Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MUJGkB-n1lBdl6ocAUC7yg6MKU8.cer
File:                     MUJGkB-n1lBdl6ocAUC7yg6MKU8.cer (raw, json)
Hash identifier:          o6w85SOiguB9cAln2rxzg3Pk9C/o6cU3/0eaAb5fq4U=
Subject key identifier:   31:42:46:90:1F:A7:D6:50:5D:97:AA:1C:01:40:BB:CA:0E:8C:29:4F
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D553
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91597D0/CD4572203DB311EA8BF93A0EC4F9AE02/MUJGkB-n1lBdl6ocAUC7yg6MKU8.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91597D0/CD4572203DB311EA8BF93A0EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sun 31 Dec 2023 16:07:43 +0000
Certificate not after:    Wed 01 May 2024 00:00:00 +0000
Subordinate resources:    AS: 134824
                          IP: 2404:c180::/32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120147 (0x1d553)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec 31 16:07:43 2023 GMT
            Not After : May  1 00:00:00 2024 GMT
        Subject: CN=A91597D0/serialNumber=314246901FA7D6505D97AA1C0140BBCA0E8C294F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:88:b6:5f:c2:7b:40:67:28:02:e4:f9:5b:d9:
                    cc:8f:ee:8d:a5:8f:84:ba:6c:f6:a7:b2:eb:2e:a1:
                    b7:e2:41:77:5e:b2:06:25:3c:c0:05:61:44:99:66:
                    aa:be:9d:0a:e3:e9:35:d6:9c:c9:4b:c9:45:aa:3c:
                    3d:4e:25:48:2c:9e:14:4b:23:6a:28:d2:01:b7:56:
                    4f:91:4f:e8:94:cc:e8:4b:ba:d5:c9:74:32:3d:b5:
                    60:14:ec:a1:1d:12:83:9a:c6:ad:92:56:c1:3b:7c:
                    e8:d3:8f:28:fe:8b:9f:21:2b:0e:8b:b1:a2:cc:c5:
                    3c:90:8a:55:c9:8b:3d:5b:a6:e6:86:10:3b:cc:e8:
                    34:da:63:90:28:07:7a:00:0c:47:6b:a0:0e:03:cb:
                    bc:71:d3:6c:fd:3b:a7:24:f8:35:6f:0b:b5:fc:71:
                    db:c2:fe:57:f0:b5:b7:3a:57:25:be:c0:6c:dc:c6:
                    19:af:ec:c1:3f:ba:3e:a5:41:92:a8:d5:1c:37:31:
                    ca:a0:c9:3a:be:0c:93:49:60:05:b1:0b:5c:c1:95:
                    87:f5:2a:fc:f1:dc:c9:d1:72:8a:13:ef:54:61:fc:
                    17:73:a1:4f:6f:07:6a:70:e2:70:79:81:6b:da:8a:
                    3c:97:d5:7d:9f:19:3d:59:55:23:d7:97:c7:9b:81:
                    5a:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:42:46:90:1F:A7:D6:50:5D:97:AA:1C:01:40:BB:CA:0E:8C:29:4F
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91597D0/CD4572203DB311EA8BF93A0EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91597D0/CD4572203DB311EA8BF93A0EC4F9AE02/MUJGkB-n1lBdl6ocAUC7yg6MKU8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  134824

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:c180::/32

    Signature Algorithm: sha256WithRSAEncryption
         1f:cc:af:40:99:07:92:94:c2:5a:01:48:f4:74:c8:0b:43:94:
         1a:e1:09:4c:86:4c:ce:05:32:3e:21:19:66:d5:29:a9:88:e7:
         a0:88:85:13:1e:d4:13:9a:5a:7a:2e:c2:0e:af:24:72:63:6a:
         d9:27:34:be:ff:89:8c:0e:92:81:bd:8f:87:92:fd:59:0c:91:
         a4:de:94:fa:f8:99:fa:2b:16:e9:2f:31:9c:08:a1:e6:dd:32:
         62:4f:ec:8d:38:ea:db:35:0c:33:8c:5a:f4:e9:8c:f0:24:00:
         10:22:6e:43:38:01:47:52:30:e9:5f:f7:c9:a7:a5:15:b2:f2:
         8c:fe:5b:01:37:b3:d8:77:21:b0:01:2c:c3:86:f2:05:f8:fe:
         cc:17:39:63:cb:c6:83:ff:fd:d8:32:ec:79:84:7c:a4:b5:62:
         86:fe:f0:30:43:65:1d:ea:cc:de:32:ba:0c:4b:b8:f6:36:04:
         c1:c6:9b:3a:c8:57:bb:3b:02:46:a6:8e:7f:04:29:75:ea:8f:
         58:06:aa:71:b2:ff:72:f4:77:dc:b5:e3:16:51:9a:b4:3c:e4:
         ab:7e:ca:f6:cd:10:b7:65:8f:8c:da:96:db:fb:53:fe:f2:ca:
         a2:27:95:50:6e:0d:94:9b:d8:4a:30:ba:25:03:e2:65:65:7e:
         9f:7b:f9:d1
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAdVTMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIzMTE2MDc0M1oXDTI0MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTk3RDAxMTAvBgNVBAUTKDMxNDI0NjkwMUZBN0Q2NTA1RDk3QUEx
QzAxNDBCQkNBMEU4QzI5NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHiLZfwntAZygC5Plb2cyP7o2lj4S6bPansusuobfiQXdesgYlPMAFYUSZZqq+
nQrj6TXWnMlLyUWqPD1OJUgsnhRLI2oo0gG3Vk+RT+iUzOhLutXJdDI9tWAU7KEd
EoOaxq2SVsE7fOjTjyj+i58hKw6LsaLMxTyQilXJiz1bpuaGEDvM6DTaY5AoB3oA
DEdroA4Dy7xx02z9O6ck+DVvC7X8cdvC/lfwtbc6VyW+wGzcxhmv7ME/uj6lQZKo
1Rw3McqgyTq+DJNJYAWxC1zBlYf1Kvzx3MnRcooT71Rh/BdzoU9vB2pw4nB5gWva
ijyX1X2fGT1ZVSPXl8ebgVqXAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQUMUJGkB+n
1lBdl6ocAUC7yg6MKU8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTU5N0QwL0NENDU3MjIwM0RCMzExRUE4QkY5M0EwRUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1OTdEMC9DRDQ1NzIyMDNEQjMxMUVBOEJGOTNBMEVDNEY5QUUwMi9NVUpHa0It
bjFsQmRsNm9jQVVDN3lnNk1LVTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg6oMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJATBgDANBgkq
hkiG9w0BAQsFAAOCAQEAH8yvQJkHkpTCWgFI9HTIC0OUGuEJTIZMzgUyPiEZZtUp
qYjnoIiFEx7UE5paei7CDq8kcmNq2Sc0vv+JjA6Sgb2Ph5L9WQyRpN6U+viZ+isW
6S8xnAih5t0yYk/sjTjq2zUMM4xa9OmM8CQAECJuQzgBR1Iw6V/3yaelFbLyjP5b
ATez2HchsAEsw4byBfj+zBc5Y8vGg//92DLseYR8pLVihv7wMENlHerM3jK6DEu4
9jYEwcabOshXuzsCRqaOfwQpdeqPWAaqcbL/cvR33LXjFlGatDzkq37K9s0Qt2WP
jNqW2/tT/vLKoieVUG4NlJvYSjC6JQPiZWV+n3v50Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:42 2024 by rpki-client on console-ams.rpki-client.org