Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0e69FiTc3lGUEO1dZObVE5hLd9A.cer
File:                     0e69FiTc3lGUEO1dZObVE5hLd9A.cer (raw, json)
Hash identifier:          bY3OGmbrewVLUGNpJ6w7iJ8AfTU09z/ZIrLwQ56uXQI=
Subject key identifier:   D1:EE:BD:16:24:DC:DE:51:94:10:ED:5D:64:E6:D5:13:98:4B:77:D0
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       578F
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A913F2BD/3EE27676389611EF9EDE8136C4F9AE02/0e69FiTc3lGUEO1dZObVE5hLd9A.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A913F2BD/3EE27676389611EF9EDE8136C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 02 Jul 2024 17:12:29 +0000
Certificate not after:    Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources:    IP: 160.25.40.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22415 (0x578f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jul  2 17:12:29 2024 GMT
            Not After : Sep 30 00:00:00 2025 GMT
        Subject: CN=A913F2BD/serialNumber=D1EEBD1624DCDE519410ED5D64E6D513984B77D0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:1c:40:f7:43:30:e0:75:81:8a:26:4a:7c:06:
                    5f:48:22:a2:8e:e2:8a:e7:c5:58:b9:d0:ea:2b:8e:
                    5c:7e:e0:ed:64:73:b9:4d:d3:b1:4f:a6:60:a6:14:
                    60:1c:49:c9:47:52:30:4f:69:be:7d:ff:52:95:1f:
                    8d:7d:6f:83:69:25:d1:46:dc:d8:a8:ae:4b:15:8d:
                    91:bb:65:59:0f:ea:43:df:df:33:96:cf:62:b7:bf:
                    ce:d5:60:97:0c:b2:3b:41:d2:53:e8:4d:45:ba:c7:
                    0d:20:02:70:1c:aa:77:bf:2d:0b:30:07:e0:a7:79:
                    2c:f1:47:05:ca:91:92:5f:91:e6:83:ef:ba:85:a9:
                    bd:c7:e8:00:e8:2f:2c:96:9e:68:aa:aa:36:7c:f3:
                    29:fe:e7:e4:79:07:c0:9b:c5:69:d8:a6:31:32:61:
                    01:55:66:2c:3d:e6:ef:77:cc:27:48:9c:af:c4:d8:
                    49:43:98:13:90:43:1a:75:99:79:a2:f2:53:90:05:
                    4c:88:d6:b3:90:ee:81:d4:b0:66:0b:d3:e8:55:0f:
                    76:98:6e:00:46:21:8c:da:f5:13:cd:9a:26:dc:97:
                    4e:42:76:2e:b5:3a:d0:0e:30:fd:cd:42:8e:cb:b0:
                    7a:84:63:8c:01:44:39:c0:f6:13:33:f1:9b:a6:1c:
                    e5:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:EE:BD:16:24:DC:DE:51:94:10:ED:5D:64:E6:D5:13:98:4B:77:D0
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913F2BD/3EE27676389611EF9EDE8136C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913F2BD/3EE27676389611EF9EDE8136C4F9AE02/0e69FiTc3lGUEO1dZObVE5hLd9A.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.25.40.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5a:f2:e3:9d:90:16:8c:48:b6:f9:4c:ef:4a:f1:73:c8:e7:d4:
         df:03:2f:4a:e6:ce:21:48:a1:58:a8:62:33:de:17:d3:1b:36:
         69:fc:f7:f5:a6:1e:04:f6:d7:87:24:37:18:29:0e:0c:d5:a6:
         32:8c:02:bd:c5:0f:03:0a:d3:a0:1c:53:e2:e3:a3:ef:57:d4:
         63:c7:44:c4:f8:84:9b:4e:f0:6d:4f:45:90:54:4c:5a:67:29:
         d6:5c:3a:29:74:36:d3:f2:5d:6b:5e:a5:40:8d:fa:5a:dd:8b:
         b2:5f:da:a5:18:27:97:f6:89:c9:f4:56:7c:d4:1a:a3:44:47:
         75:72:71:df:6e:f1:b6:29:b4:d6:05:50:15:f2:4a:98:ee:60:
         12:08:3c:90:53:18:56:ed:bb:84:61:ff:0c:eb:3e:de:cd:b9:
         92:ea:f6:42:a9:26:77:7e:f7:84:73:f6:1c:01:e2:16:19:bd:
         88:06:3b:0f:d4:75:c1:09:fb:7b:48:0b:89:80:af:30:99:12:
         1e:e9:9a:0b:f7:49:98:df:7a:b1:66:a7:12:86:c8:dd:b6:db:
         b6:82:7e:a5:7d:76:61:a1:db:c4:59:6e:42:97:60:f1:9d:9c:
         d0:b4:67:60:56:35:b2:b8:73:c2:4c:4d:74:d0:ee:19:b4:67:
         3a:6b:89:a0
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICV48wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNzAyMTcxMjI5WhcNMjUwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEzRjJCRDExMC8GA1UEBRMoRDFFRUJEMTYyNERDREU1MTk0MTBFRDVE
NjRFNkQ1MTM5ODRCNzdEMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AOMcQPdDMOB1gYomSnwGX0gioo7iiufFWLnQ6iuOXH7g7WRzuU3TsU+mYKYUYBxJ
yUdSME9pvn3/UpUfjX1vg2kl0Ubc2KiuSxWNkbtlWQ/qQ9/fM5bPYre/ztVglwyy
O0HSU+hNRbrHDSACcByqd78tCzAH4Kd5LPFHBcqRkl+R5oPvuoWpvcfoAOgvLJae
aKqqNnzzKf7n5HkHwJvFadimMTJhAVVmLD3m73fMJ0icr8TYSUOYE5BDGnWZeaLy
U5AFTIjWs5DugdSwZgvT6FUPdphuAEYhjNr1E82aJtyXTkJ2LrU60A4w/c1Cjsuw
eoRjjAFEOcD2EzPxm6Yc5ccCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTR7r0WJNze
UZQQ7V1k5tUTmEt30DAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0YyQkQvM0VFMjc2NzYzODk2MTFFRjlFREU4MTM2QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNGMkJELzNFRTI3Njc2Mzg5NjExRUY5RURFODEzNkM0RjlBRTAyLzBlNjlGaVRj
M2xHVUVPMWRaT2JWRTVoTGQ5QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaAZKDANBgkqhkiG9w0BAQsFAAOCAQEAWvLjnZAWjEi2+UzvSvFz
yOfU3wMvSubOIUihWKhiM94X0xs2afz39aYeBPbXhyQ3GCkODNWmMowCvcUPAwrT
oBxT4uOj71fUY8dExPiEm07wbU9FkFRMWmcp1lw6KXQ20/Jda16lQI36Wt2Lsl/a
pRgnl/aJyfRWfNQao0RHdXJx327xtim01gVQFfJKmO5gEgg8kFMYVu27hGH/DOs+
3s25kur2Qqkmd373hHP2HAHiFhm9iAY7D9R1wQn7e0gLiYCvMJkSHumaC/dJmN96
sWanEobI3bbbtoJ+pX12YaHbxFluQpdg8Z2c0LRnYFY1srhzwkxNdNDuGbRnOmuJ
oA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:41:38 2024 by rpki-client on console-ams.rpki-client.org