Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4LlFj2mCX_gpOHsTnoj9O9Z0AIc.cer
File:                     4LlFj2mCX_gpOHsTnoj9O9Z0AIc.cer (raw, json)
Hash identifier:          TC98NTjxY/YVVHtXTAYzhpYR6MNF4pR/nrE/3kV6x3s=
Subject key identifier:   E0:B9:45:8F:69:82:5F:F8:29:38:7B:13:9E:88:FD:3B:D6:74:00:87
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5B35
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A914E600/221BAEBE77F111EFAC112942C4F9AE02/4LlFj2mCX_gpOHsTnoj9O9Z0AIc.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A914E600/221BAEBE77F111EFAC112942C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sat 21 Sep 2024 08:11:46 +0000
Certificate not after:    Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources:    IP: 160.30.4.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23349 (0x5b35)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Sep 21 08:11:46 2024 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=A914E600/serialNumber=E0B9458F69825FF829387B139E88FD3BD6740087
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:0e:a6:6f:cb:bb:04:98:66:35:0a:60:3b:24:
                    81:cc:06:3c:3f:69:3d:b6:ae:ab:a9:c2:9b:60:11:
                    a2:d6:a5:e8:8f:38:94:b5:6f:92:16:59:bc:01:22:
                    80:9a:93:d8:87:02:0a:f6:e5:fc:c6:47:6f:e5:f0:
                    8d:63:0a:3e:26:e1:58:b2:c4:b4:20:4b:5c:b9:a1:
                    09:a6:07:57:e8:10:31:2d:2f:2e:50:66:28:56:b6:
                    98:01:86:31:48:5f:df:bc:60:2e:ef:61:58:f3:b9:
                    f2:4f:95:9e:ea:b5:10:2f:0b:c3:9c:22:32:6b:a4:
                    b7:75:a4:bc:08:14:28:33:6f:3c:f5:a5:d8:31:ca:
                    cc:5c:2c:b3:b3:f5:e9:78:b2:ad:7c:98:b6:af:cc:
                    0f:ce:d5:06:04:e9:ff:8f:6d:02:97:b4:11:a3:bd:
                    aa:41:03:02:62:65:54:c0:48:f6:67:fd:57:46:03:
                    1c:06:58:2f:b4:49:47:43:da:2f:55:c3:5b:87:47:
                    c4:d9:3e:13:70:18:fa:e0:57:0c:f3:c8:8d:f0:31:
                    74:9d:a8:94:5a:7a:ae:52:53:a7:c0:b1:fa:5f:e9:
                    6e:14:ac:d2:e5:3a:e0:d9:99:f5:fe:3f:c0:ae:5c:
                    e5:d9:c8:6a:00:02:72:4a:a7:46:e8:3f:21:25:67:
                    f8:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:B9:45:8F:69:82:5F:F8:29:38:7B:13:9E:88:FD:3B:D6:74:00:87
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A914E600/221BAEBE77F111EFAC112942C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A914E600/221BAEBE77F111EFAC112942C4F9AE02/4LlFj2mCX_gpOHsTnoj9O9Z0AIc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.30.4.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b2:69:39:72:b4:9e:88:72:26:70:3f:b9:75:fa:af:65:f0:5d:
         6d:54:ac:04:2a:38:3a:1f:1b:97:a5:b4:9a:04:f4:20:60:57:
         d4:1c:2d:5c:bc:2e:99:15:57:3a:fc:ee:4b:34:a3:70:12:48:
         a0:dc:da:60:be:9d:3e:4e:85:65:40:b9:16:39:36:c0:30:1c:
         6e:24:61:a4:12:e5:6c:22:54:d9:db:cc:0d:bc:10:8b:24:ce:
         bb:fd:ba:64:c3:b7:a4:fb:23:61:dc:2b:76:e8:47:aa:4b:45:
         0f:73:f8:9c:d2:a1:8a:e6:5d:4f:46:f5:9d:55:93:5a:f0:63:
         1c:7b:aa:9a:67:76:d8:70:90:e3:f9:61:b9:39:cb:0a:e5:9b:
         5f:28:eb:9c:6b:63:03:bb:55:aa:fa:ab:b7:5d:08:c5:6e:1a:
         c3:78:2c:7e:a6:b4:e4:20:7c:58:16:cc:f1:50:30:97:3c:c7:
         36:7f:80:a2:22:01:d4:f6:6e:d5:1c:e3:94:ce:0b:5c:35:73:
         ac:a2:21:02:1d:02:33:db:d2:91:5e:d3:7a:48:fc:0f:b0:cf:
         5e:6a:94:9a:34:0f:02:ad:54:83:e2:8f:70:e9:2d:cd:13:92:
         75:08:c1:24:f5:6b:c9:ba:00:06:06:77:07:5b:2b:9c:44:38:
         b7:3c:7b:89
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICWzUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwOTIxMDgxMTQ2WhcNMjUxMDMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE0RTYwMDExMC8GA1UEBRMoRTBCOTQ1OEY2OTgyNUZGODI5Mzg3QjEz
OUU4OEZEM0JENjc0MDA4NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AN8Opm/LuwSYZjUKYDskgcwGPD9pPbauq6nCm2ARotal6I84lLVvkhZZvAEigJqT
2IcCCvbl/MZHb+XwjWMKPibhWLLEtCBLXLmhCaYHV+gQMS0vLlBmKFa2mAGGMUhf
37xgLu9hWPO58k+Vnuq1EC8Lw5wiMmukt3WkvAgUKDNvPPWl2DHKzFwss7P16Xiy
rXyYtq/MD87VBgTp/49tApe0EaO9qkEDAmJlVMBI9mf9V0YDHAZYL7RJR0PaL1XD
W4dHxNk+E3AY+uBXDPPIjfAxdJ2olFp6rlJTp8Cx+l/pbhSs0uU64NmZ9f4/wK5c
5dnIagACckqnRug/ISVn+EsCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTguUWPaYJf
+Ck4exOeiP071nQAhzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEU2MDAvMjIxQkFFQkU3N0YxMTFFRkFDMTEyOTQyQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTRFNjAwLzIyMUJBRUJFNzdGMTExRUZBQzExMjk0MkM0RjlBRTAyLzRMbEZqMm1D
WF9ncE9Ic1Rub2o5TzlaMEFJYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaAeBDANBgkqhkiG9w0BAQsFAAOCAQEAsmk5crSeiHImcD+5dfqv
ZfBdbVSsBCo4Oh8bl6W0mgT0IGBX1BwtXLwumRVXOvzuSzSjcBJIoNzaYL6dPk6F
ZUC5Fjk2wDAcbiRhpBLlbCJU2dvMDbwQiyTOu/26ZMO3pPsjYdwrduhHqktFD3P4
nNKhiuZdT0b1nVWTWvBjHHuqmmd22HCQ4/lhuTnLCuWbXyjrnGtjA7tVqvqrt10I
xW4aw3gsfqa05CB8WBbM8VAwlzzHNn+AoiIB1PZu1RzjlM4LXDVzrKIhAh0CM9vS
kV7Tekj8D7DPXmqUmjQPAq1Ug+KPcOktzROSdQjBJPVryboABgZ3B1srnEQ4tzx7
iQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:29 2024 by rpki-client on console-fra.rpki-client.org