Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xhVwDXyIi-a6dQrezZTYhkaC42E.cer
File:                     xhVwDXyIi-a6dQrezZTYhkaC42E.cer (raw, json)
Hash identifier:          ucQad9u4Q6pdvtr3naTrVleb9JXPLou6jbkmc3aMslE=
Subject key identifier:   C6:15:70:0D:7C:88:8B:E6:BA:75:0A:DE:CD:94:D8:86:46:82:E3:61
Authority key identifier: 74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E
Certificate issuer:       /CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
Certificate serial:       5AA0
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91D0C14/8F3399966BFB11EF84632635C4F9AE02/xhVwDXyIi-a6dQrezZTYhkaC42E.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91D0C14/8F3399966BFB11EF84632635C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 06 Sep 2024 02:56:11 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    IP: 160.187.6.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 20:12:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 23200 (0x5aa0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=740165A80D1071970ABC09C02B71C1AC7C1D6E0E
        Validity
            Not Before: Sep  6 02:56:11 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A91D0C14/serialNumber=C615700D7C888BE6BA750ADECD94D8864682E361
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:23:33:79:8d:08:cb:d4:94:29:32:f1:b1:b2:
                    3d:58:a8:45:bc:2c:57:3f:36:49:fa:9d:d5:a1:0f:
                    96:00:32:b6:7d:cf:8b:45:72:35:5f:e7:67:59:b1:
                    6b:b9:9e:7e:1f:16:98:2b:b5:0c:e3:01:31:d8:b8:
                    65:40:59:32:b8:74:7a:dd:17:96:a2:fb:e7:c6:da:
                    75:05:4c:9c:41:e5:61:e1:b9:59:a9:db:3d:2f:a2:
                    2c:48:b0:29:90:2d:11:3c:b8:d2:2f:27:9a:eb:50:
                    38:ec:72:5d:93:2f:0d:38:a1:a6:8b:5f:e6:db:1e:
                    2e:4d:c3:08:f0:72:dc:e2:b9:15:88:74:da:78:ba:
                    01:2b:9e:1a:9f:aa:d9:02:f6:ce:7f:20:e3:1c:32:
                    1c:1c:45:94:dd:4e:72:c1:b7:6a:3f:f5:0e:6e:aa:
                    d9:63:e4:ae:c3:48:37:9f:66:74:7f:17:e2:18:bd:
                    35:09:28:43:e4:32:81:6a:10:99:25:86:ff:0e:7b:
                    7e:be:04:f6:33:3b:a9:0d:3b:81:5f:d3:6c:26:03:
                    1c:75:43:20:ed:31:22:31:25:46:b9:88:bd:26:f9:
                    5a:33:96:82:cb:a4:2e:29:f6:b5:08:aa:b2:a9:fb:
                    14:4e:b5:17:da:3a:d5:78:06:46:61:64:f3:d3:d9:
                    e5:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:15:70:0D:7C:88:8B:E6:BA:75:0A:DE:CD:94:D8:86:46:82:E3:61
            X509v3 Authority Key Identifier:
                keyid:74:01:65:A8:0D:10:71:97:0A:BC:09:C0:2B:71:C1:AC:7C:1D:6E:0E

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D0C14/8F3399966BFB11EF84632635C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D0C14/8F3399966BFB11EF84632635C4F9AE02/xhVwDXyIi-a6dQrezZTYhkaC42E.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.187.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6b:c6:d0:16:40:83:f7:c5:0d:12:13:d8:eb:64:df:9f:24:9c:
         b1:d0:a3:60:13:7f:a2:a0:40:d1:0d:f0:8c:a0:c1:71:68:a5:
         ff:07:1f:69:8b:d9:c8:a9:26:c4:5b:95:0d:01:7b:f0:91:4c:
         a7:2f:83:b0:b6:26:d6:0a:20:18:b2:6f:85:4e:64:82:34:ed:
         1d:ce:1c:0f:3a:96:d6:24:50:ee:9b:b0:3e:0e:72:0d:2e:52:
         1c:02:6f:e5:e3:b5:cc:56:80:a3:5f:0b:ff:cc:3f:2b:37:f3:
         70:f7:d8:d9:9c:a7:6f:be:c1:ea:ae:86:60:64:17:a2:22:72:
         6e:db:51:4c:f7:b3:d4:c2:93:b8:bd:9c:0f:2d:4d:70:62:e1:
         c6:48:3c:45:5d:69:63:b5:5c:0a:1e:2d:64:bc:bf:02:0c:7b:
         1c:bf:0f:f2:8e:8f:b2:9f:dc:8b:3e:3e:4b:2f:3a:21:79:0a:
         35:33:c0:18:61:fe:3e:12:ff:fb:11:27:c6:61:42:7b:3d:ab:
         5c:8e:f2:0b:dd:33:88:b7:16:8a:65:bb:ca:b5:5a:22:86:5c:
         84:f6:ce:e8:90:42:72:04:64:a3:fd:e8:8c:a3:b4:60:8f:27:
         9a:e4:3a:7f:52:36:19:99:1c:0f:aa:02:5f:d8:2a:33:6e:42:
         f3:14:10:67
-----BEGIN CERTIFICATE-----
MIIF/TCCBOWgAwIBAgICWqAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDc0MDE2NUE4MEQxMDcxOTcwQUJDMDlDMDJCNzFDMUFD
N0MxRDZFMEUwHhcNMjQwOTA2MDI1NjExWhcNMjUwNTAxMDAwMDAwWjBGMREwDwYD
VQQDEwhBOTFEMEMxNDExMC8GA1UEBRMoQzYxNTcwMEQ3Qzg4OEJFNkJBNzUwQURF
Q0Q5NEQ4ODY0NjgyRTM2MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AMMjM3mNCMvUlCky8bGyPVioRbwsVz82Sfqd1aEPlgAytn3Pi0VyNV/nZ1mxa7me
fh8WmCu1DOMBMdi4ZUBZMrh0et0XlqL758badQVMnEHlYeG5WanbPS+iLEiwKZAt
ETy40i8nmutQOOxyXZMvDTihpotf5tseLk3DCPBy3OK5FYh02ni6ASueGp+q2QL2
zn8g4xwyHBxFlN1OcsG3aj/1Dm6q2WPkrsNIN59mdH8X4hi9NQkoQ+QygWoQmSWG
/w57fr4E9jM7qQ07gV/TbCYDHHVDIO0xIjElRrmIvSb5WjOWgsukLin2tQiqsqn7
FE61F9o61XgGRmFk89PZ5dECAwEAAaOCAvMwggLvMB0GA1UdDgQWBBTGFXANfIiL
5rp1Ct7NlNiGRoLjYTAfBgNVHSMEGDAWgBR0AWWoDRBxlwq8CcArccGsfB1uDjAO
BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBzBgNVHR8EbDBqMGigZqBk
hmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2
MTFFMjhBQzg4MzdDNzJGRDFGRjIvZEFGbHFBMFFjWmNLdkFuQUszSEJySHdkYmc0
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRG
NEZCNC9kQUZscUEwUWNaY0t2QW5BSzNIQnJId2RiZzQuY2VyMEoGA1UdIAEB/wRA
MD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMu
bmV0L1JQS0kvQ1BTLnBkZjCCASgGCCsGAQUFBwELBIIBGjCCARYwXwYIKwYBBQUH
MAWGU3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDBDMTQvOEYzMzk5OTY2QkZCMTFFRjg0NjMyNjM1QzRGOUFFMDIvMH4GCCsGAQUF
BzAKhnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQwQzE0LzhGMzM5OTk2NkJGQjExRUY4NDYzMjYzNUM0RjlBRTAyL3hoVndEWHlJ
aS1hNmRRcmV6WlRZaGthQzQyRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJk
cC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEAKC7BjANBgkqhkiG9w0BAQsFAAOCAQEAa8bQFkCD98UNEhPY62Tf
nyScsdCjYBN/oqBA0Q3wjKDBcWil/wcfaYvZyKkmxFuVDQF78JFMpy+DsLYm1gog
GLJvhU5kgjTtHc4cDzqW1iRQ7puwPg5yDS5SHAJv5eO1zFaAo18L/8w/KzfzcPfY
2Zynb77B6q6GYGQXoiJybttRTPez1MKTuL2cDy1NcGLhxkg8RV1pY7VcCh4tZLy/
Agx7HL8P8o6Psp/ciz4+Sy86IXkKNTPAGGH+PhL/+xEnxmFCez2rXI7yC90ziLcW
imW7yrVaIoZchPbO6JBCcgRko/3ojKO0YI8nmuQ6f1I2GZkcD6oCX9gqM25C8xQQ
Zw==
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:04:30 2024 by rpki-client on console-fra.rpki-client.org