Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/D29ED5B5FC4DBFFE447DDD022C0D01EB00BA8F14.cer
File:                     D29ED5B5FC4DBFFE447DDD022C0D01EB00BA8F14.cer (raw, json)
Hash identifier:          NaB8X9/F71OWMEXtl2Bw9BidPGYBsViYHM1cQXQE0SU=
Subject key identifier:   D2:9E:D5:B5:FC:4D:BF:FE:44:7D:DD:02:2C:0D:01:EB:00:BA:8F:14
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       2F4E65D0EF7DA5338447308D80725DC7ACB3CFE6
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/285243e5-c660-4112-bdc3-594412dedc4d/0/D29ED5B5FC4DBFFE447DDD022C0D01EB00BA8F14.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/285243e5-c660-4112-bdc3-594412dedc4d/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Thu 04 Jan 2024 16:26:45 +0000
Certificate not after:    Thu 02 Jan 2025 16:31:45 +0000
Subordinate resources:    IP: 103.181.252.0/23
                          IP: 2001:df0:7ac0::/48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 20:39:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:4e:65:d0:ef:7d:a5:33:84:47:30:8d:80:72:5d:c7:ac:b3:cf:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Jan  4 16:26:45 2024 GMT
            Not After : Jan  2 16:31:45 2025 GMT
        Subject: CN=D29ED5B5FC4DBFFE447DDD022C0D01EB00BA8F14
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:33:fd:27:f0:ec:cb:31:66:ce:07:e1:b8:89:
                    0a:66:8b:27:3f:4d:63:76:df:23:9d:8b:b0:1c:52:
                    99:ff:5a:14:69:92:1d:c0:87:cb:55:7c:02:bb:18:
                    c0:2c:41:98:c1:22:a1:74:2b:b7:79:bf:1e:6c:9f:
                    45:2c:45:87:59:99:5a:12:cc:a6:0a:a6:23:b5:cd:
                    ec:6a:ee:a8:de:12:12:fb:30:ef:dc:78:03:d3:f0:
                    5e:c1:e3:d5:b3:42:bd:9c:e4:bb:3c:57:3e:5c:da:
                    d2:d3:3c:49:36:de:2c:ce:32:38:b3:ca:69:b7:7b:
                    46:1c:da:52:a4:17:35:2e:f4:57:df:95:9d:bf:07:
                    ba:3c:05:31:ef:fe:e5:92:8c:66:d4:94:b4:0a:74:
                    39:10:2e:8a:c9:30:77:4b:b8:81:7e:30:4f:26:f0:
                    98:ce:f2:43:22:78:4b:d7:bc:df:8d:75:73:bb:2c:
                    60:90:70:d0:84:14:04:24:7e:00:5b:a2:23:1b:ea:
                    19:32:03:44:87:33:86:da:c7:48:b7:7c:4b:ad:7e:
                    a7:b7:ab:fc:c5:3c:7e:e7:7b:b9:6a:27:94:b0:56:
                    86:0a:80:6f:0a:bb:22:73:76:fa:d7:b6:34:99:0e:
                    a5:44:df:f4:8f:fa:6f:0a:80:9b:43:99:44:59:5d:
                    59:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                D2:9E:D5:B5:FC:4D:BF:FE:44:7D:DD:02:2C:0D:01:EB:00:BA:8F:14
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/285243e5-c660-4112-bdc3-594412dedc4d/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/285243e5-c660-4112-bdc3-594412dedc4d/0/D29ED5B5FC4DBFFE447DDD022C0D01EB00BA8F14.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.181.252.0/23
                IPv6:
                  2001:df0:7ac0::/48

    Signature Algorithm: sha256WithRSAEncryption
         91:45:50:a9:dd:b9:47:af:4e:3c:f8:82:19:3d:99:95:0b:79:
         4a:58:af:fb:58:6b:6b:c5:ed:04:df:6d:61:de:0b:95:09:b5:
         24:bd:1d:20:ec:10:b4:a0:f0:03:bc:11:a1:3b:b7:ec:e1:6b:
         af:df:6d:7f:e6:e5:da:c6:ca:f5:a8:7a:08:9c:b1:02:b2:49:
         fd:11:b6:42:42:98:f5:88:a0:e4:4f:4f:1e:01:85:e6:a9:8c:
         40:23:8e:28:73:d4:b2:dd:a9:17:6f:58:fa:f8:89:62:5d:91:
         08:65:df:be:52:0c:a9:f2:92:a8:ea:43:73:e5:d8:3a:59:42:
         34:70:70:45:72:df:64:c3:10:fa:3f:17:6f:67:ac:7a:62:dd:
         3f:1a:45:d1:24:cc:5e:42:87:57:c0:a6:98:82:79:75:99:7d:
         85:e1:6d:4a:3c:3e:9c:b8:ae:0d:66:d5:38:ff:04:ee:8a:5c:
         88:d1:8d:db:f3:6e:dd:3e:56:40:37:7b:7e:9f:de:5c:44:6c:
         81:b6:0d:02:04:3e:2f:94:5f:a8:e1:61:59:ba:88:52:38:f6:
         dc:0d:31:55:d0:4e:ee:30:53:bb:97:77:1e:70:4a:4d:a7:b5:
         94:d8:6f:1e:bc:38:8e:f2:90:07:7e:70:42:fe:ea:6f:67:4a:
         45:21:8a:27
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgIUL05l0O99pTOERzCNgHJdx6yzz+YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDEwNDE2MjY0NVoX
DTI1MDEwMjE2MzE0NVowMzExMC8GA1UEAxMoRDI5RUQ1QjVGQzREQkZGRTQ0N0RE
RDAyMkMwRDAxRUIwMEJBOEYxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALYz/Sfw7MsxZs4H4biJCmaLJz9NY3bfI52LsBxSmf9aFGmSHcCHy1V8ArsY
wCxBmMEioXQrt3m/HmyfRSxFh1mZWhLMpgqmI7XN7GruqN4SEvsw79x4A9PwXsHj
1bNCvZzkuzxXPlza0tM8STbeLM4yOLPKabd7RhzaUqQXNS70V9+Vnb8HujwFMe/+
5ZKMZtSUtAp0ORAuiskwd0u4gX4wTybwmM7yQyJ4S9e83411c7ssYJBw0IQUBCR+
AFuiIxvqGTIDRIczhtrHSLd8S61+p7er/MU8fud7uWonlLBWhgqAbwq7InN2+te2
NJkOpUTf9I/6bwqAm0OZRFldWfcCAwEAAaOCAskwggLFMA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFNKe1bX8Tb/+RH3dAiwNAesAuo8UMB8GA1UdIwQYMBaAFLqP
d9IeWP6ck5prcOJYVhfhgzdrMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8y
L0JBOEY3N0QyMUU1OEZFOUM5MzlBNkI3MEUyNTg1NjE3RTE4MzM3NkIuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3Vv
OTMwaDVZX3B5VG1tdHc0bGhXRi1HRE4ycy5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by8yODUyNDNlNS1jNjYwLTQxMTItYmRjMy01OTQ0MTJkZWRjNGQvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzI4NTI0M2U1
LWM2NjAtNDExMi1iZGMzLTU5NDQxMmRlZGM0ZC8wL0QyOUVENUI1RkM0REJGRkU0
NDdEREQwMjJDMEQwMUVCMDBCQThGMTQubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYD
BAFntfwwDwQCAAIwCQMHACABDfB6wDANBgkqhkiG9w0BAQsFAAOCAQEAkUVQqd25
R69OPPiCGT2ZlQt5Sliv+1hra8XtBN9tYd4LlQm1JL0dIOwQtKDwA7wRoTu37OFr
r99tf+bl2sbK9ah6CJyxArJJ/RG2QkKY9Yig5E9PHgGF5qmMQCOOKHPUst2pF29Y
+viJYl2RCGXfvlIMqfKSqOpDc+XYOllCNHBwRXLfZMMQ+j8Xb2esemLdPxpF0STM
XkKHV8CmmIJ5dZl9heFtSjw+nLiuDWbVOP8E7opciNGN2/Nu3T5WQDd7fp/eXERs
gbYNAgQ+L5RfqOFhWbqIUjj23A0xVdBO7jBTu5d3HnBKTae1lNhvHrw4jvKQB35w
Qv7qb2dKRSGKJw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:14:31 2024 by rpki-client on console-fra.rpki-client.org