Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NLS87039oDpMSNC5Mgl4vQq53kY.cer
File:                     NLS87039oDpMSNC5Mgl4vQq53kY.cer (raw, json)
Hash identifier:          KBHiL2bMr/t1yiqkwuhK1lVfUXZa3hNfhHzJSjlM0gk=
Subject key identifier:   34:B4:BC:EF:4D:FD:A0:3A:4C:48:D0:B9:32:09:78:BD:0A:B9:DE:46
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       48FF
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9193037/7493F8CC6A2411EDA2ECBE1DC4F9AE02/NLS87039oDpMSNC5Mgl4vQq53kY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9193037/7493F8CC6A2411EDA2ECBE1DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 23 Feb 2023 16:55:05 +0000
Certificate not after:    Wed 29 May 2024 00:00:00 +0000
Subordinate resources:    IP: 160.4.0.0/16
                          IP: 192.146.133.0/24
                          IP: 192.153.251.0/24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18687 (0x48ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Feb 23 16:55:05 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=A9193037/serialNumber=34B4BCEF4DFDA03A4C48D0B9320978BD0AB9DE46
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:ca:16:e9:49:01:b8:ab:b6:3e:5f:11:61:11:
                    7e:b2:dc:30:93:0e:21:6e:9f:a1:3e:9f:ab:24:69:
                    bb:10:86:9a:98:4e:76:9f:f1:be:b6:fd:62:e5:96:
                    10:79:db:6c:b8:8a:a8:8d:ce:05:39:9b:0d:53:dc:
                    4a:07:8b:f1:7f:4d:ec:7c:6e:f2:93:a9:b2:e5:4b:
                    a6:1d:5a:f1:7a:9f:63:97:5c:69:f3:1d:d7:24:e6:
                    45:78:04:17:c0:31:b5:13:60:a1:2c:0b:79:8a:01:
                    3c:dd:4a:c7:87:f0:91:e3:ab:77:8c:07:55:47:6b:
                    d9:e1:13:eb:63:73:9c:4c:ad:09:39:46:64:d6:bb:
                    8d:44:c8:00:c9:15:c5:a8:55:e1:d5:ef:6a:e3:06:
                    25:61:db:61:73:14:43:6b:bb:7a:84:25:73:77:98:
                    9a:02:50:66:ed:9c:12:6c:3c:04:7f:d4:7c:a2:7f:
                    ac:80:26:81:43:5d:7e:f5:55:ac:e3:fb:a5:b4:a5:
                    43:5f:ea:e2:13:25:10:f0:f1:24:e2:27:22:85:f4:
                    c9:ed:44:e9:25:4f:fa:fd:0b:fd:59:32:1d:d7:f1:
                    a0:51:89:a2:db:63:1b:b4:d6:fd:99:b7:32:a8:60:
                    6e:eb:1c:52:8b:bd:6c:93:aa:7e:5d:fb:c4:ea:24:
                    8e:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:B4:BC:EF:4D:FD:A0:3A:4C:48:D0:B9:32:09:78:BD:0A:B9:DE:46
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9193037/7493F8CC6A2411EDA2ECBE1DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9193037/7493F8CC6A2411EDA2ECBE1DC4F9AE02/NLS87039oDpMSNC5Mgl4vQq53kY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.4.0.0/16
                  192.146.133.0/24
                  192.153.251.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:10:3b:88:2b:1d:d0:97:32:84:ff:04:e6:41:8f:de:cb:5e:
         0d:97:ba:05:4f:7f:25:bb:ef:99:50:cd:b5:1e:65:bf:02:69:
         d6:c6:f4:97:c7:c2:98:3f:d0:f2:48:ec:66:7b:7e:9b:32:cf:
         2e:42:e3:1a:7c:f3:0d:2b:50:56:41:5c:16:b8:9c:3e:eb:0d:
         75:2c:c8:05:0c:e1:7f:1a:55:e2:01:cc:8b:47:41:60:13:0d:
         97:7b:d2:05:85:d8:37:8e:53:da:fa:7f:54:7f:e2:59:28:40:
         fd:1b:b9:3e:1c:7a:01:5e:46:b2:4c:7c:42:80:72:1e:bc:5c:
         94:18:1c:5f:44:f1:e4:ed:f2:a2:88:d8:7f:02:15:f8:8a:37:
         ab:37:e3:38:68:0f:53:bf:81:58:29:54:a0:61:16:a4:ca:82:
         12:5d:73:11:aa:52:f4:c8:1f:bc:ac:93:0e:63:de:b8:fa:d3:
         58:96:47:c6:c7:8e:ec:13:41:4d:7d:f4:66:58:72:93:79:41:
         fd:49:b0:65:41:aa:52:25:08:0c:ea:e5:82:a5:57:5b:a7:20:
         60:4a:6b:46:29:b4:57:aa:e9:3a:bd:70:2a:dc:45:01:b0:c2:
         c9:60:20:2e:e8:9e:9b:d0:96:5b:94:4f:48:8d:03:fa:8e:f5:
         10:3c:9e:14
-----BEGIN CERTIFICATE-----
MIIGCDCCBPCgAwIBAgICSP8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMwMjIzMTY1NTA1WhcNMjQwNTI5MDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE5MzAzNzExMC8GA1UEBRMoMzRCNEJDRUY0REZEQTAzQTRDNDhEMEI5
MzIwOTc4QkQwQUI5REU0NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANbKFulJAbirtj5fEWERfrLcMJMOIW6foT6fqyRpuxCGmphOdp/xvrb9YuWWEHnb
bLiKqI3OBTmbDVPcSgeL8X9N7Hxu8pOpsuVLph1a8XqfY5dcafMd1yTmRXgEF8Ax
tRNgoSwLeYoBPN1Kx4fwkeOrd4wHVUdr2eET62NznEytCTlGZNa7jUTIAMkVxahV
4dXvauMGJWHbYXMUQ2u7eoQlc3eYmgJQZu2cEmw8BH/UfKJ/rIAmgUNdfvVVrOP7
pbSlQ1/q4hMlEPDxJOInIoX0ye1E6SVP+v0L/VkyHdfxoFGJottjG7TW/Zm3Mqhg
buscUou9bJOqfl37xOokjvcCAwEAAaOCAv4wggL6MB0GA1UdDgQWBBQ0tLzvTf2g
OkxI0LkyCXi9CrneRjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTMwMzcvNzQ5M0Y4Q0M2QTI0MTFFREEyRUNCRTFEQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTkzMDM3Lzc0OTNGOENDNkEyNDExRURBMkVDQkUxREM0RjlBRTAyL05MUzg3MDM5
b0RwTVNOQzVNZ2w0dlFxNTNrWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAqBggrBgEFBQcBBwEB/wQbMBkw
FwQCAAEwEQMDAKAEAwQAwJKFAwQAwJn7MA0GCSqGSIb3DQEBCwUAA4IBAQBTEDuI
Kx3QlzKE/wTmQY/ey14Nl7oFT38lu++ZUM21HmW/AmnWxvSXx8KYP9DySOxme36b
Ms8uQuMafPMNK1BWQVwWuJw+6w11LMgFDOF/GlXiAcyLR0FgEw2Xe9IFhdg3jlPa
+n9Uf+JZKED9G7k+HHoBXkayTHxCgHIevFyUGBxfRPHk7fKiiNh/AhX4ijerN+M4
aA9Tv4FYKVSgYRakyoISXXMRqlL0yB+8rJMOY964+tNYlkfGx47sE0FNffRmWHKT
eUH9SbBlQapSJQgM6uWCpVdbpyBgSmtGKbRXquk6vXAq3EUBsMLJYCAu6J6b0JZb
lE9IjQP6jvUQPJ4U
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:40 2024 by rpki-client on console-ams.rpki-client.org