Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-S21ujUS5Gp82_tLNRS9b_hcjz0.cer
File:                     -S21ujUS5Gp82_tLNRS9b_hcjz0.cer (raw, json)
Hash identifier:          iH4WhHPfmh5GYMibl93JPev4LaYleynI2LLN3wBNoMM=
Subject key identifier:   F9:2D:B5:BA:35:12:E4:6A:7C:DB:FB:4B:35:14:BD:6F:F8:5C:8F:3D
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5227
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9131A30/4B7A186ACAF211EEACDB2E1EC4F9AE02/-S21ujUS5Gp82_tLNRS9b_hcjz0.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9131A30/4B7A186ACAF211EEACDB2E1EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 14 Feb 2024 04:34:15 +0000
Certificate not after:    Wed 28 May 2025 00:00:00 +0000
Subordinate resources:    IP: 157.15.242.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 15:41:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21031 (0x5227)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Feb 14 04:34:15 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=A9131A30/serialNumber=F92DB5BA3512E46A7CDBFB4B3514BD6FF85C8F3D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:02:38:3f:be:c7:35:ea:00:fe:90:25:56:11:
                    38:6a:db:dc:14:ef:67:05:42:a2:df:c7:9c:cc:fe:
                    7f:8d:31:6a:3b:12:3d:41:08:8f:6d:b3:07:f0:e1:
                    18:ae:26:66:22:d3:b1:20:17:9a:4a:2f:47:72:85:
                    a9:95:47:d1:a0:86:bb:21:e0:98:c1:b1:fe:c5:52:
                    12:02:65:46:dd:88:6e:fe:56:6e:8c:f6:7b:80:44:
                    03:39:fb:52:88:fd:c7:45:37:c5:a4:35:4e:a1:28:
                    15:1a:fd:55:28:c3:04:8e:25:42:fa:33:42:21:0a:
                    69:af:9b:79:82:b9:e6:89:1b:6b:1e:89:76:3b:bd:
                    7a:3c:94:65:78:b8:6d:3b:a3:29:0c:a2:3a:08:3d:
                    18:0f:5e:64:e7:bf:87:c6:da:b6:55:b3:90:6d:45:
                    f3:92:ad:7a:19:8f:2a:5a:7d:71:73:8b:d0:47:ce:
                    cc:f0:9b:6c:9f:39:b5:8f:72:c1:ad:b3:37:fa:6e:
                    1b:76:b5:73:af:3f:eb:fb:b8:b4:c7:c8:5d:df:e9:
                    24:81:b4:33:74:cf:04:b1:e1:a0:09:08:0b:f2:99:
                    04:1b:c0:b5:80:5a:73:98:6c:35:65:d0:ad:94:64:
                    d0:1a:0b:4d:62:94:c2:0c:05:db:64:6e:b0:ee:b9:
                    75:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:2D:B5:BA:35:12:E4:6A:7C:DB:FB:4B:35:14:BD:6F:F8:5C:8F:3D
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9131A30/4B7A186ACAF211EEACDB2E1EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9131A30/4B7A186ACAF211EEACDB2E1EC4F9AE02/-S21ujUS5Gp82_tLNRS9b_hcjz0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.15.242.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3e:28:f0:35:b4:fd:60:63:59:63:b0:3c:99:a3:21:fd:c7:ad:
         85:84:64:25:33:c4:aa:85:83:a2:e2:4a:ac:55:4c:cc:51:7e:
         4e:50:b4:ef:62:08:82:42:fc:e3:51:10:19:27:f6:25:2e:6e:
         e1:cd:dc:3b:40:21:7f:45:43:94:fe:2e:b8:34:61:e7:e1:a6:
         93:c4:07:13:04:5d:2b:91:e5:a7:58:d3:04:5c:f7:67:f5:3a:
         94:2e:7c:2d:b6:6a:9b:42:24:53:85:76:e3:fc:32:01:29:3b:
         dc:97:8b:97:b3:02:86:cd:7c:fb:4b:91:a5:a3:a6:f8:16:a3:
         1c:48:bf:7a:cd:c7:eb:28:b0:e9:f2:f8:4a:ee:9a:d8:b1:11:
         a2:05:f0:f7:36:13:86:ae:93:c2:aa:30:f4:6d:a5:0d:8b:c5:
         23:2c:82:80:40:fe:34:aa:8d:bf:fb:a0:18:3b:bb:9d:63:61:
         c8:49:e1:55:53:34:84:af:9c:e3:5d:a5:40:20:86:42:6c:b8:
         73:24:cc:4a:97:d7:23:32:12:6d:a8:a6:a0:a3:d3:95:d0:0f:
         2d:2a:24:33:33:30:2a:6d:e1:d5:88:95:3c:37:ec:33:e4:93:
         e6:f4:48:23:a3:21:dd:f7:8c:39:ae:cf:e9:29:85:1c:d1:d3:
         5f:93:f7:a1
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICUicwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwMjE0MDQzNDE1WhcNMjUwNTI4MDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEzMUEzMDExMC8GA1UEBRMoRjkyREI1QkEzNTEyRTQ2QTdDREJGQjRC
MzUxNEJENkZGODVDOEYzRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALkCOD++xzXqAP6QJVYROGrb3BTvZwVCot/HnMz+f40xajsSPUEIj22zB/DhGK4m
ZiLTsSAXmkovR3KFqZVH0aCGuyHgmMGx/sVSEgJlRt2Ibv5Wboz2e4BEAzn7Uoj9
x0U3xaQ1TqEoFRr9VSjDBI4lQvozQiEKaa+beYK55okbax6Jdju9ejyUZXi4bTuj
KQyiOgg9GA9eZOe/h8batlWzkG1F85KtehmPKlp9cXOL0EfOzPCbbJ85tY9ywa2z
N/puG3a1c68/6/u4tMfIXd/pJIG0M3TPBLHhoAkIC/KZBBvAtYBac5hsNWXQrZRk
0BoLTWKUwgwF22RusO65dV8CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBT5LbW6NRLk
anzb+0s1FL1v+FyPPTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzFBMzAvNEI3QTE4NkFDQUYyMTFFRUFDREIyRTFFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTMxQTMwLzRCN0ExODZBQ0FGMjExRUVBQ0RCMkUxRUM0RjlBRTAyLy1TMjF1alVT
NUdwODJfdExOUlM5Yl9oY2p6MC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0P8jANBgkqhkiG9w0BAQsFAAOCAQEAPijwNbT9YGNZY7A8maMh
/cethYRkJTPEqoWDouJKrFVMzFF+TlC072IIgkL841EQGSf2JS5u4c3cO0Ahf0VD
lP4uuDRh5+Gmk8QHEwRdK5Hlp1jTBFz3Z/U6lC58LbZqm0IkU4V24/wyASk73JeL
l7MChs18+0uRpaOm+BajHEi/es3H6yiw6fL4Su6a2LERogXw9zYThq6Twqow9G2l
DYvFIyyCgED+NKqNv/ugGDu7nWNhyEnhVVM0hK+c412lQCCGQmy4cyTMSpfXIzIS
baimoKPTldAPLSokMzMwKm3h1YiVPDfsM+ST5vRII6Mh3feMOa7P6SmFHNHTX5P3
oQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:50:39 2024 by rpki-client on console-ams.rpki-client.org