Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ii81OE7WK2pwdPiC574Cnw4E40M.cer
File:                     Ii81OE7WK2pwdPiC574Cnw4E40M.cer (raw, json)
Hash identifier:          8bCK5oIUgY+IR3QFzkHXZjvZf3ieWwGLXvNPJHnIjtM=
Subject key identifier:   22:2F:35:38:4E:D6:2B:6A:70:74:F8:82:E7:BE:02:9F:0E:04:E3:43
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       4D62
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91E5D61/EE67D8C01D7811E2879E38C508B02CD2/Ii81OE7WK2pwdPiC574Cnw4E40M.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91E5D61/EE67D8C01D7811E2879E38C508B02CD2/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 11 Sep 2023 21:20:43 +0000
Certificate not after:    Mon 30 Sep 2024 00:00:00 +0000
Subordinate resources:    IP: 162.105.0.0/16
                          IP: 166.111.0.0/16
                          IP: 192.124.154.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 06:55:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19810 (0x4d62)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Sep 11 21:20:43 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=A91E5D61/serialNumber=222F35384ED62B6A7074F882E7BE029F0E04E343
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:45:b7:1a:10:79:98:37:f8:7e:c6:da:4a:96:
                    ec:1e:ba:25:e5:25:68:d2:20:f2:77:b0:9d:d9:25:
                    13:01:90:c9:fb:69:8d:b5:b7:4c:45:29:8c:69:37:
                    18:42:3d:28:bb:7d:62:13:10:ff:c5:2e:fe:1d:cc:
                    e8:b9:5c:a7:47:1e:59:df:c4:fc:ff:ed:e2:e0:82:
                    81:9c:2d:cf:0d:5f:b4:52:bd:51:d5:84:03:cb:70:
                    6f:1e:95:65:7d:c7:5c:89:08:50:be:13:13:9d:2d:
                    21:4a:9e:49:78:cb:4f:49:26:d1:08:3c:e5:dd:bd:
                    da:40:f5:d7:1e:2d:ba:e4:95:c1:cd:6f:2d:0c:be:
                    de:90:e3:02:9d:0d:48:ec:9c:f3:9f:d6:28:da:2b:
                    9d:b6:a2:fa:33:36:af:ab:d3:27:7d:f7:3e:c8:d0:
                    65:69:62:d9:ae:b7:0e:c2:64:bd:92:af:3b:09:09:
                    34:2b:e1:3a:c8:3b:ae:38:e4:f6:1b:19:33:ab:54:
                    e4:78:fb:0a:2b:fa:24:b1:ce:44:8c:90:d0:44:b7:
                    86:98:0b:6c:39:f7:ab:91:9a:9b:c4:34:df:1a:fe:
                    81:b2:fe:83:1a:c9:e5:21:e5:90:73:0a:48:ad:d3:
                    0d:59:a4:88:43:2b:e2:44:b8:76:51:e8:6a:0f:77:
                    a4:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:2F:35:38:4E:D6:2B:6A:70:74:F8:82:E7:BE:02:9F:0E:04:E3:43
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E5D61/EE67D8C01D7811E2879E38C508B02CD2/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E5D61/EE67D8C01D7811E2879E38C508B02CD2/Ii81OE7WK2pwdPiC574Cnw4E40M.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  162.105.0.0/16
                  166.111.0.0/16
                  192.124.154.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b5:31:5c:c5:f8:fd:e2:d1:3d:3c:70:e3:9d:9a:90:14:1b:9c:
         53:9a:8c:a5:90:2e:a5:38:47:09:aa:ef:c1:6a:48:31:1c:5c:
         21:58:6c:28:fa:a7:d1:60:fa:ab:2d:45:a4:af:c7:f8:b0:c1:
         63:0f:23:4b:59:70:4a:66:5f:50:2e:c0:7a:87:e3:d9:9b:56:
         58:9e:15:f5:d9:8b:a9:d4:8c:9f:74:c9:0f:62:5e:cd:bf:dd:
         f6:da:f5:88:a3:9f:79:86:f9:e2:23:70:01:09:81:a5:ce:b4:
         bb:c8:dc:0d:31:a2:26:c5:ae:17:09:98:ca:45:42:11:30:89:
         a2:1d:8b:41:a3:d2:49:fd:89:95:8f:fa:e8:6f:73:14:ac:cd:
         c9:ac:6e:9e:94:35:a7:00:cd:7b:73:27:50:6a:02:c8:b3:a3:
         67:70:54:d3:c2:84:07:54:07:e4:ba:17:47:ab:ed:e0:b7:8e:
         8f:25:91:f4:6a:2f:70:ec:7b:62:74:16:2a:cd:54:1d:20:f7:
         44:d5:7f:85:8f:67:f8:ee:c2:57:e8:1f:97:29:d8:e3:d9:de:
         1e:bc:37:19:86:0f:94:01:fd:da:d8:5d:02:c1:e3:1e:4e:75:
         1c:1e:dc:2d:b9:60:ca:9b:45:d8:82:4d:d1:45:ba:c0:56:1e:
         e3:8e:2d:9a
-----BEGIN CERTIFICATE-----
MIIGBzCCBO+gAwIBAgICTWIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMwOTExMjEyMDQzWhcNMjQwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFFNUQ2MTExMC8GA1UEBRMoMjIyRjM1Mzg0RUQ2MkI2QTcwNzRGODgy
RTdCRTAyOUYwRTA0RTM0MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMZFtxoQeZg3+H7G2kqW7B66JeUlaNIg8newndklEwGQyftpjbW3TEUpjGk3GEI9
KLt9YhMQ/8Uu/h3M6Llcp0ceWd/E/P/t4uCCgZwtzw1ftFK9UdWEA8twbx6VZX3H
XIkIUL4TE50tIUqeSXjLT0km0Qg85d292kD11x4tuuSVwc1vLQy+3pDjAp0NSOyc
85/WKNornbai+jM2r6vTJ333PsjQZWli2a63DsJkvZKvOwkJNCvhOsg7rjjk9hsZ
M6tU5Hj7Civ6JLHORIyQ0ES3hpgLbDn3q5Gam8Q03xr+gbL+gxrJ5SHlkHMKSK3T
DVmkiEMr4kS4dlHoag93pOkCAwEAAaOCAv0wggL5MB0GA1UdDgQWBBQiLzU4TtYr
anB0+ILnvgKfDgTjQzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTVENjEvRUU2N0Q4QzAxRDc4MTFFMjg3OUUzOEM1MDhCMDJDRDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU1RDYxL0VFNjdEOEMwMUQ3ODExRTI4NzlFMzhDNTA4QjAyQ0QyL0lpODFPRTdX
SzJwd2RQaUM1NzRDbnc0RTQwTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDApBggrBgEFBQcBBwEB/wQaMBgw
FgQCAAEwEAMDAKJpAwMApm8DBADAfJowDQYJKoZIhvcNAQELBQADggEBALUxXMX4
/eLRPTxw452akBQbnFOajKWQLqU4Rwmq78FqSDEcXCFYbCj6p9Fg+qstRaSvx/iw
wWMPI0tZcEpmX1AuwHqH49mbVlieFfXZi6nUjJ90yQ9iXs2/3fba9Yijn3mG+eIj
cAEJgaXOtLvI3A0xoibFrhcJmMpFQhEwiaIdi0Gj0kn9iZWP+uhvcxSszcmsbp6U
NacAzXtzJ1BqAsizo2dwVNPChAdUB+S6F0er7eC3jo8lkfRqL3Dse2J0FirNVB0g
90TVf4WPZ/juwlfoH5cp2OPZ3h68NxmGD5QB/drYXQLB4x5OdRwe3C25YMqbRdiC
TdFFusBWHuOOLZo=
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:16:19 2024 by rpki-client on console-ams.rpki-client.org