Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/DFpUKh6bP7XI5JaG6-vPwFDM5KU.cer
File:                     DFpUKh6bP7XI5JaG6-vPwFDM5KU.cer (raw, json)
Hash identifier:          EBcsD9haUX9cqtuNqhR8C8v1PRS4Ewn68q/Z9m/CixQ=
Subject key identifier:   0C:5A:54:2A:1E:9B:3F:B5:C8:E4:96:86:EB:EB:CF:C0:50:CC:E4:A5
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       4B00
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A918495F/78D5D896DFEC11E7A27A2213C4F9AE02/DFpUKh6bP7XI5JaG6-vPwFDM5KU.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A918495F/78D5D896DFEC11E7A27A2213C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 26 May 2023 17:35:00 +0000
Certificate not after:    Tue 30 Jul 2024 00:00:00 +0000
Subordinate resources:    IP: 168.70.0.0/16

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 15:53:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19200 (0x4b00)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: May 26 17:35:00 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=A918495F/serialNumber=0C5A542A1E9B3FB5C8E49686EBEBCFC050CCE4A5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:b1:43:af:54:39:e4:a9:e5:a4:64:03:ee:4c:
                    c2:d5:09:6a:23:3f:83:97:7a:31:4e:d9:49:01:bb:
                    bd:c7:22:a7:b0:02:e2:22:55:97:d1:96:5a:11:4c:
                    34:d3:4a:0c:4f:3b:7d:81:7c:57:2b:3c:c6:39:8d:
                    f2:0e:74:3f:b4:6c:53:70:83:02:b6:9d:63:a3:05:
                    54:75:82:09:33:6c:d5:ac:bf:8d:f8:b8:40:10:44:
                    d0:5c:c4:16:7c:bc:12:1f:9c:08:06:32:a7:00:09:
                    40:47:de:80:a8:37:26:29:dc:8c:d3:09:61:87:e4:
                    67:82:cb:6d:67:ee:e9:49:df:30:8d:2b:ee:e3:21:
                    e7:67:fb:ce:39:56:75:71:aa:af:fd:9c:8b:58:6c:
                    20:4f:1f:c7:ee:77:a6:93:68:22:56:ea:bf:8e:4b:
                    ae:ee:f3:27:31:fe:a8:d5:80:68:6a:a1:4a:66:a0:
                    26:2b:89:8c:a3:cd:b9:28:b6:47:8c:ff:55:25:f4:
                    2f:57:bc:da:59:55:2b:a9:aa:0e:f9:9d:68:d7:99:
                    e4:ef:ed:49:fd:55:10:d5:79:03:2e:7c:fb:0e:df:
                    cf:f8:84:08:11:cd:d1:09:14:2e:56:85:d3:67:cf:
                    62:b4:c5:60:29:57:f8:da:ab:6c:1a:84:31:d4:96:
                    de:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:5A:54:2A:1E:9B:3F:B5:C8:E4:96:86:EB:EB:CF:C0:50:CC:E4:A5
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918495F/78D5D896DFEC11E7A27A2213C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918495F/78D5D896DFEC11E7A27A2213C4F9AE02/DFpUKh6bP7XI5JaG6-vPwFDM5KU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.70.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         73:99:b7:6d:2b:1b:83:7d:6c:ca:01:be:65:98:5a:74:e0:d8:
         bf:c6:74:89:d5:cc:f6:29:a2:99:7e:16:e2:85:70:de:ab:e4:
         23:19:f9:d9:32:93:b5:4a:73:77:21:f4:52:48:1d:3f:9f:4e:
         19:77:b1:90:35:58:4f:a2:b3:73:52:02:c1:81:a6:35:c4:fc:
         49:45:b4:4c:57:a2:e3:84:5b:db:69:8e:7b:ef:18:a7:b7:59:
         8a:cf:6a:15:24:aa:02:53:90:d3:d8:a3:b3:97:fa:64:5a:a4:
         a1:ae:94:78:ce:2f:69:7e:6a:fa:98:cc:d7:2a:59:fd:fd:e5:
         84:0f:f1:7a:96:3f:00:74:07:ca:73:ee:5d:5f:1d:ad:39:c5:
         db:59:4b:13:08:64:85:1e:eb:33:6b:02:d4:63:b2:ea:11:78:
         ed:19:1c:00:03:d9:be:c0:55:3c:21:18:bf:21:71:81:6d:93:
         54:6b:8c:6f:84:2e:89:90:3b:e7:9e:fa:31:89:b0:f7:01:00:
         b8:3f:9f:63:d5:d3:97:fa:56:73:10:91:e0:39:8b:ea:e8:37:
         7d:fd:70:e6:2c:60:8a:28:40:32:34:92:0c:3e:9b:b3:58:e4:
         f6:a4:2c:b8:ce:d1:ea:ed:3e:a2:e1:e5:31:82:d2:4e:dd:6e:
         06:96:83:05
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgICSwAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMwNTI2MTczNTAwWhcNMjQwNzMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE4NDk1RjExMC8GA1UEBRMoMEM1QTU0MkExRTlCM0ZCNUM4RTQ5Njg2
RUJFQkNGQzA1MENDRTRBNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANixQ69UOeSp5aRkA+5MwtUJaiM/g5d6MU7ZSQG7vccip7AC4iJVl9GWWhFMNNNK
DE87fYF8Vys8xjmN8g50P7RsU3CDAradY6MFVHWCCTNs1ay/jfi4QBBE0FzEFny8
Eh+cCAYypwAJQEfegKg3JincjNMJYYfkZ4LLbWfu6UnfMI0r7uMh52f7zjlWdXGq
r/2ci1hsIE8fx+53ppNoIlbqv45Lru7zJzH+qNWAaGqhSmagJiuJjKPNuSi2R4z/
VSX0L1e82llVK6mqDvmdaNeZ5O/tSf1VENV5Ay58+w7fz/iECBHN0QkULlaF02fP
YrTFYClX+NqrbBqEMdSW3vUCAwEAAaOCAvIwggLuMB0GA1UdDgQWBBQMWlQqHps/
tcjklobr68/AUMzkpTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODQ5NUYvNzhENUQ4OTZERkVDMTFFN0EyN0EyMjEzQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTg0OTVGLzc4RDVEODk2REZFQzExRTdBMjdBMjIxM0M0RjlBRTAyL0RGcFVLaDZi
UDdYSTVKYUc2LXZQd0ZETTVLVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAeBggrBgEFBQcBBwEB/wQPMA0w
CwQCAAEwBQMDAKhGMA0GCSqGSIb3DQEBCwUAA4IBAQBzmbdtKxuDfWzKAb5lmFp0
4Ni/xnSJ1cz2KaKZfhbihXDeq+QjGfnZMpO1SnN3IfRSSB0/n04Zd7GQNVhPorNz
UgLBgaY1xPxJRbRMV6LjhFvbaY577xint1mKz2oVJKoCU5DT2KOzl/pkWqShrpR4
zi9pfmr6mMzXKln9/eWED/F6lj8AdAfKc+5dXx2tOcXbWUsTCGSFHuszawLUY7Lq
EXjtGRwAA9m+wFU8IRi/IXGBbZNUa4xvhC6JkDvnnvoxibD3AQC4P59j1dOX+lZz
EJHgOYvq6Dd9/XDmLGCKKEAyNJIMPpuzWOT2pCy4ztHq7T6i4eUxgtJO3W4GloMF
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:48:04 2024 by rpki-client on console-fra.rpki-client.org