Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vHqQXqdjznAvwm3A_C-4JUK8EwA.cer
File:                     vHqQXqdjznAvwm3A_C-4JUK8EwA.cer (raw, json)
Hash identifier:          8KFrg2M8iEYp2J5rBIo/zRhISrhKNP6jY3jc1RelqbI=
Subject key identifier:   BC:7A:90:5E:A7:63:CE:70:2F:C2:6D:C0:FC:2F:B8:25:42:BC:13:00
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       4262
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91A129B/38C35252343E11E680B1E72CC4F9AE02/vHqQXqdjznAvwm3A_C-4JUK8EwA.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91A129B/38C35252343E11E680B1E72CC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 24 May 2022 03:26:23 +0000
Certificate not after:    Sun 30 Jul 2023 00:00:00 +0000
Subordinate resources:    IP: 40.162.0.0/16
                          IP: 128.94.0.0/16
                          IP: 135.149.0.0/16
                          IP: 138.239.0.0/16
                          IP: 147.145.0.0/16
                          IP: 148.7.0.0/16
                          IP: 155.62.0.0/16
                          IP: 158.23.0.0/16
                          IP: 158.158.0.0/16
                          IP: 167.105.0.0/16
                          IP: 167.220.224.0 -- 167.220.243.255
                          IP: 167.220.248.0/21
                          IP: 169.138.0.0/16
                          IP: 170.165.0.0/16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16994 (0x4262)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: May 24 03:26:23 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=A91A129B/serialNumber=BC7A905EA763CE702FC26DC0FC2FB82542BC1300
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:f3:ac:80:aa:a8:ee:3a:d9:ea:75:54:71:1a:
                    49:72:c7:d8:d7:6d:23:9e:72:b8:15:0f:24:27:9f:
                    de:cc:63:59:41:22:1a:fb:83:a9:8e:b2:85:02:90:
                    d0:08:38:67:ca:a3:4a:77:4e:25:bd:de:37:bb:3a:
                    94:61:b9:fb:0a:c4:8f:56:2a:12:29:d2:eb:41:d1:
                    11:5f:2b:b6:e1:8c:81:72:b4:58:64:24:bb:63:fa:
                    db:66:1b:52:35:a1:37:d9:55:99:2f:e3:dc:cc:42:
                    ea:ed:0b:9f:29:d0:9f:70:5e:46:61:1d:3b:c7:2b:
                    ae:b0:3b:19:7b:9a:e8:33:35:04:fa:32:ee:10:7a:
                    95:87:de:6f:a4:72:21:8a:22:41:b9:1a:d8:06:b8:
                    db:90:9f:54:5d:ad:b1:2d:f5:fb:cb:b4:b3:0c:63:
                    a2:28:33:e9:18:d4:f2:1b:2f:ed:b7:f7:67:fa:c9:
                    10:de:df:f9:e2:1c:3f:e5:80:e2:1e:96:52:11:16:
                    61:fc:ec:78:a4:5c:2e:5f:9d:fe:a6:0d:12:87:b9:
                    21:e9:f2:0a:8e:67:62:d6:d8:19:37:a0:5f:20:d5:
                    71:9b:5e:96:a4:15:d6:61:82:c5:ce:75:a0:3a:8e:
                    d3:d5:48:63:c4:74:4a:fc:19:06:a2:83:1a:94:1b:
                    0c:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:7A:90:5E:A7:63:CE:70:2F:C2:6D:C0:FC:2F:B8:25:42:BC:13:00
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A129B/38C35252343E11E680B1E72CC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A129B/38C35252343E11E680B1E72CC4F9AE02/vHqQXqdjznAvwm3A_C-4JUK8EwA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  40.162.0.0/16
                  128.94.0.0/16
                  135.149.0.0/16
                  138.239.0.0/16
                  147.145.0.0/16
                  148.7.0.0/16
                  155.62.0.0/16
                  158.23.0.0/16
                  158.158.0.0/16
                  167.105.0.0/16
                  167.220.224.0-167.220.243.255
                  167.220.248.0/21
                  169.138.0.0/16
                  170.165.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         2f:c5:eb:ea:c9:74:fd:41:f2:53:9f:41:02:f8:44:ac:33:cd:
         ef:84:58:e2:68:97:7d:65:5c:0f:2d:1f:f9:8c:9c:50:3d:a6:
         26:b9:3e:bc:02:0b:7e:55:47:df:dc:e6:1b:c2:cd:af:0a:17:
         35:d5:ea:07:a0:c5:88:79:25:8f:f7:c1:f9:69:6a:2a:35:75:
         95:d4:dc:1d:8b:fc:bb:fc:d1:4c:9f:7d:23:83:d8:ba:45:f0:
         71:ed:7a:d6:ee:d5:e3:30:35:c5:ed:a9:c2:78:93:39:1d:bb:
         63:39:dc:60:ed:de:61:c3:1b:92:c1:94:0b:e8:29:72:63:4d:
         7f:b3:6f:37:a8:4a:00:20:be:40:a2:67:bc:ea:df:d4:2e:65:
         7e:9d:db:f7:23:e8:35:33:80:7c:7b:a1:a8:7a:ba:5e:c0:48:
         8b:79:b4:a6:33:d8:29:80:1a:36:e5:14:f2:6d:7a:ed:38:ae:
         ec:40:7f:a4:b9:e6:0d:97:24:e4:76:11:a4:1c:1e:65:a0:70:
         5c:38:a4:33:51:7e:5c:8c:e7:56:5b:ca:8d:a6:56:46:55:a1:
         ed:d1:34:51:4c:5c:01:69:3e:96:b0:c1:cf:b5:f6:8d:6d:e9:
         d9:a3:25:30:75:95:9c:0b:8e:dc:ee:17:31:42:e1:b1:98:6f:
         2e:74:20:ea
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgICQmIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjIwNTI0MDMyNjIzWhcNMjMwNzMwMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFBMTI5QjExMC8GA1UEBRMoQkM3QTkwNUVBNzYzQ0U3MDJGQzI2REMw
RkMyRkI4MjU0MkJDMTMwMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AK3zrICqqO462ep1VHEaSXLH2NdtI55yuBUPJCef3sxjWUEiGvuDqY6yhQKQ0Ag4
Z8qjSndOJb3eN7s6lGG5+wrEj1YqEinS60HREV8rtuGMgXK0WGQku2P622YbUjWh
N9lVmS/j3MxC6u0LnynQn3BeRmEdO8crrrA7GXua6DM1BPoy7hB6lYfeb6RyIYoi
Qbka2Aa425CfVF2tsS31+8u0swxjoigz6RjU8hsv7bf3Z/rJEN7f+eIcP+WA4h6W
UhEWYfzseKRcLl+d/qYNEoe5IenyCo5nYtbYGTegXyDVcZtelqQV1mGCxc51oDqO
09VIY8R0SvwZBqKDGpQbDMECAwEAAaOCAz0wggM5MB0GA1UdDgQWBBS8epBep2PO
cC/CbcD8L7glQrwTADAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTEyOUIvMzhDMzUyNTIzNDNFMTFFNjgwQjFFNzJDQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUExMjlCLzM4QzM1MjUyMzQzRTExRTY4MEIxRTcyQ0M0RjlBRTAyL3ZIcVFYcWRq
em5BdndtM0FfQy00SlVLOEV3QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBpBggrBgEFBQcBBwEB/wRaMFgw
VgQCAAEwUAMDACiiAwMAgF4DAwCHlQMDAIrvAwMAk5EDAwCUBwMDAJs+AwMAnhcD
AwCengMDAKdpMAwDBAWn3OADBAKn3PADBAOn3PgDAwCpigMDAKqlMA0GCSqGSIb3
DQEBCwUAA4IBAQAvxevqyXT9QfJTn0EC+ESsM83vhFjiaJd9ZVwPLR/5jJxQPaYm
uT68Agt+VUff3OYbws2vChc11eoHoMWIeSWP98H5aWoqNXWV1Nwdi/y7/NFMn30j
g9i6RfBx7XrW7tXjMDXF7anCeJM5HbtjOdxg7d5hwxuSwZQL6ClyY01/s283qEoA
IL5Aome86t/ULmV+ndv3I+g1M4B8e6GoerpewEiLebSmM9gpgBo25RTybXrtOK7s
QH+kueYNlyTkdhGkHB5loHBcOKQzUX5cjOdWW8qNplZGVaHt0TRRTFwBaT6WsMHP
tfaNbenZoyUwdZWcC47c7hcxQuGxmG8udCDq
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org