Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dEWTNjfMowmkwWGr_t-HecsqsT8.cer
File:                     dEWTNjfMowmkwWGr_t-HecsqsT8.cer (raw, json)
Hash identifier:          NEoW2iZAm+hiH5p0HjVrYHNnPQUgDWNWAPUuKt9jpvw=
Subject key identifier:   74:45:93:36:37:CC:A3:09:A4:C1:61:AB:FE:DF:87:79:CB:2A:B1:3F
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5CB5
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A912E53C/29B86994903A11EFBF156D81C4F9AE02/dEWTNjfMowmkwWGr_t-HecsqsT8.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A912E53C/29B86994903A11EFBF156D81C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 22 Oct 2024 05:55:00 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 160.191.57.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23733 (0x5cb5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Oct 22 05:55:00 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A912E53C/serialNumber=7445933637CCA309A4C161ABFEDF8779CB2AB13F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:9a:f3:43:64:c9:2f:c3:52:bf:0c:9d:06:83:
                    46:1d:bf:03:3c:fd:fa:94:3c:2f:b2:69:aa:f8:da:
                    f7:19:3a:0f:5b:93:59:28:10:82:52:c6:79:bf:8f:
                    af:13:92:d7:5b:5c:c0:f3:e1:89:0c:f0:2f:9e:7f:
                    8d:3a:55:c7:0e:e6:dd:a7:ac:3d:cd:fa:2e:3b:e6:
                    9d:09:55:97:31:98:53:24:bb:47:e1:c1:c6:9a:6f:
                    52:b5:d5:bb:d0:1f:b5:99:c3:fe:95:ec:71:1c:93:
                    38:f7:9a:6a:00:26:bd:a8:3f:7d:39:40:af:8b:be:
                    e6:d3:1d:9d:6e:53:dc:03:07:2f:fe:09:01:f4:01:
                    68:2d:91:a2:dd:10:c8:60:50:ca:60:d9:e7:87:8f:
                    f6:f1:5f:4b:fc:26:68:fd:a5:20:3d:f3:34:79:0a:
                    e7:8c:ab:29:d9:39:d7:13:83:d4:1b:a3:ea:60:9c:
                    82:33:d0:eb:11:b7:ae:bf:6c:e9:7c:35:5b:40:c8:
                    87:31:47:28:ed:47:7e:6d:d9:cd:52:d6:88:68:a1:
                    1f:e5:c5:4e:9b:a3:70:19:a5:27:c4:21:59:46:2b:
                    06:ec:ab:7c:4b:19:bc:f5:99:22:83:02:02:b6:98:
                    c7:6d:01:a6:0d:21:82:35:17:a3:73:17:c6:12:ee:
                    85:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:45:93:36:37:CC:A3:09:A4:C1:61:AB:FE:DF:87:79:CB:2A:B1:3F
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912E53C/29B86994903A11EFBF156D81C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912E53C/29B86994903A11EFBF156D81C4F9AE02/dEWTNjfMowmkwWGr_t-HecsqsT8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.191.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:04:2a:1f:0b:92:99:a8:cb:0c:dc:d0:af:a9:ed:91:7b:18:
         a5:ff:6c:30:32:0d:48:c1:3c:31:dd:d8:ae:99:ff:5f:14:c3:
         3a:df:92:71:5f:19:3a:28:c4:4b:9c:41:9e:32:42:db:91:b9:
         9c:21:5d:25:08:72:72:02:9a:44:3d:9e:6b:49:dc:e3:d0:77:
         02:cf:f6:bc:12:e4:1f:a1:1e:ee:63:09:a6:22:f5:90:89:a8:
         4e:03:d7:a3:ec:76:5a:81:55:2d:98:34:b5:ec:17:5a:21:7f:
         af:31:fd:f6:60:a7:24:6b:a7:f5:d4:31:1f:6b:ac:53:34:98:
         dd:b3:ec:45:10:5f:7b:ff:4f:4d:e5:5f:37:3e:ca:c9:6f:75:
         ea:17:36:74:83:26:3d:2c:73:f3:39:7f:62:54:66:49:c2:4a:
         3a:52:02:ae:5e:f6:e7:e8:df:d3:11:54:ff:2f:9c:a0:83:1d:
         0e:98:5c:10:14:fe:15:16:d8:f2:0d:46:6c:8b:19:d0:aa:99:
         f8:c1:7e:b4:c5:a0:3b:c1:ce:e8:9f:99:a4:24:13:15:62:71:
         51:da:4f:13:af:9a:0c:87:f5:51:86:c8:2d:9b:5b:11:4d:77:
         b9:c1:8f:17:f7:98:d4:6e:df:81:76:2d:e2:f3:64:11:10:1f:
         e4:f6:37:28
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICXLUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMDIyMDU1NTAwWhcNMjUwMzMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTEyRTUzQzExMC8GA1UEBRMoNzQ0NTkzMzYzN0NDQTMwOUE0QzE2MUFC
RkVERjg3NzlDQjJBQjEzRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALSa80NkyS/DUr8MnQaDRh2/Azz9+pQ8L7Jpqvja9xk6D1uTWSgQglLGeb+PrxOS
11tcwPPhiQzwL55/jTpVxw7m3aesPc36LjvmnQlVlzGYUyS7R+HBxppvUrXVu9Af
tZnD/pXscRyTOPeaagAmvag/fTlAr4u+5tMdnW5T3AMHL/4JAfQBaC2Rot0QyGBQ
ymDZ54eP9vFfS/wmaP2lID3zNHkK54yrKdk51xOD1Buj6mCcgjPQ6xG3rr9s6Xw1
W0DIhzFHKO1Hfm3ZzVLWiGihH+XFTpujcBmlJ8QhWUYrBuyrfEsZvPWZIoMCAraY
x20Bpg0hgjUXo3MXxhLuhaMCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBR0RZM2N8yj
CaTBYav+34d5yyqxPzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkU1M0MvMjlCODY5OTQ5MDNBMTFFRkJGMTU2RDgxQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJFNTNDLzI5Qjg2OTk0OTAzQTExRUZCRjE1NkQ4MUM0RjlBRTAyL2RFV1ROamZN
b3dta3dXR3JfdC1IZWNzcXNUOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKC/OTANBgkqhkiG9w0BAQsFAAOCAQEAYgQqHwuSmajLDNzQr6nt
kXsYpf9sMDINSME8Md3Yrpn/XxTDOt+ScV8ZOijES5xBnjJC25G5nCFdJQhycgKa
RD2ea0nc49B3As/2vBLkH6Ee7mMJpiL1kImoTgPXo+x2WoFVLZg0tewXWiF/rzH9
9mCnJGun9dQxH2usUzSY3bPsRRBfe/9PTeVfNz7KyW916hc2dIMmPSxz8zl/YlRm
ScJKOlICrl725+jf0xFU/y+coIMdDphcEBT+FRbY8g1GbIsZ0KqZ+MF+tMWgO8HO
6J+ZpCQTFWJxUdpPE6+aDIf1UYbILZtbEU13ucGPF/eY1G7fgXYt4vNkERAf5PY3
KA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:41:40 2024 by rpki-client on console-ams.rpki-client.org