Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cOiFV7DAgsmwbs9ZuPKKdwOmOAE.cer
File:                     cOiFV7DAgsmwbs9ZuPKKdwOmOAE.cer (raw, json)
Hash identifier:          5HxG5zq23lPj1lsiKiEo19UdNUQ7iZA0eWUgajPPfyo=
Subject key identifier:   70:E8:85:57:B0:C0:82:C9:B0:6E:CF:59:B8:F2:8A:77:03:A6:38:01
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       51D5
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91764E1/6231A02EC67D11EE87027B3AC4F9AE02/cOiFV7DAgsmwbs9ZuPKKdwOmOAE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91764E1/6231A02EC67D11EE87027B3AC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 08 Feb 2024 12:27:18 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    IP: 157.15.136.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 15:41:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20949 (0x51d5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Feb  8 12:27:18 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A91764E1/serialNumber=70E88557B0C082C9B06ECF59B8F28A7703A63801
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:65:4b:e7:66:93:a0:f0:72:54:6b:a2:6e:65:
                    2d:08:d5:f9:89:e9:3f:4c:51:9b:58:b3:32:68:e4:
                    34:a9:9c:4d:f3:b2:cf:d3:f3:20:5b:74:73:15:9a:
                    b9:e8:20:94:c4:13:b4:2f:3d:16:48:dd:37:ad:ed:
                    3e:f1:83:52:9d:42:63:3d:f1:bd:90:df:b7:83:b9:
                    4f:73:06:15:81:f2:da:c6:a5:00:1b:9b:2b:1c:3e:
                    e3:67:88:f1:68:5f:fb:a2:f1:80:49:cb:07:d6:a0:
                    ca:96:2d:61:8a:cf:3f:83:3a:27:c5:de:cb:ad:3b:
                    dd:80:1b:93:cc:d8:77:3a:f8:53:b9:81:93:52:91:
                    71:ce:73:2e:24:6f:71:32:47:1a:b1:56:dc:86:97:
                    fc:b4:59:8f:bd:95:c9:e0:56:8a:92:6f:42:e2:ac:
                    36:50:f0:23:b0:a5:70:ff:a6:ee:9e:d5:b9:81:1d:
                    7c:fb:dd:e6:f1:73:ef:bb:e7:0a:4d:9e:5b:3b:bd:
                    a9:c6:b3:6a:8c:8c:a4:21:75:87:5e:05:fe:1d:d0:
                    4f:51:d9:87:30:d4:cc:93:5d:16:83:02:cb:c9:75:
                    13:cb:51:7f:b7:b5:62:6b:69:51:b3:bb:9c:d3:3a:
                    8a:c4:27:34:57:3c:97:ac:d8:7a:1a:d4:0d:09:1e:
                    33:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:E8:85:57:B0:C0:82:C9:B0:6E:CF:59:B8:F2:8A:77:03:A6:38:01
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91764E1/6231A02EC67D11EE87027B3AC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91764E1/6231A02EC67D11EE87027B3AC4F9AE02/cOiFV7DAgsmwbs9ZuPKKdwOmOAE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.15.136.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5c:4d:a5:28:60:4d:ee:5a:cb:2e:17:49:55:0b:c9:f0:b8:82:
         67:80:a5:3c:0d:c9:f0:f3:5a:f1:3e:59:45:4e:9d:81:f0:d5:
         f1:c2:3e:84:e7:b0:9d:74:80:67:b4:ea:f4:27:eb:19:20:3f:
         7a:df:46:af:e1:23:8f:22:50:6e:f8:ae:15:31:24:d5:f8:5e:
         3d:68:6d:3f:cf:4d:95:e7:b0:74:bb:8a:54:97:fb:74:9f:7c:
         bf:05:41:9d:c0:a5:ba:02:29:00:b9:89:21:b8:f1:00:a5:94:
         0d:95:b9:c1:9c:24:9d:09:93:b1:ad:95:d6:f2:e8:ad:c8:6b:
         56:18:d6:3e:c6:32:40:09:c6:48:d6:fd:83:29:cc:20:c5:d6:
         84:7b:74:fe:ab:c7:24:c6:19:20:91:aa:8e:46:74:3c:cb:47:
         e2:7f:95:7e:7b:cc:ad:21:c3:a9:12:af:9d:49:f4:71:4f:ff:
         77:c3:56:58:41:49:67:79:8e:96:01:98:3a:68:8c:3a:db:ef:
         cc:26:a5:11:e1:e0:52:ff:b9:2f:cb:4c:f9:a5:34:7c:f2:15:
         03:2a:68:35:54:e4:74:6c:b0:55:bc:ef:0b:1f:4b:41:49:23:
         25:4f:25:b4:56:0f:50:d5:20:e0:cd:9e:50:b8:ec:4d:f7:34:
         88:4a:e4:78
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICUdUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwMjA4MTIyNzE4WhcNMjUwNTAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE3NjRFMTExMC8GA1UEBRMoNzBFODg1NTdCMEMwODJDOUIwNkVDRjU5
QjhGMjhBNzcwM0E2MzgwMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANhlS+dmk6DwclRrom5lLQjV+YnpP0xRm1izMmjkNKmcTfOyz9PzIFt0cxWauegg
lMQTtC89FkjdN63tPvGDUp1CYz3xvZDft4O5T3MGFYHy2salABubKxw+42eI8Whf
+6LxgEnLB9agypYtYYrPP4M6J8Xey6073YAbk8zYdzr4U7mBk1KRcc5zLiRvcTJH
GrFW3IaX/LRZj72VyeBWipJvQuKsNlDwI7ClcP+m7p7VuYEdfPvd5vFz77vnCk2e
Wzu9qcazaoyMpCF1h14F/h3QT1HZhzDUzJNdFoMCy8l1E8tRf7e1YmtpUbO7nNM6
isQnNFc8l6zYehrUDQkeM2cCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRw6IVXsMCC
ybBuz1m48op3A6Y4ATAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzY0RTEvNjIzMUEwMkVDNjdEMTFFRTg3MDI3QjNBQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTc2NEUxLzYyMzFBMDJFQzY3RDExRUU4NzAyN0IzQUM0RjlBRTAyL2NPaUZWN0RB
Z3Ntd2JzOVp1UEtLZHdPbU9BRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0PiDANBgkqhkiG9w0BAQsFAAOCAQEAXE2lKGBN7lrLLhdJVQvJ
8LiCZ4ClPA3J8PNa8T5ZRU6dgfDV8cI+hOewnXSAZ7Tq9CfrGSA/et9Gr+EjjyJQ
bviuFTEk1fhePWhtP89NleewdLuKVJf7dJ98vwVBncClugIpALmJIbjxAKWUDZW5
wZwknQmTsa2V1vLorchrVhjWPsYyQAnGSNb9gynMIMXWhHt0/qvHJMYZIJGqjkZ0
PMtH4n+VfnvMrSHDqRKvnUn0cU//d8NWWEFJZ3mOlgGYOmiMOtvvzCalEeHgUv+5
L8tM+aU0fPIVAypoNVTkdGywVbzvCx9LQUkjJU8ltFYPUNUg4M2eULjsTfc0iErk
eA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:50:40 2024 by rpki-client on console-ams.rpki-client.org