Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vsKCSG834xbxe1ILRVKHvDB_ieg.cer
File:                     vsKCSG834xbxe1ILRVKHvDB_ieg.cer (raw, json)
Hash identifier:          Mr9UrTPThxigeip9OxPhQzojd3L4a7fkSmq5XEYRq7U=
Subject key identifier:   BE:C2:82:48:6F:37:E3:16:F1:7B:52:0B:45:52:87:BC:30:7F:89:E8
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       547C
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A918A469/F58438FEF7E311EEB9A1291AC4F9AE02/vsKCSG834xbxe1ILRVKHvDB_ieg.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A918A469/F58438FEF7E311EEB9A1291AC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 11 Apr 2024 09:15:01 +0000
Certificate not after:    Thu 31 Oct 2024 00:00:00 +0000
Subordinate resources:    IP: 192.190.180.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 10 May 2024 13:10:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21628 (0x547c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Apr 11 09:15:01 2024 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=A918A469/serialNumber=BEC282486F37E316F17B520B455287BC307F89E8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:58:db:16:77:9e:51:b3:de:df:bf:5f:42:bf:
                    89:5e:d4:6a:7c:2d:f4:35:69:94:e0:e6:f9:f5:14:
                    c0:51:ac:c4:51:8d:9d:21:5e:2e:e0:f5:bf:6c:c0:
                    4c:2f:db:c1:29:a9:5b:98:6e:69:d6:65:19:d7:e5:
                    3e:17:7a:3d:4b:7d:21:78:4a:88:02:87:48:28:eb:
                    d9:56:f1:0c:aa:9d:2a:c5:2d:7b:70:01:90:f3:8b:
                    69:2a:87:3b:f7:11:08:4f:07:07:e1:3a:11:93:6d:
                    6c:bb:e1:4a:6b:9d:67:5e:05:25:5e:02:b1:e6:9e:
                    d4:d4:11:f5:7e:7d:74:45:f4:4f:17:a6:38:24:30:
                    e9:a0:f4:92:c6:b2:47:b3:11:ea:00:b9:ae:49:97:
                    6e:e2:6f:93:0d:f7:84:1f:c8:1a:42:54:c2:8f:c0:
                    e9:87:f4:ef:86:62:f2:fe:f8:4a:67:38:54:66:56:
                    65:29:40:45:a6:92:e5:3a:6c:12:87:01:85:40:c2:
                    2e:27:98:52:4f:82:2f:66:c8:0e:9e:3f:4a:01:2e:
                    9a:74:ce:f1:8a:86:09:02:0e:80:b8:f1:d4:f2:86:
                    eb:3e:6c:e7:44:2b:70:c2:ea:9c:7d:e2:5c:1e:0d:
                    d1:65:b9:4f:58:22:11:02:f2:2f:07:4a:ed:fd:27:
                    91:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:C2:82:48:6F:37:E3:16:F1:7B:52:0B:45:52:87:BC:30:7F:89:E8
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918A469/F58438FEF7E311EEB9A1291AC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918A469/F58438FEF7E311EEB9A1291AC4F9AE02/vsKCSG834xbxe1ILRVKHvDB_ieg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.190.180.0/24

    Signature Algorithm: sha256WithRSAEncryption
         57:c0:db:8e:a8:0b:51:ca:27:ed:ed:9f:6e:ca:83:f0:b6:ef:
         31:aa:29:12:b0:7f:32:9e:bb:e7:dd:48:c9:cf:88:fb:7c:66:
         6e:e3:6f:a0:f4:52:fb:67:b1:f1:92:7f:c5:4b:74:82:29:1a:
         83:46:59:f0:ae:69:4c:79:19:72:84:ff:5f:55:7b:08:03:0e:
         eb:26:12:4c:97:e4:33:80:f7:0c:f7:30:0d:dd:25:ed:3a:60:
         e9:93:02:fc:ff:b4:6b:c5:6d:1d:31:c3:b6:60:6e:ac:4f:69:
         50:96:47:ec:a8:6b:56:db:d4:5d:80:4d:4b:f1:32:de:ef:d8:
         7c:03:e2:2d:c6:27:3a:02:d7:66:8c:41:3c:f6:e6:26:02:f5:
         6c:08:06:48:36:c4:e1:23:56:d8:3a:28:45:e0:a8:1a:33:06:
         4b:20:87:6f:68:05:70:e3:c3:04:38:d9:38:b6:71:24:ac:1a:
         59:a7:f8:e3:10:c7:05:97:d4:fd:e9:2e:cc:bd:51:31:ae:c6:
         3c:1a:09:0c:62:e4:f3:b9:90:c5:33:d2:41:69:8a:41:3a:80:
         15:a5:c7:44:12:75:ff:fb:f0:72:7b:a7:bd:4f:18:9e:52:7c:
         a1:35:84:0f:aa:27:21:40:f3:57:2d:e2:2e:2e:c8:40:fc:8b:
         84:bf:69:40
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICVHwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwNDExMDkxNTAxWhcNMjQxMDMxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTE4QTQ2OTExMC8GA1UEBRMoQkVDMjgyNDg2RjM3RTMxNkYxN0I1MjBC
NDU1Mjg3QkMzMDdGODlFODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AO5Y2xZ3nlGz3t+/X0K/iV7Uanwt9DVplODm+fUUwFGsxFGNnSFeLuD1v2zATC/b
wSmpW5huadZlGdflPhd6PUt9IXhKiAKHSCjr2VbxDKqdKsUte3ABkPOLaSqHO/cR
CE8HB+E6EZNtbLvhSmudZ14FJV4Cseae1NQR9X59dEX0TxemOCQw6aD0ksayR7MR
6gC5rkmXbuJvkw33hB/IGkJUwo/A6Yf074Zi8v74Smc4VGZWZSlARaaS5TpsEocB
hUDCLieYUk+CL2bIDp4/SgEumnTO8YqGCQIOgLjx1PKG6z5s50QrcMLqnH3iXB4N
0WW5T1giEQLyLwdK7f0nkY0CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBS+woJIbzfj
FvF7UgtFUoe8MH+J6DAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEE0NjkvRjU4NDM4RkVGN0UzMTFFRUI5QTEyOTFBQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThBNDY5L0Y1ODQzOEZFRjdFMzExRUVCOUExMjkxQUM0RjlBRTAyL3ZzS0NTRzgz
NHhieGUxSUxSVktIdkRCX2llZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAMC+tDANBgkqhkiG9w0BAQsFAAOCAQEAV8DbjqgLUcon7e2fbsqD
8LbvMaopErB/Mp67591Iyc+I+3xmbuNvoPRS+2ex8ZJ/xUt0gikag0ZZ8K5pTHkZ
coT/X1V7CAMO6yYSTJfkM4D3DPcwDd0l7Tpg6ZMC/P+0a8VtHTHDtmBurE9pUJZH
7KhrVtvUXYBNS/Ey3u/YfAPiLcYnOgLXZoxBPPbmJgL1bAgGSDbE4SNW2DooReCo
GjMGSyCHb2gFcOPDBDjZOLZxJKwaWaf44xDHBZfU/ekuzL1RMa7GPBoJDGLk87mQ
xTPSQWmKQTqAFaXHRBJ1//vwcnunvU8YnlJ8oTWED6onIUDzVy3iLi7IQPyLhL9p
QA==
-----END CERTIFICATE-----
Generated at Fri May 3 14:52:47 2024 by rpki-client on console-fra.rpki-client.org