Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/0ypa3AVCwugXwgK-a3KB6GnReJc.cer
File:                     0ypa3AVCwugXwgK-a3KB6GnReJc.cer (raw, json)
Hash identifier:          ZeVdHotR7DOWhO6+6PY1i83vHvxfhTAari3agQk3Y38=
Subject key identifier:   D3:2A:5A:DC:05:42:C2:E8:17:C2:02:BE:6B:72:81:E8:69:D1:78:97
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5883
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 17 Jul 2024 23:43:11 +0000
Certificate not after:    Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources:    IP: 160.25.224.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22659 (0x5883)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jul 17 23:43:11 2024 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=A91E0855/serialNumber=D32A5ADC0542C2E817C202BE6B7281E869D17897
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:94:20:45:7c:a7:b5:b4:78:fb:a8:d7:47:94:
                    06:f5:d8:8a:dd:0d:0b:df:2a:6a:7f:75:76:55:1e:
                    b5:a7:26:22:aa:55:2d:5a:6d:f8:06:3d:41:af:97:
                    c8:76:46:f4:35:8d:b8:e7:7c:68:58:5b:43:a0:02:
                    26:42:9d:78:2e:81:ff:11:ea:06:de:1a:e3:16:1d:
                    bb:96:ba:7c:bc:ca:e2:1c:f0:0a:33:77:57:c9:ca:
                    2b:74:46:80:12:1b:b8:85:eb:b1:12:82:74:c7:28:
                    bb:9b:98:9b:aa:5b:35:76:b2:84:5e:5a:18:e4:ec:
                    94:6e:26:c4:2c:f5:73:16:20:20:f4:63:9e:a5:ba:
                    fc:10:1c:e6:ee:6c:65:13:a4:ca:33:8a:6b:f6:ff:
                    b0:a4:cc:95:19:b1:4b:83:84:28:22:ab:99:fb:21:
                    d2:62:c3:82:41:4b:60:72:cf:37:69:1e:59:25:b7:
                    46:ec:a1:e2:0e:cf:45:65:62:f0:c5:3f:80:f4:32:
                    f4:d6:9d:b8:15:f0:31:ce:f7:5f:d5:e0:8d:f0:1a:
                    a7:b2:5b:1b:c2:63:14:50:0e:07:80:89:30:ee:2b:
                    e5:61:84:f3:0c:b9:b7:d3:4d:12:90:a6:b2:13:67:
                    d9:97:18:70:12:5d:8d:6f:16:bd:76:ea:78:4c:d8:
                    ac:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:2A:5A:DC:05:42:C2:E8:17:C2:02:BE:6B:72:81:E8:69:D1:78:97
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E0855/504CFFE2449611EF8E84E63DC4F9AE02/0ypa3AVCwugXwgK-a3KB6GnReJc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.25.224.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7f:3e:6d:4c:02:c4:ed:8b:ab:08:4f:e5:1f:bc:a1:0c:50:c8:
         46:0b:5e:be:4a:4f:34:81:fb:8d:54:fa:ff:7d:cf:b0:e6:7e:
         fb:d4:10:02:4f:f5:ee:c4:de:f7:19:56:10:6e:07:79:7e:c0:
         cc:69:0f:2b:04:68:39:d5:83:e5:54:d0:22:58:49:76:62:5d:
         0b:cf:3f:e2:4c:32:8a:c0:e7:3f:0b:d5:8e:fe:f6:fa:81:56:
         bf:79:0c:1a:6e:e9:45:6e:94:0c:d6:9c:79:36:15:bb:3d:8b:
         84:6c:c6:a0:4c:8c:c1:26:ff:43:2d:e7:b7:81:ea:13:9c:64:
         ff:39:74:b1:fe:63:8f:88:24:bf:1d:d5:ee:37:23:19:8b:7f:
         43:71:f3:96:45:c6:09:64:0b:96:0f:4f:48:e9:94:b0:38:ce:
         31:58:3e:be:90:90:fb:24:e7:71:84:a1:b5:7f:b5:16:44:2a:
         6a:4a:0a:b4:d8:d6:7d:62:f7:be:20:46:74:fa:92:ea:e1:14:
         7c:d8:b7:cd:30:0b:44:c4:3a:e4:d3:8d:1e:05:a8:b8:19:a4:
         bc:db:17:0d:ae:07:46:f1:60:d1:9f:46:28:7f:d1:d7:36:a5:
         f5:de:4f:ae:49:ce:9e:9c:65:23:a5:d7:1a:cc:f0:21:d9:cb:
         a8:3d:98:e4
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICWIMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNzE3MjM0MzExWhcNMjUxMDMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFFMDg1NTExMC8GA1UEBRMoRDMyQTVBREMwNTQyQzJFODE3QzIwMkJF
NkI3MjgxRTg2OUQxNzg5NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKWUIEV8p7W0ePuo10eUBvXYit0NC98qan91dlUetacmIqpVLVpt+AY9Qa+XyHZG
9DWNuOd8aFhbQ6ACJkKdeC6B/xHqBt4a4xYdu5a6fLzK4hzwCjN3V8nKK3RGgBIb
uIXrsRKCdMcou5uYm6pbNXayhF5aGOTslG4mxCz1cxYgIPRjnqW6/BAc5u5sZROk
yjOKa/b/sKTMlRmxS4OEKCKrmfsh0mLDgkFLYHLPN2keWSW3Ruyh4g7PRWVi8MU/
gPQy9NaduBXwMc73X9XgjfAap7JbG8JjFFAOB4CJMO4r5WGE8wy5t9NNEpCmshNn
2ZcYcBJdjW8WvXbqeEzYrAsCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTTKlrcBULC
6BfCAr5rcoHoadF4lzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTA4NTUvNTA0Q0ZGRTI0NDk2MTFFRjhFODRFNjNEQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUUwODU1LzUwNENGRkUyNDQ5NjExRUY4RTg0RTYzREM0RjlBRTAyLzB5cGEzQVZD
d3VnWHdnSy1hM0tCNkduUmVKYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaAZ4DANBgkqhkiG9w0BAQsFAAOCAQEAfz5tTALE7YurCE/lH7yh
DFDIRgtevkpPNIH7jVT6/33PsOZ++9QQAk/17sTe9xlWEG4HeX7AzGkPKwRoOdWD
5VTQIlhJdmJdC88/4kwyisDnPwvVjv72+oFWv3kMGm7pRW6UDNaceTYVuz2LhGzG
oEyMwSb/Qy3nt4HqE5xk/zl0sf5jj4gkvx3V7jcjGYt/Q3HzlkXGCWQLlg9PSOmU
sDjOMVg+vpCQ+yTncYShtX+1FkQqakoKtNjWfWL3viBGdPqS6uEUfNi3zTALRMQ6
5NONHgWouBmkvNsXDa4HRvFg0Z9GKH/R1zal9d5PrknOnpxlI6XXGszwIdnLqD2Y
5A==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:29 2024 by rpki-client on console-fra.rpki-client.org