Certificate

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
File:                     521eb33f-9672-4cd9-acce-137227e971ac.cer (raw, json)
Hash identifier:          yfGScSdyqvKzmpdDfphLW49jEBylogNzB0n0yn4h6UM=
Subject key identifier:   A2:15:11:51:87:1C:6A:15:A3:D3:83:5A:8D:B5:A1:EE:76:52:7B:E7
Authority key identifier: 62:47:7E:1F:D9:E5:25:D0:D7:A2:BB:63:D9:14:E1:4E:E4:54:A3:64
Certificate issuer:       /CN=5e4a23ea-e80a-403e-b08c-2171da2157d3
Certificate serial:       010D0C9F43285841E483089A5DFF9DD6DC135400
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
Manifest:                 rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
caRepository:             rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/
Notify URL:               https://rrdp.arin.net/notification.xml
Certificate not before:   Mon 15 May 2023 19:06:38 +0000
Certificate not after:    Mon 09 Jun 2025 19:06:38 +0000
Subordinate resources:    AS: inherit
                          IP: inherit
                          IP: inherit

Validation:               OK
Signature path:           rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 30 Mar 2024 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:41:e4:83:08:9a:5d:ff:9d:d6:dc:13:54:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5e4a23ea-e80a-403e-b08c-2171da2157d3
        Validity
            Not Before: May 15 19:06:38 2023 GMT
            Not After : Jun  9 19:06:38 2025 GMT
        Subject: CN=521eb33f-9672-4cd9-acce-137227e971ac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:9e:a8:4c:d7:63:4b:17:9e:de:ec:18:31:4b:
                    7d:4c:0b:69:8e:49:f3:6c:42:25:ef:33:5d:c7:80:
                    65:d8:32:8d:83:30:c5:b8:45:0c:d6:0a:8e:19:63:
                    30:b2:fd:dd:95:45:38:14:31:ce:ff:69:a3:80:33:
                    4a:38:3d:38:71:6e:1c:57:35:44:e8:d8:b4:7f:50:
                    be:68:ef:76:0e:26:04:0d:3c:26:53:39:31:94:fe:
                    79:c3:4f:b5:53:e4:13:98:8c:5f:e2:34:40:dc:0e:
                    b7:67:f6:09:a3:eb:b0:bd:0b:9c:d6:17:d2:57:50:
                    31:09:2e:4d:1d:e9:3d:ff:a8:95:4a:17:a4:ed:1f:
                    21:2a:9c:54:59:1b:7a:d2:02:24:40:c4:a2:b9:81:
                    24:46:6f:83:d3:04:14:bb:0e:d4:92:e5:1a:c3:68:
                    1e:79:da:4b:fb:9f:ea:d0:35:4b:4c:cd:ce:9e:e0:
                    c7:51:0b:c5:97:24:13:d2:af:f9:15:6d:69:d9:68:
                    8e:4b:e3:db:e6:4f:a5:5d:26:99:0f:86:af:86:ac:
                    65:f7:08:5f:2c:f4:46:15:4e:bb:4f:13:5a:6e:73:
                    ac:f7:d7:22:1d:e1:0c:ee:4a:26:5f:c2:cf:f0:d2:
                    29:41:13:3d:7f:7d:29:e5:6a:e1:38:1c:bf:ef:cf:
                    27:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:15:11:51:87:1C:6A:15:A3:D3:83:5A:8D:B5:A1:EE:76:52:7B:E7
            Subject Information Access:
                CA Repository - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/
                RPKI Manifest - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                RPKI Notify - URI:https://rrdp.arin.net/notification.xml

            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl

            X509v3 Authority Key Identifier:
                keyid:62:47:7E:1F:D9:E5:25:D0:D7:A2:BB:63:D9:14:E1:4E:E4:54:A3:64

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         70:08:60:e9:ab:9a:a0:00:71:09:0f:d7:36:b1:82:c2:25:f3:
         62:70:a8:28:83:49:51:6d:c4:d8:90:20:48:36:04:13:90:e2:
         5c:71:a9:2d:68:41:b0:f2:50:31:2c:c0:72:7f:cf:9e:aa:97:
         62:ee:72:a6:56:f5:b9:e7:6a:16:80:f6:6b:6f:2b:63:ff:83:
         5a:f1:00:1f:34:c6:64:21:f0:b6:cc:aa:fb:d2:02:65:d1:bb:
         9c:f1:3c:41:97:9b:46:37:a1:3e:16:39:06:01:b6:33:ba:b4:
         f6:5a:67:f0:45:35:8b:6f:54:62:99:1c:53:9d:a4:07:6d:37:
         2e:32:21:83:83:87:34:ba:0b:70:fa:73:08:8f:6c:30:d4:01:
         aa:02:48:63:46:7b:a4:0e:5e:ee:59:72:2d:a6:7d:d3:1f:58:
         07:4c:48:6d:50:12:a1:68:16:61:39:99:cd:5d:fa:95:e0:0e:
         0a:21:1e:a9:22:e4:6b:2a:6a:ed:97:f4:40:04:5e:1a:77:cb:
         d6:df:c7:e5:87:40:16:52:8b:70:ef:2b:3e:9a:63:78:22:f8:
         c9:5b:48:48:3c:9c:bf:9c:72:07:c1:6b:ac:fe:1c:60:f3:72:
         b8:ab:5d:e9:b4:9e:e4:b5:aa:ca:af:c5:39:df:4a:77:04:f6:
         28:78:71:15
-----BEGIN CERTIFICATE-----
MIIGajCCBVKgAwIBAgIUAQ0Mn0MoWEHkgwiaXf+d1twTVAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1
N2QzMB4XDTIzMDUxNTE5MDYzOFoXDTI1MDYwOTE5MDYzOFowLzEtMCsGA1UEAxMk
NTIxZWIzM2YtOTY3Mi00Y2Q5LWFjY2UtMTM3MjI3ZTk3MWFjMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmp6oTNdjSxee3uwYMUt9TAtpjknzbEIl7zNd
x4Bl2DKNgzDFuEUM1gqOGWMwsv3dlUU4FDHO/2mjgDNKOD04cW4cVzVE6Ni0f1C+
aO92DiYEDTwmUzkxlP55w0+1U+QTmIxf4jRA3A63Z/YJo+uwvQuc1hfSV1AxCS5N
Hek9/6iVShek7R8hKpxUWRt60gIkQMSiuYEkRm+D0wQUuw7UkuUaw2geedpL+5/q
0DVLTM3OnuDHUQvFlyQT0q/5FW1p2WiOS+Pb5k+lXSaZD4avhqxl9whfLPRGFU67
TxNabnOs99ciHeEM7komX8LP8NIpQRM9f30p5WrhOBy/788nHQIDAQABo4IDfDCC
A3gwHQYDVR0OBBYEFKIVEVGHHGoVo9ODWo21oe52UnvnMIIBfQYIKwYBBQUHAQsE
ggFvMIIBazCBhAYIKwYBBQUHMAWGeHJzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBv
c2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcx
ZGEyMTU3ZDMvNTIxZWIzM2YtOTY3Mi00Y2Q5LWFjY2UtMTM3MjI3ZTk3MWFjLzCB
rQYIKwYBBQUHMAqGgaByc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMubWZ0MDIGCCsGAQUFBzANhiZodHRw
czovL3JyZHAuYXJpbi5uZXQvbm90aWZpY2F0aW9uLnhtbDAPBgNVHRMBAf8EBTAD
AQH/MIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3Jwa2kuYXJpbi5uZXQv
cmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMt
MjE3MWRhMjE1N2QzLzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdk
My5jcmwwHwYDVR0jBBgwFoAUYkd+H9nlJdDXortj2RThTuRUo2QwDgYDVR0PAQH/
BAQDAgEGMHIGCCsGAQUFBwEBBGYwZDBiBggrBgEFBQcwAoZWcnN5bmM6Ly9ycGtp
LmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRhLzVlNGEyM2VhLWU4MGEt
NDAzZS1iMDhjLTIxNzFkYTIxNTdkMy5jZXIwIQYIKwYBBQUHAQcBAf8EEjAQMAYE
AgABBQAwBgQCAAIFADAVBggrBgEFBQcBCAEB/wQGMASgAgUAMFQGA1UdIAEB/wRK
MEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5u
ZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQELBQADggEBAHAI
YOmrmqAAcQkP1zaxgsIl82JwqCiDSVFtxNiQIEg2BBOQ4lxxqS1oQbDyUDEswHJ/
z56ql2LucqZW9bnnahaA9mtvK2P/g1rxAB80xmQh8LbMqvvSAmXRu5zxPEGXm0Y3
oT4WOQYBtjO6tPZaZ/BFNYtvVGKZHFOdpAdtNy4yIYODhzS6C3D6cwiPbDDUAaoC
SGNGe6QOXu5Zci2mfdMfWAdMSG1QEqFoFmE5mc1d+pXgDgohHqki5Gsqau2X9EAE
Xhp3y9bfx+WHQBZSi3DvKz6aY3gi+MlbSEg8nL+ccgfBa6z+HGDzcrirXem0nuS1
qsqvxTnfSncE9ih4cRU=
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:58:57 2024 by rpki-client on console-fra.rpki-client.org