Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.cer
File:                     Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.cer (raw, json)
Hash identifier:          GG8DBUc06J7PWAF1bty7YeB6imOxnmKcGAdR+wMgHBY=
Subject key identifier:   22:4E:66:8F:40:56:01:CA:DC:33:91:38:3F:CA:96:DF:94:68:D9:5A
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5697
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 10 Jun 2024 05:52:26 +0000
Certificate not after:    Sun 31 Aug 2025 00:00:00 +0000
Subordinate resources:    IP: 160.22.104.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22167 (0x5697)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jun 10 05:52:26 2024 GMT
            Not After : Aug 31 00:00:00 2025 GMT
        Subject: CN=A91F83DC/serialNumber=224E668F405601CADC3391383FCA96DF9468D95A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:ac:db:62:70:e4:a3:23:83:9f:cb:d1:4c:cc:
                    e6:89:03:74:6f:ac:1c:5f:d0:8c:c0:36:67:e4:45:
                    ad:76:72:3c:ef:ce:c2:c5:f9:61:76:10:8b:13:5c:
                    36:9b:0f:31:c2:fb:4d:58:12:24:d4:ed:dd:cf:f0:
                    d5:79:0b:df:5c:97:1c:a6:9b:24:66:c1:9c:90:b3:
                    b1:84:62:f1:fa:56:a4:c2:48:40:a0:35:99:0c:5c:
                    f2:01:74:5a:15:b2:04:79:12:93:23:bb:5b:36:95:
                    f0:cb:89:a9:54:5d:8a:49:26:5e:5b:99:f8:01:46:
                    69:1c:10:bd:3f:7a:e2:1e:89:54:14:93:78:71:6d:
                    ea:16:42:31:83:f0:10:a6:8e:68:04:52:b4:65:d1:
                    3c:5c:85:61:92:98:dd:80:a4:b5:c8:a0:34:96:93:
                    c4:fd:af:14:9d:cc:7e:ac:7e:94:05:65:c3:c4:fd:
                    59:ea:9b:a3:89:24:5b:17:23:06:d1:42:af:af:77:
                    ab:17:80:08:9e:1b:1a:08:17:ed:7f:25:1e:b3:8d:
                    d8:96:3d:89:6d:bf:fa:7f:be:bb:2d:68:cf:b4:b8:
                    fe:5a:49:9f:87:95:27:23:14:4c:18:71:91:c8:eb:
                    01:11:74:f4:e5:6b:de:67:60:b8:3a:b3:52:b3:e0:
                    47:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:4E:66:8F:40:56:01:CA:DC:33:91:38:3F:CA:96:DF:94:68:D9:5A
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.22.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         50:8a:79:a0:47:eb:49:0e:44:ae:af:fb:62:2c:61:50:ff:9a:
         bf:1f:b3:13:ed:d3:bb:6d:91:0e:d5:9c:1c:78:25:ef:7a:a8:
         09:e4:4a:c7:0d:b1:4b:7f:1b:a7:e4:e3:b7:8d:02:31:0a:a0:
         df:99:66:20:2b:52:d8:5d:b5:11:66:3f:d0:fe:a3:d2:59:fe:
         7e:8d:be:e4:e3:81:20:ee:0c:b6:d3:90:2e:e9:d8:d3:6b:18:
         89:a9:57:2a:2a:17:9d:01:35:74:31:d7:4e:be:46:e5:b0:53:
         ce:2b:78:75:b3:c0:3c:29:64:88:e1:b4:45:72:1b:31:0b:e3:
         bf:af:5c:1e:af:ea:9f:08:f2:0f:44:70:05:ea:55:6e:02:e0:
         4c:bf:3e:01:59:b8:5d:17:a4:f3:6b:5c:20:37:5d:9e:3b:b7:
         b3:eb:c3:b4:55:50:0c:0d:85:5e:e2:17:33:97:7b:c7:d0:50:
         79:98:c5:aa:66:a7:5f:70:74:a0:81:66:f0:9b:6e:24:4d:29:
         9f:7d:98:b8:f1:10:37:e6:66:94:d3:a3:bf:37:d9:cb:d0:b7:
         86:3e:0c:66:c1:a2:d8:a2:9b:f6:e9:89:54:9e:e9:22:e3:f9:
         fe:3b:76:28:3c:ef:39:ee:70:86:af:9c:56:23:fc:c5:b2:36:
         bd:63:d7:72
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICVpcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNjEwMDU1MjI2WhcNMjUwODMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFGODNEQzExMC8GA1UEBRMoMjI0RTY2OEY0MDU2MDFDQURDMzM5MTM4
M0ZDQTk2REY5NDY4RDk1QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AOSs22Jw5KMjg5/L0UzM5okDdG+sHF/QjMA2Z+RFrXZyPO/OwsX5YXYQixNcNpsP
McL7TVgSJNTt3c/w1XkL31yXHKabJGbBnJCzsYRi8fpWpMJIQKA1mQxc8gF0WhWy
BHkSkyO7WzaV8MuJqVRdikkmXluZ+AFGaRwQvT964h6JVBSTeHFt6hZCMYPwEKaO
aARStGXRPFyFYZKY3YCktcigNJaTxP2vFJ3Mfqx+lAVlw8T9Weqbo4kkWxcjBtFC
r693qxeACJ4bGggX7X8lHrON2JY9iW2/+n++uy1oz7S4/lpJn4eVJyMUTBhxkcjr
ARF09OVr3mdguDqzUrPgR2ECAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQiTmaPQFYB
ytwzkTg/ypbflGjZWjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjgzREMvOTlDNzQ4ODgyNkVEMTFFRkI0QzlCQTI4QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUY4M0RDLzk5Qzc0ODg4MjZFRDExRUZCNEM5QkEyOEM0RjlBRTAyL0lrNW1qMEJX
QWNyY001RTRQOHFXMzVSbzJWby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaAWaDANBgkqhkiG9w0BAQsFAAOCAQEAUIp5oEfrSQ5Erq/7Yixh
UP+avx+zE+3Tu22RDtWcHHgl73qoCeRKxw2xS38bp+Tjt40CMQqg35lmICtS2F21
EWY/0P6j0ln+fo2+5OOBIO4MttOQLunY02sYialXKioXnQE1dDHXTr5G5bBTzit4
dbPAPClkiOG0RXIbMQvjv69cHq/qnwjyD0RwBepVbgLgTL8+AVm4XRek82tcIDdd
nju3s+vDtFVQDA2FXuIXM5d7x9BQeZjFqmanX3B0oIFm8JtuJE0pn32YuPEQN+Zm
lNOjvzfZy9C3hj4MZsGi2KKb9umJVJ7pIuP5/jt2KDzvOe5whq+cViP8xbI2vWPX
cg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:41:39 2024 by rpki-client on console-ams.rpki-client.org