Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxMtlqYE6yLKDt69OZvMwWKZPpU.cer
File:                     yxMtlqYE6yLKDt69OZvMwWKZPpU.cer (raw, json)
Hash identifier:          nAv2//48xh2R5bdhdRbwDZhYKJDO2kNfTH8d6wD7xQ0=
Subject key identifier:   CB:13:2D:96:A6:04:EB:22:CA:0E:DE:BD:39:9B:CC:C1:62:99:3E:95
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       0128B0
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91B82C4/6402BA265FC111EBB852275FC4F9AE02/yxMtlqYE6yLKDt69OZvMwWKZPpU.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91B82C4/6402BA265FC111EBB852275FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 08 Sep 2021 06:44:25 +0000
Certificate not after:    Mon 31 Oct 2022 00:00:00 +0000
Subordinate resources:    IP: 2403:4c40::/32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 75952 (0x128b0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Sep  8 06:44:25 2021 GMT
            Not After : Oct 31 00:00:00 2022 GMT
        Subject: CN=A91B82C4/serialNumber=CB132D96A604EB22CA0EDEBD399BCCC162993E95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:cd:eb:55:78:39:27:3f:b8:88:a0:fa:03:56:
                    5a:d4:2c:fc:be:7e:5a:4e:80:e5:2f:17:10:70:1f:
                    02:7d:09:db:04:7e:2c:a8:e4:51:07:cd:93:57:f6:
                    4b:e5:ab:2f:17:d5:8f:ab:fb:39:3d:64:1c:ef:8d:
                    fa:c9:0c:6f:43:5e:d3:1f:06:91:4c:f4:83:15:da:
                    66:d0:cc:1a:e0:80:01:a2:a6:db:e9:2b:7e:ad:d2:
                    c7:ec:31:cb:e3:d5:95:a6:36:aa:c3:84:6e:13:1d:
                    76:89:a6:e6:03:15:d0:b3:3f:74:33:0f:ff:78:3c:
                    cf:d6:18:a2:eb:bc:85:6c:4c:ff:e2:0b:3a:c9:d2:
                    5b:3d:83:3d:d4:69:61:89:7b:31:f3:1f:31:ab:f1:
                    03:df:2d:b1:f2:e8:81:55:73:02:dc:c4:27:06:b6:
                    41:a8:f1:e4:c0:06:78:ee:76:03:a4:f3:b4:85:22:
                    12:ea:e5:a1:ec:a5:67:53:17:13:b1:11:1d:a3:17:
                    ec:ce:f5:1b:6c:25:f4:c6:26:32:1c:cb:a4:20:69:
                    6a:6a:ec:fc:c6:fe:c1:45:12:06:f4:c8:de:e8:69:
                    ee:a5:c5:b5:4a:0f:87:e0:2f:14:71:83:3e:6e:c9:
                    0a:06:50:19:52:8d:ad:80:b1:b0:c4:4f:0a:da:c1:
                    97:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:13:2D:96:A6:04:EB:22:CA:0E:DE:BD:39:9B:CC:C1:62:99:3E:95
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B82C4/6402BA265FC111EBB852275FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B82C4/6402BA265FC111EBB852275FC4F9AE02/yxMtlqYE6yLKDt69OZvMwWKZPpU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:4c40::/32

    Signature Algorithm: sha256WithRSAEncryption
         ba:65:45:80:a5:76:d1:52:f0:16:3e:17:c0:40:22:54:2c:01:
         bb:71:0f:29:b3:18:d1:c4:24:97:08:fc:ed:46:13:99:98:1e:
         51:a0:22:94:ba:df:63:da:c1:93:f7:75:76:76:98:ca:18:c6:
         eb:ed:12:01:39:6a:25:00:51:ac:68:32:70:49:ad:92:70:5f:
         86:d8:6c:d1:87:9a:b3:d4:1d:09:45:17:90:f5:ad:e2:b6:51:
         9d:68:be:31:09:47:c7:4f:8e:f4:92:83:49:c2:de:66:d3:8f:
         4f:77:14:14:2b:18:65:b6:c7:c1:6d:91:72:7e:37:c4:4d:b4:
         12:ff:4f:d9:79:51:f3:d1:f8:37:6a:49:18:7c:91:70:8e:96:
         fe:d8:a0:e1:f2:50:00:39:67:3b:6a:4d:e6:70:2e:5a:43:e0:
         64:f7:05:1a:5b:51:d5:db:fa:b7:57:7b:d9:6d:7c:45:97:a1:
         c2:d1:b3:38:59:ae:94:f5:84:15:ca:71:a6:ab:d0:c3:53:8b:
         a9:42:fc:36:6a:50:2b:b5:dd:50:c6:06:0d:74:28:c0:58:c0:
         d3:00:61:26:0a:f5:12:e2:73:b0:c3:35:d2:92:6c:46:0d:4e:
         85:33:07:fd:36:8c:ee:5e:e7:1f:b8:36:d5:87:3c:3a:da:ff:
         8b:51:3c:5c
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgIDASiwMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIxMDkwODA2NDQyNVoXDTIyMTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjgyQzQxMTAvBgNVBAUTKENCMTMyRDk2QTYwNEVCMjJDQTBFREVC
RDM5OUJDQ0MxNjI5OTNFOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+zetVeDknP7iIoPoDVlrULPy+flpOgOUvFxBwHwJ9CdsEfiyo5FEHzZNX9kvl
qy8X1Y+r+zk9ZBzvjfrJDG9DXtMfBpFM9IMV2mbQzBrggAGiptvpK36t0sfsMcvj
1ZWmNqrDhG4THXaJpuYDFdCzP3QzD/94PM/WGKLrvIVsTP/iCzrJ0ls9gz3UaWGJ
ezHzHzGr8QPfLbHy6IFVcwLcxCcGtkGo8eTABnjudgOk87SFIhLq5aHspWdTFxOx
ER2jF+zO9RtsJfTGJjIcy6QgaWpq7PzG/sFFEgb0yN7oae6lxbVKD4fgLxRxgz5u
yQoGUBlSja2AsbDETwrawZfTAgMBAAGjggL0MIIC8DAdBgNVHQ4EFgQUyxMtlqYE
6yLKDt69OZvMwWKZPpUwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUI4MkM0LzY0MDJCQTI2NUZDMTExRUJCODUyMjc1RkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCODJDNC82NDAyQkEyNjVGQzExMUVCQjg1MjI3NUZDNEY5QUUwMi95eE10bHFZ
RTZ5TEtEdDY5T1p2TXdXS1pQcFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8EETAP
MA0EAgACMAcDBQAkA0xAMA0GCSqGSIb3DQEBCwUAA4IBAQC6ZUWApXbRUvAWPhfA
QCJULAG7cQ8psxjRxCSXCPztRhOZmB5RoCKUut9j2sGT93V2dpjKGMbr7RIBOWol
AFGsaDJwSa2ScF+G2GzRh5qz1B0JRReQ9a3itlGdaL4xCUfHT470koNJwt5m049P
dxQUKxhltsfBbZFyfjfETbQS/0/ZeVHz0fg3akkYfJFwjpb+2KDh8lAAOWc7ak3m
cC5aQ+Bk9wUaW1HV2/q3V3vZbXxFl6HC0bM4Wa6U9YQVynGmq9DDU4upQvw2alAr
td1QxgYNdCjAWMDTAGEmCvUS4nOwwzXSkmxGDU6FMwf9NozuXucfuDbVhzw62v+L
UTxc
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:55 2024 by rpki-client on console-fra.rpki-client.org