Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7AyaWMsKzUJztF4bkYE7___QgUA.cer
File:                     7AyaWMsKzUJztF4bkYE7___QgUA.cer (raw, json)
Hash identifier:          HcgQ9YDipZomud6ZndOtKLm2GJStzI2jvwy4EogtwFc=
Subject key identifier:   EC:0C:9A:58:CB:0A:CD:42:73:B4:5E:1B:91:81:3B:FF:FF:D0:81:40
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D9A3
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91B7691/82164D047D5911EDBEB55D0AC4F9AE02/7AyaWMsKzUJztF4bkYE7___QgUA.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91B7691/82164D047D5911EDBEB55D0AC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sat 20 Jan 2024 17:05:37 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 7494
                          IP: 103.54.230.0/23
                          IP: 2400:cc60::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121251 (0x1d9a3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan 20 17:05:37 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A91B7691/serialNumber=EC0C9A58CB0ACD4273B45E1B91813BFFFFD08140
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:0c:59:9b:65:4b:7a:57:fa:73:4e:7f:fb:bc:
                    5b:ef:ba:e6:56:62:86:ea:22:c5:be:fb:93:c0:50:
                    7f:f5:d9:68:d4:13:bc:fc:c4:8b:1c:b7:a5:6e:53:
                    1d:61:97:91:2e:d5:9e:0d:df:09:23:16:81:1e:10:
                    df:74:b6:f9:48:4b:92:0a:52:d6:16:10:83:63:82:
                    85:27:18:bb:25:f1:59:b2:08:47:9f:55:c6:0c:66:
                    e8:13:6c:9f:bf:3f:4a:b3:fe:b7:c0:c5:0f:94:8d:
                    26:55:b3:9c:36:bf:b1:ac:14:49:a2:8d:35:d6:48:
                    75:48:e1:fc:c6:88:a3:20:42:ed:04:ca:af:1a:24:
                    46:df:f1:d3:68:ba:8d:4c:fe:e8:7f:10:d6:db:b0:
                    94:d2:37:df:57:7c:35:e6:82:55:4c:c1:3c:1a:95:
                    a1:bd:b8:4f:3a:52:96:d8:72:55:48:6e:8c:07:62:
                    be:11:0c:36:ba:b2:ef:00:09:62:62:69:d2:dd:ef:
                    3d:52:fe:2a:68:12:fe:07:dd:0a:9c:fc:35:49:74:
                    44:2b:f2:ac:30:de:dd:91:fd:d4:54:7c:1a:de:20:
                    a1:71:4d:0e:c3:35:83:5b:66:ea:bb:34:b3:53:8c:
                    41:30:1e:cc:90:c7:8d:2f:21:69:95:86:70:4d:5f:
                    8b:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:0C:9A:58:CB:0A:CD:42:73:B4:5E:1B:91:81:3B:FF:FF:D0:81:40
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B7691/82164D047D5911EDBEB55D0AC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B7691/82164D047D5911EDBEB55D0AC4F9AE02/7AyaWMsKzUJztF4bkYE7___QgUA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  7494

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.54.230.0/23
                IPv6:
                  2400:cc60::/32

    Signature Algorithm: sha256WithRSAEncryption
         ce:27:23:ba:81:32:25:98:78:38:14:eb:bd:98:e4:63:17:c2:
         51:9e:7d:f9:25:20:11:18:b7:ed:f9:98:1f:48:ef:2c:a8:52:
         ba:31:88:c9:de:34:0e:02:30:4e:6f:9b:bc:26:b8:01:79:84:
         74:c2:a5:76:4e:d7:fe:b5:ff:09:f1:1c:86:d6:49:13:a8:7e:
         94:bc:0b:51:92:84:fb:bb:6f:0d:b9:8e:ca:60:5c:0f:bc:ca:
         d0:94:7b:6f:aa:2c:2a:03:07:16:28:ac:6a:81:4d:6c:34:77:
         44:8d:cb:11:ef:51:f6:15:6d:c7:d0:71:51:f6:dc:09:0e:d2:
         86:84:16:8a:bc:91:ab:ed:fa:a2:40:6f:d6:b4:42:58:55:44:
         5a:2d:5c:6a:ee:f3:4b:54:c7:8e:27:bd:68:b3:c4:9b:48:ef:
         9d:09:9e:5b:28:ed:2e:f0:66:9b:d4:84:eb:60:e1:b5:0b:d4:
         6b:31:01:8f:dc:3c:8f:66:86:40:a9:00:4e:32:a1:20:3c:00:
         16:38:b4:42:64:e1:91:22:84:79:e2:0a:3b:0b:d3:0d:29:f4:
         62:1a:3d:c7:9d:64:db:66:0b:f1:1e:dd:81:21:fc:37:9f:02:
         a8:c8:f1:17:ef:83:1a:8e:b6:fd:30:57:55:02:c7:24:30:ef:
         33:98:51:e5
-----BEGIN CERTIFICATE-----
MIIGKDCCBRCgAwIBAgIDAdmjMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEyMDE3MDUzN1oXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjc2OTExMTAvBgNVBAUTKEVDMEM5QTU4Q0IwQUNENDI3M0I0NUUx
QjkxODEzQkZGRkZEMDgxNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD1DFmbZUt6V/pzTn/7vFvvuuZWYobqIsW++5PAUH/12WjUE7z8xIsct6VuUx1h
l5Eu1Z4N3wkjFoEeEN90tvlIS5IKUtYWEINjgoUnGLsl8VmyCEefVcYMZugTbJ+/
P0qz/rfAxQ+UjSZVs5w2v7GsFEmijTXWSHVI4fzGiKMgQu0Eyq8aJEbf8dNouo1M
/uh/ENbbsJTSN99XfDXmglVMwTwalaG9uE86UpbYclVIbowHYr4RDDa6su8ACWJi
adLd7z1S/ipoEv4H3Qqc/DVJdEQr8qww3t2R/dRUfBreIKFxTQ7DNYNbZuq7NLNT
jEEwHsyQx40vIWmVhnBNX4vjAgMBAAGjggMdMIIDGTAdBgNVHQ4EFgQU7AyaWMsK
zUJztF4bkYE7///QgUAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUI3NjkxLzgyMTY0RDA0N0Q1OTExRURCRUI1NUQwQUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCNzY5MS84MjE2NEQwNDdENTkxMUVEQkVCNTVEMEFDNEY5QUUwMi83QXlhV01z
S3pVSnp0RjRia1lFN19fX1FnVUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICHUYwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAFnNuYwDQQCAAIw
BwMFACQAzGAwDQYJKoZIhvcNAQELBQADggEBAM4nI7qBMiWYeDgU672Y5GMXwlGe
ffklIBEYt+35mB9I7yyoUroxiMneNA4CME5vm7wmuAF5hHTCpXZO1/61/wnxHIbW
SROofpS8C1GShPu7bw25jspgXA+8ytCUe2+qLCoDBxYorGqBTWw0d0SNyxHvUfYV
bcfQcVH23AkO0oaEFoq8kavt+qJAb9a0QlhVRFotXGru80tUx44nvWizxJtI750J
nlso7S7wZpvUhOtg4bUL1GsxAY/cPI9mhkCpAE4yoSA8ABY4tEJk4ZEihHniCjsL
0w0p9GIaPcedZNtmC/Ee3YEh/DefAqjI8RfvgxqOtv0wV1UCxyQw7zOYUeU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:15:00 2024 by rpki-client on console-ams.rpki-client.org