Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/645C9D445B2796662EE98A03E50C124F3E962CAB.cer
File:                     645C9D445B2796662EE98A03E50C124F3E962CAB.cer (raw, json)
Hash identifier:          ubGvOUd3wh2Q01R6ELcaBoINBbeUMR5QoVJ2/fS4QVY=
Subject key identifier:   64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       451F452027572FAB7A6A53FE5A96EEE9B9A6791A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Tue 02 Apr 2024 15:49:14 +0000
Certificate not after:    Tue 01 Apr 2025 15:54:14 +0000
Subordinate resources:    IP: 103.100.172.0/22
                          IP: 2401:be40::/32

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 20:39:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:1f:45:20:27:57:2f:ab:7a:6a:53:fe:5a:96:ee:e9:b9:a6:79:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Apr  2 15:49:14 2024 GMT
            Not After : Apr  1 15:54:14 2025 GMT
        Subject: CN=645C9D445B2796662EE98A03E50C124F3E962CAB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a2:07:06:50:9f:a6:10:d3:95:a1:08:1f:c6:
                    fc:91:9a:ea:e0:d5:a0:05:c1:22:26:d2:0b:7a:37:
                    8f:4f:86:9f:8d:92:79:ce:8e:d9:6c:c6:8d:1f:df:
                    c5:57:83:88:e0:f3:7e:7c:78:63:7f:14:e6:63:63:
                    2f:3e:c0:38:a1:57:bd:0c:f0:2e:8b:09:66:dc:82:
                    c0:76:c0:68:66:8e:63:84:34:74:84:0d:4d:7c:96:
                    86:73:38:b7:2e:ad:59:3f:74:79:6a:10:26:71:5e:
                    6d:36:fb:39:d1:38:19:ef:ba:1a:a4:d7:84:a2:a2:
                    84:60:db:c2:d4:b1:2f:84:c1:48:d5:bd:ea:9d:28:
                    7d:57:a9:0c:00:59:07:82:01:bf:ba:a9:aa:be:1d:
                    07:a2:61:5f:68:56:48:a9:8b:22:bb:e1:08:17:a4:
                    d3:54:12:ee:db:04:00:a4:7f:df:85:2e:6f:de:69:
                    7a:74:e8:40:ca:d3:e1:81:5f:28:44:63:be:be:76:
                    33:cb:8f:54:59:f9:43:75:f2:f7:a3:f9:41:f7:80:
                    a5:0f:47:e7:9c:f8:1a:55:cd:ca:9a:9b:8c:d1:de:
                    6e:0f:0e:10:57:09:d2:fb:7f:5a:6c:cf:49:fd:63:
                    4c:3a:e1:28:86:b0:51:d5:b8:e6:59:2a:6c:96:9e:
                    98:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                64:5C:9D:44:5B:27:96:66:2E:E9:8A:03:E5:0C:12:4F:3E:96:2C:AB
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/07304b83-30aa-4bbf-9fd7-2fceadbf0030/0/645C9D445B2796662EE98A03E50C124F3E962CAB.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.100.172.0/22
                IPv6:
                  2401:be40::/32

    Signature Algorithm: sha256WithRSAEncryption
         42:f4:fc:39:6b:9d:50:22:9e:37:6f:6e:76:be:52:0d:33:73:
         7f:3a:51:40:c5:81:06:62:85:bb:eb:31:4b:66:70:f7:5e:ee:
         b3:50:27:0c:97:9b:a1:a4:5a:9d:03:de:9b:7e:9a:dd:a3:71:
         af:dc:a6:ce:f2:24:5b:f1:5f:09:20:92:97:46:77:98:9b:b0:
         ef:f6:ed:dd:38:84:c9:1c:73:57:fc:3c:03:45:ea:98:53:30:
         c3:49:0e:13:e3:c2:c1:d1:1c:41:3a:b7:a7:3c:41:7f:09:db:
         8c:49:29:12:de:8e:3f:14:6f:36:2d:d8:5d:4b:17:49:6c:87:
         ba:40:00:a2:1d:06:18:4d:03:e0:1c:94:50:a7:ca:9e:b2:06:
         05:4a:7b:5f:a9:1d:86:21:ce:b4:0a:a7:bc:17:ab:9a:18:e1:
         73:43:ba:de:6c:c5:92:8b:88:e7:d3:a0:78:13:dd:01:69:01:
         43:3c:01:04:02:3b:14:57:61:d3:e5:63:4c:70:95:fe:cb:f0:
         62:d7:8d:43:56:c1:c6:0f:af:aa:51:f7:4b:4c:d7:b0:38:11:
         5e:7d:ec:c4:ce:e0:c2:ea:19:09:77:ff:26:6e:1f:b7:06:e6:
         6e:be:a9:81:ef:95:02:6d:2c:63:84:77:bc:d5:1f:e9:67:94:
         fc:18:1c:83
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIURR9FICdXL6t6alP+Wpbu6bmmeRowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDQwMjE1NDkxNFoX
DTI1MDQwMTE1NTQxNFowMzExMC8GA1UEAxMoNjQ1QzlENDQ1QjI3OTY2NjJFRTk4
QTAzRTUwQzEyNEYzRTk2MkNBQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKqiBwZQn6YQ05WhCB/G/JGa6uDVoAXBIibSC3o3j0+Gn42Sec6O2WzGjR/f
xVeDiODzfnx4Y38U5mNjLz7AOKFXvQzwLosJZtyCwHbAaGaOY4Q0dIQNTXyWhnM4
ty6tWT90eWoQJnFebTb7OdE4Ge+6GqTXhKKihGDbwtSxL4TBSNW96p0ofVepDABZ
B4IBv7qpqr4dB6JhX2hWSKmLIrvhCBek01QS7tsEAKR/34Uub95penToQMrT4YFf
KERjvr52M8uPVFn5Q3Xy96P5QfeApQ9H55z4GlXNypqbjNHebg8OEFcJ0vt/WmzP
Sf1jTDrhKIawUdW45lkqbJaemCUCAwEAAaOCAscwggLDMA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFGRcnURbJ5ZmLumKA+UMEk8+liyrMB8GA1UdIwQYMBaAFLqP
d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y
L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv
OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by8wNzMwNGI4My0zMGFhLTRiYmYtOWZkNy0yZmNlYWRiZjAwMzAvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA3MzA0Yjgz
LTMwYWEtNGJiZi05ZmQ3LTJmY2VhZGJmMDAzMC8wLzY0NUM5RDQ0NUIyNzk2NjYy
RUU5OEEwM0U1MEMxMjRGM0U5NjJDQUIubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYD
BAJnZKwwDQQCAAIwBwMFACQBvkAwDQYJKoZIhvcNAQELBQADggEBAEL0/DlrnVAi
njdvbna+Ug0zc386UUDFgQZihbvrMUtmcPde7rNQJwyXm6GkWp0D3pt+mt2jca/c
ps7yJFvxXwkgkpdGd5ibsO/27d04hMkcc1f8PANF6phTMMNJDhPjwsHRHEE6t6c8
QX8J24xJKRLejj8UbzYt2F1LF0lsh7pAAKIdBhhNA+AclFCnyp6yBgVKe1+pHYYh
zrQKp7wXq5oY4XNDut5sxZKLiOfToHgT3QFpAUM8AQQCOxRXYdPlY0xwlf7L8GLX
jUNWwcYPr6pR90tM17A4EV597MTO4MLqGQl3/yZuH7cG5m6+qYHvlQJtLGOEd7zV
H+lnlPwYHIM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:43:42 2024 by rpki-client on console-ams.rpki-client.org