Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TNneNy0DSKwzsWel144wE_wDVx8.cer
File:                     TNneNy0DSKwzsWel144wE_wDVx8.cer (raw, json)
Hash identifier:          i/qCz24wR9f5stK9NidhzW7tkQYZZzsHWbGT66he0ZI=
Subject key identifier:   4C:D9:DE:37:2D:03:48:AC:33:B1:67:A5:D7:8E:30:13:FC:03:57:1F
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       4DF0
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91DCD09/578B06CC886411EDBF995F42C4F9AE02/TNneNy0DSKwzsWel144wE_wDVx8.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91DCD09/578B06CC886411EDBF995F42C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 06 Oct 2023 16:44:19 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    IP: 45.157.168.0/22

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 06:55:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19952 (0x4df0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Oct  6 16:44:19 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A91DCD09/serialNumber=4CD9DE372D0348AC33B167A5D78E3013FC03571F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:7e:86:7a:79:22:1b:bd:f3:b6:5a:20:15:3d:
                    b4:51:c1:78:a8:03:1c:6a:2c:f1:c9:ee:9c:e8:d3:
                    8f:0b:f5:65:de:50:14:36:f8:65:29:78:86:9d:54:
                    c4:c1:dc:bd:25:f5:0f:89:c4:c8:62:03:81:1a:37:
                    73:dc:f3:60:22:60:fc:65:b8:f7:d6:36:93:2f:6f:
                    f6:b2:f0:c2:ae:3d:c6:7d:9d:26:f4:e6:1e:25:da:
                    6c:7b:1c:48:e3:ab:fa:af:df:a1:a9:bf:1c:77:be:
                    83:15:24:b7:7c:7a:f7:f7:f2:05:1a:47:53:b6:07:
                    0e:95:8a:0e:85:5b:72:52:d6:b8:c8:c1:3e:37:48:
                    70:01:d5:71:e4:36:48:64:ff:23:fb:1a:5e:89:e8:
                    d7:11:31:98:9f:79:6f:a6:35:7c:bd:a8:ee:0e:32:
                    54:18:ad:c0:f3:bc:e8:12:b3:d6:08:ca:6a:e2:56:
                    e3:71:18:15:e8:a3:fe:fe:9d:ca:cb:55:55:2f:73:
                    ec:21:5d:d0:67:16:da:84:b2:e0:d0:4e:c7:cf:6c:
                    b4:55:2b:07:62:1e:64:66:a4:c4:c2:70:e1:80:fe:
                    f6:6a:3f:1c:6c:e2:3f:29:de:9e:d5:1c:94:ea:8a:
                    42:8d:6e:d9:59:9f:0b:20:9f:26:2f:31:8c:d1:3c:
                    7f:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:D9:DE:37:2D:03:48:AC:33:B1:67:A5:D7:8E:30:13:FC:03:57:1F
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91DCD09/578B06CC886411EDBF995F42C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91DCD09/578B06CC886411EDBF995F42C4F9AE02/TNneNy0DSKwzsWel144wE_wDVx8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.157.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         66:ff:a4:29:7d:ca:7e:c3:d7:07:95:7f:45:f4:a9:ec:91:98:
         df:17:b5:3a:50:9c:6f:9c:b3:fa:a3:3a:da:7f:93:8c:e7:1e:
         6e:93:81:aa:51:15:0b:16:6f:28:f6:95:0f:fa:b3:79:44:58:
         15:f5:e7:fe:be:5c:de:06:cd:0a:56:f9:54:1c:5c:84:1c:8d:
         e3:7d:7e:1f:d8:a8:97:fc:56:d9:35:dc:38:e3:ec:1c:af:8b:
         db:bc:09:d8:40:82:5a:43:df:5d:72:f9:43:20:e9:04:f5:4e:
         05:09:4c:f0:93:26:34:9b:a3:99:c9:54:cb:49:a4:e8:8f:60:
         5c:27:ab:2a:03:e3:13:f2:5a:e3:2c:24:98:98:04:3e:9a:e9:
         2c:f1:c0:de:88:69:51:51:60:f5:da:c2:a9:70:fc:c7:31:7b:
         af:52:0b:45:43:38:6a:f9:8d:92:8c:0f:94:fc:18:8b:d0:59:
         cd:9f:8a:6b:91:54:9a:5d:6e:20:43:64:54:0f:a9:68:0e:c1:
         ff:ab:d7:2e:31:9a:4f:d6:1d:a6:a8:77:e7:94:cd:00:57:9c:
         5f:d8:38:e0:cd:25:bf:3c:e8:53:ad:33:9c:66:ab:69:7e:e7:
         9f:b4:35:cd:ee:6b:4b:f5:60:d6:ec:30:d9:dd:87:bb:3b:d3:
         b1:8b:b0:b4
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICTfAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMxMDA2MTY0NDE5WhcNMjQxMjAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFEQ0QwOTExMC8GA1UEBRMoNENEOURFMzcyRDAzNDhBQzMzQjE2N0E1
RDc4RTMwMTNGQzAzNTcxRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AN5+hnp5Ihu987ZaIBU9tFHBeKgDHGos8cnunOjTjwv1Zd5QFDb4ZSl4hp1UxMHc
vSX1D4nEyGIDgRo3c9zzYCJg/GW499Y2ky9v9rLwwq49xn2dJvTmHiXabHscSOOr
+q/foam/HHe+gxUkt3x69/fyBRpHU7YHDpWKDoVbclLWuMjBPjdIcAHVceQ2SGT/
I/saXono1xExmJ95b6Y1fL2o7g4yVBitwPO86BKz1gjKauJW43EYFeij/v6dystV
VS9z7CFd0GcW2oSy4NBOx89stFUrB2IeZGakxMJw4YD+9mo/HGziPynentUclOqK
Qo1u2VmfCyCfJi8xjNE8f6UCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRM2d43LQNI
rDOxZ6XXjjAT/ANXHzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RENEMDkvNTc4QjA2Q0M4ODY0MTFFREJGOTk1RjQyQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MURDRDA5LzU3OEIwNkNDODg2NDExRURCRjk5NUY0MkM0RjlBRTAyL1RObmVOeTBE
U0t3enNXZWwxNDR3RV93RFZ4OC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAi2dqDANBgkqhkiG9w0BAQsFAAOCAQEAZv+kKX3KfsPXB5V/RfSp
7JGY3xe1OlCcb5yz+qM62n+TjOcebpOBqlEVCxZvKPaVD/qzeURYFfXn/r5c3gbN
Clb5VBxchByN431+H9iol/xW2TXcOOPsHK+L27wJ2ECCWkPfXXL5QyDpBPVOBQlM
8JMmNJujmclUy0mk6I9gXCerKgPjE/Ja4ywkmJgEPprpLPHA3ohpUVFg9drCqXD8
xzF7r1ILRUM4avmNkowPlPwYi9BZzZ+Ka5FUml1uIENkVA+paA7B/6vXLjGaT9Yd
pqh355TNAFecX9g44M0lvzzoU60znGaraX7nn7Q1ze5rS/Vg1uww2d2HuzvTsYuw
tA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:16:19 2024 by rpki-client on console-ams.rpki-client.org