Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0jmSiWbYmE6i-kU_xT-YhrWty5U.cer
File:                     0jmSiWbYmE6i-kU_xT-YhrWty5U.cer (raw, json)
Hash identifier:          AFEUhiUbH9cpa6PekAZMO3jXslkAItpzZCbksnYx5CM=
Subject key identifier:   D2:39:92:89:66:D8:98:4E:A2:FA:45:3F:C5:3F:98:86:B5:AD:CB:95
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01EE1D
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A917B6E8/D8E0DD3E01DA11EDA2AE1545C4F9AE02/0jmSiWbYmE6i-kU_xT-YhrWty5U.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A917B6E8/D8E0DD3E01DA11EDA2AE1545C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 29 Apr 2024 20:43:24 +0000
Certificate not after:    Thu 29 Aug 2024 00:00:00 +0000
Subordinate resources:    AS: 59329
                          IP: 103.226.228.0/22
                          IP: 2001:df3:4800::/48

Validation:               Failed, certificate revoked on Mon 20 May 2024 18:38:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 126493 (0x1ee1d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Apr 29 20:43:24 2024 GMT
            Not After : Aug 29 00:00:00 2024 GMT
        Subject: CN=A917B6E8/serialNumber=D239928966D8984EA2FA453FC53F9886B5ADCB95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:a8:81:cf:90:48:12:97:63:8f:1c:ae:a2:1e:
                    b5:a2:6a:dc:1e:e4:2f:ae:ef:ed:a7:54:5b:95:f5:
                    5e:f1:9b:8a:24:b7:1f:5b:70:60:34:8b:89:5c:bd:
                    ec:0d:e1:28:3d:ea:ab:8b:0a:00:86:1b:28:dd:67:
                    53:33:e6:35:31:46:c9:16:49:23:39:1c:44:bb:08:
                    96:59:d9:9e:f9:13:04:b4:49:95:d1:db:cd:d3:c7:
                    be:f5:38:5b:73:0b:3f:0b:09:af:ba:62:75:a6:d1:
                    46:1b:d8:17:4d:da:9d:04:52:f8:65:c1:b3:a0:22:
                    60:24:79:a4:61:12:4e:4a:08:b4:5a:75:b5:f2:04:
                    88:88:d8:4d:b2:39:51:61:16:19:a8:64:4a:33:43:
                    0d:ab:b9:a7:9c:6c:1d:64:15:28:ca:4f:c4:97:1d:
                    27:b6:06:d5:0e:0f:25:aa:de:9d:6b:ee:a1:24:e7:
                    dd:d3:ca:d0:0a:62:2a:93:68:cc:45:58:cd:94:43:
                    de:24:7a:f4:84:db:a1:a8:bd:90:4f:fc:9e:dd:fd:
                    aa:a4:74:80:f9:b9:ac:ef:3d:0f:a1:f6:48:51:e6:
                    ec:f0:ca:13:4d:52:9b:b1:dc:61:6c:93:0d:1a:c1:
                    f7:a3:db:cd:dc:07:b4:bb:b1:ce:89:6c:91:38:55:
                    f2:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:39:92:89:66:D8:98:4E:A2:FA:45:3F:C5:3F:98:86:B5:AD:CB:95
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917B6E8/D8E0DD3E01DA11EDA2AE1545C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917B6E8/D8E0DD3E01DA11EDA2AE1545C4F9AE02/0jmSiWbYmE6i-kU_xT-YhrWty5U.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  59329

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.226.228.0/22
                IPv6:
                  2001:df3:4800::/48

    Signature Algorithm: sha256WithRSAEncryption
         13:86:aa:74:d6:d1:bd:d9:e3:bf:28:0a:91:9e:3a:8e:25:ad:
         c4:e5:e7:92:03:ab:9c:28:17:5e:95:e2:64:e8:80:62:0f:64:
         91:2e:43:7a:58:41:8c:73:9d:ab:34:7f:08:68:0e:63:84:41:
         83:3f:6a:a6:5d:0f:a6:c8:87:0f:22:67:c0:14:e2:66:c1:b1:
         c4:79:5d:30:ce:b5:ef:34:c3:3d:2d:7f:b9:55:bf:0f:b5:75:
         9a:b4:0a:bb:cf:bd:51:6f:ec:30:8e:3b:2e:ff:a0:2f:45:f5:
         bd:5f:64:dd:bd:53:02:c2:7f:37:ed:24:8e:65:b2:45:1a:94:
         6e:c3:5c:b2:e3:ee:9f:41:fc:36:64:ae:e2:32:56:af:5b:94:
         18:c2:95:18:be:7d:82:f8:8d:d8:cb:a3:98:0e:36:79:2a:5e:
         dc:8a:6b:5f:ec:a3:a7:17:08:19:d9:0b:f7:a6:5a:ba:d2:28:
         6d:33:55:89:a3:66:a1:1d:25:20:d1:3e:a0:b0:d4:59:87:39:
         b4:c9:47:6a:8d:7e:43:a9:a4:ee:eb:f3:7e:1e:e0:c6:f9:bb:
         9b:81:61:40:c0:49:3c:a2:84:3d:cf:b0:9c:51:e5:e4:61:0f:
         48:fa:64:66:d3:1d:90:0b:b2:74:fe:95:76:7c:d7:7c:b8:04:
         f8:96:b2:b1
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAe4dMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQyOTIwNDMyNFoXDTI0MDgyOTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxN0I2RTgxMTAvBgNVBAUTKEQyMzk5Mjg5NjZEODk4NEVBMkZBNDUz
RkM1M0Y5ODg2QjVBRENCOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1qIHPkEgSl2OPHK6iHrWiatwe5C+u7+2nVFuV9V7xm4oktx9bcGA0i4lcvewN
4Sg96quLCgCGGyjdZ1Mz5jUxRskWSSM5HES7CJZZ2Z75EwS0SZXR283Tx771OFtz
Cz8LCa+6YnWm0UYb2BdN2p0EUvhlwbOgImAkeaRhEk5KCLRadbXyBIiI2E2yOVFh
FhmoZEozQw2ruaecbB1kFSjKT8SXHSe2BtUODyWq3p1r7qEk593TytAKYiqTaMxF
WM2UQ94kevSE26GovZBP/J7d/aqkdID5uazvPQ+h9khR5uzwyhNNUpux3GFskw0a
wfej283cB7S7sc6JbJE4VfI3AgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQU0jmSiWbY
mE6i+kU/xT+YhrWty5UwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdCNkU4L0Q4RTBERDNFMDFEQTExRURBMkFFMTU0NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3QjZFOC9EOEUwREQzRTAxREExMUVEQTJBRTE1NDVDNEY5QUUwMi8wam1TaVdi
WW1FNmkta1VfeFQtWWhyV3R5NVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAOfBMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCZ+LkMA8EAgAC
MAkDBwAgAQ3zSAAwDQYJKoZIhvcNAQELBQADggEBABOGqnTW0b3Z478oCpGeOo4l
rcTl55IDq5woF16V4mTogGIPZJEuQ3pYQYxznas0fwhoDmOEQYM/aqZdD6bIhw8i
Z8AU4mbBscR5XTDOte80wz0tf7lVvw+1dZq0CrvPvVFv7DCOOy7/oC9F9b1fZN29
UwLCfzftJI5lskUalG7DXLLj7p9B/DZkruIyVq9blBjClRi+fYL4jdjLo5gONnkq
XtyKa1/so6cXCBnZC/emWrrSKG0zVYmjZqEdJSDRPqCw1FmHObTJR2qNfkOppO7r
834e4Mb5u5uBYUDASTyihD3PsJxR5eRhD0j6ZGbTHZALsnT+lXZ813y4BPiWsrE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org