Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hRhNkJexS9WsjWg1RfEFs1N3Q-M.cer
File:                     hRhNkJexS9WsjWg1RfEFs1N3Q-M.cer (raw, json)
Hash identifier:          xCs+ecWX0x8TkzCdqvng546hHvcksylT9g7k9GrqJ3E=
Subject key identifier:   85:18:4D:90:97:B1:4B:D5:AC:8D:68:35:45:F1:05:B3:53:77:43:E3
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01432F
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91697D0/7821E6DC456011E7B1D53131C4F9AE02/hRhNkJexS9WsjWg1RfEFs1N3Q-M.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91697D0/7821E6DC456011E7B1D53131C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 02 Feb 2022 14:39:37 +0000
Certificate not after:    Thu 02 Jun 2022 00:00:00 +0000
Subordinate resources:    AS: 134972
                          IP: 2403:f780::/32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 82735 (0x1432f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb  2 14:39:37 2022 GMT
            Not After : Jun  2 00:00:00 2022 GMT
        Subject: CN=A91697D0/serialNumber=85184D9097B14BD5AC8D683545F105B3537743E3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:69:57:07:a4:af:d0:12:e7:28:d4:7f:6f:bc:
                    3c:8d:52:5e:9b:ea:25:dd:06:ad:6b:48:0a:72:45:
                    04:21:d9:06:6f:50:1a:92:8b:4a:69:4f:22:f4:f6:
                    f0:68:b6:fd:8b:ef:1b:ee:8b:7a:61:89:ee:79:61:
                    52:fe:50:dc:11:e0:4b:2a:b6:c6:fd:8c:77:84:d8:
                    3e:4a:1d:33:81:fc:74:4f:dc:e7:c8:12:76:3d:81:
                    03:7e:3c:20:ff:72:5a:b3:26:75:47:1d:28:c2:a6:
                    71:d8:93:bd:35:13:dc:20:01:7b:be:bb:51:27:16:
                    cf:bf:ec:63:2e:07:09:3e:27:7b:0a:6e:c8:3d:6f:
                    0b:5f:22:9b:13:60:5c:1a:e9:ec:63:68:66:46:9b:
                    c1:3f:53:39:ec:ff:91:7c:ba:94:b1:fe:7e:61:67:
                    45:f7:29:51:f2:4a:cc:cb:c7:a3:cf:ba:c8:0e:3e:
                    97:34:25:1c:69:5c:f2:73:de:7d:83:df:c9:34:dc:
                    38:73:0c:b5:e7:f4:dd:f9:50:f0:02:f3:4a:7a:fe:
                    c5:99:2e:a9:c7:02:60:4f:d9:28:96:72:fb:28:69:
                    d0:3c:b6:54:bc:a2:6c:b5:48:01:b1:da:9e:53:7c:
                    06:fe:cb:1d:ae:ee:a1:da:ca:ac:8f:20:b6:62:cd:
                    bc:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:18:4D:90:97:B1:4B:D5:AC:8D:68:35:45:F1:05:B3:53:77:43:E3
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91697D0/7821E6DC456011E7B1D53131C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91697D0/7821E6DC456011E7B1D53131C4F9AE02/hRhNkJexS9WsjWg1RfEFs1N3Q-M.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  134972

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:f780::/32

    Signature Algorithm: sha256WithRSAEncryption
         29:97:82:69:74:90:9a:8d:da:6f:61:22:0f:33:28:94:9a:db:
         9e:1a:88:94:1a:eb:68:b1:79:75:17:98:01:dc:bb:05:a2:12:
         fd:97:44:22:82:89:67:d3:b3:0a:94:c9:8a:5f:97:e5:83:1f:
         c1:ec:a6:a5:16:9b:4a:b8:70:50:b4:65:1c:b3:9e:aa:6d:3c:
         64:38:06:34:ea:67:79:9d:72:00:36:ae:54:73:c1:40:0b:d3:
         85:89:07:82:9c:af:c4:88:bc:7f:76:81:5b:3c:1e:32:46:87:
         ca:a1:60:bd:d4:07:07:6a:53:d8:1e:8c:3e:e4:39:ae:76:03:
         e7:24:16:2c:8d:68:ad:c6:d7:95:7d:ca:22:5d:c5:0e:ba:28:
         ec:0e:a1:5d:10:b8:5a:b4:97:13:65:3b:b8:09:44:19:39:44:
         69:67:ee:dc:fc:2c:a3:bc:46:ae:cb:a6:bb:dd:23:f4:c2:e7:
         3a:ce:e3:62:60:14:f7:87:3e:d9:bc:e8:ac:27:6d:1c:6e:57:
         07:79:78:13:d5:a9:c9:b7:85:20:85:28:9c:7d:48:d5:19:c6:
         67:6f:14:36:96:2f:d8:4d:86:43:8b:a7:ce:d3:d1:b3:1b:06:
         1d:f9:ab:93:af:1e:28:3d:90:39:7b:eb:87:35:af:c9:0b:a0:
         20:f7:c8:fa
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAUMvMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIyMDIwMjE0MzkzN1oXDTIyMDYwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjk3RDAxMTAvBgNVBAUTKDg1MTg0RDkwOTdCMTRCRDVBQzhENjgz
NTQ1RjEwNUIzNTM3NzQzRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8aVcHpK/QEuco1H9vvDyNUl6b6iXdBq1rSApyRQQh2QZvUBqSi0ppTyL09vBo
tv2L7xvui3phie55YVL+UNwR4Esqtsb9jHeE2D5KHTOB/HRP3OfIEnY9gQN+PCD/
clqzJnVHHSjCpnHYk701E9wgAXu+u1EnFs+/7GMuBwk+J3sKbsg9bwtfIpsTYFwa
6exjaGZGm8E/Uzns/5F8upSx/n5hZ0X3KVHySszLx6PPusgOPpc0JRxpXPJz3n2D
38k03DhzDLXn9N35UPAC80p6/sWZLqnHAmBP2SiWcvsoadA8tlS8omy1SAGx2p5T
fAb+yx2u7qHayqyPILZizbwzAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQUhRhNkJex
S9WsjWg1RfEFs1N3Q+MwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTY5N0QwLzc4MjFFNkRDNDU2MDExRTdCMUQ1MzEzMUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2OTdEMC83ODIxRTZEQzQ1NjAxMUU3QjFENTMxMzFDNEY5QUUwMi9oUmhOa0pl
eFM5V3NqV2cxUmZFRnMxTjNRLU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg88MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAP3gDANBgkq
hkiG9w0BAQsFAAOCAQEAKZeCaXSQmo3ab2EiDzMolJrbnhqIlBrraLF5dReYAdy7
BaIS/ZdEIoKJZ9OzCpTJil+X5YMfweympRabSrhwULRlHLOeqm08ZDgGNOpneZ1y
ADauVHPBQAvThYkHgpyvxIi8f3aBWzweMkaHyqFgvdQHB2pT2B6MPuQ5rnYD5yQW
LI1orcbXlX3KIl3FDroo7A6hXRC4WrSXE2U7uAlEGTlEaWfu3Pwso7xGrsumu90j
9MLnOs7jYmAU94c+2bzorCdtHG5XB3l4E9WpybeFIIUonH1I1RnGZ28UNpYv2E2G
Q4unztPRsxsGHfmrk68eKD2QOXvrhzWvyQugIPfI+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:44 2024 by rpki-client on console-ams.rpki-client.org