Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/s5kvDUm69qNv2mWOW0WUaVIeW0Q.cer
File:                     s5kvDUm69qNv2mWOW0WUaVIeW0Q.cer (raw, json)
Hash identifier:          P2+5nIGfRUsFPsCh7CK6YulpXmqX4wPz5U24Ytu9rx0=
Subject key identifier:   B3:99:2F:0D:49:BA:F6:A3:6F:DA:65:8E:5B:45:94:69:52:1E:5B:44
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       50C1
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A917530D/DD7E091CB64B11EE91463760C4F9AE02/s5kvDUm69qNv2mWOW0WUaVIeW0Q.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A917530D/DD7E091CB64B11EE91463760C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 18 Jan 2024 21:52:31 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    IP: 157.10.226.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20673 (0x50c1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jan 18 21:52:31 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A917530D/serialNumber=B3992F0D49BAF6A36FDA658E5B459469521E5B44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ff:52:87:37:e9:a5:4f:17:7e:d0:5c:a9:fb:
                    d9:68:f7:b3:84:f8:41:52:64:e9:01:61:71:81:29:
                    d0:d3:c5:df:65:8c:ea:5f:53:90:6e:54:c0:0f:fd:
                    0f:85:83:e8:37:1e:47:07:59:ef:e1:fa:ca:b6:ee:
                    fb:d1:c2:a5:a3:c8:d3:b6:54:65:ad:43:f7:25:14:
                    79:36:69:b4:95:0f:b8:47:da:7a:3e:f1:97:4f:5b:
                    94:a7:1b:12:df:cc:4b:5a:61:2f:96:cb:30:ef:4c:
                    a0:9b:3f:b9:9a:27:41:2b:e6:0b:9b:4f:2e:f8:84:
                    e9:31:d8:00:f5:96:a7:be:62:24:2c:fa:d2:cb:d3:
                    5b:a7:ab:10:51:4b:24:8a:14:51:1a:06:de:c8:0a:
                    2a:9e:b0:c7:ae:c1:d3:05:19:d0:a3:1c:e3:76:10:
                    84:27:d0:34:9c:d3:70:8b:59:34:76:7e:b3:78:a3:
                    69:26:26:5e:3d:87:c2:04:dc:98:33:00:10:6a:09:
                    f9:f6:0d:e1:22:e1:5c:84:9b:14:61:86:cd:6b:be:
                    84:8b:bc:de:2b:56:ca:9c:61:c2:2f:f7:af:c4:be:
                    7b:84:57:13:41:3a:21:56:72:de:d2:80:67:48:bf:
                    2c:9e:db:9b:b9:02:5f:1d:65:ed:98:36:2b:6c:98:
                    87:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:99:2F:0D:49:BA:F6:A3:6F:DA:65:8E:5B:45:94:69:52:1E:5B:44
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917530D/DD7E091CB64B11EE91463760C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917530D/DD7E091CB64B11EE91463760C4F9AE02/s5kvDUm69qNv2mWOW0WUaVIeW0Q.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.10.226.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1b:ee:06:ed:87:fb:4c:5c:d9:aa:70:6c:ea:3b:77:be:44:f6:
         e8:40:93:aa:a2:1e:2c:70:7f:1a:0f:b6:78:c0:5a:bf:70:81:
         d8:9c:db:2a:e5:6f:34:6f:a2:88:6b:db:cb:2a:ad:2a:a3:7a:
         aa:a4:50:af:42:7c:65:a6:4e:c7:37:2c:16:90:ce:14:5f:5b:
         af:4b:9f:cc:06:89:ab:af:4b:d0:8b:05:78:a1:5a:87:64:fa:
         36:9e:52:b4:53:68:c4:29:8d:be:86:37:50:e2:1f:76:a3:95:
         ce:22:2f:5c:7c:b2:4b:f2:04:cc:da:a9:ed:8e:d1:91:4d:26:
         f2:4b:8a:68:14:c9:89:54:16:ee:bd:b5:b6:75:36:30:7d:0a:
         c6:7d:3d:34:7f:4e:91:ea:54:d5:e1:b9:af:c1:3b:2a:37:3f:
         01:d2:cf:2a:45:ac:fc:0b:8f:4c:99:02:11:34:4a:aa:9e:9b:
         5f:da:e5:83:d3:82:67:57:e5:ef:71:1f:ea:0c:a7:f3:07:8e:
         80:c5:61:84:be:c4:79:08:75:8f:17:98:c8:8f:9e:df:6b:2e:
         ea:4c:68:d9:8e:fe:4b:c3:2e:d7:89:a4:c8:5f:4e:eb:06:97:
         89:ff:a8:a6:b0:49:dd:90:9e:3d:7b:ca:19:b9:e5:7f:d6:38:
         f9:b4:01:e8
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICUMEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwMTE4MjE1MjMxWhcNMjUwNTAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE3NTMwRDExMC8GA1UEBRMoQjM5OTJGMEQ0OUJBRjZBMzZGREE2NThF
NUI0NTk0Njk1MjFFNUI0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ALf/Uoc36aVPF37QXKn72Wj3s4T4QVJk6QFhcYEp0NPF32WM6l9TkG5UwA/9D4WD
6DceRwdZ7+H6yrbu+9HCpaPI07ZUZa1D9yUUeTZptJUPuEfaej7xl09blKcbEt/M
S1phL5bLMO9MoJs/uZonQSvmC5tPLviE6THYAPWWp75iJCz60svTW6erEFFLJIoU
URoG3sgKKp6wx67B0wUZ0KMc43YQhCfQNJzTcItZNHZ+s3ijaSYmXj2HwgTcmDMA
EGoJ+fYN4SLhXISbFGGGzWu+hIu83itWypxhwi/3r8S+e4RXE0E6IVZy3tKAZ0i/
LJ7bm7kCXx1l7Zg2K2yYhyUCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBSzmS8NSbr2
o2/aZY5bRZRpUh5bRDAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzUzMEQvREQ3RTA5MUNCNjRCMTFFRTkxNDYzNzYwQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTc1MzBEL0REN0UwOTFDQjY0QjExRUU5MTQ2Mzc2MEM0RjlBRTAyL3M1a3ZEVW02
OXFOdjJtV09XMFdVYVZJZVcwUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0K4jANBgkqhkiG9w0BAQsFAAOCAQEAG+4G7Yf7TFzZqnBs6jt3
vkT26ECTqqIeLHB/Gg+2eMBav3CB2JzbKuVvNG+iiGvbyyqtKqN6qqRQr0J8ZaZO
xzcsFpDOFF9br0ufzAaJq69L0IsFeKFah2T6Np5StFNoxCmNvoY3UOIfdqOVziIv
XHyyS/IEzNqp7Y7RkU0m8kuKaBTJiVQW7r21tnU2MH0Kxn09NH9OkepU1eG5r8E7
Kjc/AdLPKkWs/AuPTJkCETRKqp6bX9rlg9OCZ1fl73Ef6gyn8weOgMVhhL7EeQh1
jxeYyI+e32su6kxo2Y7+S8Mu14mkyF9O6waXif+oprBJ3ZCePXvKGbnlf9Y4+bQB
6A==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:41:40 2024 by rpki-client on console-ams.rpki-client.org