Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tnki7DlXyfh9oR4iSL1G1KCxw_A.cer
File:                     tnki7DlXyfh9oR4iSL1G1KCxw_A.cer (raw, json)
Hash identifier:          dia0lWYPNWy5kK2TbQ9HhZF+Hw6eMP54haw05F1aPzI=
Subject key identifier:   B6:79:22:EC:39:57:C9:F8:7D:A1:1E:22:48:BD:46:D4:A0:B1:C3:F0
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E311
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A914365D/D6D5237CC79B11EA82F1C91DC4F9AE02/tnki7DlXyfh9oR4iSL1G1KCxw_A.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A914365D/D6D5237CC79B11EA82F1C91DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 06 Mar 2024 01:59:35 +0000
Certificate not after:    Sat 31 Aug 2024 00:00:00 +0000
Subordinate resources:    AS: 63849
                          AS: 63946
                          AS: 132818
                          IP: 43.251.32.0/22
                          IP: 103.25.252.0/22

Validation:               Failed, certificate revoked on Fri 08 Mar 2024 14:15:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123665 (0x1e311)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar  6 01:59:35 2024 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=A914365D/serialNumber=B67922EC3957C9F87DA11E2248BD46D4A0B1C3F0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:6b:7b:57:37:57:9e:46:b2:e4:d6:e2:cc:f1:
                    ac:50:b9:00:01:60:24:f9:f8:d1:b0:ca:0f:ad:47:
                    ee:09:b7:a3:fb:b2:6c:38:06:06:f9:35:5b:8a:89:
                    cd:97:cd:ea:fc:c4:98:1d:42:f4:f7:03:a0:c5:ea:
                    d4:dc:f3:fa:ad:70:33:21:8c:fc:ab:57:07:3e:51:
                    1d:10:9c:95:b1:d1:93:e9:28:67:41:42:1f:cf:f7:
                    02:dd:73:ad:ff:e5:46:60:33:67:e1:46:5b:7b:13:
                    30:22:88:5a:e6:69:05:a7:2c:d7:73:05:ef:74:36:
                    52:04:1e:54:2d:82:78:ca:c4:3a:68:ad:84:f1:97:
                    19:05:43:b3:dc:48:4b:f0:62:2b:85:5e:c3:d9:67:
                    ac:92:d7:d4:01:d4:b8:c8:02:34:64:73:56:7e:16:
                    dd:8c:1f:fa:a5:ce:37:d1:9e:8e:00:ab:0f:78:aa:
                    a9:9f:4a:34:d7:7d:da:fe:44:c0:c4:62:c5:40:4c:
                    c9:51:9b:b1:68:64:d9:7d:86:ac:b1:77:68:fb:a6:
                    f1:24:f2:83:d8:cb:28:45:17:d0:41:ab:87:f1:98:
                    c9:11:a0:81:68:ec:cd:92:20:f0:d4:e9:34:9f:80:
                    3a:f3:5f:e1:01:56:f2:ed:57:65:88:93:ca:ba:ec:
                    35:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:79:22:EC:39:57:C9:F8:7D:A1:1E:22:48:BD:46:D4:A0:B1:C3:F0
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A914365D/D6D5237CC79B11EA82F1C91DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A914365D/D6D5237CC79B11EA82F1C91DC4F9AE02/tnki7DlXyfh9oR4iSL1G1KCxw_A.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  63849
                  63946
                  132818

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.251.32.0/22
                  103.25.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8e:d0:9e:9a:4c:46:71:a0:45:91:e6:9b:a4:83:81:e5:ce:17:
         ed:8a:1e:89:82:0f:26:e5:d8:bc:e9:72:14:c8:4f:3b:71:c6:
         0f:c9:dc:4e:d8:29:70:ec:06:cb:4f:02:b6:a0:2b:f4:b6:24:
         14:4d:14:c0:13:61:48:1e:d2:b0:3d:f7:a8:d1:dc:5d:55:98:
         06:c2:d7:16:2c:19:08:45:08:71:fd:b2:85:c9:85:9f:1c:c0:
         be:4e:2f:71:22:ef:19:60:13:20:dc:ca:01:05:e1:5e:da:84:
         d6:a7:98:ea:71:4f:28:cd:15:a6:cb:95:ae:20:b3:38:91:ca:
         d7:78:f6:a9:50:f9:95:ed:04:93:cb:76:06:b3:64:be:9a:e2:
         22:c3:91:aa:b7:a4:6b:ac:6b:29:fd:1e:dc:63:06:40:3d:c9:
         af:be:25:31:33:8d:d9:05:1b:1c:4a:73:3f:77:63:6a:3e:77:
         59:3c:d5:02:61:81:72:b0:b5:7e:12:67:24:97:eb:8d:f1:ba:
         ee:ad:e6:a0:bf:0c:f4:2d:ab:d5:f2:37:d0:32:54:39:82:fc:
         01:5e:93:ce:b8:fd:f9:17:b2:b9:14:d1:d2:55:ab:05:61:d5:
         5e:8e:f5:24:a1:83:c0:99:87:65:c2:f3:d1:e8:1d:38:3a:d7:
         4f:ee:8d:1f
-----BEGIN CERTIFICATE-----
MIIGKjCCBRKgAwIBAgIDAeMRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMwNjAxNTkzNVoXDTI0MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNDM2NUQxMTAvBgNVBAUTKEI2NzkyMkVDMzk1N0M5Rjg3REExMUUy
MjQ4QkQ0NkQ0QTBCMUMzRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5a3tXN1eeRrLk1uLM8axQuQABYCT5+NGwyg+tR+4Jt6P7smw4Bgb5NVuKic2X
zer8xJgdQvT3A6DF6tTc8/qtcDMhjPyrVwc+UR0QnJWx0ZPpKGdBQh/P9wLdc63/
5UZgM2fhRlt7EzAiiFrmaQWnLNdzBe90NlIEHlQtgnjKxDporYTxlxkFQ7PcSEvw
YiuFXsPZZ6yS19QB1LjIAjRkc1Z+Ft2MH/qlzjfRno4Aqw94qqmfSjTXfdr+RMDE
YsVATMlRm7FoZNl9hqyxd2j7pvEk8oPYyyhFF9BBq4fxmMkRoIFo7M2SIPDU6TSf
gDrzX+EBVvLtV2WIk8q67DXdAgMBAAGjggMfMIIDGzAdBgNVHQ4EFgQUtnki7DlX
yfh9oR4iSL1G1KCxw/AwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTQzNjVEL0Q2RDUyMzdDQzc5QjExRUE4MkYxQzkxREM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0MzY1RC9ENkQ1MjM3Q0M3OUIxMUVBODJGMUM5MURDNEY5QUUwMi90bmtpN0Rs
WHlmaDlvUjRpU0wxRzFLQ3h3X0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQgBAf8EFTAT
oBEwDwIDAPlpAgMA+coCAwIG0jAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAME
Aiv7IAMEAmcZ/DANBgkqhkiG9w0BAQsFAAOCAQEAjtCemkxGcaBFkeabpIOB5c4X
7YoeiYIPJuXYvOlyFMhPO3HGD8ncTtgpcOwGy08CtqAr9LYkFE0UwBNhSB7SsD33
qNHcXVWYBsLXFiwZCEUIcf2yhcmFnxzAvk4vcSLvGWATINzKAQXhXtqE1qeY6nFP
KM0VpsuVriCzOJHK13j2qVD5le0Ek8t2BrNkvpriIsORqreka6xrKf0e3GMGQD3J
r74lMTON2QUbHEpzP3djaj53WTzVAmGBcrC1fhJnJJfrjfG67q3moL8M9C2r1fI3
0DJUOYL8AV6Tzrj9+ReyuRTR0lWrBWHVXo71JKGDwJmHZcLz0egdODrXT+6NHw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:55 2024 by rpki-client on console-fra.rpki-client.org