Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/uBXPhQU2i6f5dnTpuxoUAJW0_5s.cer
File:                     uBXPhQU2i6f5dnTpuxoUAJW0_5s.cer (raw, json)
Hash identifier:          rToincbi3nGlNOji06OBAQ7tC8qL9B8D7i0ZsWAEJUg=
Subject key identifier:   B8:15:CF:85:05:36:8B:A7:F9:76:74:E9:BB:1A:14:00:95:B4:FF:9B
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5CB9
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A919D88F/7BB6F210905D11EFA4F31D2EC4F9AE02/uBXPhQU2i6f5dnTpuxoUAJW0_5s.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A919D88F/7BB6F210905D11EFA4F31D2EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 22 Oct 2024 10:07:50 +0000
Certificate not after:    Sat 31 Jan 2026 00:00:00 +0000
Subordinate resources:    IP: 160.187.220.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 15:41:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23737 (0x5cb9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Oct 22 10:07:50 2024 GMT
            Not After : Jan 31 00:00:00 2026 GMT
        Subject: CN=A919D88F/serialNumber=B815CF8505368BA7F97674E9BB1A140095B4FF9B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:f9:f5:8d:b1:5d:8a:21:59:a7:e1:22:15:b3:
                    f4:61:47:dd:d1:3f:8c:47:79:29:ef:32:ef:55:db:
                    7a:1f:51:be:af:3b:2a:9a:27:52:58:64:8e:a7:35:
                    f0:0d:80:ca:37:de:22:88:29:4d:06:f5:02:5a:52:
                    e1:ca:76:17:92:f9:ed:54:e2:cb:e4:96:72:e0:ee:
                    fb:98:dc:ce:1d:4d:5b:2c:2f:9e:a9:a9:3b:86:82:
                    59:d9:80:2d:84:cd:70:e0:42:f4:84:c2:e3:14:be:
                    04:6f:c4:20:08:05:89:ec:7f:e8:cc:4f:64:cb:bc:
                    9e:dc:5f:eb:c3:73:ed:fd:fc:6e:40:5c:17:05:ce:
                    99:0b:88:49:86:88:ca:18:d1:d0:52:3b:60:27:ba:
                    86:6d:c5:ef:cb:b0:95:42:9b:bf:50:1e:a1:9a:f2:
                    36:4b:f7:cb:46:10:b1:16:49:a6:69:e3:9a:4f:78:
                    d4:a0:48:6b:87:40:4e:e1:bc:0c:3b:cb:b3:41:17:
                    93:91:54:82:c1:f2:24:48:35:31:ff:5a:1a:5b:96:
                    5a:39:f2:2e:e1:f4:b9:74:43:a0:2f:e3:31:7b:2b:
                    ac:10:6b:bd:e2:61:55:65:0c:68:38:35:10:1f:dd:
                    35:11:ed:5e:f1:28:d0:b5:d7:52:a0:00:38:a6:2a:
                    f7:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:15:CF:85:05:36:8B:A7:F9:76:74:E9:BB:1A:14:00:95:B4:FF:9B
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919D88F/7BB6F210905D11EFA4F31D2EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919D88F/7BB6F210905D11EFA4F31D2EC4F9AE02/uBXPhQU2i6f5dnTpuxoUAJW0_5s.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.187.220.0/23

    Signature Algorithm: sha256WithRSAEncryption
         31:ea:15:2e:89:ef:da:4b:c8:d7:82:a9:22:fe:c1:e4:08:de:
         e1:e1:f0:02:20:34:dd:13:61:7e:3e:44:57:f0:3a:6c:5e:f7:
         a2:fe:a1:0d:ab:25:7a:c8:67:1f:d9:0e:ec:89:1c:4e:2b:d5:
         47:e6:7c:ce:b6:8d:6d:fb:b3:e4:39:77:93:85:80:9f:15:5e:
         e0:c1:a6:d8:5f:ea:59:40:09:ee:98:f5:fe:26:b8:c9:a3:07:
         9a:40:f1:1f:61:8e:46:fc:70:e4:e6:2f:0e:f5:88:ea:3c:8e:
         c6:5d:77:02:dd:61:4a:73:18:4f:e4:29:83:10:da:d3:ab:ea:
         83:bc:b5:b4:63:ae:58:2f:15:c8:cc:c1:32:ec:5f:b8:85:6f:
         12:2c:20:04:ad:b2:ac:ca:ab:9a:c7:d1:76:11:dd:81:17:9a:
         e3:08:e6:dd:af:cb:09:54:13:b4:1b:ac:da:9e:fe:34:ff:05:
         91:15:d6:9c:91:9a:2a:d5:bb:69:71:2b:66:de:96:bd:be:8a:
         29:fa:da:6f:9f:d0:18:2a:dd:45:1d:ca:ba:be:3f:93:d4:ec:
         92:db:3e:a8:8b:23:e3:24:71:c5:17:b9:38:a1:ce:e0:5b:f2:
         c8:1b:86:6c:dd:a1:b2:0f:18:6c:81:af:48:0d:bf:cd:75:87:
         a3:24:e6:bc
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICXLkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQxMDIyMTAwNzUwWhcNMjYwMTMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE5RDg4RjExMC8GA1UEBRMoQjgxNUNGODUwNTM2OEJBN0Y5NzY3NEU5
QkIxQTE0MDA5NUI0RkY5QjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AJz59Y2xXYohWafhIhWz9GFH3dE/jEd5Ke8y71Xbeh9Rvq87KponUlhkjqc18A2A
yjfeIogpTQb1AlpS4cp2F5L57VTiy+SWcuDu+5jczh1NWywvnqmpO4aCWdmALYTN
cOBC9ITC4xS+BG/EIAgFiex/6MxPZMu8ntxf68Nz7f38bkBcFwXOmQuISYaIyhjR
0FI7YCe6hm3F78uwlUKbv1AeoZryNkv3y0YQsRZJpmnjmk941KBIa4dATuG8DDvL
s0EXk5FUgsHyJEg1Mf9aGluWWjnyLuH0uXRDoC/jMXsrrBBrveJhVWUMaDg1EB/d
NRHtXvEo0LXXUqAAOKYq98sCAwEAAaOCAvMwggLvMB0GA1UdDgQWBBS4Fc+FBTaL
p/l2dOm7GhQAlbT/mzAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUQ4OEYvN0JCNkYyMTA5MDVEMTFFRkE0RjMxRDJFQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlEODhGLzdCQjZGMjEwOTA1RDExRUZBNEYzMUQyRUM0RjlBRTAyL3VCWFBoUVUy
aTZmNWRuVHB1eG9VQUpXMF81cy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAaC73DANBgkqhkiG9w0BAQsFAAOCAQEAMeoVLonv2kvI14KpIv7B
5Aje4eHwAiA03RNhfj5EV/A6bF73ov6hDasleshnH9kO7IkcTivVR+Z8zraNbfuz
5Dl3k4WAnxVe4MGm2F/qWUAJ7pj1/ia4yaMHmkDxH2GORvxw5OYvDvWI6jyOxl13
At1hSnMYT+QpgxDa06vqg7y1tGOuWC8VyMzBMuxfuIVvEiwgBK2yrMqrmsfRdhHd
gRea4wjm3a/LCVQTtBus2p7+NP8FkRXWnJGaKtW7aXErZt6Wvb6KKfrab5/QGCrd
RR3Kur4/k9Tskts+qIsj4yRxxRe5OKHO4FvyyBuGbN2hsg8YbIGvSA2/zXWHoyTm
vA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:50:41 2024 by rpki-client on console-ams.rpki-client.org