Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vv---O_FAnw03_cEx5-ygSpxMx4.cer
File:                     vv---O_FAnw03_cEx5-ygSpxMx4.cer (raw, json)
Hash identifier:          Ek00XIQJh7pQ/Ca8tG0Xt40CZHYsPjfO7kTflah76ck=
Subject key identifier:   BE:FF:BE:F8:EF:C5:02:7C:34:DF:F7:04:C7:9F:B2:81:2A:71:33:1E
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5038
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/vv---O_FAnw03_cEx5-ygSpxMx4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 10 Jan 2024 01:21:36 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    IP: 157.10.134.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20536 (0x5038)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Jan 10 01:21:36 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A91A4B39/serialNumber=BEFFBEF8EFC5027C34DFF704C79FB2812A71331E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:38:60:2e:c8:65:75:59:63:b7:82:f9:9d:55:
                    96:ce:60:da:ac:c6:f3:04:35:2d:ab:51:3c:b0:34:
                    69:db:09:b3:1d:6f:bc:8b:de:14:9c:6d:28:ae:5d:
                    12:31:bf:b2:46:8c:f5:95:fa:c1:4d:08:c0:22:c1:
                    aa:45:d5:26:6a:ff:e4:70:76:7c:7b:b6:a5:84:6a:
                    f4:ee:6e:7f:19:2f:d1:3d:3b:55:9e:ee:64:21:37:
                    bc:50:81:38:3d:63:49:d4:11:43:66:0f:39:3e:45:
                    d0:eb:da:f4:a0:ae:8f:dc:6d:58:39:93:8e:2e:a1:
                    0c:ed:51:9c:1a:5b:1d:1d:19:96:99:f6:d5:c9:8b:
                    98:40:39:5f:0f:62:5e:ea:b4:80:05:0b:84:08:cd:
                    f8:b2:4b:ab:dd:90:de:c7:45:6c:3a:f7:c4:d6:e7:
                    7b:4b:7b:d6:3c:0b:ff:3c:53:87:14:bf:0d:90:04:
                    c9:27:ad:07:67:ec:46:1b:15:5a:5f:3a:f0:9e:3b:
                    be:d8:80:49:eb:8f:40:b6:60:b3:ee:91:d4:03:d1:
                    9f:69:f3:67:b4:db:17:50:4b:f1:38:69:69:34:a6:
                    86:22:84:ab:8d:a2:eb:a9:4d:ac:0d:5a:1f:d8:a0:
                    23:a7:81:98:06:97:99:a2:80:01:d9:c0:01:ef:e9:
                    fa:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:FF:BE:F8:EF:C5:02:7C:34:DF:F7:04:C7:9F:B2:81:2A:71:33:1E
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/vv---O_FAnw03_cEx5-ygSpxMx4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.10.134.0/23

    Signature Algorithm: sha256WithRSAEncryption
         31:08:f4:1d:30:bc:78:13:f7:9b:34:3b:9e:7e:d1:d1:5e:8c:
         2c:48:34:76:17:36:a8:f9:45:81:df:8a:b9:00:01:43:bb:78:
         f1:ba:78:59:16:36:52:4a:ad:84:b1:80:b9:9e:2f:e1:ca:6e:
         a8:a1:96:a7:a6:3c:06:ec:fe:4f:99:c5:de:66:78:95:16:16:
         ba:87:3a:9e:16:18:6d:37:45:83:18:fc:d6:30:eb:02:90:e3:
         5c:b9:1b:d2:75:24:75:d5:8c:33:da:bc:3f:00:8d:f6:54:f0:
         a1:21:dd:82:c7:3b:65:6f:25:86:74:29:c7:d1:dd:1f:28:dc:
         7a:4c:78:63:c6:37:d6:dd:d9:e7:d0:c9:12:1a:8d:11:7d:b4:
         e2:5f:06:c3:a2:04:c4:05:f0:af:d6:5c:8c:71:37:ba:4c:11:
         63:1f:66:9d:11:d5:40:c4:4c:cf:02:30:da:77:f2:cc:d3:d0:
         7b:64:77:de:6a:03:4d:72:7a:e6:87:c8:29:b3:11:2e:b0:57:
         da:c7:7a:72:04:9c:ef:d2:3f:75:35:86:59:c9:e0:0e:13:62:
         4e:a1:6a:46:3f:11:15:77:1c:6f:3e:e8:eb:54:d9:ca:b2:16:
         c7:f4:b2:7b:2a:f4:f7:f0:0e:71:8e:37:a3:ee:b1:4f:66:59:
         42:71:62:98
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICUDgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwMTEwMDEyMTM2WhcNMjUwNTAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFBNEIzOTExMC8GA1UEBRMoQkVGRkJFRjhFRkM1MDI3QzM0REZGNzA0
Qzc5RkIyODEyQTcxMzMxRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANc4YC7IZXVZY7eC+Z1Vls5g2qzG8wQ1LatRPLA0adsJsx1vvIveFJxtKK5dEjG/
skaM9ZX6wU0IwCLBqkXVJmr/5HB2fHu2pYRq9O5ufxkv0T07VZ7uZCE3vFCBOD1j
SdQRQ2YPOT5F0Ova9KCuj9xtWDmTji6hDO1RnBpbHR0Zlpn21cmLmEA5Xw9iXuq0
gAULhAjN+LJLq92Q3sdFbDr3xNbne0t71jwL/zxThxS/DZAEySetB2fsRhsVWl86
8J47vtiASeuPQLZgs+6R1APRn2nzZ7TbF1BL8ThpaTSmhiKEq42i66lNrA1aH9ig
I6eBmAaXmaKAAdnAAe/p+u0CAwEAAaOCAvMwggLvMB0GA1UdDgQWBBS+/77478UC
fDTf9wTHn7KBKnEzHjAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTRCMzkvOTUwNzRBMEFBRjU2MTFFRUE2NTVCNTgxQzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE0QjM5Lzk1MDc0QTBBQUY1NjExRUVBNjU1QjU4MUM0RjlBRTAyL3Z2LS0tT19G
QW53MDNfY0V4NS15Z1NweE14NC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAZ0KhjANBgkqhkiG9w0BAQsFAAOCAQEAMQj0HTC8eBP3mzQ7nn7R
0V6MLEg0dhc2qPlFgd+KuQABQ7t48bp4WRY2UkqthLGAuZ4v4cpuqKGWp6Y8Buz+
T5nF3mZ4lRYWuoc6nhYYbTdFgxj81jDrApDjXLkb0nUkddWMM9q8PwCN9lTwoSHd
gsc7ZW8lhnQpx9HdHyjcekx4Y8Y31t3Z59DJEhqNEX204l8Gw6IExAXwr9ZcjHE3
ukwRYx9mnRHVQMRMzwIw2nfyzNPQe2R33moDTXJ65ofIKbMRLrBX2sd6cgSc79I/
dTWGWcngDhNiTqFqRj8RFXccbz7o61TZyrIWx/Syeyr09/AOcY43o+6xT2ZZQnFi
mA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:41:40 2024 by rpki-client on console-ams.rpki-client.org