Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jzTx-VOtA2V2fiHqvjWrRrVbPlg.cer
File:                     jzTx-VOtA2V2fiHqvjWrRrVbPlg.cer (raw, json)
Hash identifier:          dOSo0AHt7mtO7692eWzsgImkyD9OtHefQEqtZJBURfg=
Subject key identifier:   8F:34:F1:F9:53:AD:03:65:76:7E:21:EA:BE:35:AB:46:B5:5B:3E:58
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       015820
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.rand.apnic.net/repo/pubServerRand/0/8F34F1F953AD0365767E21EABE35AB46B55B3E58.mft
caRepository:             rsync://rpki.rand.apnic.net/repo/pubServerRand/0/
Notify URL:               https://rpki.rand.apnic.net/rrdp/notification.xml
Certificate not before:   Tue 31 May 2022 01:30:20 +0000
Certificate not after:    Mon 31 Mar 2031 00:00:00 +0000
Subordinate resources:    AS: 9838
                          AS: 24021
                          AS: 38610
                          AS: 131072
                          AS: 131074
                          IP: 1.0.0.0/24
                          IP: 1.1.1.0/24
                          IP: 103.0.0.0/16
                          IP: 103.10.232.0/24
                          IP: 203.10.60.0/22
                          IP: 203.133.248.0/22
                          IP: 203.147.108.0/23
                          IP: 2401:2000::/31
                          IP: 2408:2000::/24

Validation:               Failed, certificate revoked on Tue 15 Nov 2022 22:43:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 88096 (0x15820)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May 31 01:30:20 2022 GMT
            Not After : Mar 31 00:00:00 2031 GMT
        Subject: CN=A91872ED0000/serialNumber=8F34F1F953AD0365767E21EABE35AB46B55B3E58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:4a:fe:b3:85:8b:17:32:b5:2b:f4:bb:ab:26:
                    74:af:f5:4c:b4:c3:bb:03:7b:ad:e2:e9:9e:c4:65:
                    32:27:95:3f:d2:0a:f6:99:8e:12:39:4f:d7:58:35:
                    3b:f7:86:1f:b4:dd:6e:c3:0d:93:e4:44:85:c7:40:
                    59:18:8d:f1:18:0e:05:10:0f:06:a0:cb:8f:2c:ad:
                    b1:21:32:69:46:07:46:e7:94:17:7a:bb:40:8e:d2:
                    df:4e:4f:b5:83:7e:ec:6d:8b:2a:58:c6:07:22:5c:
                    63:39:57:c8:67:bc:f7:c3:7a:db:9e:4f:0f:bd:78:
                    31:50:94:b4:af:22:62:5f:16:b9:5b:19:19:17:72:
                    a1:25:62:87:a4:bf:53:de:46:0c:8e:23:64:de:0d:
                    ed:83:3a:2f:f8:4d:f0:18:05:21:92:a3:b2:22:2d:
                    02:67:8e:b6:19:96:7d:cc:6e:f4:2d:df:a2:26:18:
                    75:a3:52:94:e1:18:51:75:4f:f8:ea:12:3f:db:bb:
                    75:46:19:71:39:fa:41:99:56:99:81:3b:86:d1:03:
                    a6:ac:91:82:d8:b2:b1:f0:47:6b:a2:8b:3d:fe:89:
                    f5:f4:9f:09:d8:eb:5d:4b:51:df:a4:85:ed:48:39:
                    61:04:02:7a:de:b7:e7:6d:c7:8d:ea:56:9d:ed:01:
                    af:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:34:F1:F9:53:AD:03:65:76:7E:21:EA:BE:35:AB:46:B5:5B:3E:58
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.rand.apnic.net/repo/pubServerRand/0/
                RPKI Manifest - URI:rsync://rpki.rand.apnic.net/repo/pubServerRand/0/8F34F1F953AD0365767E21EABE35AB46B55B3E58.mft
                RPKI Notify - URI:https://rpki.rand.apnic.net/rrdp/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  9838
                  24021
                  38610
                  131072
                  131074

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.0.0.0/24
                  1.1.1.0/24
                  103.0.0.0/16
                  103.10.232.0/24
                  203.10.60.0/22
                  203.133.248.0/22
                  203.147.108.0/23
                IPv6:
                  2401:2000::/31
                  2408:2000::/24

    Signature Algorithm: sha256WithRSAEncryption
         83:9b:62:c3:db:6b:d9:4b:35:eb:2e:30:4e:3e:5c:b1:d6:15:
         e9:91:a7:b9:6a:6b:9f:47:88:07:7f:aa:e3:02:4f:6c:1b:2f:
         e7:44:36:b0:6c:b2:ac:d1:d0:6a:a4:9c:3f:ad:96:90:96:0d:
         be:5b:99:08:10:ad:81:97:48:d2:f2:5d:49:4f:8f:04:49:2e:
         69:d4:9f:dc:44:6b:f0:d9:20:a9:1f:f8:13:33:c8:9d:a8:af:
         0b:f5:f9:44:ff:7d:b4:3c:80:7b:35:46:6b:a3:f0:13:8c:ba:
         7f:32:6b:65:96:00:99:13:9b:a9:53:c7:a1:46:c8:25:1e:76:
         68:d2:a0:52:59:67:99:75:f2:b1:a1:6f:47:c9:bd:e7:a6:25:
         7e:07:a4:07:55:91:7b:32:c5:67:0d:69:51:f7:9f:21:7d:b8:
         80:c5:4b:b5:1f:fe:df:4c:39:bc:0a:9b:29:f7:50:0d:b4:60:
         56:fb:d2:79:3c:0b:cd:6b:37:d5:60:5f:99:42:b6:a9:7c:55:
         10:6f:76:0a:71:cf:f9:41:64:6a:67:00:26:cd:c1:4d:82:b0:
         e1:89:89:88:dc:c3:1d:3e:16:3b:f0:e6:02:10:10:e9:24:eb:
         02:90:73:4e:20:4f:d5:42:da:29:6d:e2:de:c3:e2:c2:81:82:
         fe:da:54:cc
-----BEGIN CERTIFICATE-----
MIIGODCCBSCgAwIBAgIDAVggMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIyMDUzMTAxMzAyMFoXDTMxMDMzMTAwMDAwMFowSjEVMBMG
A1UEAxMMQTkxODcyRUQwMDAwMTEwLwYDVQQFEyg4RjM0RjFGOTUzQUQwMzY1NzY3
RTIxRUFCRTM1QUI0NkI1NUIzRTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvUr+s4WLFzK1K/S7qyZ0r/VMtMO7A3ut4umexGUyJ5U/0gr2mY4SOU/X
WDU794YftN1uww2T5ESFx0BZGI3xGA4FEA8GoMuPLK2xITJpRgdG55QXertAjtLf
Tk+1g37sbYsqWMYHIlxjOVfIZ7z3w3rbnk8PvXgxUJS0ryJiXxa5WxkZF3KhJWKH
pL9T3kYMjiNk3g3tgzov+E3wGAUhkqOyIi0CZ462GZZ9zG70Ld+iJhh1o1KU4RhR
dU/46hI/27t1RhlxOfpBmVaZgTuG0QOmrJGC2LKx8Edroos9/on19J8J2OtdS1Hf
pIXtSDlhBAJ63rfnbceN6lad7QGvawIDAQABo4IDKTCCAyUwHQYDVR0OBBYEFI80
8flTrQNldn4h6r41q0a1Wz5YMB8GA1UdIwQYMBaAFA5lpPX9NrW9aOs8kjQIl4yQ
eqefMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1
ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9EbVdrOWYwMnRiMW82enlTTkFpWGpK
QjZwNTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3RTExRTdBOTZBMzk1
MjFBNEY0RkI0L0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1OC5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMIH5BggrBgEFBQcBCwSB7DCB6TA9BggrBgEF
BQcwBYYxcnN5bmM6Ly9ycGtpLnJhbmQuYXBuaWMubmV0L3JlcG8vcHViU2VydmVy
UmFuZC8wLzBpBggrBgEFBQcwCoZdcnN5bmM6Ly9ycGtpLnJhbmQuYXBuaWMubmV0
L3JlcG8vcHViU2VydmVyUmFuZC8wLzhGMzRGMUY5NTNBRDAzNjU3NjdFMjFFQUJF
MzVBQjQ2QjU1QjNFNTgubWZ0MD0GCCsGAQUFBzANhjFodHRwczovL3Jwa2kucmFu
ZC5hcG5pYy5uZXQvcnJkcC9ub3RpZmljYXRpb24ueG1sMCwGCCsGAQUFBwEIAQH/
BB0wG6AZMBcCAiZuAgJd1QIDAJbSAgMCAAACAwIAAjBXBggrBgEFBQcBBwEB/wRI
MEYwLwQCAAEwKQMEAAEAAAMEAAEBAQMDAGcAAwQAZwroAwQCywo8AwQCy4X4AwQB
y5NsMBMEAgACMA0DBQEkASAAAwQAJAggMA0GCSqGSIb3DQEBCwUAA4IBAQCDm2LD
22vZSzXrLjBOPlyx1hXpkae5amufR4gHf6rjAk9sGy/nRDawbLKs0dBqpJw/rZaQ
lg2+W5kIEK2Bl0jS8l1JT48ESS5p1J/cRGvw2SCpH/gTM8idqK8L9flE/320PIB7
NUZro/ATjLp/MmtllgCZE5upU8ehRsglHnZo0qBSWWeZdfKxoW9Hyb3npiV+B6QH
VZF7MsVnDWlR958hfbiAxUu1H/7fTDm8Cpsp91ANtGBW+9J5PAvNazfVYF+ZQrap
fFUQb3YKcc/5QWRqZwAmzcFNgrDhiYmI3MMdPhY78OYCEBDpJOsCkHNOIE/VQtop
beLew+LCgYL+2lTM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:44 2024 by rpki-client on console-ams.rpki-client.org