Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MoQzhPrmr2wxduHfdOkIgdbZdZI.cer
File:                     MoQzhPrmr2wxduHfdOkIgdbZdZI.cer (raw, json)
Hash identifier:          oBT0Sc1hsB7s68WzvASAD1A5lv70xxZqPs+xeGUliRc=
Subject key identifier:   32:84:33:84:FA:E6:AF:6C:31:76:E1:DF:74:E9:08:81:D6:D9:75:92
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C972
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91A8666/623CD6E484F311EAB1FBBB18C4F9AE02/MoQzhPrmr2wxduHfdOkIgdbZdZI.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91A8666/623CD6E484F311EAB1FBBB18C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 07 Nov 2023 06:46:47 +0000
Certificate not after:    Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 17802
                          AS: 139878
                          IP: 36.50.42.0/24
                          IP: 202.43.128.0/20
                          IP: 203.18.209.0/24
                          IP: 203.28.94.0/23
                          IP: 203.210.64.0/20

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 06:56:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117106 (0x1c972)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov  7 06:46:47 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=A91A8666/serialNumber=32843384FAE6AF6C3176E1DF74E90881D6D97592
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:a3:f8:47:22:7f:03:cb:e1:b4:41:12:0e:3d:
                    5c:0f:62:3a:26:65:67:ad:f7:97:67:b5:73:6e:c3:
                    ae:d8:9c:99:71:ee:91:0d:ad:80:3e:c2:b7:9d:75:
                    31:92:9a:bf:e5:33:d4:eb:89:db:4b:ac:af:3d:64:
                    d6:ec:36:b6:81:8c:e8:af:0c:23:de:97:86:87:f7:
                    6b:45:f0:f2:cd:d8:39:39:b0:46:81:09:a1:da:47:
                    af:05:13:8f:cf:90:0a:fe:f5:8d:09:57:53:c3:6c:
                    a0:be:e7:ce:d7:d1:e5:f8:38:4c:17:a7:67:fb:1c:
                    02:ff:3a:ad:34:a3:1d:91:0e:65:f1:59:8d:b5:95:
                    2f:f3:bb:12:5a:7d:90:40:6a:09:88:6b:e6:6b:1b:
                    4a:e0:85:fc:7b:da:0e:ef:67:f6:fe:6b:a5:5a:1b:
                    89:88:8d:4a:41:f0:5c:23:48:85:36:fe:21:97:fe:
                    b7:02:0c:c5:aa:82:af:24:05:c1:49:23:0d:7b:f9:
                    95:b3:b1:28:25:81:13:e9:37:0f:81:13:71:4d:6d:
                    10:0d:37:fb:c3:a1:df:05:89:69:92:4a:01:b6:52:
                    17:8b:24:6d:20:fa:67:e4:c4:06:78:3c:6a:6e:7e:
                    6e:89:ed:85:d8:3d:69:7e:6c:13:8c:0b:41:d2:f1:
                    e9:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:84:33:84:FA:E6:AF:6C:31:76:E1:DF:74:E9:08:81:D6:D9:75:92
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A8666/623CD6E484F311EAB1FBBB18C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A8666/623CD6E484F311EAB1FBBB18C4F9AE02/MoQzhPrmr2wxduHfdOkIgdbZdZI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  17802
                  139878

            sbgp-ipAddrBlock: critical
                IPv4:
                  36.50.42.0/24
                  202.43.128.0/20
                  203.18.209.0/24
                  203.28.94.0/23
                  203.210.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         8c:68:9a:64:ee:13:02:34:d8:3f:a4:5d:f6:59:c3:a0:a9:c1:
         2d:55:16:e1:be:59:38:c5:65:56:7c:cb:97:93:67:bd:06:75:
         7f:04:ae:58:34:4a:5b:d2:a7:aa:15:8d:f5:54:bb:10:2f:2f:
         cf:cc:d4:26:8c:72:a5:fe:18:bb:7c:59:74:41:fb:e5:bb:cd:
         29:c7:52:cb:9e:9c:7f:38:e7:c5:aa:46:cf:d3:e9:05:20:27:
         86:b8:40:ae:79:ae:bc:02:bd:ce:da:81:25:5f:8b:a0:d8:76:
         6f:97:6e:14:d1:5d:ce:bf:69:a2:05:5f:40:8b:13:3b:9e:b5:
         42:a1:7d:ef:85:29:b4:b5:bd:0b:e6:b4:69:2a:f7:f6:fe:74:
         c7:f7:51:66:1d:a0:ae:e1:37:88:35:f2:61:d1:a1:4a:ed:67:
         7a:d2:7e:3e:e7:44:d3:c0:60:fa:c8:31:0e:9e:02:1d:6c:f0:
         01:ea:32:13:ca:00:96:96:db:7a:33:ca:40:a6:90:41:ce:0b:
         c6:52:6f:55:67:a2:62:4a:a3:ad:73:07:19:21:99:be:76:7a:
         90:2a:4b:47:03:c9:7e:94:9d:89:7d:49:79:be:21:ed:08:97:
         08:0c:7d:84:26:b2:7b:8b:62:c6:3f:40:2d:c9:9b:b0:3f:1e:
         4d:c4:28:53
-----BEGIN CERTIFICATE-----
MIIGNjCCBR6gAwIBAgIDAclyMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEwNzA2NDY0N1oXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTg2NjYxMTAvBgNVBAUTKDMyODQzMzg0RkFFNkFGNkMzMTc2RTFE
Rjc0RTkwODgxRDZEOTc1OTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvo/hHIn8Dy+G0QRIOPVwPYjomZWet95dntXNuw67YnJlx7pENrYA+wreddTGS
mr/lM9TridtLrK89ZNbsNraBjOivDCPel4aH92tF8PLN2Dk5sEaBCaHaR68FE4/P
kAr+9Y0JV1PDbKC+587X0eX4OEwXp2f7HAL/Oq00ox2RDmXxWY21lS/zuxJafZBA
agmIa+ZrG0rghfx72g7vZ/b+a6VaG4mIjUpB8FwjSIU2/iGX/rcCDMWqgq8kBcFJ
Iw17+ZWzsSglgRPpNw+BE3FNbRANN/vDod8FiWmSSgG2UheLJG0g+mfkxAZ4PGpu
fm6J7YXYPWl+bBOMC0HS8en5AgMBAAGjggMrMIIDJzAdBgNVHQ4EFgQUMoQzhPrm
r2wxduHfdOkIgdbZdZIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE4NjY2LzYyM0NENkU0ODRGMzExRUFCMUZCQkIxOEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBODY2Ni82MjNDRDZFNDg0RjMxMUVBQjFGQkJCMThDNEY5QUUwMi9Nb1F6aFBy
bXIyd3hkdUhmZE9rSWdkYlpkWkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQgBAf8EDzAN
oAswCQICRYoCAwIiZjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEACQyKgME
BMorgAMEAMsS0QMEAcscXgMEBMvSQDANBgkqhkiG9w0BAQsFAAOCAQEAjGiaZO4T
AjTYP6Rd9lnDoKnBLVUW4b5ZOMVlVnzLl5NnvQZ1fwSuWDRKW9KnqhWN9VS7EC8v
z8zUJoxypf4Yu3xZdEH75bvNKcdSy56cfzjnxapGz9PpBSAnhrhArnmuvAK9ztqB
JV+LoNh2b5duFNFdzr9pogVfQIsTO561QqF974UptLW9C+a0aSr39v50x/dRZh2g
ruE3iDXyYdGhSu1netJ+PudE08Bg+sgxDp4CHWzwAeoyE8oAlpbbejPKQKaQQc4L
xlJvVWeiYkqjrXMHGSGZvnZ6kCpLRwPJfpSdiX1Jeb4h7QiXCAx9hCaye4tixj9A
LcmbsD8eTcQoUw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:16:39 2024 by rpki-client on console-ams.rpki-client.org