Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jzcQEqRzwugAxUJAMPMlT3KYVLc.cer
File:                     jzcQEqRzwugAxUJAMPMlT3KYVLc.cer (raw, json)
Hash identifier:          wUhsA2Z4DOIlPPUVrzROuULVttW6CfMsieIIt2NZosU=
Subject key identifier:   8F:37:10:12:A4:73:C2:E8:00:C5:42:40:30:F3:25:4F:72:98:54:B7
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CACE
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9140F41/77D71282894911E39AA02A615911EA32/jzcQEqRzwugAxUJAMPMlT3KYVLc.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9140F41/77D71282894911E39AA02A615911EA32/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 14 Nov 2023 14:41:16 +0000
Certificate not after:    Fri 01 Mar 2024 00:00:00 +0000
Subordinate resources:    IP: 2405:f900::/32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117454 (0x1cace)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov 14 14:41:16 2023 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=A9140F41/serialNumber=8F371012A473C2E800C5424030F3254F729854B7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:f5:dc:c4:39:fd:9b:64:b0:00:6a:76:7c:f9:
                    26:a7:bd:48:36:22:52:a8:d9:75:92:7d:a2:05:22:
                    b3:e2:76:35:0a:e6:94:4d:e3:94:64:a6:12:6c:78:
                    59:f2:12:73:78:92:6e:b3:db:77:09:de:d0:40:62:
                    1d:f4:98:a5:fc:36:db:bd:02:46:db:dd:8d:7d:33:
                    5a:55:8c:f2:97:d5:9a:0f:e8:d8:b8:ce:0d:71:26:
                    3b:1c:7f:2e:cd:31:7b:10:54:f0:ee:c4:9c:89:31:
                    64:07:35:eb:31:17:17:60:9c:47:6d:61:86:95:0e:
                    fc:c5:2c:48:62:17:21:d7:17:ee:12:70:c6:59:5a:
                    d7:2b:d3:5a:75:09:5d:58:fc:6b:d4:86:04:8f:79:
                    f4:41:76:13:88:eb:b5:d6:4f:7c:89:38:76:6f:55:
                    af:c4:a1:ac:10:d5:df:21:85:39:b6:64:12:c3:a4:
                    21:9b:01:cf:08:a3:84:a6:0d:69:86:da:8e:98:03:
                    0c:9f:fe:03:08:e1:a7:0a:93:b6:cc:73:27:61:49:
                    a5:23:c2:c0:a5:6d:9a:10:cf:41:88:f1:71:fc:53:
                    38:c8:52:17:1b:3f:cd:ed:17:9e:a3:6c:60:7d:e4:
                    84:05:c0:b7:05:d5:c7:b3:2f:10:4d:b1:78:15:01:
                    02:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:37:10:12:A4:73:C2:E8:00:C5:42:40:30:F3:25:4F:72:98:54:B7
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9140F41/77D71282894911E39AA02A615911EA32/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9140F41/77D71282894911E39AA02A615911EA32/jzcQEqRzwugAxUJAMPMlT3KYVLc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:f900::/32

    Signature Algorithm: sha256WithRSAEncryption
         36:34:bf:b0:6e:22:ae:b1:05:11:3a:19:00:a7:5f:c8:ed:8c:
         79:ba:e4:cc:d2:99:0d:21:32:b9:19:68:60:e7:de:3b:69:36:
         4a:28:02:93:1d:31:b1:b7:bb:2d:1d:8c:ee:7d:63:36:0d:b5:
         d2:d8:fa:c8:72:20:ee:9e:29:bb:33:8f:98:9f:3c:d8:73:3f:
         b6:4f:96:53:46:3a:46:14:44:2b:7c:d8:1e:9f:62:90:bf:fd:
         ce:00:b5:f3:c8:06:78:8c:64:50:e0:3a:c2:59:63:33:3a:d1:
         03:d5:a1:e4:90:00:f3:e0:73:e9:6c:8c:f2:8c:26:53:9b:c6:
         89:8e:49:bc:85:73:5c:6d:dd:24:d6:50:81:0c:df:9a:27:99:
         1c:e9:aa:43:52:71:6e:c0:e9:db:78:6d:54:a1:2f:c0:d1:30:
         22:f7:30:ac:64:65:19:55:ff:0d:9a:f0:6c:03:06:55:8f:81:
         88:3d:78:a2:a2:00:d0:18:9e:15:22:fc:0e:00:d5:80:62:6f:
         f4:ee:a9:f4:65:8f:3c:d2:99:99:d5:b2:3e:72:ff:a9:a8:cc:
         24:d4:db:2a:33:54:a0:8d:33:e6:0e:44:0c:a5:6d:64:8b:ec:
         12:97:69:66:f6:3b:48:70:7b:56:97:6b:63:fb:22:a3:18:ce:
         cf:b3:c8:53
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgIDAcrOMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTExNDE0NDExNloXDTI0MDMwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNDBGNDExMTAvBgNVBAUTKDhGMzcxMDEyQTQ3M0MyRTgwMEM1NDI0
MDMwRjMyNTRGNzI5ODU0QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDb9dzEOf2bZLAAanZ8+SanvUg2IlKo2XWSfaIFIrPidjUK5pRN45RkphJseFny
EnN4km6z23cJ3tBAYh30mKX8Ntu9Akbb3Y19M1pVjPKX1ZoP6Ni4zg1xJjscfy7N
MXsQVPDuxJyJMWQHNesxFxdgnEdtYYaVDvzFLEhiFyHXF+4ScMZZWtcr01p1CV1Y
/GvUhgSPefRBdhOI67XWT3yJOHZvVa/EoawQ1d8hhTm2ZBLDpCGbAc8Io4SmDWmG
2o6YAwyf/gMI4acKk7bMcydhSaUjwsClbZoQz0GI8XH8UzjIUhcbP83tF56jbGB9
5IQFwLcF1cezLxBNsXgVAQI3AgMBAAGjggL0MIIC8DAdBgNVHQ4EFgQUjzcQEqRz
wugAxUJAMPMlT3KYVLcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTQwRjQxLzc3RDcxMjgyODk0OTExRTM5QUEwMkE2MTU5MTFFQTMyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0MEY0MS83N0Q3MTI4Mjg5NDkxMUUzOUFBMDJBNjE1OTExRUEzMi9qemNRRXFS
end1Z0F4VUpBTVBNbFQzS1lWTGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8EETAP
MA0EAgACMAcDBQAkBfkAMA0GCSqGSIb3DQEBCwUAA4IBAQA2NL+wbiKusQUROhkA
p1/I7Yx5uuTM0pkNITK5GWhg5947aTZKKAKTHTGxt7stHYzufWM2DbXS2PrIciDu
nim7M4+YnzzYcz+2T5ZTRjpGFEQrfNgen2KQv/3OALXzyAZ4jGRQ4DrCWWMzOtED
1aHkkADz4HPpbIzyjCZTm8aJjkm8hXNcbd0k1lCBDN+aJ5kc6apDUnFuwOnbeG1U
oS/A0TAi9zCsZGUZVf8NmvBsAwZVj4GIPXiiogDQGJ4VIvwOANWAYm/07qn0ZY88
0pmZ1bI+cv+pqMwk1NsqM1SgjTPmDkQMpW1ki+wSl2lm9jtIcHtWl2tj+yKjGM7P
s8hT
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:55 2024 by rpki-client on console-fra.rpki-client.org