Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer
File:                     KbaocCpK1kSocQZLZAet5JPmOo0.cer (raw, json)
Hash identifier:          HTeX3i3A7wxR1nO+56FcZbZ67Ei3DqxWpy+32pzACU0=
Subject key identifier:   29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       4BF9
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 10 Jul 2023 16:40:10 +0000
Certificate not after:    Mon 30 Sep 2024 00:00:00 +0000
Subordinate resources:    IP: 168.245.188.0/22
                          IP: 198.246.223.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 15:53:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19449 (0x4bf9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jul 10 16:40:10 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=A919EAF3/serialNumber=29B6A8702A4AD644A871064B6407ADE493E63A8D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:cf:e1:bd:7f:38:00:70:74:25:c4:67:da:60:
                    c1:1d:08:41:cf:77:c5:c1:d5:74:6f:0f:ff:a2:7a:
                    cf:6b:cf:20:cc:6a:69:a9:d8:f3:d8:59:e4:38:dc:
                    fc:a7:46:5a:78:1d:00:ef:44:6e:41:05:5e:aa:b1:
                    48:4e:aa:f2:b6:7d:58:2b:0d:9b:1b:d6:72:24:d7:
                    e4:f9:a0:89:53:92:07:13:ee:b1:5d:82:a3:7e:ca:
                    77:7b:46:25:ca:7d:78:01:d6:02:c9:68:fb:2e:f2:
                    4d:80:f3:b1:cb:d0:12:6e:96:85:b9:6d:1f:02:e0:
                    f8:d9:f3:6e:cf:d0:8e:60:89:15:c8:53:00:24:36:
                    c6:10:79:3a:da:dd:ff:b3:c2:23:36:b8:60:72:20:
                    3b:71:d0:43:4d:af:9e:8e:09:de:b8:6e:25:36:10:
                    81:f1:c7:6b:57:cc:6b:00:04:b6:2b:e7:55:20:dd:
                    43:8f:9d:4b:fe:08:86:ce:df:c3:49:db:e3:71:67:
                    e8:f1:35:02:68:37:a4:f5:a6:a3:38:d5:84:89:d9:
                    c6:0f:eb:49:ca:ba:e6:cd:78:fc:27:cb:ff:71:8b:
                    b3:b3:19:5e:12:2e:df:a9:9f:42:02:75:e1:e6:4a:
                    1f:61:e0:5c:b1:33:52:d6:c8:81:65:2d:09:40:5e:
                    de:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.245.188.0/22
                  198.246.223.0/24

    Signature Algorithm: sha256WithRSAEncryption
         99:62:6f:99:2f:37:7f:15:3b:e8:86:3b:f5:3f:95:fb:fa:61:
         f7:10:36:55:25:5a:e5:5f:d8:31:cf:78:73:ee:fa:04:73:1a:
         c3:b9:05:d2:8f:21:8e:18:89:48:e4:14:9c:1f:6d:50:92:ca:
         ba:47:b0:b1:88:5b:47:a9:5e:ba:b3:5c:e8:89:50:be:b6:42:
         b7:9f:e7:1e:91:27:66:81:37:e9:de:ef:83:4e:e0:37:88:f8:
         82:33:3c:01:0c:e4:4e:00:08:bb:16:9c:3a:00:15:59:87:86:
         ea:64:e0:d9:3c:e6:0b:b2:6f:18:0e:4a:a2:78:9c:6a:95:3d:
         86:3a:63:87:b9:d2:12:65:32:97:eb:c4:55:eb:d3:60:71:49:
         e2:96:df:28:fa:fd:c0:88:47:26:71:ce:16:f6:2d:ad:79:cd:
         92:39:12:6f:e0:81:1d:62:55:a3:ec:0f:33:cf:d1:26:b6:34:
         77:f2:b1:ad:5a:6d:09:82:d4:b2:7a:16:11:f6:63:7a:e3:10:
         d5:16:86:16:9b:80:26:54:26:27:18:cb:6b:1f:4c:48:71:0d:
         2a:23:4b:cc:85:f2:b7:94:53:80:41:61:59:56:2e:30:51:dd:
         18:5a:81:c7:db:b6:ce:1a:84:ce:36:64:a3:a6:33:a7:53:ba:
         53:94:58:0a
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgICS/kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMwNzEwMTY0MDEwWhcNMjQwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE5RUFGMzExMC8GA1UEBRMoMjlCNkE4NzAyQTRBRDY0NEE4NzEwNjRC
NjQwN0FERTQ5M0U2M0E4RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM7P4b1/OABwdCXEZ9pgwR0IQc93xcHVdG8P/6J6z2vPIMxqaanY89hZ5Djc/KdG
WngdAO9EbkEFXqqxSE6q8rZ9WCsNmxvWciTX5PmgiVOSBxPusV2Co37Kd3tGJcp9
eAHWAslo+y7yTYDzscvQEm6WhbltHwLg+Nnzbs/QjmCJFchTACQ2xhB5Otrd/7PC
Iza4YHIgO3HQQ02vno4J3rhuJTYQgfHHa1fMawAEtivnVSDdQ4+dS/4Ihs7fw0nb
43Fn6PE1Amg3pPWmozjVhInZxg/rScq65s14/CfL/3GLs7MZXhIu36mfQgJ14eZK
H2HgXLEzUtbIgWUtCUBe3mUCAwEAAaOCAvkwggL1MB0GA1UdDgQWBBQptqhwKkrW
RKhxBktkB63kk+Y6jTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUVBRjMvOTNCQjUwMkU2RDE4MTFFN0E4MTVEQTgwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlFQUYzLzkzQkI1MDJFNkQxODExRTdBODE1REE4MEM0RjlBRTAyL0tiYW9jQ3BL
MWtTb2NRWkxaQWV0NUpQbU9vMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQWMBQw
EgQCAAEwDAMEAqj1vAMEAMb23zANBgkqhkiG9w0BAQsFAAOCAQEAmWJvmS83fxU7
6IY79T+V+/ph9xA2VSVa5V/YMc94c+76BHMaw7kF0o8hjhiJSOQUnB9tUJLKukew
sYhbR6leurNc6IlQvrZCt5/nHpEnZoE36d7vg07gN4j4gjM8AQzkTgAIuxacOgAV
WYeG6mTg2TzmC7JvGA5KonicapU9hjpjh7nSEmUyl+vEVevTYHFJ4pbfKPr9wIhH
JnHOFvYtrXnNkjkSb+CBHWJVo+wPM8/RJrY0d/KxrVptCYLUsnoWEfZjeuMQ1RaG
FpuAJlQmJxjLax9MSHENKiNLzIXyt5RTgEFhWVYuMFHdGFqBx9u2zhqEzjZko6Yz
p1O6U5RYCg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 18:54:46 2024 by rpki-client on console-ams.rpki-client.org