Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/B8436ACB7CE8F8C2F57245FFE4E6BA2F52393F4D.cer
File:                     B8436ACB7CE8F8C2F57245FFE4E6BA2F52393F4D.cer (raw, json)
Hash identifier:          agjPsBQjmuaQyiUOW525iuZOMN7dw+0DyZkW+v60sbw=
Subject key identifier:   B8:43:6A:CB:7C:E8:F8:C2:F5:72:45:FF:E4:E6:BA:2F:52:39:3F:4D
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       58C2AA6DE25E2FD99C9CB3F91C2D0CD740190918
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/ebefbf04-41be-48d7-ac00-8a3c498ca9ae/0/B8436ACB7CE8F8C2F57245FFE4E6BA2F52393F4D.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/ebefbf04-41be-48d7-ac00-8a3c498ca9ae/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Wed 15 May 2024 18:21:29 +0000
Certificate not after:    Wed 14 May 2025 18:26:29 +0000
Subordinate resources:    IP: 103.154.24.0/23
                          IP: 2406:5240::/32
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:c2:aa:6d:e2:5e:2f:d9:9c:9c:b3:f9:1c:2d:0c:d7:40:19:09:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000
        Validity
            Not Before: May 15 18:21:29 2024 GMT
            Not After : May 14 18:26:29 2025 GMT
        Subject: CN=B8436ACB7CE8F8C2F57245FFE4E6BA2F52393F4D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:30:03:c5:02:81:50:a5:78:31:ce:d2:a9:6f:
                    b7:52:82:3b:fb:37:a1:38:6b:1b:73:bd:b0:70:50:
                    4a:d0:9a:65:18:9e:34:0e:10:f0:c0:45:e6:0b:41:
                    9b:00:3b:fe:e0:e0:8d:4c:70:23:1b:a4:b8:c8:23:
                    66:90:da:ad:60:4c:c3:9e:fb:34:4d:3f:65:4b:1d:
                    42:09:14:95:aa:62:90:18:45:f6:79:d4:65:0b:0d:
                    0d:a0:71:93:55:09:31:c7:eb:12:77:fa:4e:f8:8f:
                    07:77:da:6f:b3:22:25:bc:30:87:e0:ef:f9:9c:a6:
                    a6:21:66:4b:db:3f:a0:ca:e3:86:97:b5:8d:59:16:
                    94:a8:96:db:32:8b:28:e7:c8:d3:18:b2:af:35:01:
                    9b:f9:f0:70:eb:99:bd:78:2a:64:ce:a2:b9:20:bb:
                    4b:de:22:67:58:1f:38:6f:0a:51:1d:5a:4e:77:25:
                    6c:dc:86:66:52:1f:6f:9c:b9:ec:63:60:fa:f8:98:
                    ed:5a:bd:fe:70:0b:86:62:6f:ce:7f:f6:5e:d9:e4:
                    8f:71:37:02:38:6e:63:cc:c7:c5:98:e9:72:96:1d:
                    da:10:57:00:3f:17:42:c2:33:3d:79:3b:31:66:3e:
                    e8:c6:cc:34:05:f0:7b:f0:b2:83:f5:ce:26:61:95:
                    33:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                B8:43:6A:CB:7C:E8:F8:C2:F5:72:45:FF:E4:E6:BA:2F:52:39:3F:4D
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/ebefbf04-41be-48d7-ac00-8a3c498ca9ae/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/ebefbf04-41be-48d7-ac00-8a3c498ca9ae/0/B8436ACB7CE8F8C2F57245FFE4E6BA2F52393F4D.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.154.24.0/23
                IPv6:
                  2406:5240::/32

    Signature Algorithm: sha256WithRSAEncryption
         1c:3d:17:80:3f:39:20:22:8d:cd:64:eb:58:0f:f4:d7:16:18:
         3b:79:76:9c:2d:dc:9e:f4:23:f6:92:44:c2:22:1b:f7:d2:b4:
         46:33:b1:53:59:dc:59:10:74:b1:06:5b:0c:7b:46:90:3e:16:
         f1:61:60:36:c7:75:58:46:c0:c1:8d:dc:e8:89:ec:b7:d4:02:
         4e:eb:87:62:2a:91:6d:d2:5b:b5:78:b8:25:6f:0a:57:98:5a:
         f8:bf:71:ed:ce:6d:e4:c6:4e:3d:b5:13:6e:1d:95:43:b6:ec:
         5e:6d:27:55:3c:9d:31:e2:af:99:61:2d:fe:03:60:f6:c4:dd:
         90:c1:8b:4d:6b:8d:ae:47:03:ce:bd:bf:e9:fa:76:43:6c:d0:
         94:08:12:1a:3a:1e:6a:9a:4c:44:19:5d:9d:00:69:bc:55:5c:
         b1:5d:8b:b6:13:06:08:f5:9d:c3:48:c8:0f:5b:81:26:df:0e:
         74:39:7f:4e:bb:ed:cf:95:f5:6f:27:89:fe:7c:79:e5:f4:d0:
         f8:1c:63:30:be:1e:67:91:d9:7b:64:ce:27:54:8d:92:fa:91:
         6e:f7:42:94:a1:fd:ff:aa:d2:4c:42:13:4c:b1:8b:74:33:59:
         52:c0:1a:2c:16:c9:30:85:00:48:e7:b1:54:ff:9e:6f:02:95:
         8d:5e:5e:61
-----BEGIN CERTIFICATE-----
MIIF1DCCBLygAwIBAgIUWMKqbeJeL9mcnLP5HC0M10AZCRgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDUxNTE4MjEyOVoX
DTI1MDUxNDE4MjYyOVowMzExMC8GA1UEAxMoQjg0MzZBQ0I3Q0U4RjhDMkY1NzI0
NUZGRTRFNkJBMkY1MjM5M0Y0RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkwA8UCgVCleDHO0qlvt1KCO/s3oThrG3O9sHBQStCaZRieNA4Q8MBF5gtB
mwA7/uDgjUxwIxukuMgjZpDarWBMw577NE0/ZUsdQgkUlapikBhF9nnUZQsNDaBx
k1UJMcfrEnf6TviPB3fab7MiJbwwh+Dv+ZympiFmS9s/oMrjhpe1jVkWlKiW2zKL
KOfI0xiyrzUBm/nwcOuZvXgqZM6iuSC7S94iZ1gfOG8KUR1aTnclbNyGZlIfb5y5
7GNg+viY7Vq9/nALhmJvzn/2Xtnkj3E3AjhuY8zHxZjpcpYd2hBXAD8XQsIzPXk7
MWY+6MbMNAXwe/Cyg/XOJmGVM+8CAwEAAaOCAscwggLDMA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFLhDast86PjC9XJF/+Tmui9SOT9NMB8GA1UdIwQYMBaAFLqP
d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y
L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv
OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by9lYmVmYmYwNC00MWJlLTQ4ZDctYWMwMC04YTNjNDk4Y2E5YWUvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ViZWZiZjA0
LTQxYmUtNDhkNy1hYzAwLThhM2M0OThjYTlhZS8wL0I4NDM2QUNCN0NFOEY4QzJG
NTcyNDVGRkU0RTZCQTJGNTIzOTNGNEQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYD
BAFnmhgwDQQCAAIwBwMFACQGUkAwDQYJKoZIhvcNAQELBQADggEBABw9F4A/OSAi
jc1k61gP9NcWGDt5dpwt3J70I/aSRMIiG/fStEYzsVNZ3FkQdLEGWwx7RpA+FvFh
YDbHdVhGwMGN3OiJ7LfUAk7rh2IqkW3SW7V4uCVvCleYWvi/ce3ObeTGTj21E24d
lUO27F5tJ1U8nTHir5lhLf4DYPbE3ZDBi01rja5HA869v+n6dkNs0JQIEho6Hmqa
TEQZXZ0AabxVXLFdi7YTBgj1ncNIyA9bgSbfDnQ5f0677c+V9W8nif58eeX00Pgc
YzC+HmeR2XtkzidUjZL6kW73QpSh/f+q0kxCE0yxi3QzWVLAGiwWyTCFAEjnsVT/
nm8ClY1eXmE=
-----END CERTIFICATE-----