Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/J7eqjlEecNijC7NtAsrwhXkMmcM.cer
File:                     J7eqjlEecNijC7NtAsrwhXkMmcM.cer (raw, json)
Hash identifier:          d7UqVs7MPFGP1rb92lsEdtf9w1mkXrVg2oXLGCG4u/M=
Subject key identifier:   27:B7:AA:8E:51:1E:70:D8:A3:0B:B3:6D:02:CA:F0:85:79:0C:99:C3
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5184
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A914284F/93085C80D7AE11EBA5EB316CC4F9AE02/J7eqjlEecNijC7NtAsrwhXkMmcM.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A914284F/93085C80D7AE11EBA5EB316CC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 01 Feb 2024 17:21:38 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    IP: 156.16.0.0/16
                          IP: 158.40.0.0/16

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 02:50:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20868 (0x5184)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Feb  1 17:21:38 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A914284F/serialNumber=27B7AA8E511E70D8A30BB36D02CAF085790C99C3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:ba:a4:a3:61:73:07:02:b2:5d:d9:5d:49:a2:
                    fa:52:dd:d7:88:96:4d:42:1b:91:20:75:e3:da:6c:
                    cb:47:82:42:a1:89:74:df:8a:52:8f:f2:35:82:c6:
                    16:ff:2a:54:76:68:3c:e8:43:ac:30:7b:09:8f:cd:
                    fb:36:e5:c3:56:8c:4e:7e:ce:7e:57:bb:29:08:75:
                    9e:48:56:b5:a3:dd:82:a7:a4:95:08:7c:a7:ed:45:
                    1c:87:ec:ac:5d:8f:71:8c:5b:16:c3:a6:63:d3:1b:
                    ab:0c:76:44:4a:77:c3:d1:a6:97:9b:4e:a8:59:ac:
                    8a:6e:e1:a7:77:eb:9e:41:cd:9c:5e:86:22:cb:7b:
                    c8:15:41:bd:f8:cb:c0:a6:40:24:fd:dc:23:4e:62:
                    20:1e:4b:78:0e:44:cc:4e:5c:5d:09:26:0a:4c:11:
                    82:0d:47:68:03:ed:f5:e6:a2:b6:dd:8b:d9:a3:fb:
                    f2:3e:5c:c4:1f:cc:f0:fb:63:dd:d0:40:fa:71:0c:
                    6c:0d:05:e0:e5:8d:d2:01:a4:0e:3e:76:9d:6b:ea:
                    94:44:48:69:f8:d8:30:7f:1c:5f:30:6d:36:54:23:
                    db:a2:8f:77:af:40:a2:56:fa:85:e4:71:66:d1:73:
                    fb:cd:31:e5:3e:aa:ae:89:d8:53:50:03:4f:0c:8a:
                    0a:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:B7:AA:8E:51:1E:70:D8:A3:0B:B3:6D:02:CA:F0:85:79:0C:99:C3
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A914284F/93085C80D7AE11EBA5EB316CC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A914284F/93085C80D7AE11EBA5EB316CC4F9AE02/J7eqjlEecNijC7NtAsrwhXkMmcM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.16.0.0/16
                  158.40.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         51:65:91:18:dc:b4:ab:bd:1d:7d:6b:84:fa:81:4d:72:8e:9d:
         4d:cb:58:2c:72:c9:f2:86:b1:11:f3:ce:fe:e3:ea:44:a2:48:
         a5:a9:ba:b4:b1:97:d1:b9:25:95:19:1c:ae:6b:34:81:53:6b:
         e8:86:d6:e9:b3:bb:8f:ab:f8:97:5a:82:7d:2b:aa:89:2c:43:
         e0:7f:cd:3c:ec:1f:e0:45:0f:a1:51:8d:cb:6c:99:87:8b:3c:
         23:7e:9f:f0:e1:84:29:c1:cd:3c:b4:75:3f:17:ce:b0:db:5f:
         b4:25:64:3d:8d:28:12:30:96:e4:e5:17:ea:4f:08:a2:4d:9f:
         c0:19:73:79:d9:fa:fe:de:1f:33:a4:a9:be:16:31:af:3b:80:
         94:b4:79:01:f6:42:6f:be:94:ab:de:c2:4a:e4:5a:41:97:dc:
         c7:78:a1:79:a8:17:71:a1:51:bf:a0:61:14:ee:b6:ae:ac:73:
         14:c3:bc:82:01:64:ea:54:23:45:be:9c:6f:f1:65:b0:c5:a0:
         94:48:45:7a:e1:d6:06:55:37:96:e5:99:68:ad:40:61:cc:19:
         8b:93:46:7a:f6:49:0c:e9:22:d3:7e:c3:1b:36:32:38:7c:3c:
         b4:b7:89:8a:a8:72:a8:62:a7:43:8b:ad:96:e3:3a:2b:3c:ed:
         d1:24:46:ed
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgICUYQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwMjAxMTcyMTM4WhcNMjUwNTAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE0Mjg0RjExMC8GA1UEBRMoMjdCN0FBOEU1MTFFNzBEOEEzMEJCMzZE
MDJDQUYwODU3OTBDOTlDMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKy6pKNhcwcCsl3ZXUmi+lLd14iWTUIbkSB149psy0eCQqGJdN+KUo/yNYLGFv8q
VHZoPOhDrDB7CY/N+zblw1aMTn7Ofle7KQh1nkhWtaPdgqeklQh8p+1FHIfsrF2P
cYxbFsOmY9Mbqwx2REp3w9Gml5tOqFmsim7hp3frnkHNnF6GIst7yBVBvfjLwKZA
JP3cI05iIB5LeA5EzE5cXQkmCkwRgg1HaAPt9eaitt2L2aP78j5cxB/M8Ptj3dBA
+nEMbA0F4OWN0gGkDj52nWvqlERIafjYMH8cXzBtNlQj26KPd69Aolb6heRxZtFz
+80x5T6qronYU1ADTwyKCgECAwEAAaOCAvcwggLzMB0GA1UdDgQWBBQnt6qOUR5w
2KMLs20CyvCFeQyZwzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDI4NEYvOTMwODVDODBEN0FFMTFFQkE1RUIzMTZDQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTQyODRGLzkzMDg1QzgwRDdBRTExRUJBNUVCMzE2Q0M0RjlBRTAyL0o3ZXFqbEVl
Y05pakM3TnRBc3J3aFhrTW1jTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAjBggrBgEFBQcBBwEB/wQUMBIw
EAQCAAEwCgMDAJwQAwMAnigwDQYJKoZIhvcNAQELBQADggEBAFFlkRjctKu9HX1r
hPqBTXKOnU3LWCxyyfKGsRHzzv7j6kSiSKWpurSxl9G5JZUZHK5rNIFTa+iG1umz
u4+r+Jdagn0rqoksQ+B/zTzsH+BFD6FRjctsmYeLPCN+n/DhhCnBzTy0dT8XzrDb
X7QlZD2NKBIwluTlF+pPCKJNn8AZc3nZ+v7eHzOkqb4WMa87gJS0eQH2Qm++lKve
wkrkWkGX3Md4oXmoF3GhUb+gYRTutq6scxTDvIIBZOpUI0W+nG/xZbDFoJRIRXrh
1gZVN5blmWitQGHMGYuTRnr2SQzpItN+wxs2Mjh8PLS3iYqocqhip0OLrZbjOis8
7dEkRu0=
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:25:07 2024 by rpki-client on console-ams.rpki-client.org