Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/5o7RJO9le2eb0SpY-gNQFODf6Cc.cer
File:                     5o7RJO9le2eb0SpY-gNQFODf6Cc.cer (raw, json)
Hash identifier:          wuIVEBc+vpQJ7+prT4xA8Zw+BuTZCfbyGw2g7Vd1Cn4=
Subject key identifier:   E6:8E:D1:24:EF:65:7B:67:9B:D1:2A:58:FA:03:50:14:E0:DF:E8:27
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer:       /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial:       4A1D
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9191A09/3C412C36BF3911E9897D7C2EC4F9AE02/5o7RJO9le2eb0SpY-gNQFODf6Cc.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9191A09/3C412C36BF3911E9897D7C2EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 29 Jan 2025 17:56:33 +0000
Certificate not after:    Mon 02 Mar 2026 00:00:00 +0000
Subordinate resources:    IP: 185.175.228.0/22
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18973 (0x4a1d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE
        Validity
            Not Before: Jan 29 17:56:33 2025 GMT
            Not After : Mar  2 00:00:00 2026 GMT
        Subject: CN=A9191A09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:12:c4:74:6e:f9:26:01:a3:96:1e:66:ff:22:
                    fa:de:8e:99:95:48:e9:a8:dd:ae:d6:79:13:41:f9:
                    c2:64:02:00:9f:ea:99:26:c5:7b:2a:8d:9e:0b:1f:
                    6e:82:0a:c3:06:60:df:01:65:00:35:bd:dd:f6:93:
                    a8:47:b1:a8:b3:46:43:62:f8:3c:cb:0c:a5:9d:a7:
                    70:9e:2a:f0:2e:d0:41:a2:91:8b:33:13:3d:c5:5d:
                    9c:a1:cb:e9:d3:d9:32:72:62:44:97:ec:69:91:cd:
                    72:67:91:df:9d:c3:62:7f:af:11:1d:e8:b0:43:69:
                    ea:aa:3f:89:ae:a8:c6:3e:0d:7d:10:2d:ec:2d:d2:
                    68:5f:0e:86:a6:c2:e5:10:e0:9d:b5:23:34:7b:d0:
                    77:5d:9d:28:75:ab:45:86:12:9a:07:7e:0b:20:ae:
                    34:d7:d8:c9:b5:2c:f3:a1:0b:43:63:92:06:9e:03:
                    3a:ff:32:b5:bd:3a:01:ae:54:88:69:13:7e:0d:6e:
                    d2:18:3c:a3:28:22:35:94:ab:99:1a:bf:a3:3e:8c:
                    1c:15:ca:8c:14:54:46:6b:b2:f5:4d:25:97:e6:44:
                    dc:30:24:4c:57:aa:e4:41:8d:98:bc:e5:e4:a2:bf:
                    50:40:00:1c:34:dc:a5:f4:5b:1e:e2:23:0b:e3:db:
                    23:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:8E:D1:24:EF:65:7B:67:9B:D1:2A:58:FA:03:50:14:E0:DF:E8:27
            X509v3 Authority Key Identifier:
                keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9191A09/3C412C36BF3911E9897D7C2EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9191A09/3C412C36BF3911E9897D7C2EC4F9AE02/5o7RJO9le2eb0SpY-gNQFODf6Cc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.175.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         53:9a:00:c3:4d:e7:a2:28:a5:84:d4:e3:8f:39:32:7c:8a:71:
         3f:77:db:5b:d8:8a:b2:6a:d9:fe:51:a4:ca:5f:b4:5c:17:80:
         ba:49:e5:81:dc:9d:ce:3b:c3:0a:5f:bc:4e:52:0f:ae:6a:73:
         ec:01:27:25:05:d9:90:90:5e:2b:ce:d7:eb:2b:0f:b8:fe:a1:
         b4:8f:fb:fa:55:93:2f:88:28:b1:15:f4:ca:cb:71:fc:e5:04:
         36:6d:19:11:31:b9:eb:3a:4d:ab:1f:82:1c:7b:8c:91:b4:cd:
         34:e6:f7:db:81:44:9f:dc:3c:e5:4f:4a:75:d7:b3:c9:05:5e:
         e4:e5:09:4d:d0:e7:3f:3b:ad:33:02:78:05:b2:fe:0e:50:20:
         e2:f4:d7:a5:8a:44:1b:60:e3:02:53:2f:6e:49:6b:a8:c6:73:
         15:b3:e9:dd:cc:52:53:24:08:de:4a:9e:78:c4:67:09:20:de:
         31:10:66:a2:20:5c:1d:f6:c7:ed:6f:88:8a:59:f3:08:c7:a7:
         84:20:2c:1f:b1:bd:d6:0f:a4:fe:c0:86:bf:cd:38:25:e5:ff:
         d5:1b:c4:0f:d9:ed:a2:ac:fd:47:76:62:f3:97:e4:b0:3e:a0:
         fe:0f:25:f6:29:77:24:db:f4:a6:3a:61:dc:23:65:cb:4c:34:
         98:dc:e0:56
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICSh0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjUwMTI5MTc1NjMzWhcNMjYwMzAyMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE5MUEwOTExMC8GA1UEBRMoRTY4RUQxMjRFRjY1N0I2NzlCRDEyQTU4
RkEwMzUwMTRFMERGRTgyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM4SxHRu+SYBo5YeZv8i+t6OmZVI6ajdrtZ5E0H5wmQCAJ/qmSbFeyqNngsfboIK
wwZg3wFlADW93faTqEexqLNGQ2L4PMsMpZ2ncJ4q8C7QQaKRizMTPcVdnKHL6dPZ
MnJiRJfsaZHNcmeR353DYn+vER3osENp6qo/ia6oxj4NfRAt7C3SaF8OhqbC5RDg
nbUjNHvQd12dKHWrRYYSmgd+CyCuNNfYybUs86ELQ2OSBp4DOv8ytb06Aa5UiGkT
fg1u0hg8oygiNZSrmRq/oz6MHBXKjBRURmuy9U0ll+ZE3DAkTFeq5EGNmLzl5KK/
UEAAHDTcpfRbHuIjC+PbI7cCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTmjtEk72V7
Z5vRKlj6A1AU4N/oJzAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTFBMDkvM0M0MTJDMzZCRjM5MTFFOTg5N0Q3QzJFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTkxQTA5LzNDNDEyQzM2QkYzOTExRTk4OTdEN0MyRUM0RjlBRTAyLzVvN1JKTzls
ZTJlYjBTcFktZ05RRk9EZjZDYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEArmv5DANBgkqhkiG9w0BAQsFAAOCAQEAU5oAw03noiilhNTjjzky
fIpxP3fbW9iKsmrZ/lGkyl+0XBeAuknlgdydzjvDCl+8TlIPrmpz7AEnJQXZkJBe
K87X6ysPuP6htI/7+lWTL4gosRX0ystx/OUENm0ZETG56zpNqx+CHHuMkbTNNOb3
24FEn9w85U9KddezyQVe5OUJTdDnPzutMwJ4BbL+DlAg4vTXpYpEG2DjAlMvbklr
qMZzFbPp3cxSUyQI3kqeeMRnCSDeMRBmoiBcHfbH7W+IilnzCMenhCAsH7G91g+k
/sCGv804JeX/1RvED9ntoqz9R3Zi85fksD6g/g8l9il3JNv0pjph3CNly0w0mNzg
Vg==
-----END CERTIFICATE-----