Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KtPYi16OCwUUGjvJL4XkJzoFYqE.cer
File:                     KtPYi16OCwUUGjvJL4XkJzoFYqE.cer (raw, json)
Hash identifier:          30M45nMDtBfhAWDTeFyZlvWJwdgI9tpTrf9vC4Fh5PQ=
Subject key identifier:   2A:D3:D8:8B:5E:8E:0B:05:14:1A:3B:C9:2F:85:E4:27:3A:05:62:A1
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5112
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9132F27/7ACDF9AABB6C11EEA680AE6DC4F9AE02/KtPYi16OCwUUGjvJL4XkJzoFYqE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9132F27/7ACDF9AABB6C11EEA680AE6DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 25 Jan 2024 10:28:35 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    IP: 157.15.16.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20754 (0x5112)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jan 25 10:28:35 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A9132F27/serialNumber=2AD3D88B5E8E0B05141A3BC92F85E4273A0562A1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:17:34:45:e2:ca:14:a1:b1:c9:7d:f6:24:7d:
                    61:c9:a4:e9:2b:1c:ce:cb:be:f5:da:74:3e:cd:29:
                    fa:28:0e:d7:de:af:a1:27:72:e8:db:0e:e6:12:4a:
                    78:3b:d3:f1:d3:7c:68:91:e3:1d:b7:fe:94:05:e3:
                    8e:a0:4e:3e:37:ef:01:c2:71:de:96:50:f4:44:47:
                    78:69:b3:57:84:a6:76:40:fa:62:4b:2d:d8:50:be:
                    86:09:d6:e3:a0:36:93:af:ef:50:b3:7b:2b:d3:b5:
                    00:d9:86:fd:a5:7c:df:6d:a3:ae:e2:f5:ab:7a:f5:
                    d0:96:60:6e:7f:3e:86:9d:c6:ef:b0:9d:5c:79:3a:
                    d1:70:8f:4a:eb:18:04:93:af:d9:a4:0e:5d:e2:eb:
                    1f:8e:00:cf:e7:07:18:c2:6d:9e:b7:ea:86:6b:60:
                    bb:ed:fe:f9:83:96:45:ce:08:61:ef:0f:32:20:78:
                    18:85:5e:fb:70:23:0f:ef:5c:16:65:39:c9:6a:a7:
                    98:40:79:ef:92:cc:e5:44:7d:66:e4:df:04:40:c6:
                    49:2a:f1:c5:f7:67:18:9f:35:aa:87:33:2e:aa:15:
                    ea:82:ae:1c:11:34:41:98:1f:11:ce:26:9d:58:dc:
                    dc:a2:ec:6c:90:b1:b8:f0:6b:1e:d0:37:12:15:31:
                    d4:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:D3:D8:8B:5E:8E:0B:05:14:1A:3B:C9:2F:85:E4:27:3A:05:62:A1
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9132F27/7ACDF9AABB6C11EEA680AE6DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9132F27/7ACDF9AABB6C11EEA680AE6DC4F9AE02/KtPYi16OCwUUGjvJL4XkJzoFYqE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.15.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:f9:d1:a8:e2:32:30:eb:1e:3b:66:a4:ec:61:75:5b:53:fc:
         d0:e8:3d:5e:34:dc:21:06:d5:f2:07:93:48:e7:b3:15:68:3a:
         d7:55:44:80:8c:d4:63:d4:ac:be:92:8a:f1:fd:8f:43:41:0f:
         02:ef:17:35:70:79:e4:c8:2a:f2:b8:13:ed:e5:08:fd:40:8b:
         39:b9:84:45:a3:56:81:ef:76:5f:10:f5:34:09:af:50:e0:09:
         e1:90:ed:f7:4a:9a:0a:26:b0:63:0f:b6:31:d4:ec:c3:75:c2:
         d3:fd:55:12:df:be:8e:16:19:9b:b5:79:dc:df:5c:36:00:5a:
         e8:31:7b:ab:ba:48:e3:0f:8d:d2:e2:40:ec:06:74:0c:97:a4:
         34:94:c3:71:5f:fb:62:67:81:29:60:f8:8e:78:a5:ba:62:5f:
         16:fb:d2:3d:fd:d4:69:96:1d:06:bd:52:46:76:72:13:09:f6:
         18:d0:a7:14:8a:54:59:6c:c7:26:fd:e5:74:60:d0:e3:c8:b2:
         c6:05:95:f5:a9:da:79:de:fe:36:7f:a1:78:3d:1e:0a:0f:78:
         bc:d3:11:2b:17:03:8f:29:95:1d:d8:2f:95:33:6b:94:23:5e:
         36:e2:10:66:80:37:2b:39:e7:01:8c:72:53:84:f7:c6:52:eb:
         04:f0:3e:6b
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICURIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwMTI1MTAyODM1WhcNMjUwNTAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEzMkYyNzExMC8GA1UEBRMoMkFEM0Q4OEI1RThFMEIwNTE0MUEzQkM5
MkY4NUU0MjczQTA1NjJBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMAXNEXiyhShscl99iR9Ycmk6Ssczsu+9dp0Ps0p+igO196voSdy6NsO5hJKeDvT
8dN8aJHjHbf+lAXjjqBOPjfvAcJx3pZQ9ERHeGmzV4SmdkD6Ykst2FC+hgnW46A2
k6/vULN7K9O1ANmG/aV8322jruL1q3r10JZgbn8+hp3G77CdXHk60XCPSusYBJOv
2aQOXeLrH44Az+cHGMJtnrfqhmtgu+3++YOWRc4IYe8PMiB4GIVe+3AjD+9cFmU5
yWqnmEB575LM5UR9ZuTfBEDGSSrxxfdnGJ81qoczLqoV6oKuHBE0QZgfEc4mnVjc
3KLsbJCxuPBrHtA3EhUx1FMCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQq09iLXo4L
BRQaO8kvheQnOgVioTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzJGMjcvN0FDREY5QUFCQjZDMTFFRUE2ODBBRTZEQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTMyRjI3LzdBQ0RGOUFBQkI2QzExRUVBNjgwQUU2REM0RjlBRTAyL0t0UFlpMTZP
Q3dVVUdqdkpMNFhrSnpvRllxRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAJ0PEDANBgkqhkiG9w0BAQsFAAOCAQEAh/nRqOIyMOseO2ak7GF1
W1P80Og9XjTcIQbV8geTSOezFWg611VEgIzUY9SsvpKK8f2PQ0EPAu8XNXB55Mgq
8rgT7eUI/UCLObmERaNWge92XxD1NAmvUOAJ4ZDt90qaCiawYw+2MdTsw3XC0/1V
Et++jhYZm7V53N9cNgBa6DF7q7pI4w+N0uJA7AZ0DJekNJTDcV/7YmeBKWD4jnil
umJfFvvSPf3UaZYdBr1SRnZyEwn2GNCnFIpUWWzHJv3ldGDQ48iyxgWV9anaed7+
Nn+heD0eCg94vNMRKxcDjymVHdgvlTNrlCNeNuIQZoA3KznnAYxyU4T3xlLrBPA+
aw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:29 2024 by rpki-client on console-fra.rpki-client.org