Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9_nYpDVdZzudTn8VXTp45eZg_qU.cer
File:                     9_nYpDVdZzudTn8VXTp45eZg_qU.cer (raw, json)
Hash identifier:          xk95CQ3TNgpNF9z9b6+i1cDNRsjJy0m1I5OWdX79cy0=
Subject key identifier:   F7:F9:D8:A4:35:5D:67:3B:9D:4E:7F:15:5D:3A:78:E5:E6:60:FE:A5
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer:       /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial:       43BD
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/9_nYpDVdZzudTn8VXTp45eZg_qU.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sun 19 Nov 2023 13:30:05 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    IP: 178.160.128.0/18

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 02:50:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17341 (0x43bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
        Validity
            Not Before: Nov 19 13:30:05 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A9136DD6/serialNumber=F7F9D8A4355D673B9D4E7F155D3A78E5E660FEA5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:9b:0c:3e:9f:0a:35:71:1d:4a:e0:3e:9b:65:
                    f6:8b:1b:51:01:5f:b5:48:67:4a:4d:84:0a:2c:4f:
                    1f:32:32:f5:21:54:59:94:f2:73:4c:be:12:1e:4f:
                    d4:a1:65:dc:8c:28:56:50:a8:db:27:ff:e3:79:26:
                    bb:72:43:62:28:a9:d7:8b:06:75:aa:57:4e:ac:92:
                    44:7a:cd:f3:65:d8:fa:04:c3:55:20:61:00:a7:da:
                    c0:7c:d6:da:55:34:c3:ee:09:33:ba:65:1d:2f:95:
                    62:a5:cb:70:97:32:a6:9e:65:b6:bc:68:33:a6:49:
                    0a:7f:14:ba:e2:6d:06:39:be:c2:47:8f:ff:c0:77:
                    d1:8b:24:b4:97:72:58:db:44:d3:00:05:a6:7c:96:
                    9d:2b:e0:cd:67:f5:31:aa:2e:e9:ce:43:02:fb:37:
                    d6:f0:5c:67:07:21:11:ce:9d:e6:55:0b:4d:39:9d:
                    09:82:7c:0b:7b:f5:e9:04:eb:30:e1:a5:62:d9:97:
                    2e:bc:0a:a5:69:cb:24:68:0d:fb:ae:8e:70:a3:4c:
                    53:9d:a1:7e:4c:74:db:7e:41:dd:67:a3:ff:6a:a8:
                    59:c8:47:30:d0:23:01:74:3a:32:ed:f7:d0:cf:41:
                    e9:ab:1f:eb:b9:5d:45:4e:a7:2c:f3:0a:1f:df:8c:
                    6a:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:F9:D8:A4:35:5D:67:3B:9D:4E:7F:15:5D:3A:78:E5:E6:60:FE:A5
            X509v3 Authority Key Identifier:
                keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9136DD6/D162E03A3D3A11ECBEF77C76C4F9AE02/9_nYpDVdZzudTn8VXTp45eZg_qU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  178.160.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         a7:37:87:1d:59:a8:10:34:b3:48:a3:d5:89:84:60:39:ff:a4:
         8b:ae:8d:e6:54:42:39:1f:3c:17:32:7b:03:ae:70:1c:c1:07:
         21:2b:b9:e2:4e:a8:02:d1:38:4b:91:09:9e:ed:ce:eb:30:27:
         7b:d4:4b:18:e2:64:87:ff:9f:81:35:77:ab:4a:e2:74:46:89:
         e9:1d:78:d6:1c:d1:67:c6:e5:8d:c4:20:27:79:4f:a6:61:a8:
         0d:23:2c:47:0f:af:02:09:06:c4:fe:ba:19:ae:82:a0:4d:bb:
         c3:3c:8b:b9:fe:79:8d:71:ad:c0:3e:04:6a:a1:04:69:78:50:
         40:57:5c:9c:57:8b:f0:58:c1:78:07:d7:b1:6f:0b:7e:da:cf:
         1d:80:b8:3b:bd:b9:8b:9e:12:9c:cb:96:97:fd:b9:d2:de:04:
         07:14:62:2f:b1:e4:af:fb:2f:bc:64:10:39:92:61:63:34:8f:
         38:36:8d:65:5d:9e:47:84:b0:00:68:96:c2:01:73:37:cb:d4:
         00:80:cf:b4:98:04:d2:f2:81:d7:c7:65:39:f7:25:42:55:ed:
         a0:97:11:62:51:52:71:5c:e4:48:2f:42:a9:0a:83:1e:a1:f8:
         51:06:f0:28:7b:4a:93:3e:78:6f:cc:03:68:d1:aa:30:83:ed:
         13:54:58:67
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICQ70wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjMxMTE5MTMzMDA1WhcNMjUwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEzNkRENjExMC8GA1UEBRMoRjdGOUQ4QTQzNTVENjczQjlENEU3RjE1
NUQzQTc4RTVFNjYwRkVBNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AN6bDD6fCjVxHUrgPptl9osbUQFftUhnSk2ECixPHzIy9SFUWZTyc0y+Eh5P1KFl
3IwoVlCo2yf/43kmu3JDYiip14sGdapXTqySRHrN82XY+gTDVSBhAKfawHzW2lU0
w+4JM7plHS+VYqXLcJcypp5ltrxoM6ZJCn8UuuJtBjm+wkeP/8B30YsktJdyWNtE
0wAFpnyWnSvgzWf1Maou6c5DAvs31vBcZwchEc6d5lULTTmdCYJ8C3v16QTrMOGl
YtmXLrwKpWnLJGgN+66OcKNMU52hfkx0235B3Wej/2qoWchHMNAjAXQ6Mu330M9B
6asf67ldRU6nLPMKH9+MajkCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBT3+dikNV1n
O51OfxVdOnjl5mD+pTAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzZERDYvRDE2MkUwM0EzRDNBMTFFQ0JFRjc3Qzc2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM2REQ2L0QxNjJFMDNBM0QzQTExRUNCRUY3N0M3NkM0RjlBRTAyLzlfbllwRFZk
Wnp1ZFRuOFZYVHA0NWVaZ19xVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEBrKggDANBgkqhkiG9w0BAQsFAAOCAQEApzeHHVmoEDSzSKPViYRg
Of+ki66N5lRCOR88FzJ7A65wHMEHISu54k6oAtE4S5EJnu3O6zAne9RLGOJkh/+f
gTV3q0ridEaJ6R141hzRZ8bljcQgJ3lPpmGoDSMsRw+vAgkGxP66Ga6CoE27wzyL
uf55jXGtwD4EaqEEaXhQQFdcnFeL8FjBeAfXsW8LftrPHYC4O725i54SnMuWl/25
0t4EBxRiL7Hkr/svvGQQOZJhYzSPODaNZV2eR4SwAGiWwgFzN8vUAIDPtJgE0vKB
18dlOfclQlXtoJcRYlFScVzkSC9CqQqDHqH4UQbwKHtKkz54b8wDaNGqMIPtE1RY
Zw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:41 2024 by rpki-client on console-ams.rpki-client.org