Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/FN2GhClPGzOjE6-48OuhyKADeAk.cer
File:                     FN2GhClPGzOjE6-48OuhyKADeAk.cer (raw, json)
Hash identifier:          HghYueAnJENsjetAqxRJPJQzKgoLTHoqbOPBLU+V8VA=
Subject key identifier:   14:DD:86:84:29:4F:1B:33:A3:13:AF:B8:F0:EB:A1:C8:A0:03:78:09
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5B78
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9160A05/D17C88687C8A11EF8FAB6909C4F9AE02/FN2GhClPGzOjE6-48OuhyKADeAk.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9160A05/D17C88687C8A11EF8FAB6909C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 27 Sep 2024 04:41:58 +0000
Certificate not after:    Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources:    IP: 160.187.130.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23416 (0x5b78)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Sep 27 04:41:58 2024 GMT
            Not After : Dec 30 00:00:00 2025 GMT
        Subject: CN=A9160A05/serialNumber=14DD8684294F1B33A313AFB8F0EBA1C8A0037809
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:e4:6b:e7:cf:8b:61:c5:51:03:3f:13:fe:9b:
                    ed:62:5f:4b:c1:40:89:d4:77:dc:56:95:a2:28:7d:
                    8c:cd:74:49:64:12:07:f3:8a:4d:78:f7:cf:b5:bd:
                    d2:f6:3b:e7:18:bc:f1:85:f4:fc:59:dc:5b:b4:65:
                    4a:a4:9e:58:12:62:64:39:ac:df:55:d1:62:7e:5c:
                    6c:87:d8:a6:a5:1d:dc:04:bd:d9:9a:6f:10:db:1b:
                    ff:4f:a6:30:a5:34:84:4c:61:90:17:fc:99:f4:25:
                    0d:50:24:a0:22:7f:83:60:9e:b6:3a:8b:f9:b1:77:
                    24:3e:99:07:00:77:cf:e3:46:97:f4:ab:cf:4a:ec:
                    1c:9a:b8:64:7b:1d:a2:24:36:99:7a:be:be:10:1b:
                    f7:1e:52:67:8b:ee:ea:10:28:9c:eb:4e:9b:be:dd:
                    9e:a1:c9:ff:cc:0e:3d:f4:42:1e:34:82:d7:3e:6d:
                    a5:f7:f6:40:f0:3b:7e:55:8d:f6:08:63:c4:9a:62:
                    9b:3a:b5:20:7e:27:b7:ce:7c:59:60:4b:e5:e5:87:
                    45:c4:52:33:11:69:ed:c6:4b:01:a0:55:32:9c:9d:
                    16:24:f1:27:d0:df:d4:3e:2f:a9:31:86:2a:4c:02:
                    e1:4e:69:2e:81:43:0e:f0:9a:5d:22:f3:fe:bf:2b:
                    62:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:DD:86:84:29:4F:1B:33:A3:13:AF:B8:F0:EB:A1:C8:A0:03:78:09
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9160A05/D17C88687C8A11EF8FAB6909C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9160A05/D17C88687C8A11EF8FAB6909C4F9AE02/FN2GhClPGzOjE6-48OuhyKADeAk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.187.130.0/23

    Signature Algorithm: sha256WithRSAEncryption
         89:f9:93:0b:cf:5d:9a:cb:8c:8a:b0:a4:a8:76:9f:08:8e:8e:
         6b:71:e6:a3:6f:35:88:1d:09:a7:ea:50:cd:a0:dc:9c:82:b4:
         e9:97:75:fc:e4:e0:6c:ac:cf:02:7a:cb:c5:5c:c6:4b:7f:b9:
         b3:f4:d4:cf:e2:6f:60:a8:4c:17:06:5d:18:39:81:d6:24:8b:
         1b:6e:f8:a6:99:e8:aa:af:d7:c5:a5:81:e2:d6:0b:ef:e4:90:
         b2:59:db:ce:b3:fd:5d:d9:2e:59:e6:a9:fe:b9:22:42:c1:21:
         56:99:3e:62:79:6c:d1:d1:b9:56:7e:fe:98:de:9f:43:2f:1d:
         2f:0c:17:6d:05:97:e2:12:98:27:00:68:4b:f0:2c:00:33:f2:
         ba:c5:90:a1:d8:c1:82:a2:2d:7d:7a:9c:5e:cb:11:ca:bd:0c:
         59:4a:aa:d8:f7:4d:ae:70:9a:72:01:4f:bf:3f:27:6c:65:28:
         8f:da:90:38:28:c8:1c:50:30:15:16:2e:18:46:3f:42:7b:cc:
         85:24:90:17:2b:bf:9a:db:60:d2:dd:5a:0e:62:c0:16:32:b6:
         a4:44:40:b9:6a:85:b3:4f:46:64:ac:20:2b:9a:3e:7f:52:95:
         5c:4a:35:46:3e:58:ea:90:44:f0:f4:10:4f:ca:88:ef:f9:1e:
         94:0e:bb:e5
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICW3gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwOTI3MDQ0MTU4WhcNMjUxMjMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE2MEEwNTExMC8GA1UEBRMoMTRERDg2ODQyOTRGMUIzM0EzMTNBRkI4
RjBFQkExQzhBMDAzNzgwOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANbka+fPi2HFUQM/E/6b7WJfS8FAidR33FaVoih9jM10SWQSB/OKTXj3z7W90vY7
5xi88YX0/FncW7RlSqSeWBJiZDms31XRYn5cbIfYpqUd3AS92ZpvENsb/0+mMKU0
hExhkBf8mfQlDVAkoCJ/g2CetjqL+bF3JD6ZBwB3z+NGl/Srz0rsHJq4ZHsdoiQ2
mXq+vhAb9x5SZ4vu6hAonOtOm77dnqHJ/8wOPfRCHjSC1z5tpff2QPA7flWN9ghj
xJpimzq1IH4nt858WWBL5eWHRcRSMxFp7cZLAaBVMpydFiTxJ9Df1D4vqTGGKkwC
4U5pLoFDDvCaXSLz/r8rYmkCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQU3YaEKU8b
M6MTr7jw66HIoAN4CTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjBBMDUvRDE3Qzg4Njg3QzhBMTFFRjhGQUI2OTA5QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTYwQTA1L0QxN0M4ODY4N0M4QTExRUY4RkFCNjkwOUM0RjlBRTAyL0ZOMkdoQ2xQ
R3pPakU2LTQ4T3VoeUtBRGVBay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaC7gjANBgkqhkiG9w0BAQsFAAOCAQEAifmTC89dmsuMirCkqHaf
CI6Oa3Hmo281iB0Jp+pQzaDcnIK06Zd1/OTgbKzPAnrLxVzGS3+5s/TUz+JvYKhM
FwZdGDmB1iSLG274ppnoqq/XxaWB4tYL7+SQslnbzrP9XdkuWeap/rkiQsEhVpk+
Ynls0dG5Vn7+mN6fQy8dLwwXbQWX4hKYJwBoS/AsADPyusWQodjBgqItfXqcXssR
yr0MWUqq2PdNrnCacgFPvz8nbGUoj9qQOCjIHFAwFRYuGEY/QnvMhSSQFyu/mttg
0t1aDmLAFjK2pERAuWqFs09GZKwgK5o+f1KVXEo1Rj5Y6pBE8PQQT8qI7/kelA67
5Q==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:29 2024 by rpki-client on console-fra.rpki-client.org