Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/u8EDVhr9epMDbRxy3UwKfCpOKc4.cer
File:                     u8EDVhr9epMDbRxy3UwKfCpOKc4.cer (raw, json)
Hash identifier:          7jV3EQ8BJBf1flF2LG9xKZl1H5Fe9qhSKRCsy+2BRFg=
Subject key identifier:   BB:C1:03:56:1A:FD:7A:93:03:6D:1C:72:DD:4C:0A:7C:2A:4E:29:CE
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       4F60
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 13 Dec 2023 00:54:13 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 139.163.0.0/16
                          IP: 168.134.0.0/16

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 06:55:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20320 (0x4f60)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Dec 13 00:54:13 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A91F277D/serialNumber=BBC103561AFD7A93036D1C72DD4C0A7C2A4E29CE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:a5:3e:ef:7f:6a:5a:a4:32:a3:b6:64:d6:14:
                    6d:b0:8b:ba:15:17:b3:48:1c:97:fc:53:f2:01:60:
                    de:40:85:29:03:b4:4d:db:8c:76:db:15:d7:37:26:
                    0d:1d:d5:13:4b:74:45:e5:62:f8:27:62:04:31:47:
                    f4:2b:43:75:2f:6b:12:15:a2:5c:64:f9:1b:e3:cd:
                    56:7e:06:e1:50:7d:1f:b9:92:98:e3:ce:44:b8:d3:
                    5a:57:0d:14:4b:4d:1a:07:79:b3:96:6e:4c:76:b9:
                    49:fc:42:8a:a9:ae:0e:d5:9f:44:45:18:77:6b:94:
                    59:a2:77:2a:0e:cb:a7:53:bf:1f:9b:5c:69:bb:ec:
                    dd:01:66:44:ad:dc:ec:12:41:50:45:1b:2e:7b:da:
                    f8:47:e7:61:66:6e:3c:e2:dc:93:eb:08:29:c7:db:
                    4f:a6:65:5a:0e:b8:12:37:41:e2:e6:b2:ec:4e:a0:
                    11:7f:b6:c2:4b:01:03:a3:e3:a2:0f:ad:de:59:bd:
                    4e:c8:20:c3:07:c0:5d:51:9c:52:fd:93:95:15:9d:
                    b5:b7:28:59:67:bc:90:48:0d:8a:61:9f:76:8f:a0:
                    d4:1d:4a:3a:02:e7:2a:4e:19:21:f1:ef:5a:77:11:
                    e2:cf:66:bf:27:8f:4e:72:96:e9:6d:d0:d2:eb:22:
                    88:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:C1:03:56:1A:FD:7A:93:03:6D:1C:72:DD:4C:0A:7C:2A:4E:29:CE
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F277D/78A1D08E8D6B11EB9840E05FC4F9AE02/u8EDVhr9epMDbRxy3UwKfCpOKc4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.163.0.0/16
                  168.134.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         bb:50:7f:bc:05:2e:f3:06:b9:9d:62:22:80:a0:6f:44:1a:51:
         de:dc:3f:15:4c:5f:af:53:29:04:1b:93:9f:ce:ad:6b:d9:de:
         61:1a:4e:07:c1:7a:1b:5e:f1:71:44:1b:3b:8c:bc:c0:f1:3c:
         1d:e8:e5:69:d8:2c:c4:20:f5:4a:a4:28:7a:72:16:4a:79:43:
         b5:40:3b:17:84:c9:d2:86:c0:d8:d9:f0:f0:f5:89:d3:0d:e8:
         e2:c9:7a:4a:89:4d:af:fa:85:c0:5e:62:69:3b:f3:65:90:0c:
         97:41:5d:80:2c:55:2a:0c:66:55:68:df:d4:25:6b:38:3a:f4:
         97:28:04:b7:8d:ca:8d:4e:bb:53:1d:a8:42:9d:a8:07:3d:66:
         98:8f:04:08:2d:e4:09:d9:a3:6d:c6:e1:c3:0d:0d:02:4d:a6:
         6f:43:6f:0a:66:02:98:f2:9d:4e:38:f3:07:84:f0:07:0a:b8:
         4d:28:cd:46:e5:a3:14:75:b4:2d:60:87:fd:bb:80:85:4d:cc:
         79:c0:a4:e6:b1:55:df:8f:42:22:6d:f7:78:17:dc:3a:94:81:
         b3:0d:9a:25:78:7d:5c:00:0a:ae:56:fa:81:7a:ae:28:8f:ce:
         c5:61:20:af:ea:0c:6e:da:5f:97:d4:77:9f:3e:bc:40:65:70:
         0b:ed:27:20
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgICT2AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMxMjEzMDA1NDEzWhcNMjUwMzAyMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFGMjc3RDExMC8GA1UEBRMoQkJDMTAzNTYxQUZEN0E5MzAzNkQxQzcy
REQ0QzBBN0MyQTRFMjlDRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMelPu9/alqkMqO2ZNYUbbCLuhUXs0gcl/xT8gFg3kCFKQO0TduMdtsV1zcmDR3V
E0t0ReVi+CdiBDFH9CtDdS9rEhWiXGT5G+PNVn4G4VB9H7mSmOPORLjTWlcNFEtN
Ggd5s5ZuTHa5SfxCiqmuDtWfREUYd2uUWaJ3Kg7Lp1O/H5tcabvs3QFmRK3c7BJB
UEUbLnva+EfnYWZuPOLck+sIKcfbT6ZlWg64EjdB4uay7E6gEX+2wksBA6Pjog+t
3lm9TsggwwfAXVGcUv2TlRWdtbcoWWe8kEgNimGfdo+g1B1KOgLnKk4ZIfHvWncR
4s9mvyePTnKW6W3Q0usiiFsCAwEAAaOCAvcwggLzMB0GA1UdDgQWBBS7wQNWGv16
kwNtHHLdTAp8Kk4pzjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjI3N0QvNzhBMUQwOEU4RDZCMTFFQjk4NDBFMDVGQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUYyNzdELzc4QTFEMDhFOEQ2QjExRUI5ODQwRTA1RkM0RjlBRTAyL3U4RURWaHI5
ZXBNRGJSeHkzVXdLZkNwT0tjNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAjBggrBgEFBQcBBwEB/wQUMBIw
EAQCAAEwCgMDAIujAwMAqIYwDQYJKoZIhvcNAQELBQADggEBALtQf7wFLvMGuZ1i
IoCgb0QaUd7cPxVMX69TKQQbk5/OrWvZ3mEaTgfBehte8XFEGzuMvMDxPB3o5WnY
LMQg9UqkKHpyFkp5Q7VAOxeEydKGwNjZ8PD1idMN6OLJekqJTa/6hcBeYmk782WQ
DJdBXYAsVSoMZlVo39Qlazg69JcoBLeNyo1Ou1MdqEKdqAc9ZpiPBAgt5AnZo23G
4cMNDQJNpm9DbwpmApjynU448weE8AcKuE0ozUbloxR1tC1gh/27gIVNzHnApOax
Vd+PQiJt93gX3DqUgbMNmiV4fVwACq5W+oF6riiPzsVhIK/qDG7aX5fUd58+vEBl
cAvtJyA=
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:16:20 2024 by rpki-client on console-ams.rpki-client.org