Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/EW8KKmpLkkLXeiULcXAIFdKY3bk.cer
File:                     EW8KKmpLkkLXeiULcXAIFdKY3bk.cer (raw, json)
Hash identifier:          aYQGNKeRiQWCyxEcSD+uphMU+VybDVF9e29x2LBWkVo=
Subject key identifier:   11:6F:0A:2A:6A:4B:92:42:D7:7A:25:0B:71:70:08:15:D2:98:DD:B9
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       59A8
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9175964/F531EDE45B1411EFAC974461C4F9AE02/EW8KKmpLkkLXeiULcXAIFdKY3bk.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9175964/F531EDE45B1411EFAC974461C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 15 Aug 2024 14:45:10 +0000
Certificate not after:    Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources:    IP: 160.25.173.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22952 (0x59a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Aug 15 14:45:10 2024 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=A9175964/serialNumber=116F0A2A6A4B9242D77A250B71700815D298DDB9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:8c:fa:ab:f6:80:f2:e0:bf:1f:37:e0:93:92:
                    ab:2a:83:49:ef:24:26:e8:84:c0:37:b6:c5:e0:eb:
                    e4:fd:6f:79:1d:6f:ae:94:97:06:e9:69:16:fe:a2:
                    f7:9d:f2:34:c4:6a:3f:2f:de:47:19:79:0e:ab:a3:
                    7b:d9:af:09:cc:96:f4:c4:20:05:2d:4a:2c:58:9d:
                    f7:73:f2:d8:27:4a:31:e2:fa:6b:00:98:a2:51:08:
                    d3:6a:5f:fa:8c:43:67:d9:ef:78:57:d8:2e:60:e8:
                    17:33:6f:9f:a6:b0:ab:12:c8:91:08:93:75:2a:aa:
                    66:7c:76:b4:e9:d6:d3:93:69:93:29:1c:14:c9:9c:
                    5d:ab:d6:d4:93:41:ba:92:b3:79:6c:cb:56:1e:57:
                    7a:87:ec:95:c6:0a:88:93:d2:94:50:36:89:31:a7:
                    b4:d0:24:53:9a:fb:16:e7:e3:3d:2b:96:77:af:07:
                    88:ad:8e:33:88:5e:12:d6:86:59:b2:fb:eb:72:77:
                    fd:58:59:94:3d:bd:2d:f5:eb:35:46:67:d0:87:7e:
                    18:6f:0c:7d:59:9d:19:49:5f:9f:60:7a:a1:bd:d7:
                    76:f6:b2:18:90:7a:8b:81:0a:ab:b0:f3:6f:be:6b:
                    84:ec:78:2e:e5:32:9e:8e:f0:58:e5:1f:fb:ba:89:
                    b8:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:6F:0A:2A:6A:4B:92:42:D7:7A:25:0B:71:70:08:15:D2:98:DD:B9
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9175964/F531EDE45B1411EFAC974461C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9175964/F531EDE45B1411EFAC974461C4F9AE02/EW8KKmpLkkLXeiULcXAIFdKY3bk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.25.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:44:b9:83:ba:47:e9:53:c0:bb:07:09:2b:ee:de:e5:35:a3:
         1e:bd:e7:dc:a0:8c:70:02:70:86:d3:8d:7d:d6:0c:23:83:76:
         20:09:9e:6c:2d:27:4d:9d:1e:98:6d:11:fa:58:01:3f:05:bf:
         3b:71:a4:c3:ce:0a:87:5a:02:61:82:db:b6:63:12:41:dc:49:
         c9:bf:07:ad:51:7f:21:dc:8c:1c:d0:63:c6:4a:57:84:ff:fb:
         e7:f4:cb:1a:5d:d1:b2:8f:53:87:fe:43:dd:01:8b:88:ec:e2:
         b4:b2:1b:ec:a5:49:df:a4:d4:5d:a5:97:0c:e1:e8:a8:18:45:
         89:dc:6c:6b:78:36:26:44:71:fc:e0:2d:2d:8f:d4:59:2f:44:
         ca:4e:ac:24:67:2e:2a:d3:b4:8a:80:bc:41:32:a4:48:17:0f:
         fc:4a:2e:cc:75:4e:0f:4f:a7:e5:1f:00:58:6a:30:d7:6a:b1:
         ed:f9:a9:14:06:07:93:96:c6:60:3b:0a:bc:6e:dd:fb:98:33:
         95:f1:3c:e5:7a:6a:cf:62:84:51:bd:c1:1b:8b:4f:9b:c7:23:
         fb:de:d7:b0:51:46:70:56:dc:1a:09:8c:ce:e6:9f:48:c2:52:
         10:a5:aa:e7:cf:5c:0e:e1:bd:4c:f9:c2:62:6a:71:0f:5e:a7:
         fb:a2:15:d4
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICWagwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwODE1MTQ0NTEwWhcNMjUxMDMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE3NTk2NDExMC8GA1UEBRMoMTE2RjBBMkE2QTRCOTI0MkQ3N0EyNTBC
NzE3MDA4MTVEMjk4RERCOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALOM+qv2gPLgvx834JOSqyqDSe8kJuiEwDe2xeDr5P1veR1vrpSXBulpFv6i953y
NMRqPy/eRxl5Dquje9mvCcyW9MQgBS1KLFid93Py2CdKMeL6awCYolEI02pf+oxD
Z9nveFfYLmDoFzNvn6awqxLIkQiTdSqqZnx2tOnW05NpkykcFMmcXavW1JNBupKz
eWzLVh5XeofslcYKiJPSlFA2iTGntNAkU5r7FufjPSuWd68HiK2OM4heEtaGWbL7
63J3/VhZlD29LfXrNUZn0Id+GG8MfVmdGUlfn2B6ob3XdvayGJB6i4EKq7Dzb75r
hOx4LuUyno7wWOUf+7qJuL0CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQRbwoqakuS
Qtd6JQtxcAgV0pjduTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzU5NjQvRjUzMUVERTQ1QjE0MTFFRkFDOTc0NDYxQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTc1OTY0L0Y1MzFFREU0NUIxNDExRUZBQzk3NDQ2MUM0RjlBRTAyL0VXOEtLbXBM
a2tMWGVpVUxjWEFJRmRLWTNiay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKAZrTANBgkqhkiG9w0BAQsFAAOCAQEAsES5g7pH6VPAuwcJK+7e
5TWjHr3n3KCMcAJwhtONfdYMI4N2IAmebC0nTZ0emG0R+lgBPwW/O3Gkw84Kh1oC
YYLbtmMSQdxJyb8HrVF/IdyMHNBjxkpXhP/75/TLGl3Rso9Th/5D3QGLiOzitLIb
7KVJ36TUXaWXDOHoqBhFidxsa3g2JkRx/OAtLY/UWS9Eyk6sJGcuKtO0ioC8QTKk
SBcP/EouzHVOD0+n5R8AWGow12qx7fmpFAYHk5bGYDsKvG7d+5gzlfE85Xpqz2KE
Ub3BG4tPm8cj+97XsFFGcFbcGgmMzuafSMJSEKWq589cDuG9TPnCYmpxD16n+6IV
1A==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:29 2024 by rpki-client on console-fra.rpki-client.org