Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U2uRsXtuG7FjjINYoPpepdDr77c.cer
File:                     U2uRsXtuG7FjjINYoPpepdDr77c.cer (raw, json)
Hash identifier:          hLEOxvWSDWO4aohYxgS5TshhP2MOooaP+pADl1bpCnc=
Subject key identifier:   53:6B:91:B1:7B:6E:1B:B1:63:8C:83:58:A0:FA:5E:A5:D0:EB:EF:B7
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5421
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 02 Apr 2024 14:13:08 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 167.179.2.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21537 (0x5421)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Apr  2 14:13:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A9125C3D/serialNumber=536B91B17B6E1BB1638C8358A0FA5EA5D0EBEFB7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:2d:12:bf:e9:0c:b4:97:15:f8:7b:01:97:88:
                    af:45:fa:eb:97:8e:f5:28:94:14:08:60:69:f8:36:
                    08:48:f3:37:d2:45:13:c0:4c:4c:19:77:e1:6e:7a:
                    1f:14:ca:7f:a7:c6:bf:5d:59:01:ce:3c:dd:af:e1:
                    4b:28:80:02:b2:3c:22:a9:ae:5a:c3:69:c1:83:8e:
                    38:90:dc:ce:a1:2c:ce:64:85:84:5b:ff:ca:43:c7:
                    5b:fc:90:5f:57:b1:bf:f1:65:28:95:c7:85:e9:ba:
                    b4:5e:8f:90:94:80:5b:50:f2:d6:d4:fc:9e:6c:87:
                    ff:23:e3:d3:bc:78:a5:ca:9f:14:30:d9:28:f0:e2:
                    32:55:c7:d0:bf:e1:40:a0:56:4c:62:66:4f:1e:de:
                    09:b3:da:8c:05:21:64:6f:97:6c:44:c7:19:8f:bc:
                    98:e9:e8:b1:ef:a6:7b:fc:02:1f:2c:58:9f:66:28:
                    79:30:e6:13:9f:55:ef:fb:73:14:f3:ce:2d:d2:38:
                    af:fc:dc:fb:b9:00:28:ae:40:91:f7:ee:41:c1:45:
                    c6:d0:7d:9a:d6:00:c3:6b:91:2d:c7:25:bf:d0:a3:
                    df:13:a6:ed:37:71:7c:33:12:c4:34:9b:2d:04:44:
                    4b:3f:42:bb:51:66:d3:ff:94:f9:f1:fa:af:34:90:
                    15:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:6B:91:B1:7B:6E:1B:B1:63:8C:83:58:A0:FA:5E:A5:D0:EB:EF:B7
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.179.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:e1:7f:a3:bf:60:16:ec:d0:f5:57:8f:a3:c4:12:03:9b:ba:
         a7:45:c3:4e:91:65:24:d7:c3:9e:cd:f1:35:ad:15:b4:64:b2:
         68:fa:e8:8f:39:3c:f8:91:59:9d:2e:e1:bc:4a:76:de:21:ec:
         da:0b:4d:e8:f4:4c:1c:e7:5e:01:fd:00:22:6a:b4:f6:e4:8c:
         c8:00:35:41:c8:70:9d:9e:7f:7d:5b:21:dc:60:29:7b:5e:5f:
         ab:41:81:ed:57:93:86:aa:e5:6e:19:96:8e:d8:63:00:7e:bb:
         f0:3b:b3:4e:f9:5a:4d:6e:19:ce:17:bf:e4:ec:f6:e4:a1:82:
         65:84:b8:73:95:ad:27:90:2a:77:27:f5:44:35:4b:1d:0f:2b:
         2f:cd:44:d0:49:2e:d4:5c:a9:30:5f:3e:87:ba:ee:da:72:37:
         66:36:7d:ac:58:4c:89:33:91:81:e9:22:72:b2:65:c4:e7:8c:
         75:08:40:c7:a0:30:91:05:bf:01:3f:5a:99:aa:6a:66:d9:e6:
         cc:9f:70:7d:6a:50:36:bc:47:d4:ac:cf:5c:c3:d3:17:cc:24:
         63:b9:a2:ea:fa:3f:17:59:ae:ba:f8:5a:cc:95:bc:22:30:ec:
         8c:45:17:31:0a:f4:9f:eb:c4:10:9b:b1:0c:00:c2:5e:f0:6a:
         72:18:0c:c2
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICVCEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNDAyMTQxMzA4WhcNMjUwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEyNUMzRDExMC8GA1UEBRMoNTM2QjkxQjE3QjZFMUJCMTYzOEM4MzU4
QTBGQTVFQTVEMEVCRUZCNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALwtEr/pDLSXFfh7AZeIr0X665eO9SiUFAhgafg2CEjzN9JFE8BMTBl34W56HxTK
f6fGv11ZAc483a/hSyiAArI8IqmuWsNpwYOOOJDczqEszmSFhFv/ykPHW/yQX1ex
v/FlKJXHhem6tF6PkJSAW1Dy1tT8nmyH/yPj07x4pcqfFDDZKPDiMlXH0L/hQKBW
TGJmTx7eCbPajAUhZG+XbETHGY+8mOnose+me/wCHyxYn2YoeTDmE59V7/tzFPPO
LdI4r/zc+7kAKK5AkffuQcFFxtB9mtYAw2uRLcclv9Cj3xOm7TdxfDMSxDSbLQRE
Sz9Cu1Fm0/+U+fH6rzSQFYUCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRTa5Gxe24b
sWOMg1ig+l6l0OvvtzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjVDM0QvMjMyM0ZEODAwMEQ3MTFFRTkzQ0IwRjdFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI1QzNELzIzMjNGRDgwMDBENzExRUU5M0NCMEY3RUM0RjlBRTAyL1UydVJzWHR1
RzdGampJTllvUHBlcGREcjc3Yy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKezAjANBgkqhkiG9w0BAQsFAAOCAQEAQ+F/o79gFuzQ9VePo8QS
A5u6p0XDTpFlJNfDns3xNa0VtGSyaProjzk8+JFZnS7hvEp23iHs2gtN6PRMHOde
Af0AImq09uSMyAA1QchwnZ5/fVsh3GApe15fq0GB7VeThqrlbhmWjthjAH678Duz
TvlaTW4Zzhe/5Oz25KGCZYS4c5WtJ5Aqdyf1RDVLHQ8rL81E0Eku1FypMF8+h7ru
2nI3ZjZ9rFhMiTORgekicrJlxOeMdQhAx6AwkQW/AT9amapqZtnmzJ9wfWpQNrxH
1KzPXMPTF8wkY7mi6vo/F1muuvhazJW8IjDsjEUXMQr0n+vEEJuxDADCXvBqchgM
wg==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:30 2024 by rpki-client on console-fra.rpki-client.org