Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mA4Vth94mlMmWB0EwgOBkqqZawA.cer
File:                     mA4Vth94mlMmWB0EwgOBkqqZawA.cer (raw, json)
Hash identifier:          Z1pDZyIAXEExekUs/laNns5XvoD9B1YhJfEf0fYR0SU=
Subject key identifier:   98:0E:15:B6:1F:78:9A:53:26:58:1D:04:C2:03:81:92:AA:99:6B:00
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01BA04
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A919853E/92F21C1CCF2611EB9D699C2AC4F9AE02/mA4Vth94mlMmWB0EwgOBkqqZawA.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A919853E/92F21C1CCF2611EB9D699C2AC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 30 Aug 2023 20:20:45 +0000
Certificate not after:    Sat 30 Dec 2023 00:00:00 +0000
Subordinate resources:    AS: 138918
                          IP: 103.168.86.0/23
                          IP: 2407:8e40::/32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 113156 (0x1ba04)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Aug 30 20:20:45 2023 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=A919853E/serialNumber=980E15B61F789A5326581D04C2038192AA996B00
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:77:59:6a:d9:db:1c:57:86:a3:cd:9f:e2:88:
                    84:e9:58:f2:cb:8d:cf:f8:e8:96:4b:3f:bf:55:c3:
                    1b:73:11:31:ca:57:e7:c8:b9:36:7c:a7:3e:91:c8:
                    01:1b:26:83:91:73:c9:3b:4c:7b:34:35:3b:9b:2d:
                    98:13:94:14:e3:ab:82:ef:e0:ad:6e:b7:f8:f1:5e:
                    75:02:5b:a8:24:99:37:e3:5a:0e:bc:42:03:46:a6:
                    5e:06:2a:64:c9:00:92:52:6a:f9:81:f0:d2:89:6b:
                    48:c7:26:60:5a:17:f9:2f:67:b9:23:19:fc:9f:50:
                    0d:c5:74:c9:21:bd:45:cf:f5:82:34:bd:ad:1e:24:
                    4f:0e:dc:62:86:1f:0f:f1:bc:b3:a5:5e:b3:be:7c:
                    03:c1:ae:69:ce:51:04:2b:c1:cd:48:da:f9:fc:d2:
                    72:73:39:e5:f8:2b:2c:03:fa:18:cc:ed:f6:43:b8:
                    e6:99:8b:dc:d8:8b:61:1e:33:de:37:7d:e1:83:32:
                    63:bd:ec:bc:d6:5d:10:7f:be:b4:ae:b6:78:21:0b:
                    71:45:2e:22:04:b4:c2:44:79:60:64:74:d7:44:04:
                    53:1a:96:47:d5:d0:55:1a:58:e9:d9:c7:13:99:e9:
                    b2:89:4c:b8:99:67:6f:51:21:26:23:e9:3f:7c:34:
                    fd:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:0E:15:B6:1F:78:9A:53:26:58:1D:04:C2:03:81:92:AA:99:6B:00
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919853E/92F21C1CCF2611EB9D699C2AC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919853E/92F21C1CCF2611EB9D699C2AC4F9AE02/mA4Vth94mlMmWB0EwgOBkqqZawA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  138918

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.168.86.0/23
                IPv6:
                  2407:8e40::/32

    Signature Algorithm: sha256WithRSAEncryption
         85:49:6f:b3:f7:06:20:08:73:17:94:27:44:6c:e9:da:c5:b9:
         2d:13:6f:87:f3:0a:38:89:41:56:96:fd:34:92:fa:7e:ad:ba:
         b3:15:11:43:8e:b0:1c:03:36:6c:11:16:9d:c7:be:0e:2c:7b:
         f4:5a:b1:88:d7:c0:08:94:8a:f8:f5:2b:e6:87:73:17:08:03:
         3e:d4:5d:b4:c5:dd:84:54:ae:75:08:6d:79:9b:15:18:4d:45:
         d0:f1:08:41:9e:f3:bb:8f:41:83:02:78:f5:c7:1a:e0:38:49:
         82:a5:f2:28:15:92:53:2a:3a:71:77:be:a8:05:0f:32:d3:c3:
         60:df:7d:44:15:0b:c9:19:36:8f:06:b4:da:49:b6:b7:f4:d0:
         2f:b6:8b:98:04:cc:8f:ab:7c:2e:84:df:a3:4c:fa:9f:0b:42:
         9c:9a:b5:b7:35:29:05:63:65:cb:a4:2c:79:3d:54:72:02:fb:
         80:28:e9:03:46:b5:8d:91:1b:12:48:40:57:91:aa:5c:a0:f9:
         25:ee:19:fc:5d:28:63:24:9e:d7:66:49:a4:11:14:4b:ae:a9:
         81:4c:8a:bb:1f:83:6a:bd:fe:fa:1f:03:e3:17:54:cf:80:09:
         7c:17:e2:18:22:82:e4:2b:04:c4:7b:2a:ea:05:45:c0:09:ee:
         4e:b2:89:c3
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAboEMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDgzMDIwMjA0NVoXDTIzMTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTg1M0UxMTAvBgNVBAUTKDk4MEUxNUI2MUY3ODlBNTMyNjU4MUQw
NEMyMDM4MTkyQUE5OTZCMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCkd1lq2dscV4ajzZ/iiITpWPLLjc/46JZLP79VwxtzETHKV+fIuTZ8pz6RyAEb
JoORc8k7THs0NTubLZgTlBTjq4Lv4K1ut/jxXnUCW6gkmTfjWg68QgNGpl4GKmTJ
AJJSavmB8NKJa0jHJmBaF/kvZ7kjGfyfUA3FdMkhvUXP9YI0va0eJE8O3GKGHw/x
vLOlXrO+fAPBrmnOUQQrwc1I2vn80nJzOeX4KywD+hjM7fZDuOaZi9zYi2EeM943
feGDMmO97LzWXRB/vrSutnghC3FFLiIEtMJEeWBkdNdEBFMalkfV0FUaWOnZxxOZ
6bKJTLiZZ29RISYj6T98NP2zAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUmA4Vth94
mlMmWB0EwgOBkqqZawAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk4NTNFLzkyRjIxQzFDQ0YyNjExRUI5RDY5OUMyQUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5ODUzRS85MkYyMUMxQ0NGMjYxMUVCOUQ2OTlDMkFDNEY5QUUwMi9tQTRWdGg5
NG1sTW1XQjBFd2dPQmtxcVphd0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAh6mMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ6hWMA0EAgAC
MAcDBQAkB45AMA0GCSqGSIb3DQEBCwUAA4IBAQCFSW+z9wYgCHMXlCdEbOnaxbkt
E2+H8wo4iUFWlv00kvp+rbqzFRFDjrAcAzZsERadx74OLHv0WrGI18AIlIr49Svm
h3MXCAM+1F20xd2EVK51CG15mxUYTUXQ8QhBnvO7j0GDAnj1xxrgOEmCpfIoFZJT
Kjpxd76oBQ8y08Ng331EFQvJGTaPBrTaSba39NAvtouYBMyPq3wuhN+jTPqfC0Kc
mrW3NSkFY2XLpCx5PVRyAvuAKOkDRrWNkRsSSEBXkapcoPkl7hn8XShjJJ7XZkmk
ERRLrqmBTIq7H4Nqvf76HwPjF1TPgAl8F+IYIoLkKwTEeyrqBUXACe5OsonD
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:55 2024 by rpki-client on console-fra.rpki-client.org