Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cleSPWdwxWeJGbB8vPqK-LnFBT8.cer
File:                     cleSPWdwxWeJGbB8vPqK-LnFBT8.cer (raw, json)
Hash identifier:          ONj2ZC741CNEOg8olPZ2vwjUHg6FIv5ICHp7umM1yz4=
Subject key identifier:   72:57:92:3D:67:70:C5:67:89:19:B0:7C:BC:FA:8A:F8:B9:C5:05:3F
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5A64
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C7175/E9A092B868FD11EFA9500187C4F9AE02/cleSPWdwxWeJGbB8vPqK-LnFBT8.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C7175/E9A092B868FD11EFA9500187C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 02 Sep 2024 07:35:28 +0000
Certificate not after:    Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources:    IP: 160.30.234.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23140 (0x5a64)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Sep  2 07:35:28 2024 GMT
            Not After : Dec  1 00:00:00 2025 GMT
        Subject: CN=A91C7175/serialNumber=7257923D6770C5678919B07CBCFA8AF8B9C5053F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:48:b0:b6:76:6c:84:7c:e9:a8:a4:7c:86:99:
                    fe:8d:73:d0:a7:8f:37:81:83:fb:a9:19:05:15:0a:
                    01:c2:b4:95:7d:79:03:4f:40:41:30:f3:cb:c7:76:
                    c2:63:f2:72:bc:e7:8e:6e:8b:06:e6:58:48:19:ef:
                    0d:26:20:0f:36:de:fe:5d:37:3e:2a:44:31:2f:7b:
                    83:e0:02:3e:5a:70:cd:1e:32:71:f9:37:d4:b7:a3:
                    09:8d:a7:38:28:5e:8c:99:6f:03:9f:c8:8a:c6:52:
                    97:aa:5b:19:f7:75:8a:8b:5f:e0:35:b7:53:ec:18:
                    53:c1:92:0e:6a:4e:45:e9:87:45:17:6f:ad:57:b6:
                    a7:36:b0:5d:a3:87:9d:7f:b2:cd:1c:0c:fe:67:38:
                    cd:c2:c2:63:31:8c:32:e4:79:cd:75:14:09:4a:74:
                    83:81:b7:9b:f8:43:28:ab:7a:36:27:fe:a9:04:f0:
                    a4:9a:57:5c:79:7c:d8:0e:d1:fc:fa:b6:ea:0c:3b:
                    eb:f9:cf:ab:7a:9a:88:8e:b2:c8:28:dc:96:e0:23:
                    b7:a4:3f:eb:78:f9:0b:34:a1:2b:8f:70:e2:3b:c8:
                    5d:50:01:04:d9:01:a1:77:23:48:de:d9:36:96:3f:
                    2d:c2:e5:9c:ce:5c:b9:68:12:19:e9:d8:fd:57:32:
                    62:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:57:92:3D:67:70:C5:67:89:19:B0:7C:BC:FA:8A:F8:B9:C5:05:3F
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C7175/E9A092B868FD11EFA9500187C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C7175/E9A092B868FD11EFA9500187C4F9AE02/cleSPWdwxWeJGbB8vPqK-LnFBT8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.30.234.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:59:00:3a:e8:dc:da:f7:77:64:9b:85:97:c7:9b:1d:06:5b:
         8e:18:4b:3f:d7:d6:2f:70:25:78:86:8f:20:b6:b9:11:60:b4:
         c7:0d:fc:65:5c:a3:96:0e:b9:29:c5:7f:e8:ed:a3:20:5b:e8:
         ec:ad:e8:1a:91:d8:ec:cb:96:66:10:0d:63:68:53:dc:45:d2:
         bd:e6:88:ff:04:e3:55:87:81:eb:66:20:88:d2:7e:8a:63:f8:
         6b:52:8d:95:22:f0:b5:5e:4e:8b:e0:ec:77:16:4d:ae:f4:a9:
         7d:15:12:9c:ec:d9:2b:03:94:c5:50:a7:47:79:d8:5c:bd:49:
         89:98:23:ee:4e:98:dc:bc:3f:56:4a:54:57:16:3f:e5:d2:d2:
         d4:1a:dc:8b:b0:e4:55:25:0d:10:f6:83:19:90:b2:3e:db:50:
         62:cc:75:a2:56:e9:93:51:12:08:67:63:2a:13:2b:02:c8:c4:
         34:07:34:d3:87:12:3b:4a:c8:25:8b:37:2f:b5:80:42:c5:28:
         a0:90:1e:81:20:4b:80:38:67:05:b3:ea:e6:68:48:a4:c6:04:
         37:b9:a5:31:42:aa:f5:49:a3:e5:2f:c2:3a:3d:a1:06:3d:06:
         27:6f:1a:2d:56:7e:74:4e:89:7a:b2:54:b8:c3:eb:8e:e8:77:
         d1:b4:42:05
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICWmQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwOTAyMDczNTI4WhcNMjUxMjAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFDNzE3NTExMC8GA1UEBRMoNzI1NzkyM0Q2NzcwQzU2Nzg5MTlCMDdD
QkNGQThBRjhCOUM1MDUzRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AL5IsLZ2bIR86aikfIaZ/o1z0KePN4GD+6kZBRUKAcK0lX15A09AQTDzy8d2wmPy
crznjm6LBuZYSBnvDSYgDzbe/l03PipEMS97g+ACPlpwzR4ycfk31LejCY2nOChe
jJlvA5/IisZSl6pbGfd1iotf4DW3U+wYU8GSDmpORemHRRdvrVe2pzawXaOHnX+y
zRwM/mc4zcLCYzGMMuR5zXUUCUp0g4G3m/hDKKt6Nif+qQTwpJpXXHl82A7R/Pq2
6gw76/nPq3qaiI6yyCjcluAjt6Q/63j5CzShK49w4jvIXVABBNkBoXcjSN7ZNpY/
LcLlnM5cuWgSGenY/VcyYpMCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBRyV5I9Z3DF
Z4kZsHy8+or4ucUFPzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzcxNzUvRTlBMDkyQjg2OEZEMTFFRkE5NTAwMTg3QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM3MTc1L0U5QTA5MkI4NjhGRDExRUZBOTUwMDE4N0M0RjlBRTAyL2NsZVNQV2R3
eFdlSkdiQjh2UHFLLUxuRkJUOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKAe6jANBgkqhkiG9w0BAQsFAAOCAQEAklkAOujc2vd3ZJuFl8eb
HQZbjhhLP9fWL3AleIaPILa5EWC0xw38ZVyjlg65KcV/6O2jIFvo7K3oGpHY7MuW
ZhANY2hT3EXSveaI/wTjVYeB62YgiNJ+imP4a1KNlSLwtV5Oi+DsdxZNrvSpfRUS
nOzZKwOUxVCnR3nYXL1JiZgj7k6Y3Lw/VkpUVxY/5dLS1Brci7DkVSUNEPaDGZCy
PttQYsx1olbpk1ESCGdjKhMrAsjENAc004cSO0rIJYs3L7WAQsUooJAegSBLgDhn
BbPq5mhIpMYEN7mlMUKq9Umj5S/COj2hBj0GJ28aLVZ+dE6JerJUuMPrjuh30bRC
BQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:30 2024 by rpki-client on console-fra.rpki-client.org