Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oR4sIXmzapZHuVH8YC13kwe_rm4.cer
File:                     oR4sIXmzapZHuVH8YC13kwe_rm4.cer (raw, json)
Hash identifier:          PNncEUCOSoZXRmO3epOzQJbidCXu68SG6sRGiOlKRuY=
Subject key identifier:   A1:1E:2C:21:79:B3:6A:96:47:B9:51:FC:60:2D:77:93:07:BF:AE:6E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01EC83
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C08FA/ADCB15FE95C311EAAE620149C4F9AE02/oR4sIXmzapZHuVH8YC13kwe_rm4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C08FA/ADCB15FE95C311EAAE620149C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 19 Apr 2024 19:14:29 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 9876
                          AS: 132375
                          AS: 132687
                          AS: 147045
                          IP: 103.8.140.0/22
                          IP: 103.15.126.0/23
                          IP: 163.47.236.0/22
                          IP: 202.56.32.0 -- 202.56.55.255
                          IP: 202.137.240.0/21
                          IP: 2401:2f40::/32

Validation:               Failed, certificate revoked on Mon 10 Jun 2024 20:23:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 126083 (0x1ec83)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Apr 19 19:14:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A91C08FA/serialNumber=A11E2C2179B36A9647B951FC602D779307BFAE6E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:9e:03:4d:b3:e6:01:92:13:74:98:8b:05:cb:
                    7f:97:44:1f:58:b8:87:aa:2f:db:e6:fb:be:d7:79:
                    07:c9:f2:f4:ed:23:08:95:12:ac:46:5d:52:88:48:
                    96:11:2d:5a:4e:2f:51:c1:17:da:62:90:88:a4:9e:
                    19:19:f2:0b:55:de:3f:31:f4:d4:0a:fd:d2:a5:b8:
                    c6:ea:33:48:b3:5b:8b:04:ed:82:f4:7b:3a:7c:78:
                    fc:a5:ab:12:0d:af:a4:1c:b9:a8:11:85:7e:61:e7:
                    3a:3d:d5:3e:e3:cf:c3:26:ce:5e:3f:04:1d:67:8a:
                    8e:8f:2e:e4:c3:04:6c:ce:66:f6:f9:7f:9e:47:11:
                    10:3f:ad:5e:9f:5e:72:21:92:02:05:d6:cf:ba:97:
                    ab:3c:0a:d8:2f:7b:d9:43:b9:d9:af:9c:5b:8d:c6:
                    63:23:10:5d:70:2f:ce:ff:51:50:64:b5:eb:6c:67:
                    5b:6d:49:cf:d5:d3:5f:1e:2c:ef:ba:b3:b1:33:23:
                    1a:0d:9e:4d:77:9d:16:f4:fa:3e:dc:8e:68:64:70:
                    30:49:86:25:bc:fe:39:40:3f:72:f7:f1:ff:04:93:
                    d0:f6:2e:c6:be:79:1a:5c:f4:43:a7:e8:a4:61:1c:
                    bb:40:6c:0f:24:bd:2d:f4:50:69:10:ac:83:2f:e7:
                    7f:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:1E:2C:21:79:B3:6A:96:47:B9:51:FC:60:2D:77:93:07:BF:AE:6E
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C08FA/ADCB15FE95C311EAAE620149C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C08FA/ADCB15FE95C311EAAE620149C4F9AE02/oR4sIXmzapZHuVH8YC13kwe_rm4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  9876
                  132375
                  132687
                  147045

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.8.140.0/22
                  103.15.126.0/23
                  163.47.236.0/22
                  202.56.32.0-202.56.55.255
                  202.137.240.0/21
                IPv6:
                  2401:2f40::/32

    Signature Algorithm: sha256WithRSAEncryption
         4a:b9:b1:6c:03:76:b7:77:cb:12:e6:a7:68:84:54:50:2f:3a:
         be:d8:02:93:cc:fc:56:af:eb:28:67:00:ec:eb:af:a1:0e:f9:
         ba:da:0f:91:6c:a1:96:92:35:41:9a:8a:c0:82:87:ee:68:12:
         ef:7a:2a:ef:18:af:46:a9:8c:3b:59:2a:55:3f:16:34:a6:ac:
         79:16:34:56:36:d7:53:6b:80:65:92:3f:c5:9c:b7:50:53:34:
         79:e1:b3:16:30:90:0a:58:c2:bb:79:17:04:03:27:85:45:c2:
         9b:ba:5f:a7:b9:68:27:a3:5c:f2:02:c8:c3:36:35:7f:44:b6:
         26:d8:8f:a0:9f:fa:6d:c6:0b:43:18:b9:6e:a8:4c:92:53:65:
         9a:85:1a:14:68:26:18:db:fd:02:23:ce:5c:87:b4:b2:76:a8:
         bd:54:e4:4f:6d:04:b7:79:9c:4e:73:85:15:e8:22:48:e5:76:
         32:2b:78:37:84:71:f3:e5:26:5c:ca:8c:ca:4f:24:ff:45:7c:
         48:37:78:a0:08:b2:a7:04:d6:f8:24:94:f8:e5:35:ce:d2:15:
         b4:57:be:95:c8:02:3a:1a:a9:c4:27:b4:f8:81:24:1f:96:84:
         8f:4a:fd:87:98:3e:49:c7:0d:4d:d0:09:7d:1c:b3:7d:5c:66:
         be:b7:4c:75
-----BEGIN CERTIFICATE-----
MIIGVzCCBT+gAwIBAgIDAeyDMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQxOTE5MTQyOVoXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzA4RkExMTAvBgNVBAUTKEExMUUyQzIxNzlCMzZBOTY0N0I5NTFG
QzYwMkQ3NzkzMDdCRkFFNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDfngNNs+YBkhN0mIsFy3+XRB9YuIeqL9vm+77XeQfJ8vTtIwiVEqxGXVKISJYR
LVpOL1HBF9pikIiknhkZ8gtV3j8x9NQK/dKluMbqM0izW4sE7YL0ezp8ePylqxIN
r6QcuagRhX5h5zo91T7jz8Mmzl4/BB1nio6PLuTDBGzOZvb5f55HERA/rV6fXnIh
kgIF1s+6l6s8Ctgve9lDudmvnFuNxmMjEF1wL87/UVBktetsZ1ttSc/V018eLO+6
s7EzIxoNnk13nRb0+j7cjmhkcDBJhiW8/jlAP3L38f8Ek9D2Lsa+eRpc9EOn6KRh
HLtAbA8kvS30UGkQrIMv53+xAgMBAAGjggNMMIIDSDAdBgNVHQ4EFgQUoR4sIXmz
apZHuVH8YC13kwe/rm4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMwOEZBL0FEQ0IxNUZFOTVDMzExRUFBRTYyMDE0OUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDMDhGQS9BRENCMTVGRTk1QzMxMUVBQUU2MjAxNDlDNEY5QUUwMi9vUjRzSVht
emFwWkh1Vkg4WUMxM2t3ZV9ybTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKAYIKwYBBQUHAQgBAf8EGTAX
oBUwEwICJpQCAwIFFwIDAgZPAgMCPmUwTgYIKwYBBQUHAQcBAf8EPzA9MCwEAgAB
MCYDBAJnCIwDBAFnD34DBAKjL+wwDAMEBco4IAMEA8o4MAMEA8qJ8DANBAIAAjAH
AwUAJAEvQDANBgkqhkiG9w0BAQsFAAOCAQEASrmxbAN2t3fLEuanaIRUUC86vtgC
k8z8Vq/rKGcA7OuvoQ75utoPkWyhlpI1QZqKwIKH7mgS73oq7xivRqmMO1kqVT8W
NKaseRY0VjbXU2uAZZI/xZy3UFM0eeGzFjCQCljCu3kXBAMnhUXCm7pfp7loJ6Nc
8gLIwzY1f0S2JtiPoJ/6bcYLQxi5bqhMklNlmoUaFGgmGNv9AiPOXIe0snaovVTk
T20Et3mcTnOFFegiSOV2Mit4N4Rx8+UmXMqMyk8k/0V8SDd4oAiypwTW+CSU+OU1
ztIVtFe+lcgCOhqpxCe0+IEkH5aEj0r9h5g+SccNTdAJfRyzfVxmvrdMdQ==
-----END CERTIFICATE-----
Generated at Mon Jun 10 22:36:09 2024 by rpki-client on console-ams.rpki-client.org