Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0VLfcuXWwcb-QrZCN3w7CIEobec.cer
File:                     0VLfcuXWwcb-QrZCN3w7CIEobec.cer (raw, json)
Hash identifier:          0vNeX0GzwoWvTa7KsYrdOQWDxb0F6kmPQsKr/TsdpLQ=
Subject key identifier:   D1:52:DF:72:E5:D6:C1:C6:FE:42:B6:42:37:7C:3B:08:81:28:6D:E7
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01B776
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C0FAC/3CF798E0049711ECA53D4B3CC4F9AE02/0VLfcuXWwcb-QrZCN3w7CIEobec.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C0FAC/3CF798E0049711ECA53D4B3CC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 17 Aug 2023 18:27:08 +0000
Certificate not after:    Thu 31 Oct 2024 00:00:00 +0000
Subordinate resources:    AS: 146957
                          IP: 103.172.44.0/23
                          IP: 2001:df7:5f80::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 112502 (0x1b776)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Aug 17 18:27:08 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=A91C0FAC/serialNumber=D152DF72E5D6C1C6FE42B642377C3B0881286DE7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:86:c2:2b:ba:8a:ce:9b:c5:92:3c:30:30:0f:
                    fc:71:c1:ee:01:f7:6d:c0:be:b1:3d:48:42:30:fc:
                    8e:34:83:f7:76:f6:83:49:18:f2:9f:5e:5c:ee:e6:
                    f0:fe:9a:a4:d7:47:47:99:fc:16:b4:d4:7c:03:ea:
                    a3:52:92:a5:87:98:9f:db:5f:8b:8b:e2:93:f4:bb:
                    d0:b8:fa:9c:c4:8d:e4:d9:6d:d8:87:07:f0:a9:ba:
                    01:79:9a:29:1c:22:0d:ed:38:1f:b7:2e:0c:37:fc:
                    1c:75:90:f5:68:1f:68:32:86:74:c1:25:c9:36:c0:
                    3c:63:c2:38:ec:cf:8a:c2:b4:e3:fe:6f:3d:e8:0e:
                    e3:7f:ce:8e:93:41:70:ac:fa:a4:c0:6e:d6:d1:40:
                    94:d8:2b:fc:70:6f:6a:d3:0a:12:dc:b8:b9:f6:dc:
                    a7:5a:32:0e:bc:7a:0b:8d:7f:da:aa:5d:c6:64:03:
                    7b:67:08:41:82:b0:4a:d9:15:51:6a:2f:9f:86:90:
                    f8:d0:31:5b:a1:54:f0:a2:54:c1:82:1c:a4:be:0f:
                    a0:c6:bc:14:f6:b8:9b:c4:de:62:75:49:51:bb:0b:
                    7b:ae:42:2f:7f:a3:71:77:8d:92:6d:6f:80:35:53:
                    3d:c7:9e:f8:91:39:e4:cd:0e:b7:1b:61:d8:64:f2:
                    7e:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:52:DF:72:E5:D6:C1:C6:FE:42:B6:42:37:7C:3B:08:81:28:6D:E7
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C0FAC/3CF798E0049711ECA53D4B3CC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C0FAC/3CF798E0049711ECA53D4B3CC4F9AE02/0VLfcuXWwcb-QrZCN3w7CIEobec.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  146957

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.44.0/23
                IPv6:
                  2001:df7:5f80::/48

    Signature Algorithm: sha256WithRSAEncryption
         55:0e:04:b4:9b:cc:4d:03:3b:02:4e:1f:2d:d3:c5:2a:78:9e:
         0d:32:9a:09:61:63:cd:4c:a8:c7:51:89:c1:d0:dd:cb:4e:82:
         79:a8:bc:e3:8f:8f:86:9e:77:b8:7b:e7:43:1f:a9:d5:9e:88:
         07:eb:e5:c5:da:96:80:43:f8:90:26:a5:91:f5:91:5e:20:82:
         c2:d8:ae:c6:25:9d:8b:67:6d:b6:46:c6:a4:4a:c0:07:43:88:
         ad:51:a6:69:fe:f7:2a:06:fb:df:84:76:fb:dd:05:0b:75:8a:
         3b:48:13:c1:c7:06:b8:81:c8:5b:4f:ae:29:d5:7c:99:5e:6c:
         55:6f:08:5d:47:d2:ae:61:69:83:b5:78:48:2b:8c:9e:15:d7:
         e8:f8:de:85:26:ba:7a:e0:f3:1d:f1:59:b1:dc:81:9b:e6:5d:
         df:18:52:5c:9f:aa:bd:c6:86:80:63:82:3c:81:8c:ef:f9:ee:
         82:68:7e:e9:95:f9:f3:33:50:95:e4:47:6d:e1:b2:4c:8d:81:
         70:05:b8:7a:7f:30:47:e8:cc:83:07:3a:a2:e8:53:27:52:5c:
         cc:95:0a:96:3a:d4:80:9f:f4:75:15:8c:e4:8e:a6:ee:f9:9d:
         36:5a:7b:7a:8b:2e:53:3a:12:93:a7:ce:f9:a3:cd:2e:e2:29:
         5f:f0:6c:82
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAbd2MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDgxNzE4MjcwOFoXDTI0MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzBGQUMxMTAvBgNVBAUTKEQxNTJERjcyRTVENkMxQzZGRTQyQjY0
MjM3N0MzQjA4ODEyODZERTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCuhsIruorOm8WSPDAwD/xxwe4B923AvrE9SEIw/I40g/d29oNJGPKfXlzu5vD+
mqTXR0eZ/Ba01HwD6qNSkqWHmJ/bX4uL4pP0u9C4+pzEjeTZbdiHB/CpugF5mikc
Ig3tOB+3Lgw3/Bx1kPVoH2gyhnTBJck2wDxjwjjsz4rCtOP+bz3oDuN/zo6TQXCs
+qTAbtbRQJTYK/xwb2rTChLcuLn23KdaMg68eguNf9qqXcZkA3tnCEGCsErZFVFq
L5+GkPjQMVuhVPCiVMGCHKS+D6DGvBT2uJvE3mJ1SVG7C3uuQi9/o3F3jZJtb4A1
Uz3HnviROeTNDrcbYdhk8n7xAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQU0VLfcuXW
wcb+QrZCN3w7CIEobecwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMwRkFDLzNDRjc5OEUwMDQ5NzExRUNBNTNENEIzQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDMEZBQy8zQ0Y3OThFMDA0OTcxMUVDQTUzRDRCM0NDNEY5QUUwMi8wVkxmY3VY
V3djYi1RclpDTjN3N0NJRW9iZWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAj4NMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ6wsMA8EAgAC
MAkDBwAgAQ33X4AwDQYJKoZIhvcNAQELBQADggEBAFUOBLSbzE0DOwJOHy3TxSp4
ng0ymglhY81MqMdRicHQ3ctOgnmovOOPj4aed7h750MfqdWeiAfr5cXaloBD+JAm
pZH1kV4ggsLYrsYlnYtnbbZGxqRKwAdDiK1Rpmn+9yoG+9+EdvvdBQt1ijtIE8HH
BriByFtPrinVfJlebFVvCF1H0q5haYO1eEgrjJ4V1+j43oUmunrg8x3xWbHcgZvm
Xd8YUlyfqr3GhoBjgjyBjO/57oJofumV+fMzUJXkR23hskyNgXAFuHp/MEfozIMH
OqLoUydSXMyVCpY61ICf9HUVjOSOpu75nTZae3qLLlM6EpOnzvmjzS7iKV/wbII=
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:01:57 2024 by rpki-client on console-fra.rpki-client.org