Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/9lz9HPOxxajqYIcfo8NAYdtM84M.cer
File:                     9lz9HPOxxajqYIcfo8NAYdtM84M.cer (raw, json)
Hash identifier:          MTRyUuQW5L5rZMK/g+Kf9GXHevF9t7c5qbN3Butgpw0=
Subject key identifier:   F6:5C:FD:1C:F3:B1:C5:A8:EA:60:87:1F:A3:C3:40:61:DB:4C:F3:83
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer:       /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial:       4453
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9195BA9/CEE6882237BE11EEA640AB55C4F9AE02/9lz9HPOxxajqYIcfo8NAYdtM84M.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9195BA9/CEE6882237BE11EEA640AB55C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 17:55:14 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 195.133.128.0/20

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 02:50:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17491 (0x4453)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
        Validity
            Not Before: Jan  1 17:55:14 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A9195BA9/serialNumber=F65CFD1CF3B1C5A8EA60871FA3C34061DB4CF383
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:1c:bc:8b:f5:e9:7f:4c:b4:67:96:2c:12:cd:
                    9e:ad:80:85:44:32:94:03:76:11:a2:55:4e:b1:01:
                    06:99:4d:6a:50:dc:1c:1f:ef:13:cd:49:5f:93:c3:
                    10:6e:94:0b:56:f5:d6:89:6c:c0:4b:2f:53:c2:92:
                    b3:a7:b7:fa:70:7d:4c:d4:e6:a6:3e:45:74:51:06:
                    ad:19:95:73:65:63:e4:a9:c1:8a:52:e7:67:87:28:
                    c5:6e:eb:84:a4:82:83:19:0c:e7:b0:3e:2d:12:44:
                    72:cf:24:ef:15:68:72:8d:d6:19:bb:b2:25:98:67:
                    9b:91:92:2f:43:43:ee:62:d7:7e:1d:45:b8:69:0a:
                    8b:67:8e:77:3e:01:bd:6e:6b:17:74:d4:ab:63:ec:
                    14:f6:b3:1a:d4:1c:05:dc:a3:7c:ae:15:67:04:2e:
                    96:58:3d:e7:f5:ad:f8:13:d1:d1:f1:87:6e:3a:04:
                    e6:c9:23:a6:3f:2f:74:87:b8:7e:f7:58:57:12:f5:
                    4d:12:2d:bf:35:52:e4:38:16:f2:17:6b:23:8b:35:
                    16:c2:0c:73:48:35:07:e5:78:ee:79:0b:93:d8:27:
                    7c:c4:af:20:04:e6:b0:88:a0:91:27:67:8b:a8:69:
                    6b:75:d3:40:cd:1f:cd:98:ad:b5:33:42:d3:33:a0:
                    c7:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:5C:FD:1C:F3:B1:C5:A8:EA:60:87:1F:A3:C3:40:61:DB:4C:F3:83
            X509v3 Authority Key Identifier:
                keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9195BA9/CEE6882237BE11EEA640AB55C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9195BA9/CEE6882237BE11EEA640AB55C4F9AE02/9lz9HPOxxajqYIcfo8NAYdtM84M.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  195.133.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         26:05:66:57:20:b0:b9:7c:5f:b4:8d:11:39:1e:ff:95:c1:08:
         82:5b:4b:f2:c8:da:ae:4b:31:10:79:54:d8:4b:41:a3:50:6e:
         2d:17:7f:2c:c9:b0:aa:64:8a:10:7f:cc:bf:95:79:49:47:8b:
         66:20:91:17:24:26:05:af:ed:92:bf:50:3a:4a:df:81:c4:92:
         61:60:0d:f6:2e:26:ed:38:25:ef:92:48:21:89:0b:91:7d:b0:
         70:2d:26:00:a5:9e:49:ec:33:11:2a:dc:16:8e:94:e2:e6:60:
         86:da:58:2c:df:0f:7c:40:e2:04:a5:02:7d:2d:75:3c:66:e4:
         d6:31:77:75:43:6a:e1:bd:d7:a6:6b:3e:c4:2c:ac:ae:ef:3d:
         11:b3:e8:30:21:af:c2:6a:bc:e1:83:7c:36:55:ee:53:03:4c:
         91:f0:fa:d3:70:60:1d:ce:79:8c:a1:90:4d:13:d8:19:cb:8a:
         9c:8c:a8:72:d7:f0:50:0d:2b:7d:04:ec:06:74:67:9a:0e:40:
         5b:c1:e9:de:a8:07:83:26:f9:32:49:8a:6f:56:cc:0a:ff:cb:
         39:ca:24:c6:34:ab:40:6b:37:68:9b:45:d8:ed:65:59:62:79:
         66:c3:a7:4a:6a:ab:d2:df:d1:fd:1c:02:4b:c4:66:56:42:e2:
         4a:b0:85:f0
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICRFMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjQwMTAxMTc1NTE0WhcNMjUwMzAyMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE5NUJBOTExMC8GA1UEBRMoRjY1Q0ZEMUNGM0IxQzVBOEVBNjA4NzFG
QTNDMzQwNjFEQjRDRjM4MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AJMcvIv16X9MtGeWLBLNnq2AhUQylAN2EaJVTrEBBplNalDcHB/vE81JX5PDEG6U
C1b11olswEsvU8KSs6e3+nB9TNTmpj5FdFEGrRmVc2Vj5KnBilLnZ4coxW7rhKSC
gxkM57A+LRJEcs8k7xVoco3WGbuyJZhnm5GSL0ND7mLXfh1FuGkKi2eOdz4BvW5r
F3TUq2PsFPazGtQcBdyjfK4VZwQullg95/Wt+BPR0fGHbjoE5skjpj8vdIe4fvdY
VxL1TRItvzVS5DgW8hdrI4s1FsIMc0g1B+V47nkLk9gnfMSvIATmsIigkSdni6hp
a3XTQM0fzZittTNC0zOgxzkCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBT2XP0c87HF
qOpghx+jw0Bh20zzgzAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTVCQTkvQ0VFNjg4MjIzN0JFMTFFRUE2NDBBQjU1QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk1QkE5L0NFRTY4ODIyMzdCRTExRUVBNjQwQUI1NUM0RjlBRTAyLzlsejlIUE94
eGFqcVlJY2ZvOE5BWWR0TTg0TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEBMOFgDANBgkqhkiG9w0BAQsFAAOCAQEAJgVmVyCwuXxftI0ROR7/
lcEIgltL8sjarksxEHlU2EtBo1BuLRd/LMmwqmSKEH/Mv5V5SUeLZiCRFyQmBa/t
kr9QOkrfgcSSYWAN9i4m7Tgl75JIIYkLkX2wcC0mAKWeSewzESrcFo6U4uZghtpY
LN8PfEDiBKUCfS11PGbk1jF3dUNq4b3Xpms+xCysru89EbPoMCGvwmq84YN8NlXu
UwNMkfD603BgHc55jKGQTRPYGcuKnIyoctfwUA0rfQTsBnRnmg5AW8Hp3qgHgyb5
MkmKb1bMCv/LOcokxjSrQGs3aJtF2O1lWWJ5ZsOnSmqr0t/R/RwCS8RmVkLiSrCF
8A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:53:04 2024 by rpki-client on console-fra.rpki-client.org