Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1fF0__36EIu7L4fnPG6d1RCNOp8.cer
File:                     1fF0__36EIu7L4fnPG6d1RCNOp8.cer (raw, json)
Hash identifier:          9NFb4Pxv5VavHvaNJaWkWwWj+yVZfcXcIPVm0ISJJRo=
Subject key identifier:   D5:F1:74:FF:FD:FA:10:8B:BB:2F:87:E7:3C:6E:9D:D5:10:8D:3A:9F
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       551E
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A913A5BD/4B2B393E1CF711EDA00FD343C4F9AE02/1fF0__36EIu7L4fnPG6d1RCNOp8.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A913A5BD/4B2B393E1CF711EDA00FD343C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 02 May 2024 14:41:23 +0000
Certificate not after:    Wed 30 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 139.86.0.0/16

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21790 (0x551e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: May  2 14:41:23 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=A913A5BD/serialNumber=D5F174FFFDFA108BBB2F87E73C6E9DD5108D3A9F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:6e:43:4f:75:cf:ab:38:fd:e8:35:40:37:06:
                    b0:63:a5:a0:26:6e:bd:ed:fe:e7:59:62:7d:97:2b:
                    3f:64:ae:5b:de:1b:93:06:9e:1b:e4:ee:55:7b:2b:
                    c5:9d:d1:7f:67:3d:92:d0:fe:93:b3:28:76:27:93:
                    8c:8d:0a:1a:1e:e3:2a:16:8c:e8:27:ea:02:2b:53:
                    d1:68:3a:dc:9a:6d:68:ff:7b:0b:81:3a:8e:bf:15:
                    28:d9:56:7a:77:d0:e0:4b:a3:94:6d:b5:4a:fb:c6:
                    bc:b5:04:02:dc:0d:a8:16:19:69:b8:94:21:61:db:
                    9f:c9:7d:24:b3:ec:7b:a4:f4:53:0b:ad:a4:ff:ca:
                    2a:9f:66:ac:97:43:50:ed:7e:2e:85:da:3f:ed:6a:
                    fe:bd:4c:d0:ee:b1:f4:cb:f8:c6:22:07:54:a2:15:
                    14:64:e6:41:45:e2:a1:9c:8f:71:9c:7b:99:95:e6:
                    b3:76:3d:88:f9:e7:03:d1:13:8a:36:be:d1:7f:17:
                    c1:a3:ed:bb:c0:8a:31:50:c7:1f:2e:03:87:52:15:
                    6a:2d:b1:27:85:a9:ed:02:32:27:69:4c:eb:d0:fe:
                    8d:f3:a6:2b:ca:d3:a2:95:ad:4c:e0:6a:ac:25:0a:
                    95:5b:6e:2c:2c:23:9e:41:6d:16:ca:e1:61:d7:21:
                    87:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:F1:74:FF:FD:FA:10:8B:BB:2F:87:E7:3C:6E:9D:D5:10:8D:3A:9F
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913A5BD/4B2B393E1CF711EDA00FD343C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913A5BD/4B2B393E1CF711EDA00FD343C4F9AE02/1fF0__36EIu7L4fnPG6d1RCNOp8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.86.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         b1:c4:cf:79:09:6b:89:7a:86:c0:98:e9:0d:f2:64:46:45:24:
         70:c9:ea:37:27:6b:d4:8a:97:bf:89:89:2e:6a:5d:00:40:0d:
         cf:d6:fd:b2:01:9a:6b:55:f2:af:13:40:d4:b7:f8:a9:2a:d5:
         83:3c:56:d9:ba:e9:8a:5c:a2:42:6a:1c:66:e6:5a:f1:46:3a:
         b6:5b:73:3d:fc:ae:c9:94:13:81:20:c5:45:10:ba:e3:bf:39:
         aa:6d:58:5f:f7:a6:61:c3:10:a1:f9:61:a6:b6:e9:36:00:30:
         c6:16:4e:b5:79:55:fc:66:43:c7:6e:27:23:89:53:f8:5c:97:
         29:e1:2f:8d:d9:33:5d:2d:83:fd:50:51:4a:47:e9:23:1b:66:
         9f:42:b9:fc:43:0b:ad:af:1e:b4:d9:db:66:97:f4:84:3b:30:
         59:36:95:0d:8b:82:a1:06:99:4f:ae:6b:b5:db:a9:f7:2c:96:
         43:e3:e3:8f:e6:ba:a0:1d:ca:98:c5:65:4c:9e:c8:99:f7:88:
         45:e3:0a:f7:f8:49:53:66:65:0a:7d:80:97:3f:c9:70:cb:4e:
         e7:8d:31:61:2b:d6:73:c3:32:fc:18:56:58:22:63:ec:66:28:
         f3:30:41:ea:62:83:69:c3:ea:9a:b0:d3:34:60:ff:1d:a8:68:
         33:61:9b:00
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgICVR4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNTAyMTQ0MTIzWhcNMjUwNzMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEzQTVCRDExMC8GA1UEBRMoRDVGMTc0RkZGREZBMTA4QkJCMkY4N0U3
M0M2RTlERDUxMDhEM0E5RjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALpuQ091z6s4/eg1QDcGsGOloCZuve3+51lifZcrP2SuW94bkwaeG+TuVXsrxZ3R
f2c9ktD+k7ModieTjI0KGh7jKhaM6CfqAitT0Wg63JptaP97C4E6jr8VKNlWenfQ
4EujlG21SvvGvLUEAtwNqBYZabiUIWHbn8l9JLPse6T0UwutpP/KKp9mrJdDUO1+
LoXaP+1q/r1M0O6x9Mv4xiIHVKIVFGTmQUXioZyPcZx7mZXms3Y9iPnnA9ETija+
0X8XwaPtu8CKMVDHHy4Dh1IVai2xJ4Wp7QIyJ2lM69D+jfOmK8rTopWtTOBqrCUK
lVtuLCwjnkFtFsrhYdchh0UCAwEAAaOCAvIwggLuMB0GA1UdDgQWBBTV8XT//foQ
i7svh+c8bp3VEI06nzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0E1QkQvNEIyQjM5M0UxQ0Y3MTFFREEwMEZEMzQzQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNBNUJELzRCMkIzOTNFMUNGNzExRURBMDBGRDM0M0M0RjlBRTAyLzFmRjBfXzM2
RUl1N0w0Zm5QRzZkMVJDTk9wOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAeBggrBgEFBQcBBwEB/wQPMA0w
CwQCAAEwBQMDAItWMA0GCSqGSIb3DQEBCwUAA4IBAQCxxM95CWuJeobAmOkN8mRG
RSRwyeo3J2vUipe/iYkual0AQA3P1v2yAZprVfKvE0DUt/ipKtWDPFbZuumKXKJC
ahxm5lrxRjq2W3M9/K7JlBOBIMVFELrjvzmqbVhf96ZhwxCh+WGmtuk2ADDGFk61
eVX8ZkPHbicjiVP4XJcp4S+N2TNdLYP9UFFKR+kjG2afQrn8Qwutrx602dtml/SE
OzBZNpUNi4KhBplPrmu126n3LJZD4+OP5rqgHcqYxWVMnsiZ94hF4wr3+ElTZmUK
fYCXP8lwy07njTFhK9ZzwzL8GFZYImPsZijzMEHqYoNpw+qasNM0YP8dqGgzYZsA
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:29 2024 by rpki-client on console-fra.rpki-client.org