Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fn9qUu6NZo34NuwB1ca_z5RF6I.cer
File:                     3fn9qUu6NZo34NuwB1ca_z5RF6I.cer (raw, json)
Hash identifier:          ofpnf9TnvxKTEgJaIQkSut25Tedj+bmtHU06hVXnGDU=
Subject key identifier:   DD:F9:FD:A9:4B:BA:35:9A:37:E0:DB:B0:07:57:1A:FF:3E:51:17:A2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01B03D
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9184D71/983A0C9E9D1F11E7876E6611C4F9AE02/3fn9qUu6NZo34NuwB1ca_z5RF6I.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9184D71/983A0C9E9D1F11E7876E6611C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 14 Jul 2023 15:56:16 +0000
Certificate not after:    Mon 30 Sep 2024 00:00:00 +0000
Subordinate resources:    IP: 45.119.200.0/22
                          IP: 103.60.8.0/22

Validation:               Failed, certificate revoked on Wed 17 Apr 2024 16:51:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 110653 (0x1b03d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul 14 15:56:16 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=A9184D71/serialNumber=DDF9FDA94BBA359A37E0DBB007571AFF3E5117A2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:76:a7:b3:3e:72:f1:36:54:56:66:b3:b1:16:
                    03:bb:dc:d0:c5:f5:10:2b:fa:82:09:d4:77:44:86:
                    d5:f0:15:c0:e3:89:c8:5f:25:38:d1:bf:3c:74:62:
                    a9:93:8e:fa:aa:b4:d1:0e:8c:bc:c7:4d:44:9d:dd:
                    7b:2e:6a:6e:78:bf:46:0e:f5:c8:e1:17:c8:19:06:
                    73:e5:c4:fa:fa:9b:45:d9:56:73:a9:07:22:cd:19:
                    24:d6:37:2f:58:a3:7b:ed:2e:f5:21:d1:78:c6:3e:
                    69:8c:d8:f8:ce:07:31:57:4f:79:fa:1c:d0:36:f7:
                    4b:23:cb:ed:1e:c5:e8:8b:e4:08:6b:d2:0e:b6:20:
                    20:7a:4e:d9:61:16:9e:b0:d4:62:8b:0b:2a:a8:b3:
                    54:ea:0c:2c:d9:9a:95:04:fe:1f:37:c4:63:bf:77:
                    72:a0:50:8b:30:03:2b:6d:34:a6:6f:e7:34:56:e1:
                    e5:05:50:c0:6d:86:bb:27:d8:73:5f:a8:01:93:a1:
                    55:c3:f1:74:ae:84:c9:ac:15:38:3f:9f:1a:59:83:
                    b0:ab:55:1e:a6:e1:49:5d:5c:c9:06:de:62:df:43:
                    dc:3d:69:37:a3:cf:68:15:90:10:0a:d6:f2:59:cd:
                    6c:58:28:d5:f5:1e:f4:67:24:a1:30:8c:18:65:b6:
                    e6:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:F9:FD:A9:4B:BA:35:9A:37:E0:DB:B0:07:57:1A:FF:3E:51:17:A2
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9184D71/983A0C9E9D1F11E7876E6611C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9184D71/983A0C9E9D1F11E7876E6611C4F9AE02/3fn9qUu6NZo34NuwB1ca_z5RF6I.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.119.200.0/22
                  103.60.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         d6:33:55:51:fa:41:00:cf:d5:c6:3a:c3:7c:33:4b:e2:9b:38:
         e8:38:82:07:19:47:d9:e0:e6:e0:9d:25:68:8e:65:12:e7:36:
         89:18:f2:aa:3f:98:5d:78:09:6b:90:9a:85:b3:be:b9:85:f4:
         15:28:1e:f3:b7:1f:1a:9f:a9:db:38:7d:6a:e5:8e:f5:b7:f0:
         c8:73:7d:3e:49:4b:40:ef:73:c8:52:50:b6:37:a0:44:32:e7:
         ca:2d:04:cc:0b:fd:d4:ce:65:e1:2d:0b:bb:ba:c7:8d:e6:8e:
         d8:2b:48:72:44:41:7c:37:7c:38:5b:06:b6:c6:25:53:1a:4f:
         65:49:8e:16:46:fc:ed:17:f2:02:14:b6:59:a9:cb:73:9d:31:
         d6:04:e9:61:52:fe:23:ce:a7:28:b7:5c:71:e2:5c:4a:b9:1d:
         82:74:6e:39:a8:2b:5e:55:75:c9:02:2c:75:6f:f5:26:03:44:
         67:4c:2d:19:b7:8b:f9:00:fc:5c:42:5c:5a:8c:a1:af:de:e2:
         32:96:70:1d:73:70:da:b9:a2:da:bf:2e:25:69:ee:fc:48:50:
         bd:b8:b1:d6:70:7e:32:75:77:af:27:c8:72:9b:34:07:25:21:
         c2:46:0f:55:4f:13:65:ac:9f:6d:a8:9f:a4:1d:22:7c:ef:98:
         bd:a2:58:cb
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgIDAbA9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDcxNDE1NTYxNloXDTI0MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxODRENzExMTAvBgNVBAUTKERERjlGREE5NEJCQTM1OUEzN0UwREJC
MDA3NTcxQUZGM0U1MTE3QTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDbdqezPnLxNlRWZrOxFgO73NDF9RAr+oIJ1HdEhtXwFcDjichfJTjRvzx0YqmT
jvqqtNEOjLzHTUSd3Xsuam54v0YO9cjhF8gZBnPlxPr6m0XZVnOpByLNGSTWNy9Y
o3vtLvUh0XjGPmmM2PjOBzFXT3n6HNA290sjy+0exeiL5Ahr0g62ICB6TtlhFp6w
1GKLCyqos1TqDCzZmpUE/h83xGO/d3KgUIswAyttNKZv5zRW4eUFUMBthrsn2HNf
qAGToVXD8XSuhMmsFTg/nxpZg7CrVR6m4UldXMkG3mLfQ9w9aTejz2gVkBAK1vJZ
zWxYKNX1HvRnJKEwjBhltuY9AgMBAAGjggL5MIIC9TAdBgNVHQ4EFgQU3fn9qUu6
NZo34NuwB1ca/z5RF6IwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTg0RDcxLzk4M0EwQzlFOUQxRjExRTc4NzZFNjYxMUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4NEQ3MS85ODNBMEM5RTlEMUYxMUU3ODc2RTY2MTFDNEY5QUUwMi8zZm45cVV1
Nk5abzM0TnV3QjFjYV96NVJGNkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8EFjAU
MBIEAgABMAwDBAItd8gDBAJnPAgwDQYJKoZIhvcNAQELBQADggEBANYzVVH6QQDP
1cY6w3wzS+KbOOg4ggcZR9ng5uCdJWiOZRLnNokY8qo/mF14CWuQmoWzvrmF9BUo
HvO3Hxqfqds4fWrljvW38MhzfT5JS0Dvc8hSULY3oEQy58otBMwL/dTOZeEtC7u6
x43mjtgrSHJEQXw3fDhbBrbGJVMaT2VJjhZG/O0X8gIUtlmpy3OdMdYE6WFS/iPO
pyi3XHHiXEq5HYJ0bjmoK15VdckCLHVv9SYDRGdMLRm3i/kA/FxCXFqMoa/e4jKW
cB1zcNq5otq/LiVp7vxIUL24sdZwfjJ1d68nyHKbNAclIcJGD1VPE2Wsn22on6Qd
InzvmL2iWMs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:41 2024 by rpki-client on console-ams.rpki-client.org