Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1N8l4OzS44CPaHDuVvcPJVgYkz4.cer
File:                     1N8l4OzS44CPaHDuVvcPJVgYkz4.cer (raw, json)
Hash identifier:          y4AvYNFNkXwA6+PPpckVaLKBq7rx97cMeT4PGeomRuc=
Subject key identifier:   D4:DF:25:E0:EC:D2:E3:80:8F:68:70:EE:56:F7:0F:25:58:18:93:3E
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5881
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91D260A/B6DCF1DC449511EFA4590C3DC4F9AE02/1N8l4OzS44CPaHDuVvcPJVgYkz4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91D260A/B6DCF1DC449511EFA4590C3DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 17 Jul 2024 23:38:54 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 192.88.7.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22657 (0x5881)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jul 17 23:38:54 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A91D260A/serialNumber=D4DF25E0ECD2E3808F6870EE56F70F255818933E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:d9:5a:26:05:2a:bc:bc:c8:05:c1:b3:5d:f5:
                    89:d1:07:27:c0:92:8c:d5:0c:da:85:2c:e4:c3:86:
                    77:c3:65:3c:35:df:17:28:4b:a9:bf:f3:a4:8a:0c:
                    9e:18:ba:51:86:f4:ba:83:16:a4:a3:88:0d:78:02:
                    74:cc:fc:10:69:8f:52:54:bf:be:09:d3:9f:6d:2a:
                    64:99:fb:7f:20:bf:1e:8a:47:83:d2:ef:bc:f0:e9:
                    24:39:9b:10:d4:90:f6:c4:b1:b2:7f:64:1f:24:52:
                    d1:93:f6:06:20:da:62:db:76:d9:4d:8e:ce:bb:17:
                    62:1d:e7:25:b5:3c:e2:c7:50:f4:32:d3:51:cb:52:
                    9f:ff:21:9c:fc:f6:b3:20:9a:b8:6a:8b:eb:53:b9:
                    89:fa:46:e2:a1:d7:a0:d1:b1:31:3a:e8:f6:bd:4b:
                    50:66:59:33:f1:0f:dd:cd:fc:96:c8:bf:f6:cb:9b:
                    db:d4:92:30:e4:ea:8f:9b:86:9d:74:04:77:ee:bb:
                    e6:2b:0c:b5:ea:5c:c5:7e:db:0b:eb:29:8e:c2:3a:
                    f2:17:cf:1c:ea:0e:36:a8:bd:7f:47:f9:64:d3:39:
                    44:43:34:1b:08:51:71:a7:82:61:1f:d8:c1:d6:65:
                    2d:33:5d:01:95:d6:9b:a8:a1:3a:1c:78:5d:12:96:
                    1e:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:DF:25:E0:EC:D2:E3:80:8F:68:70:EE:56:F7:0F:25:58:18:93:3E
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D260A/B6DCF1DC449511EFA4590C3DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D260A/B6DCF1DC449511EFA4590C3DC4F9AE02/1N8l4OzS44CPaHDuVvcPJVgYkz4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.88.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:1b:a9:b3:af:43:50:3b:82:5a:bf:4f:86:1a:fa:c9:b9:4f:
         c1:ad:df:63:54:68:15:48:c2:34:bf:78:4d:0c:aa:e7:e6:56:
         5b:6a:fc:fe:21:a7:e2:56:23:b5:ee:77:ff:2e:1d:0e:26:ee:
         4f:2b:76:56:8d:45:01:06:b2:4f:f1:1a:76:11:d5:97:fe:c1:
         4b:0c:19:d8:d2:20:dc:ee:5f:16:6e:00:5c:b6:55:c5:c1:35:
         ee:33:dc:2a:b2:ad:db:75:de:2d:b5:bd:ec:1d:94:26:c2:ed:
         3e:7a:41:01:f9:29:1d:2b:b3:38:a6:1f:2a:49:c3:a5:3c:b9:
         eb:57:1a:90:23:d4:a9:22:32:58:b9:2e:bf:83:57:90:21:39:
         a1:44:ae:cf:f7:4d:3d:f2:f6:4a:86:fd:e1:6d:cd:03:39:d0:
         ef:a8:53:97:c3:b5:59:c5:14:6e:ed:1f:52:da:4a:c4:88:62:
         4e:93:0f:da:5a:ef:20:1c:7c:bd:e5:ad:64:a1:ad:63:0c:33:
         e1:9a:05:9e:5e:5f:f9:ef:bf:09:f1:e3:bc:6f:22:9b:a2:66:
         be:66:9a:57:c7:d2:a4:43:56:e2:ef:3c:50:2a:af:89:5e:f6:
         f6:75:ef:ee:85:9b:57:40:ec:de:ca:ac:9c:16:fc:0a:56:2b:
         26:4a:56:a1
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICWIEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNzE3MjMzODU0WhcNMjUwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFEMjYwQTExMC8GA1UEBRMoRDRERjI1RTBFQ0QyRTM4MDhGNjg3MEVF
NTZGNzBGMjU1ODE4OTMzRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AOPZWiYFKry8yAXBs131idEHJ8CSjNUM2oUs5MOGd8NlPDXfFyhLqb/zpIoMnhi6
UYb0uoMWpKOIDXgCdMz8EGmPUlS/vgnTn20qZJn7fyC/HopHg9LvvPDpJDmbENSQ
9sSxsn9kHyRS0ZP2BiDaYtt22U2OzrsXYh3nJbU84sdQ9DLTUctSn/8hnPz2syCa
uGqL61O5ifpG4qHXoNGxMTro9r1LUGZZM/EP3c38lsi/9sub29SSMOTqj5uGnXQE
d+675isMtepcxX7bC+spjsI68hfPHOoONqi9f0f5ZNM5REM0GwhRcaeCYR/YwdZl
LTNdAZXWm6ihOhx4XRKWHskCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTU3yXg7NLj
gI9ocO5W9w8lWBiTPjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDI2MEEvQjZEQ0YxREM0NDk1MTFFRkE0NTkwQzNEQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQyNjBBL0I2RENGMURDNDQ5NTExRUZBNDU5MEMzREM0RjlBRTAyLzFOOGw0T3pT
NDRDUGFIRHVWdmNQSlZnWWt6NC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAMBYBzANBgkqhkiG9w0BAQsFAAOCAQEAIBups69DUDuCWr9Phhr6
yblPwa3fY1RoFUjCNL94TQyq5+ZWW2r8/iGn4lYjte53/y4dDibuTyt2Vo1FAQay
T/EadhHVl/7BSwwZ2NIg3O5fFm4AXLZVxcE17jPcKrKt23XeLbW97B2UJsLtPnpB
AfkpHSuzOKYfKknDpTy561cakCPUqSIyWLkuv4NXkCE5oUSuz/dNPfL2Sob94W3N
AznQ76hTl8O1WcUUbu0fUtpKxIhiTpMP2lrvIBx8veWtZKGtYwwz4ZoFnl5f+e+/
CfHjvG8im6JmvmaaV8fSpENW4u88UCqviV729nXv7oWbV0Ds3sqsnBb8ClYrJkpW
oQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:29 2024 by rpki-client on console-fra.rpki-client.org