Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iruZJsMSoUFJxSMLpV-oz1uJquE.cer
File:                     iruZJsMSoUFJxSMLpV-oz1uJquE.cer (raw, json)
Hash identifier:          d40skIxgjd+qnseGShXOStyltixeFQ5Gncl6TtDnPDE=
Subject key identifier:   8A:BB:99:26:C3:12:A1:41:49:C5:23:0B:A5:5F:A8:CF:5B:89:AA:E1
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       53BD
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91E8C52/B46CD77E91B911EB9C5B4618C4F9AE02/iruZJsMSoUFJxSMLpV-oz1uJquE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91E8C52/B46CD77E91B911EB9C5B4618C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 25 Mar 2024 00:25:22 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    IP: 192.245.185.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 02:50:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21437 (0x53bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Mar 25 00:25:22 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A91E8C52/serialNumber=8ABB9926C312A14149C5230BA55FA8CF5B89AAE1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:55:bb:74:14:18:b5:9d:05:16:43:d8:49:1a:
                    42:78:34:94:ef:db:0e:8b:ac:e7:b0:dd:77:a7:6a:
                    b6:b0:cb:e2:8e:ca:73:f1:dd:b3:34:71:f5:58:ab:
                    19:03:6b:b7:19:88:0f:07:6e:e4:e3:1f:46:7b:d1:
                    2d:1e:50:8d:f4:ec:e2:03:5d:b7:06:97:75:70:05:
                    a0:2c:24:5b:aa:de:c0:81:8f:37:0f:c1:ac:b8:98:
                    9f:40:2a:c7:6f:5a:2d:26:66:41:03:74:06:c7:fe:
                    14:b5:92:6e:43:4c:87:ae:43:cc:f4:cb:cf:49:0e:
                    31:ab:dd:e9:eb:85:9b:9b:05:ed:2d:98:a3:39:5c:
                    38:65:f2:67:2d:b7:96:5b:cb:6d:d5:03:67:39:7e:
                    86:a3:1d:f2:46:53:79:28:23:78:a1:18:3c:83:da:
                    22:65:49:07:71:ec:68:1c:a7:00:e9:85:90:81:1f:
                    6b:c1:dc:93:4f:e5:20:f0:5d:17:2c:0c:04:33:a2:
                    39:ee:83:77:3e:ad:9f:37:11:28:60:1e:63:d2:1b:
                    05:44:b7:c4:65:3a:60:85:c2:5f:af:36:7a:3d:9e:
                    8e:55:b9:e7:e3:33:26:08:23:19:57:e1:99:f8:66:
                    81:74:25:b2:d8:9f:d1:97:63:7e:db:88:65:19:16:
                    4a:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:BB:99:26:C3:12:A1:41:49:C5:23:0B:A5:5F:A8:CF:5B:89:AA:E1
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E8C52/B46CD77E91B911EB9C5B4618C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E8C52/B46CD77E91B911EB9C5B4618C4F9AE02/iruZJsMSoUFJxSMLpV-oz1uJquE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.245.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         79:f9:11:fb:7c:b7:e2:4d:f7:9e:d7:a2:5f:a8:3c:ad:17:89:
         47:b2:2e:d9:d3:0b:bc:85:65:35:11:8f:27:eb:48:80:f8:92:
         bd:fe:15:09:b6:15:f7:d1:66:64:ed:1b:aa:35:05:86:8c:21:
         0a:9e:7c:1e:91:c3:3e:95:e4:ba:a7:4a:2a:26:e3:cc:65:e2:
         73:c8:70:fd:86:99:57:ea:3d:4e:ff:23:59:9d:8a:a0:8d:22:
         3f:06:06:92:aa:ef:49:04:0c:d9:c4:14:a0:68:3f:b8:15:e3:
         98:a4:90:22:1a:b3:9a:32:de:63:44:99:e5:78:72:23:5c:c8:
         0c:c2:e0:1a:4e:b9:f7:77:f2:6b:e6:e2:9b:91:8e:d7:46:95:
         bf:9d:98:f7:70:4b:11:80:23:4a:da:51:75:4c:7b:f6:89:31:
         1f:4e:d6:fa:f9:5f:a8:d6:d2:bb:59:fe:ea:3b:93:90:5f:a0:
         d8:92:8f:8a:40:50:e3:af:4c:76:17:f0:66:4e:94:d6:51:c2:
         b6:99:43:f2:30:4f:42:89:73:ff:2a:35:47:12:fe:53:97:d8:
         eb:6b:8a:0d:29:31:4b:c2:a9:f4:c8:08:6e:29:fd:1e:dd:ac:
         c3:24:0b:68:f7:d8:2e:43:3e:92:7e:83:5c:b7:6b:f9:56:d0:
         30:2e:3a:43
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICU70wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwMzI1MDAyNTIyWhcNMjUwNzAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFFOEM1MjExMC8GA1UEBRMoOEFCQjk5MjZDMzEyQTE0MTQ5QzUyMzBC
QTU1RkE4Q0Y1Qjg5QUFFMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AOZVu3QUGLWdBRZD2EkaQng0lO/bDous57Ddd6dqtrDL4o7Kc/HdszRx9VirGQNr
txmIDwdu5OMfRnvRLR5QjfTs4gNdtwaXdXAFoCwkW6rewIGPNw/BrLiYn0Aqx29a
LSZmQQN0Bsf+FLWSbkNMh65DzPTLz0kOMavd6euFm5sF7S2YozlcOGXyZy23llvL
bdUDZzl+hqMd8kZTeSgjeKEYPIPaImVJB3HsaBynAOmFkIEfa8Hck0/lIPBdFywM
BDOiOe6Ddz6tnzcRKGAeY9IbBUS3xGU6YIXCX682ej2ejlW55+MzJggjGVfhmfhm
gXQlstif0ZdjftuIZRkWSksCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSKu5kmwxKh
QUnFIwulX6jPW4mq4TAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThDNTIvQjQ2Q0Q3N0U5MUI5MTFFQjlDNUI0NjE4QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU4QzUyL0I0NkNENzdFOTFCOTExRUI5QzVCNDYxOEM0RjlBRTAyL2lydVpKc01T
b1VGSnhTTUxwVi1vejF1SnF1RS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAMD1uTANBgkqhkiG9w0BAQsFAAOCAQEAefkR+3y34k33nteiX6g8
rReJR7Iu2dMLvIVlNRGPJ+tIgPiSvf4VCbYV99FmZO0bqjUFhowhCp58HpHDPpXk
uqdKKibjzGXic8hw/YaZV+o9Tv8jWZ2KoI0iPwYGkqrvSQQM2cQUoGg/uBXjmKSQ
IhqzmjLeY0SZ5XhyI1zIDMLgGk6593fya+bim5GO10aVv52Y93BLEYAjStpRdUx7
9okxH07W+vlfqNbSu1n+6juTkF+g2JKPikBQ469MdhfwZk6U1lHCtplD8jBPQolz
/yo1RxL+U5fY62uKDSkxS8Kp9MgIbin9Ht2swyQLaPfYLkM+kn6DXLdr+VbQMC46
Qw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:25:08 2024 by rpki-client on console-ams.rpki-client.org