Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/W8SU6J0KQVW1UlNj0SNcXtwP3i8.cer
File:                     W8SU6J0KQVW1UlNj0SNcXtwP3i8.cer (raw, json)
Hash identifier:          3Ngjgsshol4qBddW6afs7yU/uKkocTmB7oWeHFG0U30=
Subject key identifier:   5B:C4:94:E8:9D:0A:41:55:B5:52:53:63:D1:23:5C:5E:DC:0F:DE:2F
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       541A
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9171882/A8C251EAF0B311EEA4C72F84C4F9AE02/W8SU6J0KQVW1UlNj0SNcXtwP3i8.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9171882/A8C251EAF0B311EEA4C72F84C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 02 Apr 2024 05:41:38 +0000
Certificate not after:    Wed 28 May 2025 00:00:00 +0000
Subordinate resources:    IP: 157.20.140.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21530 (0x541a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Apr  2 05:41:38 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=A9171882/serialNumber=5BC494E89D0A4155B5525363D1235C5EDC0FDE2F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:b6:96:b0:28:34:ab:04:8e:22:9c:79:a5:4a:
                    9c:51:de:12:0f:b2:ce:d1:9a:84:bf:38:ad:dc:38:
                    d7:50:df:f5:e2:1e:d1:36:af:c1:71:0a:19:26:ca:
                    e6:1e:6a:ad:48:ed:fe:72:ce:c0:44:81:bc:a9:e7:
                    88:82:80:6f:c2:c4:19:cd:22:86:23:9e:98:4b:f1:
                    87:3c:30:bd:a3:af:8b:c3:a0:84:a8:59:8b:fc:2d:
                    46:79:52:23:d8:b8:34:ee:e8:7f:75:44:94:97:37:
                    cf:9c:55:87:a7:9f:5a:10:52:07:04:18:26:8c:b2:
                    81:9b:fa:fb:17:e9:7b:79:7f:a6:05:c6:51:9d:97:
                    9d:e3:fb:c1:3b:40:f9:75:4a:49:b5:58:6c:67:72:
                    cc:20:d9:64:2c:6d:82:23:f8:7c:23:85:9d:4a:5a:
                    4e:7a:77:39:89:97:a2:2f:d7:ff:e7:a4:40:05:e3:
                    15:aa:91:ff:6e:4f:42:d0:67:39:c6:81:76:09:3f:
                    01:7f:7f:a1:06:cb:14:92:54:d1:5b:86:c5:8b:5c:
                    1c:06:53:0f:b4:05:9b:94:d3:5d:32:11:4b:c4:28:
                    c8:b6:48:9f:5a:01:2c:20:a3:6b:00:dc:c6:3a:f0:
                    6e:61:9a:e5:93:2e:53:b3:b7:da:b5:f4:04:45:65:
                    c9:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:C4:94:E8:9D:0A:41:55:B5:52:53:63:D1:23:5C:5E:DC:0F:DE:2F
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9171882/A8C251EAF0B311EEA4C72F84C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9171882/A8C251EAF0B311EEA4C72F84C4F9AE02/W8SU6J0KQVW1UlNj0SNcXtwP3i8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.20.140.0/23

    Signature Algorithm: sha256WithRSAEncryption
         19:40:e5:2c:59:93:37:61:26:9a:ab:b6:47:84:37:e0:e5:94:
         f8:06:c9:0e:7c:3e:2e:d4:c5:3a:c9:3d:e8:b5:4f:fe:63:e1:
         69:f9:98:9e:18:a3:31:5a:3c:20:9c:75:b6:69:60:80:58:b1:
         a8:34:af:24:d7:5b:13:e0:c8:89:73:f6:cd:c6:3e:24:e5:6c:
         24:0e:dd:ee:85:84:37:36:f4:32:86:64:c7:49:62:b6:bb:35:
         5a:cd:e7:db:26:3b:5b:4f:ca:63:29:7e:8f:c9:67:6a:ba:84:
         78:b3:b5:98:b6:55:0e:8a:cc:cc:5d:72:20:80:8c:55:3f:05:
         1b:0a:fb:58:1a:98:a6:a7:e2:1f:4b:f3:01:6e:b5:86:d8:7a:
         ff:29:b1:99:5a:4c:65:d8:80:bc:b9:b7:f7:ab:46:d7:1b:32:
         ec:4d:1d:ea:bb:60:09:74:48:f4:6c:13:65:0e:8d:3d:b7:da:
         50:dd:a7:d2:da:0d:7a:49:51:b0:96:1a:8b:94:57:2c:f9:a9:
         26:d2:9b:c8:df:e7:d1:e6:10:f6:79:86:fd:31:51:90:65:06:
         c3:cb:32:69:17:16:e4:4b:45:71:96:0f:30:5b:50:9f:83:fd:
         bb:42:7c:2a:8b:3b:0d:f0:b4:b9:56:28:51:28:5a:b1:fc:61:
         0b:a6:b6:00
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICVBowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNDAyMDU0MTM4WhcNMjUwNTI4MDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE3MTg4MjExMC8GA1UEBRMoNUJDNDk0RTg5RDBBNDE1NUI1NTI1MzYz
RDEyMzVDNUVEQzBGREUyRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKO2lrAoNKsEjiKceaVKnFHeEg+yztGahL84rdw411Df9eIe0TavwXEKGSbK5h5q
rUjt/nLOwESBvKnniIKAb8LEGc0ihiOemEvxhzwwvaOvi8OghKhZi/wtRnlSI9i4
NO7of3VElJc3z5xVh6efWhBSBwQYJoyygZv6+xfpe3l/pgXGUZ2XneP7wTtA+XVK
SbVYbGdyzCDZZCxtgiP4fCOFnUpaTnp3OYmXoi/X/+ekQAXjFaqR/25PQtBnOcaB
dgk/AX9/oQbLFJJU0VuGxYtcHAZTD7QFm5TTXTIRS8QoyLZIn1oBLCCjawDcxjrw
bmGa5ZMuU7O32rX0BEVlyccCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRbxJTonQpB
VbVSU2PRI1xe3A/eLzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzE4ODIvQThDMjUxRUFGMEIzMTFFRUE0QzcyRjg0QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTcxODgyL0E4QzI1MUVBRjBCMzExRUVBNEM3MkY4NEM0RjlBRTAyL1c4U1U2SjBL
UVZXMVVsTmowU05jWHR3UDNpOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0UjDANBgkqhkiG9w0BAQsFAAOCAQEAGUDlLFmTN2Emmqu2R4Q3
4OWU+AbJDnw+LtTFOsk96LVP/mPhafmYnhijMVo8IJx1tmlggFixqDSvJNdbE+DI
iXP2zcY+JOVsJA7d7oWENzb0MoZkx0litrs1Ws3n2yY7W0/KYyl+j8lnarqEeLO1
mLZVDorMzF1yIICMVT8FGwr7WBqYpqfiH0vzAW61hth6/ymxmVpMZdiAvLm396tG
1xsy7E0d6rtgCXRI9GwTZQ6NPbfaUN2n0toNeklRsJYai5RXLPmpJtKbyN/n0eYQ
9nmG/TFRkGUGw8syaRcW5EtFcZYPMFtQn4P9u0J8Kos7DfC0uVYoUShasfxhC6a2
AA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:30 2024 by rpki-client on console-fra.rpki-client.org