Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kap3g_sCeBmDjEqRyRxg1B-z7qs.cer
File:                     kap3g_sCeBmDjEqRyRxg1B-z7qs.cer (raw, json)
Hash identifier:          e49ntj/35nBex8eg9OjcjYAlPKLhOvm5TssUsmLZwfU=
Subject key identifier:   91:AA:77:83:FB:02:78:19:83:8C:4A:91:C9:1C:60:D4:1F:B3:EE:AB
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5C01
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9179672/E5F45AD05F5411EF8D18BE23C4F9AE02/kap3g_sCeBmDjEqRyRxg1B-z7qs.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9179672/E5F45AD05F5411EF8D18BE23C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 09 Oct 2024 06:27:20 +0000
Certificate not after:    Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources:    IP: 192.206.152.0 -- 192.206.157.255

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 15:41:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23553 (0x5c01)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Oct  9 06:27:20 2024 GMT
            Not After : Dec 30 00:00:00 2025 GMT
        Subject: CN=A9179672/serialNumber=91AA7783FB027819838C4A91C91C60D41FB3EEAB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:88:6e:ff:b4:2b:29:ca:c4:03:4c:11:1c:3b:
                    7d:cb:95:86:71:e1:a0:bb:88:91:63:36:33:f4:68:
                    d6:46:4e:d4:3b:3d:38:e6:ef:26:ee:69:2d:4a:b2:
                    26:a1:1e:c2:3f:00:43:25:15:14:b0:b5:f6:0f:33:
                    ff:27:75:06:75:a3:a2:3b:0a:a3:eb:e3:10:94:8b:
                    aa:a6:c2:cc:c1:04:e8:dd:ba:c4:48:ac:bc:78:c1:
                    e2:42:1c:2b:5f:69:1e:92:85:b8:c2:82:32:10:a5:
                    d3:24:ef:97:2b:c8:66:b9:ae:48:05:2b:77:3a:c5:
                    cc:d6:b5:d8:63:8c:69:18:07:d7:e7:43:bf:33:1c:
                    b9:40:9c:b7:61:90:a8:8c:89:27:c6:24:d1:de:5d:
                    ef:4b:47:b5:2a:ca:44:bb:5a:28:0d:68:0a:39:b9:
                    97:2b:04:c0:23:87:71:9b:4f:af:3d:d7:51:b5:c4:
                    ee:48:6e:19:c3:7e:51:80:54:5d:6f:3a:4e:ba:c3:
                    c9:fd:ff:80:41:9d:c4:b9:76:14:be:aa:65:82:3c:
                    84:eb:d6:0d:6d:45:dc:8f:4e:b1:66:d4:88:be:35:
                    2a:1f:01:03:15:bd:0b:d7:b8:a2:d7:96:bb:99:9e:
                    bb:aa:5d:eb:b0:d4:10:68:9c:6e:19:f2:3c:d1:5f:
                    11:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:AA:77:83:FB:02:78:19:83:8C:4A:91:C9:1C:60:D4:1F:B3:EE:AB
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9179672/E5F45AD05F5411EF8D18BE23C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9179672/E5F45AD05F5411EF8D18BE23C4F9AE02/kap3g_sCeBmDjEqRyRxg1B-z7qs.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.206.152.0-192.206.157.255

    Signature Algorithm: sha256WithRSAEncryption
         ad:e2:72:97:b6:7d:d4:ce:6c:e8:2f:57:21:1d:ab:69:a3:b0:
         6b:e0:eb:d2:94:49:5d:b8:fa:d4:25:90:05:79:8a:f4:5c:5b:
         ce:b3:9b:19:4e:71:94:fe:5c:c6:36:98:61:27:d0:94:af:f8:
         1a:67:29:0d:31:c4:05:ad:d7:cb:49:33:95:45:fe:4a:21:26:
         ff:bf:ea:58:5c:6b:56:57:77:9c:4c:76:3e:5a:83:5f:03:27:
         49:5f:1c:dc:69:bf:12:65:68:84:05:97:93:a1:99:97:3b:98:
         5b:42:f7:5f:05:c3:7b:54:e4:ca:ad:a6:ad:f5:14:ee:03:ed:
         eb:76:30:7d:9b:51:2f:df:cb:d3:34:a8:3b:25:28:d9:0b:31:
         c2:5c:df:32:59:83:e7:a7:57:81:fb:55:c5:56:20:a7:03:74:
         29:d1:4f:44:e2:03:99:3a:84:18:70:54:f8:27:1c:99:11:af:
         76:df:b9:eb:6c:18:65:0b:3a:b9:34:08:86:73:82:c3:84:f2:
         ad:17:6c:b0:ff:9e:40:43:fe:18:8b:61:e0:7a:12:64:9f:fe:
         6c:f9:b1:d4:b7:11:a8:29:4a:97:89:8c:bd:72:5e:b7:b1:93:
         65:b6:1e:c8:c2:c8:4e:d0:d9:b3:a2:f2:7f:9c:63:59:08:6e:
         f2:28:2b:20
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgICXAEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMDA5MDYyNzIwWhcNMjUxMjMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE3OTY3MjExMC8GA1UEBRMoOTFBQTc3ODNGQjAyNzgxOTgzOEM0QTkx
QzkxQzYwRDQxRkIzRUVBQjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMOIbv+0KynKxANMERw7fcuVhnHhoLuIkWM2M/Ro1kZO1Ds9OObvJu5pLUqyJqEe
wj8AQyUVFLC19g8z/yd1BnWjojsKo+vjEJSLqqbCzMEE6N26xEisvHjB4kIcK19p
HpKFuMKCMhCl0yTvlyvIZrmuSAUrdzrFzNa12GOMaRgH1+dDvzMcuUCct2GQqIyJ
J8Yk0d5d70tHtSrKRLtaKA1oCjm5lysEwCOHcZtPrz3XUbXE7khuGcN+UYBUXW86
TrrDyf3/gEGdxLl2FL6qZYI8hOvWDW1F3I9OsWbUiL41Kh8BAxW9C9e4oteWu5me
u6pd67DUEGicbhnyPNFfER8CAwEAAaOCAvswggL3MB0GA1UdDgQWBBSRqneD+wJ4
GYOMSpHJHGDUH7PuqzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Nzk2NzIvRTVGNDVBRDA1RjU0MTFFRjhEMThCRTIzQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTc5NjcyL0U1RjQ1QUQwNUY1NDExRUY4RDE4QkUyM0M0RjlBRTAyL2thcDNnX3ND
ZUJtRGpFcVJ5UnhnMUItejdxcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQYMBYw
FAQCAAEwDjAMAwQDwM6YAwQBwM6cMA0GCSqGSIb3DQEBCwUAA4IBAQCt4nKXtn3U
zmzoL1chHatpo7Br4OvSlElduPrUJZAFeYr0XFvOs5sZTnGU/lzGNphhJ9CUr/ga
ZykNMcQFrdfLSTOVRf5KISb/v+pYXGtWV3ecTHY+WoNfAydJXxzcab8SZWiEBZeT
oZmXO5hbQvdfBcN7VOTKraat9RTuA+3rdjB9m1Ev38vTNKg7JSjZCzHCXN8yWYPn
p1eB+1XFViCnA3Qp0U9E4gOZOoQYcFT4JxyZEa9237nrbBhlCzq5NAiGc4LDhPKt
F2yw/55AQ/4Yi2HgehJkn/5s+bHUtxGoKUqXiYy9cl63sZNlth7IwshO0NmzovJ/
nGNZCG7yKCsg
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:50:41 2024 by rpki-client on console-ams.rpki-client.org