Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CKtUearwyEilFC1v5NyZFitFwzc.cer
File:                     CKtUearwyEilFC1v5NyZFitFwzc.cer (raw, json)
Hash identifier:          XsmMYWmPZjnMDl8wmBtnh/jrlG1a+TJWaIE26cnTHbc=
Subject key identifier:   08:AB:54:79:AA:F0:C8:48:A5:14:2D:6F:E4:DC:99:16:2B:45:C3:37
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       595F
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A916DC7C/A4C14628554911EF82B5D36FC4F9AE02/CKtUearwyEilFC1v5NyZFitFwzc.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A916DC7C/A4C14628554911EF82B5D36FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 08 Aug 2024 05:47:11 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 160.30.70.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 15:41:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22879 (0x595f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Aug  8 05:47:11 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A916DC7C/serialNumber=08AB5479AAF0C848A5142D6FE4DC99162B45C337
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:2e:11:c9:06:83:c0:cb:7e:1e:69:b3:41:b0:
                    ae:cf:06:1a:29:78:32:23:35:07:a8:6c:01:eb:a4:
                    3a:64:a0:60:d1:47:6e:25:cc:3a:fb:2e:6c:13:e9:
                    44:ed:ca:97:78:20:4c:f6:8b:d5:c5:23:cc:6b:84:
                    83:a7:e6:84:e0:36:0b:17:6e:39:44:a2:35:05:10:
                    f9:0e:65:0a:00:ab:ff:f5:59:79:af:28:3a:39:37:
                    b9:1b:2a:93:d4:96:22:10:24:eb:c6:c8:c4:cf:e2:
                    14:9b:cd:50:8e:fb:80:18:0d:25:bd:75:67:4f:34:
                    bf:80:24:b1:f5:c7:b7:cd:04:27:65:66:76:c7:f7:
                    3c:cb:9e:51:f7:12:5e:a1:6e:72:1c:7f:ce:f6:48:
                    fd:65:42:af:a5:42:a2:a8:f2:16:3c:90:00:aa:11:
                    1a:c9:e5:c3:4d:83:55:31:86:f7:24:56:6d:f0:04:
                    27:4c:cc:44:ca:ce:7d:4c:35:34:0b:cb:37:e6:58:
                    16:fd:0c:e1:6c:89:bf:b4:a3:e8:9c:d1:05:c1:31:
                    b0:63:5d:f2:44:f7:c5:ba:63:31:02:8c:45:4a:75:
                    5f:90:62:5d:3e:dc:75:a2:4f:67:69:4f:78:9f:7f:
                    d1:22:70:4d:e4:ad:05:ab:14:df:a5:3e:78:63:61:
                    ce:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:AB:54:79:AA:F0:C8:48:A5:14:2D:6F:E4:DC:99:16:2B:45:C3:37
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A916DC7C/A4C14628554911EF82B5D36FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A916DC7C/A4C14628554911EF82B5D36FC4F9AE02/CKtUearwyEilFC1v5NyZFitFwzc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.30.70.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:8a:56:4e:ed:45:d6:48:7a:ba:fa:bb:ef:12:4e:fb:cf:68:
         8a:f5:c6:28:ee:70:07:58:48:0b:7b:6e:a4:a1:df:13:6d:b3:
         f4:d3:ef:d9:2e:ef:a1:26:88:cc:f9:4d:59:b5:e0:5c:6c:98:
         7c:a3:97:b9:22:99:12:d9:7b:ae:1b:49:32:bd:79:77:ea:da:
         c2:96:9c:a0:8b:54:45:50:91:33:45:98:3e:51:2d:63:fb:03:
         7a:59:e1:92:38:e9:bf:30:cf:b4:97:ef:a2:95:8f:48:21:c7:
         d7:1f:83:9c:af:55:ea:00:68:ff:49:67:c9:22:a9:ca:7a:bc:
         ff:de:b3:76:85:0e:0d:04:ee:81:14:92:24:31:52:18:a2:b3:
         f4:fd:ec:1c:73:e8:76:5d:ee:98:a0:9f:c0:f1:74:df:5a:0d:
         34:e1:03:20:6b:f4:64:aa:d9:65:a2:af:04:09:7e:97:93:85:
         68:78:4b:fb:07:da:58:15:3c:39:26:cb:65:68:38:bc:e2:ac:
         79:45:ae:3a:b6:a1:e9:e2:2e:d5:85:ea:7f:ef:65:97:37:b6:
         f3:8a:ad:05:19:db:09:4f:97:c6:de:68:15:0f:5c:a1:7b:85:
         df:a8:a9:a7:ce:81:14:84:36:05:5d:7d:b9:96:17:25:6e:0f:
         b2:d5:a2:01
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICWV8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwODA4MDU0NzExWhcNMjUwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE2REM3QzExMC8GA1UEBRMoMDhBQjU0NzlBQUYwQzg0OEE1MTQyRDZG
RTREQzk5MTYyQjQ1QzMzNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALQuEckGg8DLfh5ps0Gwrs8GGil4MiM1B6hsAeukOmSgYNFHbiXMOvsubBPpRO3K
l3ggTPaL1cUjzGuEg6fmhOA2CxduOUSiNQUQ+Q5lCgCr//VZea8oOjk3uRsqk9SW
IhAk68bIxM/iFJvNUI77gBgNJb11Z080v4AksfXHt80EJ2Vmdsf3PMueUfcSXqFu
chx/zvZI/WVCr6VCoqjyFjyQAKoRGsnlw02DVTGG9yRWbfAEJ0zMRMrOfUw1NAvL
N+ZYFv0M4WyJv7Sj6JzRBcExsGNd8kT3xbpjMQKMRUp1X5BiXT7cdaJPZ2lPeJ9/
0SJwTeStBasU36U+eGNhzgkCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQIq1R5qvDI
SKUULW/k3JkWK0XDNzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkRDN0MvQTRDMTQ2Mjg1NTQ5MTFFRjgyQjVEMzZGQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTZEQzdDL0E0QzE0NjI4NTU0OTExRUY4MkI1RDM2RkM0RjlBRTAyL0NLdFVlYXJ3
eUVpbEZDMXY1TnlaRml0Rnd6Yy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKAeRjANBgkqhkiG9w0BAQsFAAOCAQEAWYpWTu1F1kh6uvq77xJO
+89oivXGKO5wB1hIC3tupKHfE22z9NPv2S7voSaIzPlNWbXgXGyYfKOXuSKZEtl7
rhtJMr15d+rawpacoItURVCRM0WYPlEtY/sDelnhkjjpvzDPtJfvopWPSCHH1x+D
nK9V6gBo/0lnySKpynq8/96zdoUODQTugRSSJDFSGKKz9P3sHHPodl3umKCfwPF0
31oNNOEDIGv0ZKrZZaKvBAl+l5OFaHhL+wfaWBU8OSbLZWg4vOKseUWuOrah6eIu
1YXqf+9llze284qtBRnbCU+Xxt5oFQ9coXuF36ipp86BFIQ2BV19uZYXJW4PstWi
AQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:50:39 2024 by rpki-client on console-ams.rpki-client.org