Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iH4RB6g_EXT_fj54CIjbVyO3kls.cer
File:                     iH4RB6g_EXT_fj54CIjbVyO3kls.cer (raw, json)
Hash identifier:          lUHs82I8kkBGGJTp1pj+2WykvEXU5ID8btdwdHCGfdQ=
Subject key identifier:   88:7E:11:07:A8:3F:11:74:FF:7E:3E:78:08:88:DB:57:23:B7:92:5B
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5ABC
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/iH4RB6g_EXT_fj54CIjbVyO3kls.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 09 Sep 2024 09:56:33 +0000
Certificate not after:    Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources:    IP: 160.187.20.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 15:41:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23228 (0x5abc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Sep  9 09:56:33 2024 GMT
            Not After : Dec 30 00:00:00 2025 GMT
        Subject: CN=A9155806/serialNumber=887E1107A83F1174FF7E3E780888DB5723B7925B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:1c:8a:16:f0:51:44:fb:9d:30:bd:e7:7e:70:
                    0a:8a:d9:3c:29:0e:17:81:a0:6f:00:e3:be:d0:8e:
                    4b:39:d4:51:ce:9b:51:3b:92:82:94:ea:ec:28:bc:
                    83:57:8b:51:45:7d:b3:b3:9a:08:fe:0b:2d:b0:5a:
                    e6:97:d4:71:b1:a5:71:b4:d2:00:34:e7:56:b2:a4:
                    2c:af:64:ad:3a:ab:e0:b4:62:ec:7f:0d:c3:34:10:
                    e6:1d:3f:3a:12:b4:5c:73:13:9e:7a:37:af:6b:c8:
                    cd:45:12:1a:a9:c4:52:7e:49:40:3d:5c:8a:34:e5:
                    a3:68:4c:1c:4e:54:d0:76:5f:9a:48:ea:45:04:aa:
                    57:44:4c:9e:3a:02:2a:e7:a9:b6:31:3e:a6:4a:72:
                    28:fa:78:d3:3f:4d:02:4d:a0:8f:f9:21:11:97:d1:
                    30:c1:8e:09:27:ec:df:eb:7d:86:bd:1c:0d:6e:9b:
                    d9:a2:1d:b8:18:6f:52:05:6e:5e:67:16:c6:b1:5c:
                    e5:53:8c:d5:9a:a8:bb:a1:bd:fe:61:2c:29:c8:fa:
                    fe:77:e1:90:1e:4c:fd:63:d7:51:03:f9:b9:5a:ef:
                    bb:11:97:19:e9:ea:40:73:75:12:14:0d:87:ed:c0:
                    cf:a9:e2:69:6e:dd:e4:39:d3:8a:7e:6e:56:c1:4b:
                    79:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:7E:11:07:A8:3F:11:74:FF:7E:3E:78:08:88:DB:57:23:B7:92:5B
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/iH4RB6g_EXT_fj54CIjbVyO3kls.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.187.20.0/23

    Signature Algorithm: sha256WithRSAEncryption
         64:ef:6d:46:73:fe:5c:8f:a3:2d:1d:8f:22:f5:33:8d:bf:80:
         b0:4f:c3:32:23:1a:de:ff:16:88:6e:cd:85:da:be:db:42:54:
         fb:c2:3f:82:f4:e4:80:6a:2a:75:8f:8c:79:87:91:9a:0f:cf:
         2f:53:70:0c:f4:f0:68:e6:b1:95:e1:8a:f8:4a:27:1b:69:0e:
         7f:76:8e:49:d0:4f:26:ec:f0:50:3b:69:96:ed:53:0a:a2:50:
         d2:4a:d4:1e:8d:c4:68:0e:72:1e:dc:0f:f0:d5:96:1a:46:7f:
         29:06:e0:31:24:2e:52:6f:67:2e:88:da:25:4a:3e:16:88:cd:
         4f:de:00:4f:b0:d2:ab:5c:27:6f:99:8f:5a:78:2d:6a:a1:af:
         93:0e:6e:37:a6:e4:6a:33:b1:57:0d:76:61:6c:ac:a6:ad:0a:
         dd:89:b9:a8:b6:e7:ed:8c:46:67:52:fd:a9:85:10:5a:68:b1:
         b0:1d:14:a1:05:af:4d:01:bb:71:35:06:e4:58:39:26:b1:67:
         69:3f:82:45:4b:5f:f1:25:5a:b2:4b:4e:d7:c1:f4:6a:af:bc:
         3d:e3:18:f6:2f:ce:c6:fc:4b:90:0d:51:8b:2b:29:88:36:a0:
         f4:d3:de:10:95:b6:34:7c:c0:db:4b:48:7d:63:ac:17:ff:51:
         9c:60:32:3f
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICWrwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwOTA5MDk1NjMzWhcNMjUxMjMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE1NTgwNjExMC8GA1UEBRMoODg3RTExMDdBODNGMTE3NEZGN0UzRTc4
MDg4OERCNTcyM0I3OTI1QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALIcihbwUUT7nTC9535wCorZPCkOF4GgbwDjvtCOSznUUc6bUTuSgpTq7Ci8g1eL
UUV9s7OaCP4LLbBa5pfUcbGlcbTSADTnVrKkLK9krTqr4LRi7H8NwzQQ5h0/OhK0
XHMTnno3r2vIzUUSGqnEUn5JQD1cijTlo2hMHE5U0HZfmkjqRQSqV0RMnjoCKuep
tjE+pkpyKPp40z9NAk2gj/khEZfRMMGOCSfs3+t9hr0cDW6b2aIduBhvUgVuXmcW
xrFc5VOM1Zqou6G9/mEsKcj6/nfhkB5M/WPXUQP5uVrvuxGXGenqQHN1EhQNh+3A
z6niaW7d5DnTin5uVsFLeesCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSIfhEHqD8R
dP9+PngIiNtXI7eSWzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTU4MDYvQzczOUJBRUU2RTkxMTFFRkE2MkI0QzNGQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTU1ODA2L0M3MzlCQUVFNkU5MTExRUZBNjJCNEMzRkM0RjlBRTAyL2lINFJCNmdf
RVhUX2ZqNTRDSWpiVnlPM2tscy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaC7FDANBgkqhkiG9w0BAQsFAAOCAQEAZO9tRnP+XI+jLR2PIvUz
jb+AsE/DMiMa3v8WiG7Nhdq+20JU+8I/gvTkgGoqdY+MeYeRmg/PL1NwDPTwaOax
leGK+EonG2kOf3aOSdBPJuzwUDtplu1TCqJQ0krUHo3EaA5yHtwP8NWWGkZ/KQbg
MSQuUm9nLojaJUo+FojNT94AT7DSq1wnb5mPWngtaqGvkw5uN6bkajOxVw12YWys
pq0K3Ym5qLbn7YxGZ1L9qYUQWmixsB0UoQWvTQG7cTUG5Fg5JrFnaT+CRUtf8SVa
sktO18H0aq+8PeMY9i/OxvxLkA1RiyspiDag9NPeEJW2NHzA20tIfWOsF/9RnGAy
Pw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:50:40 2024 by rpki-client on console-ams.rpki-client.org