Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/C43D9C91D389ADDD2039882757F731CAFAAC740F.cer
File:                     C43D9C91D389ADDD2039882757F731CAFAAC740F.cer (raw, json)
Hash identifier:          E2obwb1fYXFfARiE+9FMaCIj0EV2NJtPIuMQl/kOIq8=
Subject key identifier:   C4:3D:9C:91:D3:89:AD:DD:20:39:88:27:57:F7:31:CA:FA:AC:74:0F
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       2D4980994CE6D4935854D6150C3F9B831369176E
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/f2aa2d10-3faa-4272-be1f-8102957b65e6/0/C43D9C91D389ADDD2039882757F731CAFAAC740F.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/f2aa2d10-3faa-4272-be1f-8102957b65e6/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Wed 19 Mar 2025 18:42:23 +0000
Certificate not after:    Wed 18 Mar 2026 18:47:23 +0000
Subordinate resources:    IP: 103.142.194.0/23
                          IP: 2001:df1:5480::/48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:49:80:99:4c:e6:d4:93:58:54:d6:15:0c:3f:9b:83:13:69:17:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000
        Validity
            Not Before: Mar 19 18:42:23 2025 GMT
            Not After : Mar 18 18:47:23 2026 GMT
        Subject: CN=C43D9C91D389ADDD2039882757F731CAFAAC740F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:ee:a8:6d:a0:70:fd:59:c0:f2:d0:64:ce:13:
                    63:bd:15:ef:d5:d4:f7:e1:08:bb:a0:cb:69:12:99:
                    f4:e4:43:e8:5a:6f:12:2f:12:8f:b6:48:d7:bb:48:
                    ff:6f:69:12:da:0f:75:ea:fe:7e:0d:7b:61:0d:48:
                    3a:bf:cc:77:29:06:70:c8:11:5f:33:57:93:be:6d:
                    a4:38:f7:cf:a2:37:58:8f:34:f7:46:c9:2a:d4:5e:
                    04:3c:8a:10:4e:bd:69:3f:9e:e5:7f:24:98:92:97:
                    32:48:07:b4:09:d9:56:af:29:eb:0b:96:8c:e3:bb:
                    7a:5c:ae:2f:56:2a:60:8b:79:2e:d4:cf:ad:82:8f:
                    87:a8:e3:a5:8c:20:88:8f:09:6d:fc:9c:76:b7:c2:
                    03:40:93:49:d6:0d:3f:f9:f9:a1:40:df:bd:e3:75:
                    02:83:f0:02:73:fd:d4:9d:0f:b9:06:9e:58:33:0e:
                    eb:4f:08:e2:23:75:2b:ae:4d:bc:d6:1b:d8:30:ad:
                    bf:43:33:ad:74:c0:6f:5f:ad:13:b5:33:19:d7:f1:
                    6e:b7:40:1a:53:68:41:0b:54:a2:2a:6c:6d:0b:8c:
                    f2:d0:1a:24:b1:be:0a:3e:2e:87:5b:a6:5e:fb:c9:
                    83:5b:31:db:0d:82:0d:88:8c:09:5a:2e:f1:18:50:
                    ac:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                C4:3D:9C:91:D3:89:AD:DD:20:39:88:27:57:F7:31:CA:FA:AC:74:0F
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/f2aa2d10-3faa-4272-be1f-8102957b65e6/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/f2aa2d10-3faa-4272-be1f-8102957b65e6/0/C43D9C91D389ADDD2039882757F731CAFAAC740F.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.142.194.0/23
                IPv6:
                  2001:df1:5480::/48

    Signature Algorithm: sha256WithRSAEncryption
         8b:1f:25:62:72:15:e3:fe:62:f0:9c:35:15:c7:d5:6b:45:88:
         a3:4d:8a:7c:64:78:37:b0:47:ee:e9:08:70:de:df:bb:46:7d:
         d3:fd:5a:a4:d4:0b:5b:8b:83:ac:23:7d:7b:72:b9:39:50:3d:
         52:22:6f:f9:ab:46:6f:79:68:a9:04:3e:ae:45:01:69:6f:27:
         f7:83:b6:7f:1e:3f:ea:6a:4d:ee:3d:35:79:5d:35:50:d9:41:
         cc:ed:7a:96:7e:12:b7:9e:bf:98:a2:21:d5:e5:30:80:ce:ef:
         a6:e4:37:be:a0:87:b2:f3:a7:e0:28:b4:19:fd:9a:4e:04:93:
         e3:ee:b2:bd:c5:0f:4e:82:39:68:43:02:45:8b:c1:f2:68:d7:
         e0:58:2c:5d:31:36:67:25:9e:29:64:7c:9d:1e:db:03:e1:a7:
         1c:4e:52:0a:d7:cc:d3:aa:b5:04:3d:bd:05:75:29:2c:49:2d:
         f1:29:d3:03:85:63:02:21:4d:85:db:65:06:49:7d:42:ca:d2:
         d2:62:ba:07:ba:8e:b2:cb:23:93:24:a1:98:8c:93:86:f0:3d:
         70:c9:a7:20:5f:8c:5f:f4:67:ab:67:b4:e9:04:1b:c0:dd:3e:
         b7:cd:04:40:13:58:ae:47:0d:cb:a8:b6:31:06:85:8b:90:3c:
         b2:0b:eb:68
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIULUmAmUzm1JNYVNYVDD+bgxNpF24wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI1MDMxOTE4NDIyM1oX
DTI2MDMxODE4NDcyM1owMzExMC8GA1UEAxMoQzQzRDlDOTFEMzg5QURERDIwMzk4
ODI3NTdGNzMxQ0FGQUFDNzQwRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANzuqG2gcP1ZwPLQZM4TY70V79XU9+EIu6DLaRKZ9ORD6FpvEi8Sj7ZI17tI
/29pEtoPder+fg17YQ1IOr/MdykGcMgRXzNXk75tpDj3z6I3WI8090bJKtReBDyK
EE69aT+e5X8kmJKXMkgHtAnZVq8p6wuWjOO7elyuL1YqYIt5LtTPrYKPh6jjpYwg
iI8JbfycdrfCA0CTSdYNP/n5oUDfveN1AoPwAnP91J0PuQaeWDMO608I4iN1K65N
vNYb2DCtv0MzrXTAb1+tE7UzGdfxbrdAGlNoQQtUoipsbQuM8tAaJLG+Cj4uh1um
XvvJg1sx2w2CDYiMCVou8RhQrNMCAwEAAaOCAskwggLFMA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFMQ9nJHTia3dIDmIJ1f3Mcr6rHQPMB8GA1UdIwQYMBaAFLqP
d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y
L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv
OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by9mMmFhMmQxMC0zZmFhLTQyNzItYmUxZi04MTAyOTU3YjY1ZTYvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2YyYWEyZDEw
LTNmYWEtNDI3Mi1iZTFmLTgxMDI5NTdiNjVlNi8wL0M0M0Q5QzkxRDM4OUFEREQy
MDM5ODgyNzU3RjczMUNBRkFBQzc0MEYubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYD
BAFnjsIwDwQCAAIwCQMHACABDfFUgDANBgkqhkiG9w0BAQsFAAOCAQEAix8lYnIV
4/5i8Jw1FcfVa0WIo02KfGR4N7BH7ukIcN7fu0Z90/1apNQLW4uDrCN9e3K5OVA9
UiJv+atGb3loqQQ+rkUBaW8n94O2fx4/6mpN7j01eV01UNlBzO16ln4St56/mKIh
1eUwgM7vpuQ3vqCHsvOn4Ci0Gf2aTgST4+6yvcUPToI5aEMCRYvB8mjX4FgsXTE2
ZyWeKWR8nR7bA+GnHE5SCtfM06q1BD29BXUpLEkt8SnTA4VjAiFNhdtlBkl9QsrS
0mK6B7qOsssjkyShmIyThvA9cMmnIF+MX/Rnq2e06QQbwN0+t80EQBNYrkcNy6i2
MQaFi5A8sgvraA==
-----END CERTIFICATE-----