Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/07yEKALa0i1cMMKCZffRCL1HjnA.cer
File:                     07yEKALa0i1cMMKCZffRCL1HjnA.cer (raw, json)
Hash identifier:          3wwVDYI1V5QQYTwO9W7lQ75r4AzEeF6Azaj/zXXGUHA=
Subject key identifier:   D3:BC:84:28:02:DA:D2:2D:5C:30:C2:82:65:F7:D1:08:BD:47:8E:70
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       52B2
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91B758E/DDEC8124D53D11EE8F1E8A85C4F9AE02/07yEKALa0i1cMMKCZffRCL1HjnA.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91B758E/DDEC8124D53D11EE8F1E8A85C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 27 Feb 2024 07:00:25 +0000
Certificate not after:    Wed 28 May 2025 00:00:00 +0000
Subordinate resources:    IP: 157.15.228.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21170 (0x52b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Feb 27 07:00:25 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=A91B758E/serialNumber=D3BC842802DAD22D5C30C28265F7D108BD478E70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:4e:99:ed:89:ad:93:27:66:d4:24:4b:99:7a:
                    0a:38:39:39:e0:90:eb:42:2e:ee:53:1c:86:f9:1e:
                    80:1c:1d:c7:5f:03:88:24:a2:f3:d9:0a:4f:6d:33:
                    51:c7:b9:2c:da:66:39:2e:c5:65:60:61:12:74:5b:
                    5e:b5:24:66:fb:a9:df:c0:fe:1f:94:9d:a3:8a:93:
                    41:f8:62:6c:49:86:3f:33:80:38:1b:65:d2:34:e3:
                    93:99:d8:2c:ba:b7:92:ba:d9:b4:96:e4:9d:5c:87:
                    3b:71:88:bb:a3:7f:f4:fe:80:8f:ff:54:cf:03:e4:
                    9c:7b:e2:87:71:e6:60:4b:e1:e7:67:59:c7:aa:9a:
                    44:96:4c:63:ce:5b:8c:e2:a4:fd:ee:06:1a:c4:2b:
                    d4:cb:fd:3d:92:92:fb:3c:37:d0:f1:83:51:c9:61:
                    a3:31:8a:bc:85:7a:d1:f9:d6:b1:f9:23:17:f9:b3:
                    69:08:b7:0a:3b:45:5c:d6:32:f9:b1:e8:96:bb:70:
                    b7:72:02:7f:56:e4:39:04:08:88:80:17:e7:80:fb:
                    f8:3f:06:38:fa:ef:bc:ff:e6:69:86:1c:8b:15:53:
                    32:ad:6b:57:df:40:89:9c:22:00:0b:23:fd:a9:67:
                    a8:56:e8:44:0d:da:14:4a:3c:81:2e:83:22:b9:73:
                    65:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:BC:84:28:02:DA:D2:2D:5C:30:C2:82:65:F7:D1:08:BD:47:8E:70
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B758E/DDEC8124D53D11EE8F1E8A85C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B758E/DDEC8124D53D11EE8F1E8A85C4F9AE02/07yEKALa0i1cMMKCZffRCL1HjnA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.15.228.0/23

    Signature Algorithm: sha256WithRSAEncryption
         09:95:7f:e2:3e:36:a5:9e:92:67:68:ca:13:ef:cf:2b:7e:0b:
         f4:cb:c1:d8:62:12:94:b8:e2:5d:3b:0f:6a:1b:d8:97:6a:ba:
         17:81:40:ef:db:b2:86:ab:25:1c:ad:89:23:4f:4b:8b:a8:60:
         c5:5f:6f:d2:9b:3b:10:26:83:19:e6:61:d8:6d:fc:7a:fc:f6:
         7d:78:a8:44:4b:60:eb:90:9b:69:c5:d5:3a:75:e0:1f:df:41:
         3f:0a:05:ee:08:41:e5:2f:74:d3:b9:e4:cb:e7:44:b9:06:80:
         6c:b1:6d:b9:bd:c2:6c:22:f3:88:b7:90:46:18:fc:08:6a:84:
         88:d3:9e:dd:a3:3e:bc:9f:e7:ca:7a:d9:3e:77:57:09:fc:0b:
         8a:14:32:02:f9:43:27:ed:a0:7c:cb:0d:36:d0:7d:fd:37:a0:
         6b:3e:9b:fb:e4:e1:e2:8c:09:ad:25:cc:5a:7b:0e:84:ce:51:
         82:b3:72:22:92:ff:1b:43:66:f3:58:03:37:bf:5e:ca:af:c3:
         e4:64:e7:ea:87:ad:4d:be:34:87:9b:d7:b7:e6:cb:da:50:39:
         61:05:ab:f2:17:43:b0:42:c3:0d:4c:47:2f:9a:72:fe:b7:31:
         74:8c:19:9d:83:cf:88:ea:86:34:f2:14:0f:16:8f:29:fd:37:
         e9:99:fe:08
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICUrIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwMjI3MDcwMDI1WhcNMjUwNTI4MDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFCNzU4RTExMC8GA1UEBRMoRDNCQzg0MjgwMkRBRDIyRDVDMzBDMjgy
NjVGN0QxMDhCRDQ3OEU3MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMFOme2JrZMnZtQkS5l6Cjg5OeCQ60Iu7lMchvkegBwdx18DiCSi89kKT20zUce5
LNpmOS7FZWBhEnRbXrUkZvup38D+H5Sdo4qTQfhibEmGPzOAOBtl0jTjk5nYLLq3
krrZtJbknVyHO3GIu6N/9P6Aj/9UzwPknHvih3HmYEvh52dZx6qaRJZMY85bjOKk
/e4GGsQr1Mv9PZKS+zw30PGDUclhozGKvIV60fnWsfkjF/mzaQi3CjtFXNYy+bHo
lrtwt3ICf1bkOQQIiIAX54D7+D8GOPrvvP/maYYcixVTMq1rV99AiZwiAAsj/aln
qFboRA3aFEo8gS6DIrlzZW8CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTTvIQoAtrS
LVwwwoJl99EIvUeOcDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjc1OEUvRERFQzgxMjRENTNEMTFFRThGMUU4QTg1QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUI3NThFL0RERUM4MTI0RDUzRDExRUU4RjFFOEE4NUM0RjlBRTAyLzA3eUVLQUxh
MGkxY01NS0NaZmZSQ0wxSGpuQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0P5DANBgkqhkiG9w0BAQsFAAOCAQEACZV/4j42pZ6SZ2jKE+/P
K34L9MvB2GISlLjiXTsPahvYl2q6F4FA79uyhqslHK2JI09Li6hgxV9v0ps7ECaD
GeZh2G38evz2fXioREtg65CbacXVOnXgH99BPwoF7ghB5S9007nky+dEuQaAbLFt
ub3CbCLziLeQRhj8CGqEiNOe3aM+vJ/nynrZPndXCfwLihQyAvlDJ+2gfMsNNtB9
/Tegaz6b++Th4owJrSXMWnsOhM5RgrNyIpL/G0Nm81gDN79eyq/D5GTn6oetTb40
h5vXt+bL2lA5YQWr8hdDsELDDUxHL5py/rcxdIwZnYPPiOqGNPIUDxaPKf036Zn+
CA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:29 2024 by rpki-client on console-fra.rpki-client.org