Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/v0XUfn-P0XfUWSxDS8-WK8Coxmk.cer
File:                     v0XUfn-P0XfUWSxDS8-WK8Coxmk.cer (raw, json)
Hash identifier:          ySG5VscVnkSh9fSwf4HbuO0JJaYvCZ+/e9onSesl+is=
Subject key identifier:   BF:45:D4:7E:7F:8F:D1:77:D4:59:2C:43:4B:CF:96:2B:C0:A8:C6:69
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       4D95
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91168B5/2B0BFD98F6E011E692A20B87C4F9AE02/v0XUfn-P0XfUWSxDS8-WK8Coxmk.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91168B5/2B0BFD98F6E011E692A20B87C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 21 Sep 2023 12:31:30 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    IP: 132.181.0.0/16

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 15:53:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19861 (0x4d95)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Sep 21 12:31:30 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A91168B5/serialNumber=BF45D47E7F8FD177D4592C434BCF962BC0A8C669
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:db:6a:4e:18:48:19:95:f1:b0:b2:0e:2b:7a:
                    d4:75:90:1a:81:de:ac:20:07:7a:c1:5d:15:40:38:
                    82:05:4d:18:ba:94:d6:17:44:08:1b:90:bc:52:53:
                    c6:2e:a5:76:1d:2b:5e:ef:c1:c4:1c:79:9d:b5:a9:
                    44:3d:40:dd:8f:44:fe:e5:24:82:df:d9:36:9e:61:
                    87:98:52:ac:16:59:9b:f8:da:e8:b7:c0:bc:bf:51:
                    50:cc:af:fd:76:c3:a2:8b:ad:0f:c1:3c:df:03:b9:
                    8f:83:e2:9f:86:f6:0f:36:2b:4d:07:6a:ff:82:eb:
                    2b:f6:fb:d5:82:4c:af:1f:fc:09:60:31:72:f0:69:
                    95:60:5c:ac:2e:42:1b:cc:af:20:da:14:f8:53:a1:
                    99:60:04:ea:5c:cf:4d:5f:f4:b8:b7:2d:c3:08:fa:
                    e5:a1:7f:4e:d0:31:a3:7b:93:69:86:d7:90:ac:fa:
                    21:b9:c1:2e:9a:a3:15:30:5a:fb:cf:47:74:b2:0a:
                    36:a7:5d:6a:e4:14:fa:04:a5:5e:6e:41:5e:4a:61:
                    86:88:b1:e2:43:ca:5b:d5:09:ba:02:7e:d5:a5:28:
                    3a:71:e0:e3:03:c9:70:48:ce:f7:ee:09:53:a3:fc:
                    17:3e:dc:c8:bf:59:83:06:85:02:9e:58:53:31:5d:
                    67:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:45:D4:7E:7F:8F:D1:77:D4:59:2C:43:4B:CF:96:2B:C0:A8:C6:69
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91168B5/2B0BFD98F6E011E692A20B87C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91168B5/2B0BFD98F6E011E692A20B87C4F9AE02/v0XUfn-P0XfUWSxDS8-WK8Coxmk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  132.181.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         a6:cc:04:5b:78:72:46:2f:47:e2:2d:20:e8:c6:34:74:f5:d6:
         00:34:17:90:81:2c:bb:68:98:6d:c4:63:54:c0:5b:7d:eb:7b:
         15:7d:cd:d8:3a:9f:4e:9a:c2:fd:a2:46:ed:cb:8c:94:85:45:
         36:e9:ba:ce:6a:f4:04:bf:de:96:78:aa:e5:3f:66:39:2e:99:
         16:16:02:f9:86:7b:57:71:28:42:17:84:f0:c2:3c:0d:25:e6:
         46:1b:cf:fd:c9:56:17:54:5a:86:bb:80:96:95:c6:42:ca:0f:
         9d:ce:72:4d:2e:75:fc:b3:b0:6a:dd:6f:8b:c5:e5:6f:de:95:
         4c:b5:64:18:88:dd:15:55:80:88:3c:85:c0:37:23:6b:a4:5a:
         63:bb:4d:0a:05:05:fd:77:ac:b9:06:65:3c:f3:e9:f1:49:b1:
         db:70:ec:66:22:6c:e9:3a:43:aa:19:a7:95:3e:22:ec:11:fc:
         e7:3c:e8:55:85:fc:4f:12:a5:d3:11:b4:5a:5e:da:a2:0e:5c:
         03:cc:ed:0e:c5:37:02:30:9f:a2:c2:9c:49:5a:a6:e3:53:58:
         85:6b:e3:a2:14:cf:5d:ed:a7:75:9c:ef:ef:09:14:1f:0e:bf:
         e5:30:3b:29:d1:c4:ba:2e:8c:24:13:3f:c7:de:dc:de:9b:8e:
         2e:e6:54:1c
-----BEGIN CERTIFICATE-----
MIIF/DCCBOSgAwIBAgICTZUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjMwOTIxMTIzMTMwWhcNMjQxMjAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTExNjhCNTExMC8GA1UEBRMoQkY0NUQ0N0U3RjhGRDE3N0Q0NTkyQzQz
NEJDRjk2MkJDMEE4QzY2OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANLbak4YSBmV8bCyDit61HWQGoHerCAHesFdFUA4ggVNGLqU1hdECBuQvFJTxi6l
dh0rXu/BxBx5nbWpRD1A3Y9E/uUkgt/ZNp5hh5hSrBZZm/ja6LfAvL9RUMyv/XbD
ooutD8E83wO5j4Pin4b2DzYrTQdq/4LrK/b71YJMrx/8CWAxcvBplWBcrC5CG8yv
INoU+FOhmWAE6lzPTV/0uLctwwj65aF/TtAxo3uTaYbXkKz6IbnBLpqjFTBa+89H
dLIKNqddauQU+gSlXm5BXkphhoix4kPKW9UJugJ+1aUoOnHg4wPJcEjO9+4JU6P8
Fz7cyL9ZgwaFAp5YUzFdZ8MCAwEAAaOCAvIwggLuMB0GA1UdDgQWBBS/RdR+f4/R
d9RZLENLz5YrwKjGaTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY4QjUvMkIwQkZEOThGNkUwMTFFNjkyQTIwQjg3QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE2OEI1LzJCMEJGRDk4RjZFMDExRTY5MkEyMEI4N0M0RjlBRTAyL3YwWFVmbi1Q
MFhmVVdTeERTOC1XSzhDb3htay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAeBggrBgEFBQcBBwEB/wQPMA0w
CwQCAAEwBQMDAIS1MA0GCSqGSIb3DQEBCwUAA4IBAQCmzARbeHJGL0fiLSDoxjR0
9dYANBeQgSy7aJhtxGNUwFt963sVfc3YOp9OmsL9okbty4yUhUU26brOavQEv96W
eKrlP2Y5LpkWFgL5hntXcShCF4TwwjwNJeZGG8/9yVYXVFqGu4CWlcZCyg+dznJN
LnX8s7Bq3W+LxeVv3pVMtWQYiN0VVYCIPIXANyNrpFpju00KBQX9d6y5BmU88+nx
SbHbcOxmImzpOkOqGaeVPiLsEfznPOhVhfxPEqXTEbRaXtqiDlwDzO0OxTcCMJ+i
wpxJWqbjU1iFa+OiFM9d7ad1nO/vCRQfDr/lMDsp0cS6LowkEz/H3tzem44u5lQc
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:48:05 2024 by rpki-client on console-fra.rpki-client.org