Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer
File:                     rehZrZQNGhc_pkzXBYZ9SH5nNog.cer (raw, json)
Hash identifier:          Xc39G5XcKqtfPyJwhqWVVmlaA1Ll9pwivRrp5XAguTU=
Subject key identifier:   AD:E8:59:AD:94:0D:1A:17:3F:A6:4C:D7:05:86:7D:48:7E:67:36:88
Authority key identifier: 0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8
Certificate issuer:       /CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
Certificate serial:       454E
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 05 Mar 2024 01:07:19 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    IP: 193.57.57.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 02 Dec 2024 14:50:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17742 (0x454e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0CFCE77857FCF01F39D99A62B4AA62E6159E76F8
        Validity
            Not Before: Mar  5 01:07:19 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A91FDAD4/serialNumber=ADE859AD940D1A173FA64CD705867D487E673688
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:bc:16:dd:ec:22:9d:33:e0:52:76:8a:d3:5c:
                    68:74:54:f7:61:1d:97:b2:fa:1b:45:53:19:3f:52:
                    97:ab:7d:00:41:f3:b7:06:28:63:2d:9b:ad:03:00:
                    09:43:fc:5f:dc:05:35:0a:be:f3:0c:c5:12:b8:7b:
                    4e:ec:ff:68:ad:d6:33:19:87:a0:a3:06:e9:9e:89:
                    50:18:3d:73:de:d6:57:f8:9d:ea:94:9f:81:14:cc:
                    2e:ae:dd:16:61:b4:ff:97:5e:fc:00:fd:80:1f:ad:
                    30:3e:b7:ee:a5:b9:df:eb:11:e8:f6:48:68:a3:57:
                    06:c8:a6:44:56:ab:fe:0e:47:6e:6f:7b:27:5c:b6:
                    a0:8d:ef:2d:cb:25:17:75:6c:b2:9f:b4:5c:04:60:
                    e4:70:96:50:78:f2:bd:ef:ce:b0:7d:96:3d:7d:8c:
                    5d:fc:93:17:3a:29:cf:73:73:d0:c0:5e:2e:2c:71:
                    27:e3:ec:cc:dc:55:3a:eb:71:e5:d3:36:fe:be:49:
                    52:bb:ce:20:9f:82:52:f0:71:da:78:56:d0:cd:4f:
                    a1:c4:22:43:ee:68:29:af:70:bb:8d:a3:17:b9:9e:
                    15:8c:93:68:10:c5:5f:ed:11:d7:13:5c:fc:84:3a:
                    4d:10:25:3f:3e:85:16:cf:0a:87:0c:17:bc:23:84:
                    d5:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:E8:59:AD:94:0D:1A:17:3F:A6:4C:D7:05:86:7D:48:7E:67:36:88
            X509v3 Authority Key Identifier:
                keyid:0C:FC:E7:78:57:FC:F0:1F:39:D9:9A:62:B4:AA:62:E6:15:9E:76:F8

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.57.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:d0:b2:98:28:8f:cc:b7:9e:29:99:c1:90:ce:12:a5:da:61:
         77:7b:b2:cc:69:f1:48:c7:ed:6a:7e:e0:4c:48:ac:35:8a:4d:
         10:76:9c:1a:a1:fd:9b:e3:ea:a2:ae:80:b9:25:ac:6b:09:79:
         f8:87:bd:ff:c3:33:35:94:b2:e7:d5:74:b2:65:37:da:19:b9:
         35:a3:32:21:8a:a6:fd:f1:2b:d1:87:56:af:21:b7:d8:f2:42:
         f9:df:5c:07:02:43:b4:43:d8:94:2f:07:ba:4c:da:ef:9c:23:
         cd:db:f1:eb:ad:52:68:88:33:57:ac:c6:9f:c4:36:48:ef:b9:
         63:e9:8f:0f:aa:d2:53:a6:39:ca:1c:86:78:90:bd:19:c1:66:
         53:45:5e:79:9c:a1:54:24:70:c8:15:ec:cb:05:83:cb:b3:eb:
         ef:20:c4:35:fa:08:06:f8:90:20:94:b2:0c:cd:ce:4c:f1:8c:
         e1:99:33:1f:34:84:17:ed:58:1a:fa:bc:a1:d6:70:89:b1:7f:
         18:b3:21:d9:df:57:b8:dc:a8:4b:0c:bd:25:11:2f:da:8f:e0:
         e7:de:5a:dc:e4:42:20:05:dd:10:4d:c7:01:d3:1b:77:12:70:
         b0:1d:05:81:cb:c2:af:96:be:73:db:f3:75:1b:10:bc:a0:bc:
         58:65:97:f1
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICRU4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDBDRkNFNzc4NTdGQ0YwMUYzOUQ5OUE2MkI0QUE2MkU2
MTU5RTc2RjgwHhcNMjQwMzA1MDEwNzE5WhcNMjUwNTAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFGREFENDExMC8GA1UEBRMoQURFODU5QUQ5NDBEMUExNzNGQTY0Q0Q3
MDU4NjdENDg3RTY3MzY4ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKC8Ft3sIp0z4FJ2itNcaHRU92Edl7L6G0VTGT9Sl6t9AEHztwYoYy2brQMACUP8
X9wFNQq+8wzFErh7Tuz/aK3WMxmHoKMG6Z6JUBg9c97WV/id6pSfgRTMLq7dFmG0
/5de/AD9gB+tMD637qW53+sR6PZIaKNXBsimRFar/g5Hbm97J1y2oI3vLcslF3Vs
sp+0XARg5HCWUHjyve/OsH2WPX2MXfyTFzopz3Nz0MBeLixxJ+PszNxVOutx5dM2
/r5JUrvOIJ+CUvBx2nhW0M1PocQiQ+5oKa9wu42jF7meFYyTaBDFX+0R1xNc/IQ6
TRAlPz6FFs8KhwwXvCOE1VcCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSt6FmtlA0a
Fz+mTNcFhn1Ifmc2iDAfBgNVHSMEGDAWgBQM/Od4V/zwHznZmmK0qmLmFZ52+DAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjMyMkE1RjQxRDY2
MTFFMkEzRjI3RjdDNzJGRDFGRjIvRFB6bmVGZjg4Qjg1MlpwaXRLcGk1aFdlZHZn
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9EUHpuZUZmODhCODUyWnBpdEtwaTVoV2VkdmcuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkRBRDQvQzg1RTgzN0E0Mzk5MTFFRDgzOUQ3MjBFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUZEQUQ0L0M4NUU4MzdBNDM5OTExRUQ4MzlENzIwRUM0RjlBRTAyL3JlaFpyWlFO
R2hjX3BrelhCWVo5U0g1bk5vZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAME5OTANBgkqhkiG9w0BAQsFAAOCAQEAYNCymCiPzLeeKZnBkM4S
pdphd3uyzGnxSMftan7gTEisNYpNEHacGqH9m+Pqoq6AuSWsawl5+Ie9/8MzNZSy
59V0smU32hm5NaMyIYqm/fEr0YdWryG32PJC+d9cBwJDtEPYlC8Hukza75wjzdvx
661SaIgzV6zGn8Q2SO+5Y+mPD6rSU6Y5yhyGeJC9GcFmU0VeeZyhVCRwyBXsywWD
y7Pr7yDENfoIBviQIJSyDM3OTPGM4ZkzHzSEF+1YGvq8odZwibF/GLMh2d9XuNyo
Swy9JREv2o/g595a3ORCIAXdEE3HAdMbdxJwsB0FgcvCr5a+c9vzdRsQvKC8WGWX
8Q==
-----END CERTIFICATE-----
Generated at Mon Nov 25 15:54:07 2024 by rpki-client on console-ams.rpki-client.org