Certificate

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/1/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer
File:                     588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.cer (raw, json)
Hash identifier:          2xWb3rajxwApC8oYbS2ESCONOUyBkrWp3McCz4QM26E=
Subject key identifier:   58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69
Authority key identifier: 60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4
Certificate issuer:       /CN=A91862140000/serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
Certificate serial:       4E09EE55CA097F51BB8346583A68B08347647012
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
Manifest:                 rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft
caRepository:             rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/
Notify URL:               https://repo-rpki.idnic.net/rrdp/notification.xml
Certificate not before:   Mon 30 Jun 2025 16:58:56 +0000
Certificate not after:    Mon 29 Jun 2026 17:03:56 +0000
Subordinate resources:    IP: 160.22.12.0/23
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 04 Jul 2025 19:22:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:09:ee:55:ca:09:7f:51:bb:83:46:58:3a:68:b0:83:47:64:70:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000, serialNumber=60F8BE9C16625C424B269EE06C64A83BAB8506D4
        Validity
            Not Before: Jun 30 16:58:56 2025 GMT
            Not After : Jun 29 17:03:56 2026 GMT
        Subject: CN=588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:4c:59:ff:f8:7b:d8:46:2c:e6:94:df:c4:a2:
                    2d:42:eb:98:41:68:02:7f:08:8b:50:c6:d1:74:58:
                    c6:ee:8e:d7:b0:be:15:fc:6b:78:75:1f:f4:18:fa:
                    18:71:08:4c:cd:38:ff:93:84:d6:5d:fb:93:0d:37:
                    b2:d7:47:4b:74:c8:3a:44:13:19:93:99:e1:3f:aa:
                    35:e8:3a:50:9f:29:ce:43:28:83:49:2d:f3:39:94:
                    b9:2a:09:58:46:4e:09:28:41:ab:4d:e2:8d:f4:02:
                    1d:7d:8b:f0:e6:c5:a4:49:d7:24:60:67:89:af:ed:
                    3e:a7:2c:5b:04:01:20:aa:4c:2f:7b:ef:d1:aa:63:
                    97:00:61:36:98:5c:e1:7e:80:8f:ae:12:f2:03:fb:
                    cd:85:52:48:14:5b:f1:b0:73:7d:f4:2c:69:a1:b5:
                    28:ca:6d:c5:05:c0:97:4e:24:99:06:8a:d7:08:8b:
                    7a:19:54:10:21:62:b4:a0:c5:ee:59:fb:b8:4f:e5:
                    fd:cf:f0:bd:13:5d:92:09:d8:a2:db:cf:b7:00:76:
                    50:27:e5:6d:c7:09:31:6b:8b:50:32:68:5c:ab:c7:
                    1f:80:e2:2c:af:68:e6:5d:e9:9f:89:aa:a7:63:fa:
                    de:a9:a4:13:5c:4d:a8:34:7f:0e:d6:71:ee:80:c5:
                    a7:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                58:8D:D0:FC:E4:BC:24:3C:C9:C6:D6:8A:E0:4E:84:67:E0:E4:D0:69
            X509v3 Authority Key Identifier:
                keyid:60:F8:BE:9C:16:62:5C:42:4B:26:9E:E0:6C:64:A8:3B:AB:85:06:D4

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0
                RPKI Manifest - URI:rsync://repo-rpki.idnic.net/repo/0199e541-1861-4d6a-8e28-b02845861496/0/588DD0FCE4BC243CC9C6D68AE04E8467E0E4D069.mft
                RPKI Notify - URI:https://repo-rpki.idnic.net/rrdp/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.22.12.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5f:08:90:e4:13:78:fd:c0:27:6c:e4:cb:39:ca:74:94:a7:80:
         eb:40:a8:7a:3b:59:f1:19:68:a6:95:f5:b3:25:45:31:50:6a:
         65:bd:a6:f9:38:9b:90:1e:2a:a4:83:ee:e5:0d:d8:94:dc:33:
         58:84:aa:98:50:9d:75:bb:3d:56:a9:fa:64:9d:6e:cb:3f:8e:
         66:83:5a:77:3b:10:e4:99:80:88:05:58:c1:4f:52:2f:65:40:
         88:0c:96:9b:df:d6:75:ea:85:d0:0d:42:c9:d4:94:be:4f:32:
         4c:89:1e:fe:45:4a:d1:ea:96:e5:e0:2a:d6:a4:7e:88:6d:f7:
         43:22:9d:e3:49:28:27:0b:53:b8:8a:58:6c:b6:a0:92:8e:08:
         69:41:bd:94:87:8e:ea:13:49:c4:9f:9a:b3:d1:bc:fe:d6:10:
         5c:b2:5d:48:9b:d8:91:53:75:b7:c6:7b:70:5d:7b:d5:1d:51:
         0f:cb:84:80:92:34:a4:bc:25:32:e9:c5:44:47:0e:c5:0c:9c:
         4a:a3:13:1c:19:43:6e:8e:70:b6:b5:53:88:22:a4:e9:e7:dc:
         77:bd:2c:73:74:18:8c:60:0d:fb:78:47:b3:54:58:8b:ae:9b:
         98:8e:6a:aa:b7:af:5c:42:a9:3f:86:5e:b2:75:92:71:40:1f:
         97:49:ca:70
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUTgnuVcoJf1G7g0ZYOmiwg0dkcBIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyg2MEY4QkU5QzE2
NjI1QzQyNEIyNjlFRTA2QzY0QTgzQkFCODUwNkQ0MB4XDTI1MDYzMDE2NTg1NloX
DTI2MDYyOTE3MDM1NlowMzExMC8GA1UEAxMoNTg4REQwRkNFNEJDMjQzQ0M5QzZE
NjhBRTA0RTg0NjdFMEU0RDA2OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVMWf/4e9hGLOaU38SiLULrmEFoAn8Ii1DG0XRYxu6O17C+FfxreHUf9Bj6
GHEITM04/5OE1l37kw03stdHS3TIOkQTGZOZ4T+qNeg6UJ8pzkMog0kt8zmUuSoJ
WEZOCShBq03ijfQCHX2L8ObFpEnXJGBnia/tPqcsWwQBIKpML3vv0apjlwBhNphc
4X6Aj64S8gP7zYVSSBRb8bBzffQsaaG1KMptxQXAl04kmQaK1wiLehlUECFitKDF
7ln7uE/l/c/wvRNdkgnYotvPtwB2UCflbccJMWuLUDJoXKvHH4DiLK9o5l3pn4mq
p2P63qmkE1xNqDR/DtZx7oDFp68CAwEAAaOCArgwggK0MA8GA1UdEwEB/wQFMAMB
Af8wHQYDVR0OBBYEFFiN0PzkvCQ8ycbWiuBOhGfg5NBpMB8GA1UdIwQYMBaAFGD4
vpwWYlxCSyae4GxkqDurhQbUMA4GA1UdDwEB/wQEAwIBBjBpBgNVHR8EYjBgMF6g
XKBahlhyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9JRE5JQy1JRC8x
LzYwRjhCRTlDMTY2MjVDNDI0QjI2OUVFMDZDNjRBODNCQUI4NTA2RDQuY3JsMH4G
CCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL1lQ
aS1uQlppWEVKTEpwN2diR1NvTzZ1RkJ0US5jZXIwggEpBggrBgEFBQcBCwSCARsw
ggEXMFMGCCsGAQUFBzAFhkdyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVw
by8wMTk5ZTU0MS0xODYxLTRkNmEtOGUyOC1iMDI4NDU4NjE0OTYvMDCBgAYIKwYB
BQUHMAqGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzAxOTllNTQx
LTE4NjEtNGQ2YS04ZTI4LWIwMjg0NTg2MTQ5Ni8wLzU4OEREMEZDRTRCQzI0M0ND
OUM2RDY4QUUwNEU4NDY3RTBFNEQwNjkubWZ0MD0GCCsGAQUFBzANhjFodHRwczov
L3JlcG8tcnBraS5pZG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAGgFgwwDQYJKoZIhvcNAQELBQADggEBAF8IkOQTeP3AJ2zkyznKdJSngOtAqHo7
WfEZaKaV9bMlRTFQamW9pvk4m5AeKqSD7uUN2JTcM1iEqphQnXW7PVap+mSdbss/
jmaDWnc7EOSZgIgFWMFPUi9lQIgMlpvf1nXqhdANQsnUlL5PMkyJHv5FStHqluXg
Ktakfoht90MineNJKCcLU7iKWGy2oJKOCGlBvZSHjuoTScSfmrPRvP7WEFyyXUib
2JFTdbfGe3Bde9UdUQ/LhICSNKS8JTLpxURHDsUMnEqjExwZQ26OcLa1U4gipOnn
3He9LHN0GIxgDft4R7NUWIuum5iOaqq3r1xCqT+GXrJ1knFAH5dJynA=
-----END CERTIFICATE-----
Generated at Tue Jul 1 17:57:35 2025 by rpki-client