Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QjNkzT91vxaj_dc-eiGQLHAvVik.cer
File:                     QjNkzT91vxaj_dc-eiGQLHAvVik.cer (raw, json)
Hash identifier:          oe2+ijTEFY9OZ3GhZxz+uPWnBtUbb/yUaR771ZKVpfY=
Subject key identifier:   42:33:64:CD:3F:75:BF:16:A3:FD:D7:3E:7A:21:90:2C:70:2F:56:29
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       020024
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91B0D88/41BDC862426611EFA172C34DC4F9AE02/QjNkzT91vxaj_dc-eiGQLHAvVik.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91B0D88/41BDC862426611EFA172C34DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 15 Jul 2024 14:03:14 +0000
Certificate not after:    Wed 30 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 152719
                          IP: 202.49.114.0/24
                          IP: 2401:9860::/32

Validation:               Failed, certificate revoked on Tue 16 Jul 2024 00:40:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 131108 (0x20024)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul 15 14:03:14 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=A91B0D88/serialNumber=423364CD3F75BF16A3FDD73E7A21902C702F5629
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:38:92:fc:28:e9:34:07:98:22:82:45:f6:e3:
                    cb:6f:a0:a9:21:a8:15:9a:ea:0e:25:92:cf:ad:29:
                    66:59:43:2e:2d:9d:84:3f:38:1e:ae:36:ab:60:ff:
                    5a:f5:05:16:48:95:06:ec:9c:95:53:4c:15:cf:9f:
                    60:cd:98:ec:39:8d:3a:cd:f2:4c:3b:ec:91:fa:b3:
                    ab:fa:15:60:f9:3e:34:8e:68:f8:2d:cb:76:e2:2c:
                    41:38:5a:b0:36:e2:c8:90:a4:ac:34:6f:7a:19:b2:
                    78:94:a8:77:88:15:6f:49:d1:6d:fd:14:c3:a6:94:
                    43:10:19:ae:07:76:8d:f2:28:0f:23:0e:5a:d8:21:
                    f5:3e:cd:a6:9c:0d:20:ef:3c:06:b8:79:a8:c7:ee:
                    16:4b:67:15:a7:f3:1a:2c:b7:9a:77:2c:4c:5b:db:
                    21:88:ae:96:83:46:c9:6d:e1:3a:52:cb:f4:7d:5c:
                    81:8f:d0:30:bb:f4:d3:b1:67:51:ff:6e:d3:75:d3:
                    d7:2d:5f:3a:6b:ce:29:6c:48:28:b7:3c:a2:20:21:
                    6a:83:b3:3e:ff:db:f0:a0:d2:a3:93:51:28:ba:7b:
                    db:ba:37:9b:36:cf:01:1c:15:e2:88:06:e4:eb:07:
                    c6:ff:f3:79:87:64:9b:80:b3:d8:fd:90:18:6e:b1:
                    07:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:33:64:CD:3F:75:BF:16:A3:FD:D7:3E:7A:21:90:2C:70:2F:56:29
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B0D88/41BDC862426611EFA172C34DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B0D88/41BDC862426611EFA172C34DC4F9AE02/QjNkzT91vxaj_dc-eiGQLHAvVik.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  152719

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.49.114.0/24
                IPv6:
                  2401:9860::/32

    Signature Algorithm: sha256WithRSAEncryption
         64:37:0b:ae:1b:98:c6:87:12:67:00:24:bc:4f:54:ad:3e:8b:
         d4:a6:07:c1:8c:c6:0a:e8:c6:c4:1d:ab:a3:80:82:0b:b0:38:
         f6:56:e4:a4:f7:a8:31:9d:bb:c0:43:e6:cd:ec:fe:93:b0:f8:
         ed:e1:4f:a3:1f:73:ff:b0:b5:e9:fe:41:6e:91:7b:3e:d9:0b:
         05:6c:84:ee:cd:ff:b1:8a:d6:c6:ec:d4:bc:88:7b:fd:59:d8:
         02:46:36:2d:e8:19:9a:0d:df:4d:c2:b5:1e:83:d0:15:a7:45:
         42:84:3e:ed:77:63:1d:87:e3:d4:95:8b:de:64:b2:ca:f3:5b:
         1d:c7:2c:d6:e5:9d:0b:0a:5a:06:1d:47:00:90:87:7a:e1:71:
         ff:4a:ec:5d:2c:9b:8f:0c:6a:16:96:2a:91:67:97:8f:d4:b0:
         66:6f:5c:16:ae:b4:cb:86:2c:39:b5:3b:c0:e2:ef:45:64:dd:
         5b:c3:19:24:58:f4:03:3b:43:1d:89:c3:0d:eb:17:13:b4:c7:
         a0:41:0d:27:9d:51:d4:a6:6e:12:f6:44:6b:11:2d:5b:f2:b7:
         62:98:24:f2:b2:4a:91:2f:21:0d:20:17:6a:df:2e:c8:86:e1:
         15:ab:eb:53:83:65:b0:af:44:4f:a8:86:9b:06:30:75:12:cc:
         43:d9:89:b4
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAgAkMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDcxNTE0MDMxNFoXDTI1MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjBEODgxMTAvBgNVBAUTKDQyMzM2NENEM0Y3NUJGMTZBM0ZERDcz
RTdBMjE5MDJDNzAyRjU2MjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYOJL8KOk0B5gigkX248tvoKkhqBWa6g4lks+tKWZZQy4tnYQ/OB6uNqtg/1r1
BRZIlQbsnJVTTBXPn2DNmOw5jTrN8kw77JH6s6v6FWD5PjSOaPgty3biLEE4WrA2
4siQpKw0b3oZsniUqHeIFW9J0W39FMOmlEMQGa4Hdo3yKA8jDlrYIfU+zaacDSDv
PAa4eajH7hZLZxWn8xost5p3LExb2yGIrpaDRslt4TpSy/R9XIGP0DC79NOxZ1H/
btN109ctXzprzilsSCi3PKIgIWqDsz7/2/Cg0qOTUSi6e9u6N5s2zwEcFeKIBuTr
B8b/83mHZJuAs9j9kBhusQflAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUQjNkzT91
vxaj/dc+eiGQLHAvVikwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUIwRDg4LzQxQkRDODYyNDI2NjExRUZBMTcyQzM0REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCMEQ4OC80MUJEQzg2MjQyNjYxMUVGQTE3MkMzNERDNEY5QUUwMi9Rak5relQ5
MXZ4YWpfZGMtZWlHUUxIQXZWaWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlSPMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAyjFyMA0EAgAC
MAcDBQAkAZhgMA0GCSqGSIb3DQEBCwUAA4IBAQBkNwuuG5jGhxJnACS8T1StPovU
pgfBjMYK6MbEHaujgIILsDj2VuSk96gxnbvAQ+bN7P6TsPjt4U+jH3P/sLXp/kFu
kXs+2QsFbITuzf+xitbG7NS8iHv9WdgCRjYt6BmaDd9NwrUeg9AVp0VChD7td2Md
h+PUlYveZLLK81sdxyzW5Z0LCloGHUcAkId64XH/SuxdLJuPDGoWliqRZ5eP1LBm
b1wWrrTLhiw5tTvA4u9FZN1bwxkkWPQDO0MdicMN6xcTtMegQQ0nnVHUpm4S9kRr
ES1b8rdimCTyskqRLyENIBdq3y7IhuEVq+tTg2Wwr0RPqIabBjB1EsxD2Ym0
-----END CERTIFICATE-----
Generated at Tue Jul 16 03:10:36 2024 by rpki-client on console-fra.rpki-client.org