Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XtX3khrIZUHZKTb2kcsc2_bVwqE.cer
File:                     XtX3khrIZUHZKTb2kcsc2_bVwqE.cer (raw, json)
Hash identifier:          455CbEQWZmFpiv4g3ZPhXnE5r4DI5wo/D80ypKzYy+Q=
Subject key identifier:   5E:D5:F7:92:1A:C8:65:41:D9:29:36:F6:91:CB:1C:DB:F6:D5:C2:A1
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5256
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1.mft
caRepository:             rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/
Notify URL:               https://rrdp-rps.arin.net/notification.xml
Certificate not before:   Sat 17 Feb 2024 12:06:59 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    IP: 192.64.203.0 -- 192.64.204.255
                          IP: 198.179.225.0/24
                          IP: 205.147.104.0/22

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 14:50:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21078 (0x5256)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Feb 17 12:06:59 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A91D85A20000/serialNumber=5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:8f:48:e9:5f:7d:e8:21:37:2b:f1:93:06:f3:
                    d3:e6:d3:f3:73:72:af:97:5a:9a:26:ed:06:eb:70:
                    b1:55:f4:c6:ac:0c:47:33:90:7e:5c:e9:41:2b:2a:
                    93:0d:ca:8c:75:79:d1:81:ec:f9:a4:47:05:7f:11:
                    b1:4a:4e:07:63:8f:43:42:29:e3:a7:10:09:84:72:
                    6b:e2:33:35:d3:1f:a3:a7:47:a8:09:ae:b2:2b:d2:
                    dd:a9:eb:81:b6:81:c1:4f:e6:5c:2f:f7:cf:eb:f0:
                    3e:49:85:18:0a:26:ab:72:64:da:f3:17:40:3a:93:
                    40:22:f8:1c:65:e1:af:d7:cd:b4:2c:ef:7d:cf:a0:
                    1f:ae:a1:3c:47:15:c8:29:be:ef:d2:54:f7:63:cf:
                    e4:8c:a5:d5:17:17:d1:fe:b4:8c:b2:c1:c7:56:e3:
                    7f:a7:f0:1a:fe:93:aa:08:e9:00:69:ea:03:6c:59:
                    a2:5f:e7:a7:fd:83:5c:a1:c6:7d:02:65:4c:c5:e9:
                    95:e0:c4:b6:d0:fe:61:71:72:19:89:6b:a6:a0:00:
                    79:b7:71:f5:cc:10:8d:dc:8f:a1:5b:c1:e4:fa:40:
                    2c:ab:62:17:24:45:8c:45:96:97:57:17:ed:98:fe:
                    c4:1a:ec:00:b0:77:3f:16:c6:d4:3b:5c:e4:43:24:
                    92:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:D5:F7:92:1A:C8:65:41:D9:29:36:F6:91:CB:1C:DB:F6:D5:C2:A1
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/
                RPKI Manifest - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de410183f68661084b86/2/5ED5F7921AC86541D92936F691CB1CDBF6D5C2A1.mft
                RPKI Notify - URI:https://rrdp-rps.arin.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.64.203.0-192.64.204.255
                  198.179.225.0/24
                  205.147.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         be:b5:99:fa:e5:3a:f0:6c:6f:58:c0:07:f0:fa:21:2a:e6:ce:
         04:40:07:2d:c2:d4:70:21:29:51:10:89:2b:2b:4d:bb:6d:1b:
         27:78:af:b9:58:1f:8c:78:f7:ba:b0:5f:99:4f:af:30:ed:fa:
         e0:73:f3:5c:81:43:58:9f:23:d6:d7:3f:b7:f7:d7:24:84:2a:
         bc:67:79:04:7c:ff:90:8c:04:d3:1b:01:67:ff:53:f2:0a:0c:
         b9:d1:4f:a2:4f:73:ef:a9:50:da:93:02:70:e8:ff:d2:bb:9e:
         73:50:61:34:87:98:a7:67:f2:19:a5:67:43:fe:7c:00:44:48:
         9b:e4:3c:ba:23:fe:0f:89:64:06:f9:2a:14:30:fd:a4:a6:3d:
         48:56:69:3d:7c:1b:34:70:44:42:97:32:b0:0d:0d:c8:8f:46:
         0b:df:e3:26:cc:f4:37:1a:6a:7e:91:27:ca:62:3f:8e:fb:a3:
         19:cb:ed:24:88:43:c5:b7:72:43:6b:19:9d:d7:3f:a0:a4:86:
         e1:53:80:d4:1d:53:e4:a6:61:c5:17:76:bd:84:dc:73:00:bb:
         a5:93:ac:26:c7:c0:e1:c2:6f:2c:07:98:1a:09:ce:e1:5f:95:
         81:5e:c0:82:e1:84:d7:4b:af:84:0f:7b:e9:a9:1c:01:3e:9d:
         26:aa:a7:24
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgICUlYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwMjE3MTIwNjU5WhcNMjUwNTAxMDAwMDAwWjBKMRUwEwYD
VQQDEwxBOTFEODVBMjAwMDAxMTAvBgNVBAUTKDVFRDVGNzkyMUFDODY1NDFEOTI5
MzZGNjkxQ0IxQ0RCRjZENUMyQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDQj0jpX33oITcr8ZMG89Pm0/Nzcq+XWpom7QbrcLFV9MasDEczkH5c6UEr
KpMNyox1edGB7PmkRwV/EbFKTgdjj0NCKeOnEAmEcmviMzXTH6OnR6gJrrIr0t2p
64G2gcFP5lwv98/r8D5JhRgKJqtyZNrzF0A6k0Ai+Bxl4a/XzbQs733PoB+uoTxH
Fcgpvu/SVPdjz+SMpdUXF9H+tIyywcdW43+n8Br+k6oI6QBp6gNsWaJf56f9g1yh
xn0CZUzF6ZXgxLbQ/mFxchmJa6agAHm3cfXMEI3cj6FbweT6QCyrYhckRYxFlpdX
F+2Y/sQa7ACwdz8WxtQ7XORDJJJDAgMBAAGjggMCMIIC/jAdBgNVHQ4EFgQUXtX3
khrIZUHZKTb2kcsc2/bVwqEwHwYDVR0jBBgwFoAUdAFlqA0QcZcKvAnAK3HBrHwd
bg4wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBo
oGagZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIw
MUQ2NjExRTI4QUM4ODM3QzcyRkQxRkYyL2RBRmxxQTBRY1pjS3ZBbkFLM0hCckh3
ZGJnNC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jw
a2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUy
MUE0RjRGQjQvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0LmNlcjBKBgNVHSAB
Af8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFw
bmljLm5ldC9SUEtJL0NQUy5wZGYwggEjBggrBgEFBQcBCwSCARUwggERMFQGCCsG
AQUFBzAFhkhyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4
NDhhZGU4MmQ1ZGU0MTAxODNmNjg2NjEwODRiODYvMi8wgYAGCCsGAQUFBzAKhnRy
c3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4MmQ1
ZGU0MTAxODNmNjg2NjEwODRiODYvMi81RUQ1Rjc5MjFBQzg2NTQxRDkyOTM2RjY5
MUNCMUNEQkY2RDVDMkExLm1mdDA2BggrBgEFBQcwDYYqaHR0cHM6Ly9ycmRwLXJw
cy5hcmluLm5ldC9ub3RpZmljYXRpb24ueG1sMDMGCCsGAQUFBwEHAQH/BCQwIjAg
BAIAATAaMAwDBADAQMsDBADAQMwDBADGs+EDBALNk2gwDQYJKoZIhvcNAQELBQAD
ggEBAL61mfrlOvBsb1jAB/D6ISrmzgRABy3C1HAhKVEQiSsrTbttGyd4r7lYH4x4
97qwX5lPrzDt+uBz81yBQ1ifI9bXP7f31ySEKrxneQR8/5CMBNMbAWf/U/IKDLnR
T6JPc++pUNqTAnDo/9K7nnNQYTSHmKdn8hmlZ0P+fABESJvkPLoj/g+JZAb5KhQw
/aSmPUhWaT18GzRwREKXMrANDciPRgvf4ybM9Dcaan6RJ8piP477oxnL7SSIQ8W3
ckNrGZ3XP6CkhuFTgNQdU+SmYcUXdr2E3HMAu6WTrCbHwOHCbywHmBoJzuFflYFe
wILhhNdLr4QPe+mpHAE+nSaqpyQ=
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:07:45 2024 by rpki-client on console-ams.rpki-client.org