Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ShnbG72zMsTsEHlyghPC5Y7X3lY.cer
File:                     ShnbG72zMsTsEHlyghPC5Y7X3lY.cer (raw, json)
Hash identifier:          vJ6C4II7Li8tZh/DZJ22roCKEX67SDnXK7OVM0SvzqQ=
Subject key identifier:   4A:19:DB:1B:BD:B3:32:C4:EC:10:79:72:82:13:C2:E5:8E:D7:DE:56
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       4170
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.sub.apnic.net/repository/A91905300000/1/4A19DB1BBDB332C4EC1079728213C2E58ED7DE56.mft
caRepository:             rsync://rpki.sub.apnic.net/repository/A91905300000/1
Notify URL:               https://rrdp.sub.apnic.net/notification.xml
Certificate not before:   Wed 13 Apr 2022 00:50:25 +0000
Certificate not after:    Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources:    IP: 167.162.0.0/16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16752 (0x4170)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Apr 13 00:50:25 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=A9139F080000/serialNumber=4A19DB1BBDB332C4EC1079728213C2E58ED7DE56
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:b3:c9:a7:74:c5:9a:86:65:1d:d7:d3:7b:10:
                    c0:1c:18:96:d4:15:cb:7a:f4:e5:1f:fc:67:8d:1a:
                    f4:0f:51:ca:f7:7c:ae:62:aa:cd:f0:ea:e6:af:85:
                    68:aa:e1:fe:c6:43:7b:c1:b1:0f:ac:b5:31:70:52:
                    09:01:06:c6:a8:e5:62:a5:31:cf:0c:6f:4d:83:f3:
                    a6:70:62:e3:c7:e9:47:8b:7e:58:bf:1b:5c:5d:a7:
                    53:24:db:8a:92:9b:54:5f:ba:9b:6d:06:64:70:13:
                    0d:d7:fd:61:e6:a5:8a:06:eb:78:84:5d:ce:e5:84:
                    69:67:2d:3a:c9:88:ab:6a:81:11:0b:81:c2:ab:08:
                    f3:1a:ef:0a:a6:6f:52:88:5a:30:70:ad:db:2f:d5:
                    6e:d2:b9:3b:48:65:ce:74:54:92:00:30:09:49:b9:
                    13:7c:bf:06:bd:69:b7:73:e1:f4:f4:d7:bb:fc:12:
                    75:58:40:52:e7:d7:92:f4:a2:f3:a8:d6:34:ea:3e:
                    9b:c5:2e:2e:fe:29:44:fa:c8:48:08:f0:72:0a:4d:
                    e5:88:bf:c6:ab:9a:16:9a:73:b7:aa:2d:12:da:3b:
                    0b:61:d9:bb:2a:a7:74:b2:2b:ce:be:3b:3d:b5:93:
                    12:b3:a3:76:be:c8:70:e5:51:a0:8a:8d:89:55:07:
                    34:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:19:DB:1B:BD:B3:32:C4:EC:10:79:72:82:13:C2:E5:8E:D7:DE:56
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.sub.apnic.net/repository/A91905300000/1
                RPKI Manifest - URI:rsync://rpki.sub.apnic.net/repository/A91905300000/1/4A19DB1BBDB332C4EC1079728213C2E58ED7DE56.mft
                RPKI Notify - URI:https://rrdp.sub.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.162.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         3c:0f:a8:a8:b1:e5:82:26:50:04:38:03:59:4b:2e:99:2a:e3:
         3e:16:92:5a:75:9b:1e:58:71:f3:ac:04:42:09:6a:46:89:a1:
         ed:f3:0a:4f:a9:ba:ac:42:12:bc:67:4f:33:2f:15:40:a5:b6:
         8e:4b:df:a5:f3:60:66:e9:1b:3c:d8:d4:6e:ae:5d:51:60:a3:
         c5:2f:a4:84:c7:b9:51:4b:d5:69:8a:a5:3c:be:2d:ff:92:5e:
         c5:3c:e5:3d:0b:d6:8f:e7:3e:49:9b:cb:79:9c:66:19:7a:59:
         4a:80:1e:8d:ae:43:17:d6:62:f1:13:76:2e:5e:8d:21:9f:aa:
         53:ed:d3:19:f4:46:5d:55:d7:de:e3:87:32:12:36:b0:d4:ec:
         b9:3d:7c:02:b5:f1:02:bd:d1:1a:ad:5c:40:97:5c:14:e5:dc:
         8a:f2:66:25:b9:e3:67:9d:49:4c:f9:1e:8f:48:e9:fb:e9:07:
         3c:c7:e1:f8:ed:fc:95:68:ae:06:2e:6a:8e:80:b8:f1:92:b9:
         46:f7:4b:63:15:b5:35:55:dd:ba:52:0c:54:9c:6a:ec:5b:76:
         9e:33:fe:9d:0c:cb:5d:b1:a1:ce:2d:20:a9:2e:95:4e:c3:82:
         ce:37:08:c3:63:48:b8:94:55:d4:30:ad:3d:3a:df:26:51:b1:
         18:a6:ef:fe
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgICQXAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjIwNDEzMDA1MDI1WhcNMjMwNzAxMDAwMDAwWjBKMRUwEwYD
VQQDEwxBOTEzOUYwODAwMDAxMTAvBgNVBAUTKDRBMTlEQjFCQkRCMzMyQzRFQzEw
Nzk3MjgyMTNDMkU1OEVEN0RFNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/s8mndMWahmUd19N7EMAcGJbUFct69OUf/GeNGvQPUcr3fK5iqs3w6uav
hWiq4f7GQ3vBsQ+stTFwUgkBBsao5WKlMc8Mb02D86ZwYuPH6UeLfli/G1xdp1Mk
24qSm1RfupttBmRwEw3X/WHmpYoG63iEXc7lhGlnLTrJiKtqgRELgcKrCPMa7wqm
b1KIWjBwrdsv1W7SuTtIZc50VJIAMAlJuRN8vwa9abdz4fT017v8EnVYQFLn15L0
ovOo1jTqPpvFLi7+KUT6yEgI8HIKTeWIv8armhaac7eqLRLaOwth2bsqp3SyK86+
Oz21kxKzo3a+yHDlUaCKjYlVBzTVAgMBAAGjggLDMIICvzAdBgNVHQ4EFgQUShnb
G72zMsTsEHlyghPC5Y7X3lYwHwYDVR0jBBgwFoAUdAFlqA0QcZcKvAnAK3HBrHwd
bg4wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBo
oGagZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIw
MUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL2RBRmxxQTBRY1pjS3ZBbkFLM0hCckh3
ZGJnNC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUy
MUE0RjRGQjQvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0LmNlcjBKBgNVHSAB
Af8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFw
bmljLm5ldC9SUEtJL0NQUy5wZGYwgfoGCCsGAQUFBwELBIHtMIHqMEAGCCsGAQUF
BzAFhjRyc3luYzovL3Jwa2kuc3ViLmFwbmljLm5ldC9yZXBvc2l0b3J5L0E5MTkw
NTMwMDAwMC8xMG0GCCsGAQUFBzAKhmFyc3luYzovL3Jwa2kuc3ViLmFwbmljLm5l
dC9yZXBvc2l0b3J5L0E5MTkwNTMwMDAwMC8xLzRBMTlEQjFCQkRCMzMyQzRFQzEw
Nzk3MjgyMTNDMkU1OEVEN0RFNTYubWZ0MDcGCCsGAQUFBzANhitodHRwczovL3Jy
ZHAuc3ViLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB4GCCsGAQUFBwEHAQH/
BA8wDTALBAIAATAFAwMAp6IwDQYJKoZIhvcNAQELBQADggEBADwPqKix5YImUAQ4
A1lLLpkq4z4Wklp1mx5YcfOsBEIJakaJoe3zCk+puqxCErxnTzMvFUClto5L36Xz
YGbpGzzY1G6uXVFgo8UvpITHuVFL1WmKpTy+Lf+SXsU85T0L1o/nPkmby3mcZhl6
WUqAHo2uQxfWYvETdi5ejSGfqlPt0xn0Rl1V197jhzISNrDU7Lk9fAK18QK90Rqt
XECXXBTl3IryZiW542edSUz5Ho9I6fvpBzzH4fjt/JVorgYuao6AuPGSuUb3S2MV
tTVV3bpSDFScauxbdp4z/p0My12xoc4tIKkulU7Dgs43CMNjSLiUVdQwrT063yZR
sRim7/4=
-----END CERTIFICATE-----