Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fPZSOjBpgd0-zzOrxoUaoexipXA.cer
File:                     fPZSOjBpgd0-zzOrxoUaoexipXA.cer (raw, json)
Hash identifier:          4+fe8ujmgyahjFOve/IUOQj45c+TOT5bfj38MRUQ8WE=
Subject key identifier:   7C:F6:52:3A:30:69:81:DD:3E:CF:33:AB:C6:85:1A:A1:EC:62:A5:70
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       013586
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91DFDFF/14DF6CF65FC011EBBEA22859C4F9AE02/fPZSOjBpgd0-zzOrxoUaoexipXA.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91DFDFF/14DF6CF65FC011EBBEA22859C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 18 Nov 2021 00:48:24 +0000
Certificate not after:    Fri 01 Jul 2022 00:00:00 +0000
Subordinate resources:    IP: 2400:d880::/32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 79238 (0x13586)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov 18 00:48:24 2021 GMT
            Not After : Jul  1 00:00:00 2022 GMT
        Subject: CN=A91DFDFF/serialNumber=7CF6523A306981DD3ECF33ABC6851AA1EC62A570
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:19:a8:87:81:22:c7:5c:b2:bd:ee:56:a4:9b:
                    e0:db:21:15:8f:90:b8:54:0a:9e:5e:46:df:1d:1a:
                    3b:da:ed:6f:62:58:b6:99:bd:b1:8b:5a:b8:19:f1:
                    f2:32:2f:56:3a:d6:3b:5c:e3:91:c6:16:0f:08:a6:
                    11:fe:e1:01:5d:53:b5:68:67:90:03:5c:af:d4:7b:
                    ed:9a:cf:b7:3a:71:73:4b:10:ac:5b:99:eb:f4:91:
                    85:13:aa:cd:a3:53:a7:e6:85:79:27:56:ff:b3:57:
                    b3:5e:35:44:17:4f:b6:1f:50:9b:a0:6e:24:91:3b:
                    56:60:e7:c7:30:d1:f5:82:12:d9:1c:2e:11:9e:74:
                    7b:c6:7d:84:b8:ad:c8:76:e2:de:db:e5:ee:fc:47:
                    23:c6:b5:2d:9f:28:49:53:8e:c8:c1:6f:c8:e2:e2:
                    23:f9:55:71:98:5c:d1:27:51:70:29:69:92:89:3f:
                    b1:88:8b:fc:89:cd:15:23:95:b2:d5:3d:59:51:20:
                    44:03:f4:91:69:26:95:e5:a0:a0:5b:0f:77:bc:2e:
                    6f:30:8a:df:a0:80:cb:d9:9d:63:3d:af:b4:57:74:
                    38:c4:42:e1:17:65:9f:2e:bc:b4:74:9d:78:8f:7a:
                    e9:94:ba:43:19:64:ac:8b:76:3a:b8:73:88:02:4c:
                    f6:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:F6:52:3A:30:69:81:DD:3E:CF:33:AB:C6:85:1A:A1:EC:62:A5:70
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91DFDFF/14DF6CF65FC011EBBEA22859C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91DFDFF/14DF6CF65FC011EBBEA22859C4F9AE02/fPZSOjBpgd0-zzOrxoUaoexipXA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d880::/32

    Signature Algorithm: sha256WithRSAEncryption
         41:67:94:84:fd:a4:df:21:f7:ae:ae:96:f8:9e:2a:a7:5f:69:
         01:88:d3:62:ad:3f:ee:12:7d:97:50:94:12:cd:a1:76:61:dc:
         b0:03:2a:2b:96:08:f7:cc:f5:57:45:33:97:3d:b6:51:e8:2f:
         f5:2e:00:72:b7:4b:f6:f8:fa:74:aa:d2:9e:3f:b4:31:e1:4d:
         59:81:d4:de:e6:d9:dc:68:35:8a:1f:f0:a8:37:db:3d:76:ff:
         38:25:a6:7b:2d:bf:45:05:41:d2:c7:2a:6e:6c:6f:72:7c:73:
         67:c8:bd:21:c2:b3:0b:43:8d:9b:7a:8a:7d:09:85:9f:22:51:
         87:d4:93:2e:78:64:1f:4f:ee:9d:d1:02:54:a3:35:6b:65:74:
         5f:dc:f9:e2:a1:99:50:dd:c9:37:b3:c9:74:18:db:a8:58:75:
         60:42:a4:97:07:2a:d0:46:0a:44:cf:1a:14:87:2c:4b:a1:13:
         f2:60:51:8a:8a:ff:61:10:64:cf:7c:0c:bd:6e:06:7a:95:81:
         62:d0:7b:13:74:12:a3:34:92:92:48:07:b4:c2:26:8a:ed:7f:
         20:53:c9:5b:60:57:7b:2d:58:47:cb:5d:c0:18:ce:28:fc:e9:
         f2:53:7b:9d:8d:eb:b1:52:39:08:87:78:30:e1:a2:d7:0c:82:
         a8:8a:5b:2d
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgIDATWGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIxMTExODAwNDgyNFoXDTIyMDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxREZERkYxMTAvBgNVBAUTKDdDRjY1MjNBMzA2OTgxREQzRUNGMzNB
QkM2ODUxQUExRUM2MkE1NzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEGaiHgSLHXLK97lakm+DbIRWPkLhUCp5eRt8dGjva7W9iWLaZvbGLWrgZ8fIy
L1Y61jtc45HGFg8IphH+4QFdU7VoZ5ADXK/Ue+2az7c6cXNLEKxbmev0kYUTqs2j
U6fmhXknVv+zV7NeNUQXT7YfUJugbiSRO1Zg58cw0fWCEtkcLhGedHvGfYS4rch2
4t7b5e78RyPGtS2fKElTjsjBb8ji4iP5VXGYXNEnUXApaZKJP7GIi/yJzRUjlbLV
PVlRIEQD9JFpJpXloKBbD3e8Lm8wit+ggMvZnWM9r7RXdDjEQuEXZZ8uvLR0nXiP
eumUukMZZKyLdjq4c4gCTPaZAgMBAAGjggL0MIIC8DAdBgNVHQ4EFgQUfPZSOjBp
gd0+zzOrxoUaoexipXAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MURGREZGLzE0REY2Q0Y2NUZDMDExRUJCRUEyMjg1OUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFERkRGRi8xNERGNkNGNjVGQzAxMUVCQkVBMjI4NTlDNEY5QUUwMi9mUFpTT2pC
cGdkMC16ek9yeG9VYW9leGlwWEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8EETAP
MA0EAgACMAcDBQAkANiAMA0GCSqGSIb3DQEBCwUAA4IBAQBBZ5SE/aTfIfeurpb4
niqnX2kBiNNirT/uEn2XUJQSzaF2YdywAyorlgj3zPVXRTOXPbZR6C/1LgByt0v2
+Pp0qtKeP7Qx4U1ZgdTe5tncaDWKH/CoN9s9dv84JaZ7Lb9FBUHSxypubG9yfHNn
yL0hwrMLQ42beop9CYWfIlGH1JMueGQfT+6d0QJUozVrZXRf3PnioZlQ3ck3s8l0
GNuoWHVgQqSXByrQRgpEzxoUhyxLoRPyYFGKiv9hEGTPfAy9bgZ6lYFi0HsTdBKj
NJKSSAe0wiaK7X8gU8lbYFd7LVhHy13AGM4o/OnyU3udjeuxUjkIh3gw4aLXDIKo
ilst
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:54 2024 by rpki-client on console-fra.rpki-client.org