Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/C35ED85B36F5D519D2CD1D474BE51C13F49A7E47.cer
File:                     C35ED85B36F5D519D2CD1D474BE51C13F49A7E47.cer (raw, json)
Hash identifier:          af0yVUa+psU24hwcG02ey3ZhOnrYJwOI6tYRM78dFUY=
Subject key identifier:   C3:5E:D8:5B:36:F5:D5:19:D2:CD:1D:47:4B:E5:1C:13:F4:9A:7E:47
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       1852A337F693CCA45722DD4D5346E8E080139365
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/953666e1-1e41-42ed-abbc-a8c087f3f339/0/C35ED85B36F5D519D2CD1D474BE51C13F49A7E47.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/953666e1-1e41-42ed-abbc-a8c087f3f339/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Wed 18 Dec 2024 23:05:50 +0000
Certificate not after:    Wed 17 Dec 2025 23:10:50 +0000
Subordinate resources:    IP: 203.14.18.0/24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:52:a3:37:f6:93:cc:a4:57:22:dd:4d:53:46:e8:e0:80:13:93:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000
        Validity
            Not Before: Dec 18 23:05:50 2024 GMT
            Not After : Dec 17 23:10:50 2025 GMT
        Subject: CN=C35ED85B36F5D519D2CD1D474BE51C13F49A7E47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:86:28:d6:88:4c:af:d5:89:59:ec:d6:0c:88:
                    3d:e6:d6:1d:de:ee:16:80:35:d9:ab:1d:c5:bf:c7:
                    d6:a7:36:fd:02:fd:ae:fb:87:2a:f6:ea:34:85:4e:
                    57:00:85:44:0e:a3:59:8f:d9:96:4d:dd:97:57:dd:
                    29:15:0d:73:c6:be:57:ef:f1:5d:2a:6b:a1:f6:a1:
                    53:c3:aa:a2:5b:75:15:22:84:b7:30:0b:23:f9:85:
                    1e:7e:27:17:4e:05:9d:6d:ac:da:d6:17:57:13:7e:
                    1e:cf:ba:31:f5:29:67:26:8b:2d:84:12:4b:51:04:
                    b8:ce:22:91:a5:45:ac:19:a6:44:5d:80:48:4a:0b:
                    95:db:09:84:70:42:a9:ac:56:e3:17:da:83:dd:f2:
                    5b:d3:1c:b8:b8:d9:45:15:6d:16:cb:2f:0e:8e:5d:
                    5a:c5:2b:75:8b:41:d9:d4:79:18:10:9c:14:0c:35:
                    f0:dc:69:65:82:a4:98:9e:44:05:c8:02:70:f9:da:
                    a6:6c:35:cf:15:70:84:e4:8a:99:b8:d2:de:b4:d9:
                    41:fd:3a:b6:0a:91:d3:0d:5e:f7:9a:bb:aa:04:61:
                    08:15:53:12:b0:98:c0:8d:b9:6a:7b:d8:08:52:03:
                    42:09:07:2d:c2:dd:29:9a:ef:6f:fe:e2:ac:b9:71:
                    df:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                C3:5E:D8:5B:36:F5:D5:19:D2:CD:1D:47:4B:E5:1C:13:F4:9A:7E:47
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/953666e1-1e41-42ed-abbc-a8c087f3f339/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/953666e1-1e41-42ed-abbc-a8c087f3f339/0/C35ED85B36F5D519D2CD1D474BE51C13F49A7E47.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.14.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         48:6a:27:0a:51:7b:00:fc:92:c7:85:91:f4:da:6d:a3:b6:dc:
         81:93:00:3d:fe:a6:1f:9f:d9:9f:60:ea:71:37:42:d3:f7:82:
         3b:f4:01:b2:fc:42:e5:93:b4:6f:b2:2e:09:2c:41:a6:c4:79:
         37:96:de:58:69:1d:cc:ec:66:d4:c4:bc:5e:c6:03:df:fb:79:
         37:af:12:23:43:d0:98:66:7d:81:1d:0b:8f:c5:cb:80:ae:e3:
         c8:d0:3a:c1:f7:28:6c:72:d5:8a:0e:37:d6:dd:64:d0:0b:8e:
         aa:bb:c3:83:0e:5c:22:1e:9a:74:b5:34:be:f5:4f:c4:fd:b1:
         1c:b9:a9:ea:dc:c3:e0:62:31:8a:7c:9a:07:ab:b5:84:cc:33:
         ca:97:7a:79:cf:e9:a0:cc:31:b7:4f:10:c3:da:b1:71:b5:5d:
         55:a3:5d:35:ee:52:86:0b:47:46:60:33:ad:c9:b7:c2:8e:7d:
         85:5a:3d:f0:61:45:bb:ed:8f:cf:fe:66:8d:61:77:0f:11:ad:
         7a:a9:d4:3c:ab:07:cc:5f:ac:b6:c3:8c:e4:c4:06:e9:cb:d4:
         30:29:83:6f:c0:9e:83:22:8e:39:24:80:45:45:4d:85:d8:54:
         5e:07:76:4e:c9:8c:75:32:93:ce:b1:05:49:d8:69:fe:c9:e9:
         35:05:99:d5
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUGFKjN/aTzKRXIt1NU0bo4IATk2UwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxODIzMDU1MFoX
DTI1MTIxNzIzMTA1MFowMzExMC8GA1UEAxMoQzM1RUQ4NUIzNkY1RDUxOUQyQ0Qx
RDQ3NEJFNTFDMTNGNDlBN0U0NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWGKNaITK/ViVns1gyIPebWHd7uFoA12asdxb/H1qc2/QL9rvuHKvbqNIVO
VwCFRA6jWY/Zlk3dl1fdKRUNc8a+V+/xXSprofahU8Oqolt1FSKEtzALI/mFHn4n
F04FnW2s2tYXVxN+Hs+6MfUpZyaLLYQSS1EEuM4ikaVFrBmmRF2ASEoLldsJhHBC
qaxW4xfag93yW9McuLjZRRVtFssvDo5dWsUrdYtB2dR5GBCcFAw18NxpZYKkmJ5E
BcgCcPnapmw1zxVwhOSKmbjS3rTZQf06tgqR0w1e95q7qgRhCBVTErCYwI25anvY
CFIDQgkHLcLdKZrvb/7irLlx30kCAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFMNe2Fs29dUZ0s0dR0vlHBP0mn5HMB8GA1UdIwQYMBaAFLqP
d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y
L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv
OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by85NTM2NjZlMS0xZTQxLTQyZWQtYWJiYy1hOGMwODdmM2YzMzkvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk1MzY2NmUx
LTFlNDEtNDJlZC1hYmJjLWE4YzA4N2YzZjMzOS8wL0MzNUVEODVCMzZGNUQ1MTlE
MkNEMUQ0NzRCRTUxQzEzRjQ5QTdFNDcubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADLDhIwDQYJKoZIhvcNAQELBQADggEBAEhqJwpRewD8kseFkfTabaO23IGTAD3+
ph+f2Z9g6nE3QtP3gjv0AbL8QuWTtG+yLgksQabEeTeW3lhpHczsZtTEvF7GA9/7
eTevEiND0JhmfYEdC4/Fy4Cu48jQOsH3KGxy1YoON9bdZNALjqq7w4MOXCIemnS1
NL71T8T9sRy5qercw+BiMYp8mgertYTMM8qXennP6aDMMbdPEMPasXG1XVWjXTXu
UoYLR0ZgM63Jt8KOfYVaPfBhRbvtj8/+Zo1hdw8RrXqp1DyrB8xfrLbDjOTEBunL
1DApg2/AnoMijjkkgEVFTYXYVF4Hdk7JjHUyk86xBUnYaf7J6TUFmdU=
-----END CERTIFICATE-----