoSxmeNlQ90To5/JbU+yI7RuYG6dHQYxgvd3dF
mZ/DIXDT9xrmEfe6z0UAUxPTHsScQHc4UMMUV96fRgEawa82ExYBdH6sjL+ULOZD
BYR/rUHmtux/00MGTqNKV2HoQjTycznMvQ6JsvqiI/NXortDNbROETpcfIiH/dLe
bgU17NYan+PNrS/g7TAv5mwj5Vr1OCR048i85sr2fI+LEkaGAnOQyf0=
-----END CERTIFICATE-----