Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OYN8tL7K9qYmyRaulgJBtgnmsgo.cer
File:                     OYN8tL7K9qYmyRaulgJBtgnmsgo.cer (raw, json)
Hash identifier:          BLq4RytSfWUWbimHWphgbAqJlpvfhnGMri5IvBphtYQ=
Subject key identifier:   39:83:7C:B4:BE:CA:F6:A6:26:C9:16:AE:96:02:41:B6:09:E6:B2:0A
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       54BD
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 19 Apr 2024 16:32:01 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 137.157.0.0/16

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21693 (0x54bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Apr 19 16:32:01 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A918C3B7/serialNumber=39837CB4BECAF6A626C916AE960241B609E6B20A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:46:a6:71:51:c4:eb:c9:0f:da:25:58:82:f3:
                    7f:dd:e7:63:05:35:c5:32:a1:7d:9a:86:ce:7e:f3:
                    1a:9a:40:3e:d5:8d:47:a0:02:23:3b:26:de:6e:9d:
                    8e:19:a5:e5:56:d7:62:79:41:a6:70:1b:2e:0d:58:
                    30:37:07:19:a1:1d:98:8b:76:24:b5:6b:9a:f5:ec:
                    62:eb:e3:55:06:23:c4:87:68:e0:32:30:6b:fb:5a:
                    e9:2a:7e:d5:ae:e0:a2:de:42:08:a0:84:3b:ac:8e:
                    04:32:81:d1:5e:dd:b3:36:e0:60:e3:44:5b:81:96:
                    e3:c8:24:9e:28:28:65:e8:ad:a5:01:c3:2e:b1:20:
                    3a:f2:2a:f0:e4:fc:69:b6:58:20:64:d2:bc:9a:ae:
                    c5:ce:57:fb:dc:79:8f:d5:a4:b8:c3:7a:c4:05:7b:
                    32:f2:ca:eb:e0:43:39:15:88:57:ed:c4:a6:05:29:
                    32:f3:f1:d4:4a:e6:60:19:91:62:7f:8c:59:98:0c:
                    ea:9a:d2:31:a4:29:f8:7f:3f:a4:16:93:2c:ec:0a:
                    2e:f6:d5:e0:ee:af:62:da:0b:97:cc:d9:40:b0:1c:
                    74:a2:83:3d:6f:df:42:b8:e7:be:16:f6:77:a8:16:
                    ed:97:b0:8f:8b:9a:f7:69:2d:d0:39:bf:d0:66:b1:
                    36:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:83:7C:B4:BE:CA:F6:A6:26:C9:16:AE:96:02:41:B6:09:E6:B2:0A
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918C3B7/159A4AD0932511EEBE987F60C4F9AE02/OYN8tL7K9qYmyRaulgJBtgnmsgo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.157.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         40:78:f6:d7:14:7b:79:ac:2f:00:58:8f:2b:99:c7:fe:11:7f:
         e2:18:9a:45:d1:6b:d3:ba:42:4d:b3:be:9d:23:07:ff:2a:6e:
         4f:be:e0:32:6f:55:0a:a3:18:fd:a0:ba:19:f8:dd:ba:b6:91:
         91:d9:92:5a:a2:94:13:89:b1:d5:31:f0:31:a0:67:c2:d7:d4:
         04:d4:a5:13:21:92:f9:58:79:2c:d7:8e:00:9c:61:b4:9a:5f:
         77:05:50:23:8c:4c:8b:7f:8a:87:c1:9e:66:8b:91:7b:bc:9f:
         61:bf:b4:1f:a8:89:34:ce:97:b1:c4:90:05:a8:80:43:cb:93:
         0a:28:a1:d7:ad:62:e1:b3:2e:53:fd:ec:57:20:07:d7:43:e9:
         b2:86:88:09:9d:46:48:4e:47:47:28:63:38:27:76:de:f4:56:
         c3:ab:9d:0d:ba:86:4e:da:3d:2d:34:9b:8e:3d:e4:2d:7a:b6:
         bb:87:da:18:2b:0c:72:93:02:b0:be:61:b2:51:5f:44:2c:af:
         90:66:1d:7f:73:85:96:05:14:bf:d1:4e:30:7e:51:46:0f:d5:
         28:02:fc:9e:3c:d2:56:7b:c1:e7:dd:09:67:7a:1a:f4:99:7a:
         c2:6d:63:25:52:f6:0b:32:9f:b6:b5:c5:ff:d1:36:b9:cb:e2:
         16:6d:a8:aa
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgICVL0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNDE5MTYzMjAxWhcNMjUwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE4QzNCNzExMC8GA1UEBRMoMzk4MzdDQjRCRUNBRjZBNjI2QzkxNkFF
OTYwMjQxQjYwOUU2QjIwQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AOFGpnFRxOvJD9olWILzf93nYwU1xTKhfZqGzn7zGppAPtWNR6ACIzsm3m6djhml
5VbXYnlBpnAbLg1YMDcHGaEdmIt2JLVrmvXsYuvjVQYjxIdo4DIwa/ta6Sp+1a7g
ot5CCKCEO6yOBDKB0V7dszbgYONEW4GW48gknigoZeitpQHDLrEgOvIq8OT8abZY
IGTSvJquxc5X+9x5j9WkuMN6xAV7MvLK6+BDORWIV+3EpgUpMvPx1ErmYBmRYn+M
WZgM6prSMaQp+H8/pBaTLOwKLvbV4O6vYtoLl8zZQLAcdKKDPW/fQrjnvhb2d6gW
7Zewj4ua92kt0Dm/0GaxNuMCAwEAAaOCAvIwggLuMB0GA1UdDgQWBBQ5g3y0vsr2
pibJFq6WAkG2CeayCjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEMzQjcvMTU5QTRBRDA5MzI1MTFFRUJFOTg3RjYwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThDM0I3LzE1OUE0QUQwOTMyNTExRUVCRTk4N0Y2MEM0RjlBRTAyL09ZTjh0TDdL
OXFZbXlSYXVsZ0pCdGdubXNnby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAeBggrBgEFBQcBBwEB/wQPMA0w
CwQCAAEwBQMDAImdMA0GCSqGSIb3DQEBCwUAA4IBAQBAePbXFHt5rC8AWI8rmcf+
EX/iGJpF0WvTukJNs76dIwf/Km5PvuAyb1UKoxj9oLoZ+N26tpGR2ZJaopQTibHV
MfAxoGfC19QE1KUTIZL5WHks144AnGG0ml93BVAjjEyLf4qHwZ5mi5F7vJ9hv7Qf
qIk0zpexxJAFqIBDy5MKKKHXrWLhsy5T/exXIAfXQ+myhogJnUZITkdHKGM4J3be
9FbDq50NuoZO2j0tNJuOPeQtera7h9oYKwxykwKwvmGyUV9ELK+QZh1/c4WWBRS/
0U4wflFGD9UoAvyePNJWe8Hn3Qlnehr0mXrCbWMlUvYLMp+2tcX/0Ta5y+IWbaiq
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:29 2024 by rpki-client on console-fra.rpki-client.org