Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-7q2kK3-EO9DS3GJVPFzh9Y4Rmg.cer
File:                     -7q2kK3-EO9DS3GJVPFzh9Y4Rmg.cer (raw, json)
Hash identifier:          j7/VtK7c15q/MH7qdS4Yd8X/81pHZd+7yvLH+AuUPTM=
Subject key identifier:   FB:BA:B6:90:AD:FE:10:EF:43:4B:71:89:54:F1:73:87:D6:38:46:68
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01DE72
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91230B8/F1F890F0965911ED8CC78A60C4F9AE02/-7q2kK3-EO9DS3GJVPFzh9Y4Rmg.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91230B8/F1F890F0965911ED8CC78A60C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 12 Feb 2024 13:07:23 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 150715
                          IP: 103.66.230.0/23
                          IP: 2001:df1:ce40::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 12:32:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122482 (0x1de72)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb 12 13:07:23 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A91230B8/serialNumber=FBBAB690ADFE10EF434B718954F17387D6384668
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:f7:a9:e1:5d:bd:48:be:9d:2e:06:de:66:60:
                    01:ee:99:66:3a:d2:80:43:ed:62:ec:ee:d7:41:29:
                    51:75:69:78:43:a3:18:01:dd:33:95:35:13:d4:9a:
                    8c:88:0a:7a:a3:d6:21:4b:a1:30:c1:ea:d6:35:76:
                    68:76:ce:10:25:18:b6:95:83:da:14:a0:93:ef:4b:
                    9b:3c:91:6d:29:5c:fb:51:21:2e:c7:83:8b:df:bb:
                    91:da:e2:e8:07:7c:d4:5a:71:f8:c0:21:fb:ad:51:
                    ba:10:7e:33:ba:37:68:7d:96:f2:7c:e9:a8:f5:6c:
                    62:68:46:1a:4d:42:0c:5c:91:0a:b8:b9:90:9f:26:
                    9e:ca:88:d4:30:2d:2a:e4:17:cf:53:42:66:19:cf:
                    2c:c4:c9:1b:23:d2:fe:5a:18:69:64:a1:54:3b:4d:
                    f3:d1:e5:1d:c9:51:91:12:36:00:5d:f8:43:e5:3f:
                    39:89:34:44:6c:62:47:53:fd:89:89:88:63:0f:1e:
                    c2:5b:72:f5:25:e1:35:7a:91:a6:4f:0a:78:68:93:
                    8a:20:9c:fb:4d:cd:96:10:87:e0:e4:06:80:fe:d3:
                    7b:7d:74:10:c4:49:2e:b6:3f:20:86:70:0a:c6:8d:
                    36:d8:21:44:9e:17:8b:cb:5a:18:cb:07:cf:b7:da:
                    42:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:BA:B6:90:AD:FE:10:EF:43:4B:71:89:54:F1:73:87:D6:38:46:68
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91230B8/F1F890F0965911ED8CC78A60C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91230B8/F1F890F0965911ED8CC78A60C4F9AE02/-7q2kK3-EO9DS3GJVPFzh9Y4Rmg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  150715

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.66.230.0/23
                IPv6:
                  2001:df1:ce40::/48

    Signature Algorithm: sha256WithRSAEncryption
         5f:16:1b:e5:6b:cd:3d:bc:70:59:89:dd:56:87:f2:94:3e:e5:
         96:6b:ec:e1:c4:dc:c8:8d:70:dc:36:1f:73:64:7c:8d:f3:98:
         4b:35:d8:19:16:af:8f:55:6d:e0:ab:00:db:27:8f:02:6f:b1:
         f6:f6:bb:78:65:9d:89:37:ff:e0:96:65:3f:36:88:73:4d:79:
         be:de:6b:5b:f5:26:9b:5b:84:3b:83:dd:d5:95:b5:7b:3a:a5:
         c6:4e:90:b2:a7:48:a0:02:c8:be:57:da:40:a5:24:e4:93:b0:
         02:91:1a:32:ac:63:59:91:fe:48:34:a5:40:39:d8:34:02:5c:
         64:61:ed:67:ce:b2:56:45:b1:76:ee:84:00:dd:e6:c8:71:24:
         60:83:70:78:13:2a:43:25:bc:b2:18:f5:3e:26:9f:8e:90:88:
         94:eb:8b:ac:50:c9:d3:9b:78:ad:8c:3c:17:6e:ca:b4:70:1b:
         72:d8:39:54:97:f5:c9:70:cb:ee:f3:3b:a4:3b:59:14:32:ca:
         0b:eb:e9:f8:66:9a:68:fa:a4:71:79:2a:d6:8c:7c:b7:1d:37:
         76:40:ba:db:27:91:bf:21:b5:3d:77:e5:9a:d6:15:96:59:a0:
         50:5e:7d:21:bb:44:0a:c4:22:01:84:98:d3:51:fb:0b:c0:71:
         5d:cc:ab:d0
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAd5yMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIxMjEzMDcyM1oXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjMwQjgxMTAvBgNVBAUTKEZCQkFCNjkwQURGRTEwRUY0MzRCNzE4
OTU0RjE3Mzg3RDYzODQ2NjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC096nhXb1Ivp0uBt5mYAHumWY60oBD7WLs7tdBKVF1aXhDoxgB3TOVNRPUmoyI
Cnqj1iFLoTDB6tY1dmh2zhAlGLaVg9oUoJPvS5s8kW0pXPtRIS7Hg4vfu5Ha4ugH
fNRacfjAIfutUboQfjO6N2h9lvJ86aj1bGJoRhpNQgxckQq4uZCfJp7KiNQwLSrk
F89TQmYZzyzEyRsj0v5aGGlkoVQ7TfPR5R3JUZESNgBd+EPlPzmJNERsYkdT/YmJ
iGMPHsJbcvUl4TV6kaZPCnhok4ognPtNzZYQh+DkBoD+03t9dBDESS62PyCGcArG
jTbYIUSeF4vLWhjLB8+32kL1AgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQU+7q2kK3+
EO9DS3GJVPFzh9Y4RmgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTIzMEI4L0YxRjg5MEYwOTY1OTExRUQ4Q0M3OEE2MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyMzBCOC9GMUY4OTBGMDk2NTkxMUVEOENDNzhBNjBDNEY5QUUwMi8tN3Eya0sz
LUVPOURTM0dKVlBGemg5WTRSbWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAky7MDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ0LmMA8EAgAC
MAkDBwAgAQ3xzkAwDQYJKoZIhvcNAQELBQADggEBAF8WG+VrzT28cFmJ3VaH8pQ+
5ZZr7OHE3MiNcNw2H3NkfI3zmEs12BkWr49VbeCrANsnjwJvsfb2u3hlnYk3/+CW
ZT82iHNNeb7ea1v1JptbhDuD3dWVtXs6pcZOkLKnSKACyL5X2kClJOSTsAKRGjKs
Y1mR/kg0pUA52DQCXGRh7WfOslZFsXbuhADd5shxJGCDcHgTKkMlvLIY9T4mn46Q
iJTri6xQydObeK2MPBduyrRwG3LYOVSX9clwy+7zO6Q7WRQyygvr6fhmmmj6pHF5
KtaMfLcdN3ZAutsnkb8htT135ZrWFZZZoFBefSG7RArEIgGEmNNR+wvAcV3Mq9A=
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:33:39 2024 by rpki-client on console-ams.rpki-client.org