Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pVTfPUcCf_r3y4oWbz4KEOMXeGc.cer
File:                     pVTfPUcCf_r3y4oWbz4KEOMXeGc.cer (raw, json)
Hash identifier:          sdT1Em+pdcY35Fuxj+N0gIpuY46UsZgpmU9TsSyn6ko=
Subject key identifier:   A5:54:DF:3D:47:02:7F:FA:F7:CB:8A:16:6F:3E:0A:10:E3:17:78:67
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       57D2
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A919AD11/FC5038483A8911EF9817B26AC4F9AE02/pVTfPUcCf_r3y4oWbz4KEOMXeGc.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A919AD11/FC5038483A8911EF9817B26AC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 05 Jul 2024 04:49:45 +0000
Certificate not after:    Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources:    IP: 160.25.33.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22482 (0x57d2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jul  5 04:49:45 2024 GMT
            Not After : Sep 30 00:00:00 2025 GMT
        Subject: CN=A919AD11/serialNumber=A554DF3D47027FFAF7CB8A166F3E0A10E3177867
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:4b:59:cc:55:7e:8c:c6:8d:d6:c9:16:5f:4d:
                    29:cc:ac:7f:78:74:49:f4:55:07:28:90:59:bc:3d:
                    ff:9d:e1:67:1d:d8:c1:45:97:c9:9a:b7:c2:b9:b8:
                    d7:82:dc:83:45:96:ff:3c:9e:c4:dc:83:13:06:ca:
                    49:99:3c:52:42:a2:77:7f:c5:e8:84:33:6f:48:24:
                    37:0a:6d:69:41:46:d0:c1:11:84:89:42:cf:0b:99:
                    54:1f:d6:7b:78:6e:ac:e8:96:7c:92:8c:43:0b:e0:
                    ae:46:da:fe:d3:bd:91:85:d7:19:37:24:35:50:87:
                    12:5a:eb:4a:d8:77:8d:c3:86:0a:9c:59:54:19:b1:
                    ac:91:46:89:13:7b:17:b8:b5:d2:30:76:7a:62:87:
                    67:f3:0e:2a:0f:f5:c5:ce:45:04:0d:17:ec:db:f3:
                    a9:a9:3d:f1:ff:e0:e7:7b:3e:44:d0:21:07:37:69:
                    d1:f5:85:c6:84:aa:48:f6:0d:c0:ca:52:46:e3:4b:
                    69:50:1d:c9:4e:50:cf:2b:6b:5c:bc:3f:ad:da:4b:
                    04:41:63:6f:9b:71:17:0c:0a:c8:fe:68:87:ba:88:
                    f7:6d:fc:f2:9f:e2:ec:48:47:a7:1d:0a:7a:b3:5b:
                    99:75:d4:58:db:31:c3:fa:01:4f:b3:22:df:e4:a8:
                    c7:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:54:DF:3D:47:02:7F:FA:F7:CB:8A:16:6F:3E:0A:10:E3:17:78:67
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919AD11/FC5038483A8911EF9817B26AC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919AD11/FC5038483A8911EF9817B26AC4F9AE02/pVTfPUcCf_r3y4oWbz4KEOMXeGc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.25.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         05:ca:f2:30:8b:ba:4b:c5:a4:ce:06:27:c3:9a:63:af:d3:8c:
         f6:b2:42:c0:1d:fb:7d:96:df:2b:5d:fd:7c:f0:b2:06:aa:b6:
         87:2c:81:89:9e:70:33:a7:b9:2a:89:1e:3c:aa:fa:12:8c:cf:
         2d:51:a9:68:f2:e3:4b:73:66:ca:dd:b7:b5:e5:6b:0b:a4:8b:
         4c:ce:99:f7:7d:67:00:c7:ed:3c:14:ae:c2:ac:b0:e5:ff:ba:
         c9:0a:ea:c3:8d:e6:55:df:0d:63:f2:73:57:bd:7a:06:e5:e2:
         8f:81:2f:a7:6c:99:7c:37:6a:ff:a6:d7:5e:62:a3:21:17:59:
         26:86:a0:9d:a3:84:55:68:eb:44:d1:66:f8:9f:77:02:2e:84:
         ad:38:85:80:2e:27:e4:15:cc:01:ff:9d:9f:51:99:e4:2c:8f:
         c1:c3:a1:ad:81:98:76:44:e7:b7:4e:39:cf:19:03:1b:cd:f2:
         8f:7d:3f:71:ac:b0:10:9a:d8:8a:d4:75:f2:b1:84:78:e3:5e:
         2e:e1:f5:3e:8f:aa:06:e4:1b:f3:92:26:09:0b:9e:52:16:0c:
         6f:89:f6:e8:b4:cb:dc:a4:71:b6:ee:4a:47:c9:f5:8b:a2:c2:
         9f:02:9b:f0:d3:cf:83:92:04:35:2a:19:6d:11:56:9d:cc:15:
         88:92:60:d4
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICV9IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNzA1MDQ0OTQ1WhcNMjUwOTMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE5QUQxMTExMC8GA1UEBRMoQTU1NERGM0Q0NzAyN0ZGQUY3Q0I4QTE2
NkYzRTBBMTBFMzE3Nzg2NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMRLWcxVfozGjdbJFl9NKcysf3h0SfRVByiQWbw9/53hZx3YwUWXyZq3wrm414Lc
g0WW/zyexNyDEwbKSZk8UkKid3/F6IQzb0gkNwptaUFG0MERhIlCzwuZVB/We3hu
rOiWfJKMQwvgrkba/tO9kYXXGTckNVCHElrrSth3jcOGCpxZVBmxrJFGiRN7F7i1
0jB2emKHZ/MOKg/1xc5FBA0X7Nvzqak98f/g53s+RNAhBzdp0fWFxoSqSPYNwMpS
RuNLaVAdyU5QzytrXLw/rdpLBEFjb5txFwwKyP5oh7qI92388p/i7EhHpx0KerNb
mXXUWNsxw/oBT7Mi3+Sox98CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSlVN89RwJ/
+vfLihZvPgoQ4xd4ZzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUFEMTEvRkM1MDM4NDgzQTg5MTFFRjk4MTdCMjZBQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlBRDExL0ZDNTAzODQ4M0E4OTExRUY5ODE3QjI2QUM0RjlBRTAyL3BWVGZQVWND
Zl9yM3k0b1diejRLRU9NWGVHYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKAZITANBgkqhkiG9w0BAQsFAAOCAQEABcryMIu6S8WkzgYnw5pj
r9OM9rJCwB37fZbfK139fPCyBqq2hyyBiZ5wM6e5KokePKr6EozPLVGpaPLjS3Nm
yt23teVrC6SLTM6Z931nAMftPBSuwqyw5f+6yQrqw43mVd8NY/JzV716BuXij4Ev
p2yZfDdq/6bXXmKjIRdZJoagnaOEVWjrRNFm+J93Ai6ErTiFgC4n5BXMAf+dn1GZ
5CyPwcOhrYGYdkTnt045zxkDG83yj30/caywEJrYitR18rGEeONeLuH1Po+qBuQb
85ImCQueUhYMb4n26LTL3KRxtu5KR8n1i6LCnwKb8NPPg5IENSoZbRFWncwViJJg
1A==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:30 2024 by rpki-client on console-fra.rpki-client.org