Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/k2oPrvem_YPCbO4eXPs6Qv9I4YA.cer
File:                     k2oPrvem_YPCbO4eXPs6Qv9I4YA.cer (raw, json)
Hash identifier:          J2XZYf2A1nyvrF4G6+Qg0aaY++mLyEatnZ1Qmbo7dp8=
Subject key identifier:   93:6A:0F:AE:F7:A6:FD:83:C2:6C:EE:1E:5C:FB:3A:42:FF:48:E1:80
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       0152F4
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91F635F/B87B64FC6F4811E8B1585164C4F9AE02/k2oPrvem_YPCbO4eXPs6Qv9I4YA.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91F635F/B87B64FC6F4811E8B1585164C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 02 May 2022 22:50:13 +0000
Certificate not after:    Mon 01 May 2023 00:00:00 +0000
Subordinate resources:    AS: 38895
                          IP: 27.0.0.0/22
                          IP: 43.198.0.0 -- 43.221.255.255
                          IP: 43.249.44.0/22
                          IP: 103.246.148.0/22
                          IP: 203.83.220.0/22
                          IP: 2406:da00::/24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 86772 (0x152f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May  2 22:50:13 2022 GMT
            Not After : May  1 00:00:00 2023 GMT
        Subject: CN=A91F635F/serialNumber=936A0FAEF7A6FD83C26CEE1E5CFB3A42FF48E180
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:f1:f1:19:23:72:f0:17:4a:c6:52:85:33:33:
                    5f:b8:51:29:cf:36:49:91:11:9c:fe:2b:b2:98:f3:
                    98:f5:8c:3f:b8:b6:14:61:5f:c0:15:31:f0:47:34:
                    fd:03:73:3f:e8:8d:e4:de:15:b3:2f:15:56:e5:4c:
                    a0:73:4e:d2:19:0d:ed:55:94:66:93:49:27:e1:63:
                    af:bb:63:b5:47:35:04:22:ec:26:c8:a3:0b:0d:b7:
                    85:d1:63:5d:31:d4:74:27:28:82:b0:78:73:0f:b5:
                    99:64:22:fc:60:16:e2:37:bc:6a:bc:a3:fb:86:a9:
                    66:61:8b:41:ca:fc:38:7c:bb:9c:3c:62:3f:c6:9a:
                    70:e9:27:50:2d:76:6c:53:90:bd:e7:ae:2e:5d:df:
                    14:1e:3d:d6:4a:5b:55:f2:a3:03:1f:21:7d:09:cb:
                    26:ec:0c:4d:9c:cb:52:8c:c1:ff:d1:3f:ac:d7:00:
                    fe:4f:e4:01:e1:04:ef:87:d0:98:e3:14:88:2f:a1:
                    d0:a4:ab:a8:63:4b:c1:b4:3a:9a:d5:c5:b0:fe:27:
                    7c:d1:6f:0e:fa:e1:a5:21:c7:64:c6:e2:e4:49:76:
                    dd:89:91:03:1a:c1:9e:06:da:14:12:53:d5:2d:53:
                    9e:aa:4f:15:bb:fa:4c:18:f8:09:9c:1c:9c:be:45:
                    8a:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:6A:0F:AE:F7:A6:FD:83:C2:6C:EE:1E:5C:FB:3A:42:FF:48:E1:80
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F635F/B87B64FC6F4811E8B1585164C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F635F/B87B64FC6F4811E8B1585164C4F9AE02/k2oPrvem_YPCbO4eXPs6Qv9I4YA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  38895

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.0.0.0/22
                  43.198.0.0-43.221.255.255
                  43.249.44.0/22
                  103.246.148.0/22
                  203.83.220.0/22
                IPv6:
                  2406:da00::/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:5f:42:8a:b4:d7:f8:9f:fa:35:34:54:26:3f:7e:bf:f0:5b:
         7f:cd:20:da:c3:cb:e3:c0:33:ec:8f:50:f6:3e:04:1a:13:2c:
         0e:f9:15:79:8e:7f:77:50:d8:81:ab:b9:ac:47:87:ca:d8:45:
         8c:dd:b2:bf:e0:ae:ae:f3:fe:e4:0d:f0:0b:72:f8:39:f5:54:
         2f:08:c8:7c:f1:86:4d:a7:a2:0e:7b:2a:ce:08:46:9b:9b:c9:
         82:08:fe:0a:a7:c2:40:9b:fb:64:77:ea:9a:40:e0:ba:73:1d:
         35:2b:e8:e1:a3:6d:4e:b1:f3:46:e8:de:cc:43:8e:65:cb:23:
         78:24:b8:e9:6c:32:9b:98:81:cc:53:25:26:d1:1c:be:d9:40:
         48:7e:ed:31:58:19:b6:d2:20:d0:b4:fd:81:4c:13:d4:61:d9:
         16:82:88:8f:4a:92:67:da:66:2b:7c:a2:97:40:6d:5b:23:76:
         d2:c3:76:ef:3a:77:04:67:a9:ba:af:c5:cf:63:70:fb:aa:1c:
         2a:56:c8:dd:88:9b:58:a2:2d:6a:65:59:16:9d:a4:da:69:fe:
         29:5b:53:20:01:e8:1a:1d:fc:64:d4:4e:c3:79:dd:f0:8f:be:
         54:3b:f4:c3:09:13:63:08:90:8d:4e:91:2b:19:4a:10:61:73:
         42:38:a9:75
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIDAVL0MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIyMDUwMjIyNTAxM1oXDTIzMDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRjYzNUYxMTAvBgNVBAUTKDkzNkEwRkFFRjdBNkZEODNDMjZDRUUx
RTVDRkIzQTQyRkY0OEUxODAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCg8fEZI3LwF0rGUoUzM1+4USnPNkmREZz+K7KY85j1jD+4thRhX8AVMfBHNP0D
cz/ojeTeFbMvFVblTKBzTtIZDe1VlGaTSSfhY6+7Y7VHNQQi7CbIowsNt4XRY10x
1HQnKIKweHMPtZlkIvxgFuI3vGq8o/uGqWZhi0HK/Dh8u5w8Yj/GmnDpJ1AtdmxT
kL3nri5d3xQePdZKW1XyowMfIX0JyybsDE2cy1KMwf/RP6zXAP5P5AHhBO+H0Jjj
FIgvodCkq6hjS8G0OprVxbD+J3zRbw764aUhx2TG4uRJdt2JkQMawZ4G2hQSU9Ut
U56qTxW7+kwY+AmcHJy+RYrpAgMBAAGjggM7MIIDNzAdBgNVHQ4EFgQUk2oPrvem
/YPCbO4eXPs6Qv9I4YAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUY2MzVGL0I4N0I2NEZDNkY0ODExRThCMTU4NTE2NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGNjM1Ri9CODdCNjRGQzZGNDgxMUU4QjE1ODUxNjRDNEY5QUUwMi9rMm9QcnZl
bV9ZUENiTzRlWFBzNlF2OUk0WUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAJfvMEsGCCsGAQUFBwEHAQH/BDwwOjAqBAIAATAkAwQCGwAAMAoDAwEr
xgMDASvcAwQCK/ksAwQCZ/aUAwQCy1PcMAwEAgACMAYDBAAkBtowDQYJKoZIhvcN
AQELBQADggEBALdfQoq01/if+jU0VCY/fr/wW3/NINrDy+PAM+yPUPY+BBoTLA75
FXmOf3dQ2IGruaxHh8rYRYzdsr/grq7z/uQN8Aty+Dn1VC8IyHzxhk2nog57Ks4I
RpubyYII/gqnwkCb+2R36ppA4LpzHTUr6OGjbU6x80bo3sxDjmXLI3gkuOlsMpuY
gcxTJSbRHL7ZQEh+7TFYGbbSINC0/YFME9Rh2RaCiI9KkmfaZit8opdAbVsjdtLD
du86dwRnqbqvxc9jcPuqHCpWyN2Im1iiLWplWRadpNpp/ilbUyAB6Bod/GTUTsN5
3fCPvlQ79MMJE2MIkI1OkSsZShBhc0I4qXU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:17 2023 by rpki-client on console-fra.rpki-client.org