Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer
File:                     L9JLb9eYBEVzVDhmYs4w3aOyALU.cer (raw, json)
Hash identifier:          5zpfXbt+1HQvDsPR7JHVN0Gc6V68ZECdppWMxNdg3FE=
Subject key identifier:   2F:D2:4B:6F:D7:98:04:45:73:54:38:66:62:CE:30:DD:A3:B2:00:B5
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5300
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 04 Mar 2024 18:22:56 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 157.20.146.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21248 (0x5300)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Mar  4 18:22:56 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A91A29DA/serialNumber=2FD24B6FD79804457354386662CE30DDA3B200B5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:8e:1f:5b:8e:2a:e9:10:bc:22:59:e7:c8:bb:
                    19:01:27:ba:a2:0c:06:3b:b1:d0:e4:82:42:69:35:
                    22:8d:c7:ae:39:98:54:3e:b6:d8:22:d0:36:f9:ce:
                    da:22:8c:2a:58:a9:25:f7:7f:8e:e8:91:84:f7:d5:
                    8d:9c:ca:78:24:2e:a4:00:ab:68:ab:79:fc:08:e8:
                    96:2a:47:13:bf:d7:89:90:60:aa:30:c9:4d:b8:9f:
                    c7:e6:db:dc:46:34:76:9f:d7:2d:f5:8b:22:3a:ff:
                    ab:6f:75:4d:a5:46:96:0c:e1:70:1f:85:8e:54:e6:
                    01:04:52:64:6d:b2:d8:10:ea:b8:5a:a6:18:2f:ef:
                    7e:b2:d8:b2:df:87:b2:5c:04:6a:dd:8f:aa:d9:66:
                    ea:e3:11:22:37:37:91:2c:5b:ec:e6:3e:1c:4b:8b:
                    b2:e2:17:62:f4:cf:ef:fa:87:44:b2:7e:bd:c5:96:
                    4b:fd:4b:fb:fd:13:97:1c:6e:d3:94:ba:e7:cd:4c:
                    e4:eb:71:56:95:cc:ea:8d:0b:1d:d3:74:c9:18:43:
                    83:6c:87:60:0e:69:19:8c:d1:02:92:e3:90:3d:3f:
                    6f:93:99:2f:07:28:95:f7:49:5a:d1:32:a2:dd:b5:
                    f0:30:ae:33:49:b5:5e:13:94:40:ce:a1:d2:b0:c6:
                    76:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:D2:4B:6F:D7:98:04:45:73:54:38:66:62:CE:30:DD:A3:B2:00:B5
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.20.146.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8b:de:38:f4:8d:e4:3f:93:cd:2c:7e:5c:47:c9:ea:88:54:da:
         1e:42:f6:d8:a0:24:3b:11:80:9a:79:0f:63:fe:e8:ab:e3:b1:
         9a:99:34:86:d1:d6:19:88:3e:b8:3a:8f:48:c0:da:9e:b5:15:
         83:64:92:f0:bc:19:54:39:cb:6e:98:9f:3a:cb:9b:7a:50:5f:
         dd:46:78:ee:47:81:80:77:1f:a3:ea:48:e5:7e:bc:d9:2a:5b:
         02:5f:39:6c:74:b1:94:97:7c:23:56:6e:ef:53:1c:08:f7:b3:
         6b:c7:ac:a6:34:14:d7:1c:3a:95:fa:96:63:85:46:dc:51:be:
         af:28:a1:4f:0e:dd:b7:f3:c1:39:7e:0c:24:fa:1d:96:17:18:
         7c:86:52:d7:ef:48:0c:36:86:55:f0:ef:4f:9c:9f:4c:90:ab:
         28:2c:bb:23:53:51:2e:2f:48:bd:0f:d7:b5:22:19:76:3f:52:
         29:f5:67:5f:48:57:ef:54:ce:12:b0:18:d4:a0:0a:87:af:4e:
         39:0f:ed:6b:e7:4a:56:95:b6:9c:61:c8:f7:9f:ec:07:6f:1a:
         df:50:92:23:dc:5b:86:16:15:14:a8:4b:9e:51:00:7f:77:a8:
         b8:30:83:5a:8f:9d:0b:82:74:27:f2:bf:ca:a6:31:03:64:05:
         cd:09:96:5a
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICUwAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwMzA0MTgyMjU2WhcNMjUwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFBMjlEQTExMC8GA1UEBRMoMkZEMjRCNkZENzk4MDQ0NTczNTQzODY2
NjJDRTMwRERBM0IyMDBCNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM+OH1uOKukQvCJZ58i7GQEnuqIMBjux0OSCQmk1Io3HrjmYVD622CLQNvnO2iKM
KlipJfd/juiRhPfVjZzKeCQupACraKt5/AjolipHE7/XiZBgqjDJTbifx+bb3EY0
dp/XLfWLIjr/q291TaVGlgzhcB+FjlTmAQRSZG2y2BDquFqmGC/vfrLYst+HslwE
at2Pqtlm6uMRIjc3kSxb7OY+HEuLsuIXYvTP7/qHRLJ+vcWWS/1L+/0Tlxxu05S6
581M5OtxVpXM6o0LHdN0yRhDg2yHYA5pGYzRApLjkD0/b5OZLwcolfdJWtEyot21
8DCuM0m1XhOUQM6h0rDGdhECAwEAAaOCAvMwggLvMB0GA1UdDgQWBBQv0ktv15gE
RXNUOGZizjDdo7IAtTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTI5REEvMzRCNUI1MTREQTU0MTFFRTgyN0NBNTdEQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUEyOURBLzM0QjVCNTE0REE1NDExRUU4MjdDQTU3REM0RjlBRTAyL0w5SkxiOWVZ
QkVWelZEaG1ZczR3M2FPeUFMVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0UkjANBgkqhkiG9w0BAQsFAAOCAQEAi9449I3kP5PNLH5cR8nq
iFTaHkL22KAkOxGAmnkPY/7oq+Oxmpk0htHWGYg+uDqPSMDanrUVg2SS8LwZVDnL
bpifOsubelBf3UZ47keBgHcfo+pI5X682SpbAl85bHSxlJd8I1Zu71McCPeza8es
pjQU1xw6lfqWY4VG3FG+ryihTw7dt/PBOX4MJPodlhcYfIZS1+9IDDaGVfDvT5yf
TJCrKCy7I1NRLi9IvQ/XtSIZdj9SKfVnX0hX71TOErAY1KAKh69OOQ/ta+dKVpW2
nGHI95/sB28a31CSI9xbhhYVFKhLnlEAf3eouDCDWo+dC4J0J/K/yqYxA2QFzQmW
Wg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:41:39 2024 by rpki-client on console-ams.rpki-client.org