Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AX2NuKeIdKsvmtl95Xr94b4WfUQ.cer
File:                     AX2NuKeIdKsvmtl95Xr94b4WfUQ.cer (raw, json)
Hash identifier:          mtDXIy214TPEDcW+M+/M9RsI/aTeOJXrv27gAaDfJgM=
Subject key identifier:   01:7D:8D:B8:A7:88:74:AB:2F:9A:D9:7D:E5:7A:FD:E1:BE:16:7D:44
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5C16
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C2F8C/5579B9B086E011EF9B6B177EC4F9AE02/AX2NuKeIdKsvmtl95Xr94b4WfUQ.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C2F8C/5579B9B086E011EF9B6B177EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 10 Oct 2024 08:19:18 +0000
Certificate not after:    Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources:    IP: 160.187.170.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 15:41:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23574 (0x5c16)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Oct 10 08:19:18 2024 GMT
            Not After : Jan 31 00:00:00 2026 GMT
        Subject: CN=A91C2F8C/serialNumber=017D8DB8A78874AB2F9AD97DE57AFDE1BE167D44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:6a:a9:b8:29:1c:9a:59:48:17:4c:9c:ac:f9:
                    d4:c8:c4:7f:71:4d:1a:26:cd:78:22:b7:af:1c:a8:
                    b3:6c:fa:d4:c0:e5:cd:b7:a8:65:0c:4e:75:b2:da:
                    ca:90:8f:9a:e2:36:b6:5c:b8:1f:11:f4:84:36:c6:
                    73:26:1e:ee:8f:3b:d9:2c:1b:d9:30:2c:d1:93:4a:
                    31:a6:93:bf:01:82:ba:cd:80:4a:2f:40:78:d6:08:
                    bc:60:de:0d:a2:19:4a:d3:b1:15:70:bb:49:47:b9:
                    66:de:b0:9e:e1:15:ee:56:22:86:ca:ca:56:01:4a:
                    eb:86:1b:e4:a2:d2:d8:9f:6c:08:40:19:f4:81:a3:
                    e5:22:87:c6:3e:2c:23:09:09:37:70:84:d5:bc:b0:
                    a6:35:a8:75:71:b3:33:7b:46:df:92:3d:15:41:50:
                    96:37:a6:6f:23:09:13:2b:d6:84:f1:af:08:b7:f8:
                    9f:e9:c8:9f:1c:e0:52:3d:dc:8f:9f:7b:bb:c5:03:
                    00:82:4f:9d:ad:eb:d6:50:88:62:d9:f0:0a:81:1c:
                    22:fd:29:f4:b4:77:ee:6e:85:cf:b3:c5:da:e5:98:
                    ec:8f:15:08:35:c0:63:27:15:44:32:be:18:e6:49:
                    d8:6f:91:47:11:90:3a:86:f8:88:89:8e:02:6d:0c:
                    43:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:7D:8D:B8:A7:88:74:AB:2F:9A:D9:7D:E5:7A:FD:E1:BE:16:7D:44
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C2F8C/5579B9B086E011EF9B6B177EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C2F8C/5579B9B086E011EF9B6B177EC4F9AE02/AX2NuKeIdKsvmtl95Xr94b4WfUQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.187.170.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9f:33:a1:76:8f:b8:1a:6c:98:fb:ed:16:e6:93:e7:49:04:22:
         d6:a7:fe:97:a9:9f:2b:ab:c0:96:6d:17:a5:a9:9a:8f:00:ef:
         b8:a8:2a:2f:bf:b3:55:29:1e:65:32:9d:fa:83:06:e5:22:20:
         50:a3:7a:04:3f:47:7f:7c:b0:0b:98:82:1d:e1:fd:8e:69:85:
         1e:91:22:0a:68:6d:f3:f3:73:11:47:19:7a:23:d5:40:a6:fb:
         d6:d2:75:80:ac:cf:61:3c:9e:60:57:0b:07:3b:dd:29:6e:f6:
         fc:08:04:f5:07:50:f1:31:18:ec:95:7c:e4:91:6a:36:14:d7:
         7f:6a:9f:6b:92:4d:61:a0:86:80:a9:01:c1:c0:38:be:86:15:
         84:91:bf:aa:c5:80:6a:4f:bb:a8:67:12:b8:e6:fe:27:3d:c9:
         bc:ab:3b:3d:9d:5f:42:a9:ac:98:8f:fb:73:b6:e8:b7:57:56:
         5b:eb:08:aa:31:64:50:74:e3:58:52:11:b8:8b:be:fa:e4:83:
         fd:91:e6:35:f1:99:74:96:c7:47:22:bf:c2:aa:86:f8:0b:61:
         39:83:c0:4d:a1:b5:27:13:24:5a:ba:88:25:f8:ec:1b:51:df:
         7d:37:dd:75:84:c4:44:4c:a4:64:b0:be:6d:15:bd:55:19:fe:
         3a:4c:9f:46
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICXBYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMDEwMDgxOTE4WhcNMjYwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDMkY4QzExMC8GA1UEBRMoMDE3RDhEQjhBNzg4NzRBQjJGOUFEOTdE
RTU3QUZERTFCRTE2N0Q0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMBqqbgpHJpZSBdMnKz51MjEf3FNGibNeCK3rxyos2z61MDlzbeoZQxOdbLaypCP
muI2tly4HxH0hDbGcyYe7o872Swb2TAs0ZNKMaaTvwGCus2ASi9AeNYIvGDeDaIZ
StOxFXC7SUe5Zt6wnuEV7lYihsrKVgFK64Yb5KLS2J9sCEAZ9IGj5SKHxj4sIwkJ
N3CE1bywpjWodXGzM3tG35I9FUFQljembyMJEyvWhPGvCLf4n+nInxzgUj3cj597
u8UDAIJPna3r1lCIYtnwCoEcIv0p9LR37m6Fz7PF2uWY7I8VCDXAYycVRDK+GOZJ
2G+RRxGQOob4iImOAm0MQ+cCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQBfY24p4h0
qy+a2X3lev3hvhZ9RDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzJGOEMvNTU3OUI5QjA4NkUwMTFFRjlCNkIxNzdFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMyRjhDLzU1NzlCOUIwODZFMDExRUY5QjZCMTc3RUM0RjlBRTAyL0FYMk51S2VJ
ZEtzdm10bDk1WHI5NGI0V2ZVUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaC7qjANBgkqhkiG9w0BAQsFAAOCAQEAnzOhdo+4GmyY++0W5pPn
SQQi1qf+l6mfK6vAlm0XpamajwDvuKgqL7+zVSkeZTKd+oMG5SIgUKN6BD9Hf3yw
C5iCHeH9jmmFHpEiCmht8/NzEUcZeiPVQKb71tJ1gKzPYTyeYFcLBzvdKW72/AgE
9QdQ8TEY7JV85JFqNhTXf2qfa5JNYaCGgKkBwcA4voYVhJG/qsWAak+7qGcSuOb+
Jz3JvKs7PZ1fQqmsmI/7c7bot1dWW+sIqjFkUHTjWFIRuIu++uSD/ZHmNfGZdJbH
RyK/wqqG+AthOYPATaG1JxMkWrqIJfjsG1HffTfddYTEREykZLC+bRW9VRn+Okyf
Rg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:50:39 2024 by rpki-client on console-ams.rpki-client.org