Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3VdGDwwSvgVGE6L0KWewfaVoe_A.cer
File:                     3VdGDwwSvgVGE6L0KWewfaVoe_A.cer (raw, json)
Hash identifier:          VPPWyW+f4oPrYNQmYpeoVyyOrevzb1bUbWzbP0FkWmg=
Subject key identifier:   DD:57:46:0F:0C:12:BE:05:46:13:A2:F4:29:67:B0:7D:A5:68:7B:F0
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5BE2
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91566DC/5A182C7C852311EF9B48FF41C4F9AE02/3VdGDwwSvgVGE6L0KWewfaVoe_A.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91566DC/5A182C7C852311EF9B48FF41C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 08 Oct 2024 03:14:00 +0000
Certificate not after:    Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources:    IP: 160.187.192.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 15:41:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23522 (0x5be2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Oct  8 03:14:00 2024 GMT
            Not After : Jan 31 00:00:00 2026 GMT
        Subject: CN=A91566DC/serialNumber=DD57460F0C12BE054613A2F42967B07DA5687BF0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:55:87:d7:35:b6:c3:2a:d8:2d:d4:93:a5:88:
                    cd:40:4e:a4:8b:3c:93:6b:f2:a8:94:a2:dc:66:43:
                    ba:37:57:ed:f7:39:1f:cb:94:69:2e:82:66:23:44:
                    2a:42:94:52:32:18:a3:df:53:af:3c:fb:3b:45:8a:
                    c2:55:03:5e:0b:96:34:26:07:82:c0:30:39:5c:7d:
                    d6:aa:fb:3a:6b:66:80:cf:f6:cd:da:06:bb:39:54:
                    95:31:63:85:ee:15:e4:e4:47:d5:92:70:e8:3b:8f:
                    1f:2c:50:4f:b9:d7:65:1d:b8:93:38:3e:d8:18:cd:
                    1b:32:0d:bc:66:6b:1f:3b:49:a8:f3:6b:eb:1b:ec:
                    23:54:60:58:ba:04:eb:a9:e2:36:1d:78:4a:95:5c:
                    0f:5b:40:4b:50:8d:ff:13:69:72:dc:33:bd:46:c0:
                    62:26:cd:b9:44:23:c7:7c:e4:e5:c5:62:7e:f1:95:
                    b1:b4:71:fa:ba:de:e1:32:39:28:38:b8:25:7e:4f:
                    b1:31:d1:21:42:7b:22:5c:a3:14:4b:8c:4e:ca:89:
                    2a:ba:36:2b:f4:10:f3:97:15:73:83:96:42:74:49:
                    bf:e6:cc:9d:b3:94:2c:9e:4c:11:2b:5d:e6:32:ea:
                    69:a5:60:74:d8:07:c0:e1:c6:df:2a:47:9d:55:07:
                    ab:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:57:46:0F:0C:12:BE:05:46:13:A2:F4:29:67:B0:7D:A5:68:7B:F0
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91566DC/5A182C7C852311EF9B48FF41C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91566DC/5A182C7C852311EF9B48FF41C4F9AE02/3VdGDwwSvgVGE6L0KWewfaVoe_A.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.187.192.0/23

    Signature Algorithm: sha256WithRSAEncryption
         87:f3:38:76:fe:ce:48:04:c9:06:b1:22:25:17:9a:43:64:b9:
         71:0a:e6:99:aa:6b:29:7b:04:94:6a:92:31:22:a6:d2:eb:f1:
         17:ee:34:c6:7e:69:55:d2:d3:35:80:a4:d3:35:42:d4:c3:5f:
         23:9d:17:6e:fa:77:3a:e0:fc:cf:f5:8c:bb:b4:63:35:21:a3:
         57:f6:2f:24:a3:d8:5c:df:34:21:94:25:8b:3b:3d:4e:6a:ce:
         18:45:0d:bb:c6:3f:a1:80:66:70:00:a4:30:54:76:d4:bf:3d:
         90:04:f2:bb:fe:c9:66:5f:83:5e:2e:44:a4:5b:6f:9f:5a:e3:
         ba:34:31:7f:0b:7a:4a:eb:ea:09:14:4e:67:d5:db:81:65:12:
         87:74:1f:94:80:ee:32:41:1a:2b:4a:28:70:85:47:04:47:7d:
         d5:1b:17:85:77:e2:1b:c4:1a:d3:61:07:33:04:ce:04:07:b0:
         ad:af:ef:e7:60:54:e8:22:75:17:b5:a4:e3:b6:89:4f:55:91:
         41:73:3a:88:47:45:1a:fa:84:e0:ed:45:db:fb:c7:1c:6b:c4:
         6c:13:b1:d4:f9:fa:93:4f:a3:2b:a5:2d:2a:0b:81:71:ae:9a:
         b6:87:82:50:98:11:28:5f:a5:5f:18:0e:0f:14:7b:5a:4f:a4:
         78:91:1c:ae
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICW+IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMDA4MDMxNDAwWhcNMjYwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE1NjZEQzExMC8GA1UEBRMoREQ1NzQ2MEYwQzEyQkUwNTQ2MTNBMkY0
Mjk2N0IwN0RBNTY4N0JGMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKZVh9c1tsMq2C3Uk6WIzUBOpIs8k2vyqJSi3GZDujdX7fc5H8uUaS6CZiNEKkKU
UjIYo99Trzz7O0WKwlUDXguWNCYHgsAwOVx91qr7OmtmgM/2zdoGuzlUlTFjhe4V
5ORH1ZJw6DuPHyxQT7nXZR24kzg+2BjNGzINvGZrHztJqPNr6xvsI1RgWLoE66ni
Nh14SpVcD1tAS1CN/xNpctwzvUbAYibNuUQjx3zk5cVifvGVsbRx+rre4TI5KDi4
JX5PsTHRIUJ7IlyjFEuMTsqJKro2K/QQ85cVc4OWQnRJv+bMnbOULJ5MEStd5jLq
aaVgdNgHwOHG3ypHnVUHqwMCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTdV0YPDBK+
BUYTovQpZ7B9pWh78DAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTY2REMvNUExODJDN0M4NTIzMTFFRjlCNDhGRjQxQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTU2NkRDLzVBMTgyQzdDODUyMzExRUY5QjQ4RkY0MUM0RjlBRTAyLzNWZEdEd3dT
dmdWR0U2TDBLV2V3ZmFWb2VfQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaC7wDANBgkqhkiG9w0BAQsFAAOCAQEAh/M4dv7OSATJBrEiJRea
Q2S5cQrmmaprKXsElGqSMSKm0uvxF+40xn5pVdLTNYCk0zVC1MNfI50Xbvp3OuD8
z/WMu7RjNSGjV/YvJKPYXN80IZQlizs9TmrOGEUNu8Y/oYBmcACkMFR21L89kATy
u/7JZl+DXi5EpFtvn1rjujQxfwt6SuvqCRROZ9XbgWUSh3QflIDuMkEaK0oocIVH
BEd91RsXhXfiG8Qa02EHMwTOBAewra/v52BU6CJ1F7Wk47aJT1WRQXM6iEdFGvqE
4O1F2/vHHGvEbBOx1Pn6k0+jK6UtKguBca6atoeCUJgRKF+lXxgODxR7Wk+keJEc
rg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:50:39 2024 by rpki-client on console-ams.rpki-client.org