Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/4bkQuccxDJ9lWU_G6JifyVOzblE.cer
File:                     4bkQuccxDJ9lWU_G6JifyVOzblE.cer (raw, json)
Hash identifier:          hb/tU4jGFDXvdAjm4X3DUpWLwrifhS9kkKahZEFQnZA=
Subject key identifier:   E1:B9:10:B9:C7:31:0C:9F:65:59:4F:C6:E8:98:9F:C9:53:B3:6E:51
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       4E93
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/4bkQuccxDJ9lWU_G6JifyVOzblE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 06 Nov 2023 17:02:05 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    IP: 52.128.224.0/19
                          IP: 148.66.0.0/19
                          IP: 216.118.224.0/19

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20115 (0x4e93)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Nov  6 17:02:05 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A9178EB0/serialNumber=E1B910B9C7310C9F65594FC6E8989FC953B36E51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:98:0d:be:da:a7:ca:34:17:78:2e:e2:5d:88:
                    22:15:d0:24:1a:ff:8b:b3:6c:f6:ae:2c:d4:8e:e4:
                    1f:89:d7:cc:ad:34:e3:f8:f4:0d:d2:ff:57:68:0a:
                    41:44:cf:2b:f1:82:24:48:41:58:bc:45:39:6c:00:
                    4a:17:36:74:70:fa:37:23:55:22:3d:57:84:3a:f6:
                    3c:2e:05:88:42:e6:2a:de:49:8c:44:48:ef:38:13:
                    bf:70:cc:97:29:dd:0b:eb:4b:8d:50:94:cd:51:23:
                    c1:7c:5a:d1:be:cb:1f:30:bd:e4:3b:a2:bc:80:2d:
                    1f:49:cb:f6:bd:42:d9:d0:00:f7:8a:d3:38:9e:c7:
                    70:46:2c:42:48:ab:cf:49:8d:18:ad:bc:9b:17:57:
                    ef:c4:bb:f2:96:ee:0e:df:ba:f7:47:a2:f0:d8:94:
                    e0:ef:33:7f:b3:f6:9f:b1:8f:2d:b9:c4:9c:f5:7b:
                    ae:2e:48:90:d9:bf:4b:05:34:4e:8e:68:5d:17:ba:
                    1c:67:32:a5:7e:d5:27:f3:bc:f9:0e:c4:82:fd:c6:
                    ce:e4:b5:3e:c7:ec:25:1a:50:9c:0d:45:ac:cd:07:
                    de:7e:e2:2b:80:7a:19:d5:ee:7e:3e:9e:59:06:c3:
                    18:a8:49:47:1e:d1:49:22:42:38:ca:91:e0:c6:57:
                    e2:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:B9:10:B9:C7:31:0C:9F:65:59:4F:C6:E8:98:9F:C9:53:B3:6E:51
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9178EB0/E32C87CC50D511ECB3F8D529C4F9AE02/4bkQuccxDJ9lWU_G6JifyVOzblE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  52.128.224.0/19
                  148.66.0.0/19
                  216.118.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         a6:4e:d1:4b:8c:8e:c0:e3:76:4c:b6:84:42:95:45:fc:76:64:
         69:93:55:f8:bf:4b:ed:68:c3:e8:6b:e5:de:3e:40:d9:26:32:
         44:91:a3:43:94:fd:a7:30:1a:c4:a8:a3:8c:17:fe:00:45:f4:
         90:c0:0c:f5:8c:3e:75:5a:a6:c2:5f:f9:ad:1a:4d:33:5b:99:
         41:d1:a4:7f:39:ae:93:25:e8:98:c3:d1:21:61:5b:ee:93:9a:
         f7:bd:06:38:b9:0b:01:67:4f:ce:72:d1:05:67:06:1b:55:cb:
         f9:52:a5:80:8f:76:4c:28:d5:27:da:8a:d3:77:d3:48:fa:96:
         09:36:c0:4e:b3:82:a9:c6:46:5a:a3:16:fe:54:81:2a:b4:44:
         89:53:25:be:9d:ea:26:7b:08:51:f2:4c:0d:5a:e5:1d:18:70:
         92:ed:f1:6f:02:75:35:81:10:7d:64:18:3d:9a:a6:fb:8c:31:
         59:4e:f9:ca:34:d5:89:39:83:01:b2:20:b3:97:54:b6:5c:a2:
         86:d3:05:eb:13:c8:1d:e2:ea:17:9b:b8:6f:9c:a1:9d:3b:81:
         d2:98:31:3f:c5:07:75:c7:d3:35:8c:96:e2:31:47:bd:61:8e:
         1c:f0:f4:04:d8:08:05:8d:7a:7a:b5:b9:4d:9e:a6:38:c1:9e:
         2c:43:5e:9c
-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgICTpMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMxMTA2MTcwMjA1WhcNMjUwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE3OEVCMDExMC8GA1UEBRMoRTFCOTEwQjlDNzMxMEM5RjY1NTk0RkM2
RTg5ODlGQzk1M0IzNkU1MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKWYDb7ap8o0F3gu4l2IIhXQJBr/i7Ns9q4s1I7kH4nXzK004/j0DdL/V2gKQUTP
K/GCJEhBWLxFOWwAShc2dHD6NyNVIj1XhDr2PC4FiELmKt5JjERI7zgTv3DMlynd
C+tLjVCUzVEjwXxa0b7LHzC95DuivIAtH0nL9r1C2dAA94rTOJ7HcEYsQkirz0mN
GK28mxdX78S78pbuDt+690ei8NiU4O8zf7P2n7GPLbnEnPV7ri5IkNm/SwU0To5o
XRe6HGcypX7VJ/O8+Q7Egv3GzuS1PsfsJRpQnA1FrM0H3n7iK4B6GdXufj6eWQbD
GKhJRx7RSSJCOMqR4MZX4usCAwEAAaOCAv8wggL7MB0GA1UdDgQWBBThuRC5xzEM
n2VZT8bomJ/JU7NuUTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzhFQjAvRTMyQzg3Q0M1MEQ1MTFFQ0IzRjhENTI5QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTc4RUIwL0UzMkM4N0NDNTBENTExRUNCM0Y4RDUyOUM0RjlBRTAyLzRia1F1Y2N4
REo5bFdVX0c2SmlmeVZPemJsRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDArBggrBgEFBQcBBwEB/wQcMBow
GAQCAAEwEgMEBTSA4AMEBZRCAAMEBdh24DANBgkqhkiG9w0BAQsFAAOCAQEApk7R
S4yOwON2TLaEQpVF/HZkaZNV+L9L7WjD6Gvl3j5A2SYyRJGjQ5T9pzAaxKijjBf+
AEX0kMAM9Yw+dVqmwl/5rRpNM1uZQdGkfzmukyXomMPRIWFb7pOa970GOLkLAWdP
znLRBWcGG1XL+VKlgI92TCjVJ9qK03fTSPqWCTbATrOCqcZGWqMW/lSBKrREiVMl
vp3qJnsIUfJMDVrlHRhwku3xbwJ1NYEQfWQYPZqm+4wxWU75yjTViTmDAbIgs5dU
tlyihtMF6xPIHeLqF5u4b5yhnTuB0pgxP8UHdcfTNYyW4jFHvWGOHPD0BNgIBY16
erW5TZ6mOMGeLENenA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:29 2024 by rpki-client on console-fra.rpki-client.org