Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pUy3dCqrz05Y5dTB87nRLa2RtAY.cer
File:                     pUy3dCqrz05Y5dTB87nRLa2RtAY.cer (raw, json)
Hash identifier:          7rqi4lWgJJNv96wJUvA1fv+T93VDAsjdmV+zi39Y6xc=
Subject key identifier:   A5:4C:B7:74:2A:AB:CF:4E:58:E5:D4:C1:F3:B9:D1:2D:AD:91:B4:06
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       52A8
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/pUy3dCqrz05Y5dTB87nRLa2RtAY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 26 Feb 2024 08:38:36 +0000
Certificate not after:    Wed 28 May 2025 00:00:00 +0000
Subordinate resources:    IP: 157.20.104.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21160 (0x52a8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Feb 26 08:38:36 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=A9190D72/serialNumber=A54CB7742AABCF4E58E5D4C1F3B9D12DAD91B406
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:90:cd:b5:36:62:a3:5f:75:fc:c8:a7:93:e4:
                    1f:03:af:02:41:fa:dc:9f:db:bd:8d:dc:71:ca:8b:
                    a9:4f:91:d9:89:45:34:c1:d9:6f:27:ff:1b:f3:7c:
                    80:45:77:2f:0d:d1:2f:8f:bb:c7:7a:5c:50:7c:83:
                    00:23:c5:da:56:8c:00:c7:00:72:ad:98:16:7d:49:
                    cc:49:26:a6:34:62:5a:1a:ba:f8:0c:d8:cc:ce:b2:
                    ef:8a:12:9d:26:49:aa:2f:49:c2:3f:ba:69:ec:c8:
                    a9:ab:32:15:f3:0f:7a:30:0a:87:bd:4d:47:14:18:
                    18:24:da:f8:82:c1:9c:50:5e:2a:cd:8c:1c:a2:cd:
                    b7:46:ea:ba:5d:9b:fd:20:27:99:c2:90:81:db:9e:
                    ef:91:8f:32:f0:71:fe:40:0e:6d:ab:a8:53:47:4a:
                    a2:ba:c5:db:e4:19:cd:a4:7d:91:b7:37:49:42:1d:
                    c3:02:ce:8d:7a:fd:fc:74:d0:a2:42:fe:fb:d9:0c:
                    ec:ff:42:fb:da:7a:b1:4e:90:01:97:63:84:57:bc:
                    8b:71:b6:b1:06:b1:46:03:d6:ce:75:71:02:f8:b8:
                    96:aa:bb:d2:eb:09:61:c8:18:a9:39:34:19:44:57:
                    ec:2c:6d:f4:d8:b1:ab:4d:58:df:5c:81:5f:09:fb:
                    f3:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:4C:B7:74:2A:AB:CF:4E:58:E5:D4:C1:F3:B9:D1:2D:AD:91:B4:06
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9190D72/6AC989F0D48211EE87D5D724C4F9AE02/pUy3dCqrz05Y5dTB87nRLa2RtAY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.20.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7d:26:3b:cf:a6:23:c0:14:10:81:ac:3e:9a:ca:53:12:96:f0:
         c9:e4:da:e7:fa:e3:fa:0b:c6:96:53:12:29:ad:f7:ea:c3:bc:
         c6:a8:f2:72:75:22:a2:f2:70:fb:63:ed:bd:02:1e:43:7f:e4:
         26:49:83:6c:35:79:81:4d:b9:b9:b3:71:40:c6:35:a1:b0:ae:
         ee:e9:5e:6f:cd:b1:b3:91:be:77:ad:30:58:ce:2b:b6:9c:b0:
         9d:fa:d7:c2:ab:cf:cb:9f:06:3f:c7:12:6e:47:27:14:f6:c4:
         3d:d5:02:e4:79:66:28:de:82:bc:79:41:c1:f8:e5:c5:31:bc:
         00:f8:db:87:f9:5f:bc:c0:f6:8d:67:0d:95:65:0b:dc:cd:a9:
         d7:64:a1:8c:f7:62:dc:e0:e5:dc:55:0f:1f:a5:1b:e0:0f:67:
         de:59:d6:80:a3:44:ec:ee:53:ad:09:bb:98:0a:8f:14:5d:3d:
         a6:15:1a:c1:7f:9c:4b:11:d6:f2:df:3c:d1:3a:ae:2a:f4:3c:
         9f:1f:4d:5e:f5:c3:1c:3d:87:33:e0:7f:c3:46:ab:43:d8:b2:
         b9:98:ef:fe:9d:5b:72:eb:8c:84:73:3c:8b:2f:84:c3:6d:78:
         51:6c:7e:ae:b7:bf:35:b7:7e:0c:dd:88:be:dd:05:dd:4c:2a:
         7e:c9:12:f3
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICUqgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwMjI2MDgzODM2WhcNMjUwNTI4MDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE5MEQ3MjExMC8GA1UEBRMoQTU0Q0I3NzQyQUFCQ0Y0RTU4RTVENEMx
RjNCOUQxMkRBRDkxQjQwNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AKuQzbU2YqNfdfzIp5PkHwOvAkH63J/bvY3cccqLqU+R2YlFNMHZbyf/G/N8gEV3
Lw3RL4+7x3pcUHyDACPF2laMAMcAcq2YFn1JzEkmpjRiWhq6+AzYzM6y74oSnSZJ
qi9Jwj+6aezIqasyFfMPejAKh71NRxQYGCTa+ILBnFBeKs2MHKLNt0bqul2b/SAn
mcKQgdue75GPMvBx/kAObauoU0dKorrF2+QZzaR9kbc3SUIdwwLOjXr9/HTQokL+
+9kM7P9C+9p6sU6QAZdjhFe8i3G2sQaxRgPWznVxAvi4lqq70usJYcgYqTk0GURX
7Cxt9Nixq01Y31yBXwn780MCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSlTLd0KqvP
Tljl1MHzudEtrZG0BjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTBENzIvNkFDOTg5RjBENDgyMTFFRTg3RDVENzI0QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTkwRDcyLzZBQzk4OUYwRDQ4MjExRUU4N0Q1RDcyNEM0RjlBRTAyL3BVeTNkQ3Fy
ejA1WTVkVEI4N25STGEyUnRBWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0UaDANBgkqhkiG9w0BAQsFAAOCAQEAfSY7z6YjwBQQgaw+mspT
EpbwyeTa5/rj+gvGllMSKa336sO8xqjycnUiovJw+2PtvQIeQ3/kJkmDbDV5gU25
ubNxQMY1obCu7uleb82xs5G+d60wWM4rtpywnfrXwqvPy58GP8cSbkcnFPbEPdUC
5HlmKN6CvHlBwfjlxTG8APjbh/lfvMD2jWcNlWUL3M2p12ShjPdi3ODl3FUPH6Ub
4A9n3lnWgKNE7O5TrQm7mAqPFF09phUawX+cSxHW8t880TquKvQ8nx9NXvXDHD2H
M+B/w0arQ9iyuZjv/p1bcuuMhHM8iy+Ew214UWx+rre/Nbd+DN2Ivt0F3UwqfskS
8w==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:41:40 2024 by rpki-client on console-ams.rpki-client.org