Certificate

$ rpki-client -vvf rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
File:                     02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer (raw, json)
Hash identifier:          phMyit0KkQx1WD9sMMieygcA8yK6dfF2SYjgg1AKAmg=
Subject key identifier:   02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Certificate issuer:       /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial:       7F741F5A5D41198BBA82BA6D06B8351B262C3851
Authority info access:    rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Manifest:                 rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.mft
caRepository:             rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/
Notify URL:               https://repo.kagl.me/rpki/notification.xml
Certificate not before:   Sat 28 Oct 2023 19:05:26 +0000
Certificate not after:    Sat 26 Oct 2024 19:10:26 +0000
Subordinate resources:    IP: 2a12:dd47:8600::/40

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 19 Jun 2024 20:52:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:74:1f:5a:5d:41:19:8b:ba:82:ba:6d:06:b8:35:1b:26:2c:38:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
        Validity
            Not Before: Oct 28 19:05:26 2023 GMT
            Not After : Oct 26 19:10:26 2024 GMT
        Subject: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:32:cf:4f:a5:9f:c7:fc:7d:75:0c:bf:95:4e:
                    de:92:ca:61:bc:42:98:f6:b7:0a:97:56:ff:1c:c2:
                    da:fd:6f:9d:23:a9:dc:a0:9f:06:8c:c8:df:01:21:
                    76:bb:4e:ab:39:6b:0c:83:77:fd:4b:72:81:6e:d3:
                    b9:7a:ba:4a:0b:2c:7d:3c:9c:b2:63:3c:fe:a6:26:
                    bd:c5:91:d6:63:f7:dc:93:b4:46:c2:64:3e:f3:37:
                    97:b3:04:de:67:68:2a:1d:1f:05:d9:a9:54:b8:46:
                    b3:b7:c8:ad:d3:e1:46:69:0c:16:96:1b:e1:1e:79:
                    8d:21:f2:48:a6:06:d0:32:0b:50:b7:9a:56:ba:cb:
                    82:11:17:65:c0:de:70:6e:2f:07:87:37:07:b0:99:
                    a5:0b:c6:a8:38:ce:8a:76:a3:92:e6:ba:45:6e:ce:
                    c6:dd:6f:c4:2b:8c:57:e3:2a:05:14:03:6f:ea:d0:
                    7a:5f:17:26:f4:67:6e:69:71:55:38:78:e6:d5:5a:
                    02:11:27:5a:96:dc:92:dd:7c:8c:c7:81:c8:11:cd:
                    fc:f4:a0:52:42:0e:a8:fc:06:0d:bb:50:ee:72:c9:
                    8c:85:af:9e:97:91:1c:44:14:30:4a:f0:24:e1:f9:
                    82:0a:0c:fb:0b:3d:62:9a:f6:7b:c8:fe:9c:f1:f8:
                    e0:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier:
                02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
            X509v3 Authority Key Identifier:
                keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer

            Subject Information Access:
                CA Repository - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/
                RPKI Manifest - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.mft
                RPKI Notify - URI:https://repo.kagl.me/rpki/notification.xml

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:8600::/40

    Signature Algorithm: sha256WithRSAEncryption
         b3:26:60:7e:99:e6:06:a8:86:fe:54:91:6d:1b:95:c3:da:a1:
         45:df:7b:40:02:22:38:da:4c:fb:00:71:61:f3:14:fb:a7:ac:
         ed:82:ab:88:b8:fb:c9:5e:b2:89:56:19:93:e0:a8:b9:28:35:
         6e:d8:69:17:9b:a4:ff:6b:51:d9:90:8d:9b:f0:ac:79:e8:e4:
         f2:64:bf:b6:98:5e:9f:50:89:bc:4a:5d:e6:09:fd:96:de:45:
         23:f9:2d:b6:02:ef:9a:ad:50:95:e8:9b:91:d3:2b:6d:e9:43:
         59:f2:b5:5b:4f:f1:c9:bb:19:07:84:42:7b:29:67:19:d1:47:
         e4:68:22:93:ec:b7:b4:21:61:b1:95:75:bb:7d:a6:c0:13:a4:
         32:fb:e1:f1:9a:5c:5c:c4:d5:3b:b2:f2:c3:7b:8e:5d:6d:9e:
         a2:10:16:12:49:32:ae:95:ab:67:bd:d4:d3:41:b9:eb:83:f7:
         05:9c:a8:e2:01:b0:8e:8a:43:12:45:4d:b5:8f:c8:2f:d4:a6:
         be:3a:57:f2:e3:dd:f4:07:62:6c:7f:d0:17:9b:88:fa:3c:80:
         23:b0:39:b1:7a:63:0c:8b:75:2a:4f:a4:00:d9:94:ee:12:6a:
         4f:5b:8c:48:9c:f6:cf:b3:ba:e2:04:ad:28:14:23:08:bf:ef:
         3d:93:21:7e
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgIUf3QfWl1BGYu6grptBrg1GyYsOFEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMjgxOTA1MjZaFw0yNDEwMjYxOTEwMjZaMDMxMTAvBgNV
BAMTKDAyODc2QzExOTI0Q0JEQTAxQkUxQUQzOUEzMjA2Q0ZBQ0RDQzU4QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6Ms9PpZ/H/H11DL+VTt6SymG8
Qpj2twqXVv8cwtr9b50jqdygnwaMyN8BIXa7Tqs5awyDd/1LcoFu07l6ukoLLH08
nLJjPP6mJr3FkdZj99yTtEbCZD7zN5ezBN5naCodHwXZqVS4RrO3yK3T4UZpDBaW
G+EeeY0h8kimBtAyC1C3mla6y4IRF2XA3nBuLweHNwewmaULxqg4zop2o5LmukVu
zsbdb8QrjFfjKgUUA2/q0HpfFyb0Z25pcVU4eObVWgIRJ1qW3JLdfIzHgcgRzfz0
oFJCDqj8Bg27UO5yyYyFr56XkRxEFDBK8CTh+YIKDPsLPWKa9nvI/pzx+ODjAgMB
AAGjggJUMIICUDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQCh2wRkky9oBvh
rTmjIGz6zcxYozAfBgNVHSMEGDAWgBRmBCicfjngjhrhJVzuc8Bb/Znz5jAOBgNV
HQ8BAf8EBAMCAQYwWgYDVR0fBFMwUTBPoE2gS4ZJcnN5bmM6Ly9ycGtpLmNvL3Jl
cG8vQVM5NDUvMS82NjA0Mjg5QzdFMzlFMDhFMUFFMTI1NUNFRTczQzA1QkZEOTlG
M0U2LmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2
LnR3L3Jwa2kvQXVndXN0LzUvNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0Mw
NUJGRDk5RjNFNi5jZXIwgewGCCsGAQUFBwELBIHfMIHcMDoGCCsGAQUFBzAFhi5y
c3luYzovL3JlcG8ua2FnbC5tZS9ycGtpL0tlYXRvbkFHTGFpci1URVNULzEvMGYG
CCsGAQUFBzAKhlpyc3luYzovL3JlcG8ua2FnbC5tZS9ycGtpL0tlYXRvbkFHTGFp
ci1URVNULzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFDRENDNThB
My5tZnQwNgYIKwYBBQUHMA2GKmh0dHBzOi8vcmVwby5rYWdsLm1lL3Jwa2kvbm90
aWZpY2F0aW9uLnhtbDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKhLdR4YwDQYJKoZIhvcNAQELBQADggEBALMm
YH6Z5gaohv5UkW0blcPaoUXfe0ACIjjaTPsAcWHzFPunrO2Cq4i4+8lesolWGZPg
qLkoNW7YaRebpP9rUdmQjZvwrHno5PJkv7aYXp9QibxKXeYJ/ZbeRSP5LbYC75qt
UJXom5HTK23pQ1nytVtP8cm7GQeEQnspZxnRR+RoIpPst7QhYbGVdbt9psATpDL7
4fGaXFzE1Tuy8sN7jl1tnqIQFhJJMq6Vq2e91NNBueuD9wWcqOIBsI6KQxJFTbWP
yC/Upr46V/Lj3fQHYmx/0BebiPo8gCOwObF6YwyLdSpPpADZlO4Sak9bjEic9s+z
uuIErSgUIwi/7z2TIX4=
-----END CERTIFICATE-----
Generated at Wed Jun 19 12:22:46 2024 by rpki-client on console-fra.rpki-client.org