Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0fxphnCiQetFTVXFZ6paY1rwoGM.cer
File:                     0fxphnCiQetFTVXFZ6paY1rwoGM.cer (raw, json)
Hash identifier:          aGRi1gLkMXs3h9nAAwU0Kc40bWnzhV9XR+j4FzLqG7g=
Subject key identifier:   D1:FC:69:86:70:A2:41:EB:45:4D:55:C5:67:AA:5A:63:5A:F0:A0:63
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D649
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A918681B/C43FBD061A3A11EC8FBF417BC4F9AE02/0fxphnCiQetFTVXFZ6paY1rwoGM.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A918681B/C43FBD061A3A11EC8FBF417BC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 03 Jan 2024 01:47:23 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 59239
                          AS: 139683
                          IP: 45.115.12.0/22
                          IP: 103.253.160.0/22
                          IP: 2407:e740::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 04 Dec 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120393 (0x1d649)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan  3 01:47:23 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A918681B/serialNumber=D1FC698670A241EB454D55C567AA5A635AF0A063
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:aa:9f:9e:96:39:ad:c2:a3:cf:1c:d7:55:19:
                    01:cd:6f:1b:b5:55:8c:d1:9b:73:aa:d9:6b:f3:ee:
                    dc:7d:27:9a:24:98:4c:67:a3:ed:38:ca:eb:c8:ad:
                    b9:c4:56:7e:4d:bd:24:0b:20:f0:e1:2c:0a:02:97:
                    a7:d5:0d:d9:5b:a5:02:c0:5b:3c:99:fd:04:88:81:
                    ca:30:b9:21:8f:d7:da:26:7e:77:da:b0:9f:8c:a0:
                    0f:cd:c6:f6:85:aa:d6:49:a4:fa:2b:65:d4:2d:15:
                    a7:32:b2:53:c3:96:37:7f:de:fc:8b:e1:26:4d:03:
                    3d:03:a2:f0:eb:72:5a:95:21:f7:9a:bf:1e:72:67:
                    26:02:1d:cd:a1:ce:eb:fe:52:e0:1b:db:43:30:a1:
                    52:cc:c9:76:20:d3:2c:aa:7e:a1:81:7a:25:6b:b1:
                    ee:38:ba:f1:54:53:28:f9:de:44:71:29:b0:5e:a5:
                    85:29:76:d0:05:5a:bb:7f:2b:41:5b:00:68:f9:40:
                    14:f3:b6:eb:45:0c:0f:8f:c5:64:65:22:ea:e4:c6:
                    c8:0f:04:87:86:f9:a9:c0:94:0a:5c:96:95:0b:7a:
                    70:8f:f0:17:c2:00:9a:54:70:f4:3f:8a:14:b9:56:
                    09:12:c3:95:51:c9:4e:64:5f:53:87:5b:4f:13:b6:
                    40:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:FC:69:86:70:A2:41:EB:45:4D:55:C5:67:AA:5A:63:5A:F0:A0:63
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918681B/C43FBD061A3A11EC8FBF417BC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918681B/C43FBD061A3A11EC8FBF417BC4F9AE02/0fxphnCiQetFTVXFZ6paY1rwoGM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  59239
                  139683

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.115.12.0/22
                  103.253.160.0/22
                IPv6:
                  2407:e740::/32

    Signature Algorithm: sha256WithRSAEncryption
         89:04:6e:b4:ad:15:f3:01:fb:46:da:c8:ed:72:31:05:e1:b5:
         90:b5:71:d7:51:f5:41:af:dc:10:4b:91:79:0c:9e:2c:33:8a:
         88:b3:6b:4a:fa:d4:f2:f8:b3:7f:a9:1c:f4:bc:46:ec:3b:53:
         2c:be:c2:4b:3e:2c:45:fd:4d:62:0b:ea:81:23:b7:7f:04:e2:
         5e:1d:a1:b5:50:32:3c:f6:20:a2:3b:44:82:0d:31:b1:e1:4b:
         8f:bb:d1:8a:c9:8b:d2:68:58:a3:c6:4b:e2:41:ac:2c:22:cc:
         a4:90:17:35:e6:32:c4:be:46:0e:ac:f4:3d:b9:c6:0c:ad:01:
         e4:38:0d:4f:ce:92:21:ac:1a:c1:5e:3f:e8:b0:73:b9:6a:1c:
         b5:7d:c0:7f:78:cd:0f:e9:9b:88:c6:06:a6:76:51:7e:12:96:
         dd:4b:9e:12:69:08:4d:4f:a3:34:4d:df:06:d7:15:c6:00:15:
         f1:56:f9:da:25:9b:71:7a:b6:95:05:20:a6:4c:92:df:fc:fa:
         4a:90:c0:cf:c0:74:ce:d2:89:93:58:36:09:e4:27:b6:ea:5f:
         64:c9:33:c6:35:d5:b3:24:f4:9b:df:3e:a2:23:90:dd:2a:97:
         a7:49:87:47:cf:f9:95:97:a9:f3:32:f3:12:87:d4:60:76:2e:
         69:82:52:56
-----BEGIN CERTIFICATE-----
MIIGNDCCBRygAwIBAgIDAdZJMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEwMzAxNDcyM1oXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxODY4MUIxMTAvBgNVBAUTKEQxRkM2OTg2NzBBMjQxRUI0NTRENTVD
NTY3QUE1QTYzNUFGMEEwNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAqp+eljmtwqPPHNdVGQHNbxu1VYzRm3Oq2Wvz7tx9J5okmExno+04yuvIrbnE
Vn5NvSQLIPDhLAoCl6fVDdlbpQLAWzyZ/QSIgcowuSGP19omfnfasJ+MoA/NxvaF
qtZJpPorZdQtFacyslPDljd/3vyL4SZNAz0DovDrclqVIfeavx5yZyYCHc2hzuv+
UuAb20MwoVLMyXYg0yyqfqGBeiVrse44uvFUUyj53kRxKbBepYUpdtAFWrt/K0Fb
AGj5QBTztutFDA+PxWRlIurkxsgPBIeG+anAlApclpULenCP8BfCAJpUcPQ/ihS5
VgkSw5VRyU5kX1OHW08TtkBvAgMBAAGjggMpMIIDJTAdBgNVHQ4EFgQU0fxphnCi
QetFTVXFZ6paY1rwoGMwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTg2ODFCL0M0M0ZCRDA2MUEzQTExRUM4RkJGNDE3QkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4NjgxQi9DNDNGQkQwNjFBM0ExMUVDOEZCRjQxN0JDNEY5QUUwMi8wZnhwaG5D
aVFldEZUVlhGWjZwYVkxcndvR00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAOdnAgMCIaMwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAItcwwD
BAJn/aAwDQQCAAIwBwMFACQH50AwDQYJKoZIhvcNAQELBQADggEBAIkEbrStFfMB
+0bayO1yMQXhtZC1cddR9UGv3BBLkXkMniwzioiza0r61PL4s3+pHPS8Ruw7Uyy+
wks+LEX9TWIL6oEjt38E4l4dobVQMjz2IKI7RIINMbHhS4+70YrJi9JoWKPGS+JB
rCwizKSQFzXmMsS+Rg6s9D25xgytAeQ4DU/OkiGsGsFeP+iwc7lqHLV9wH94zQ/p
m4jGBqZ2UX4Slt1LnhJpCE1PozRN3wbXFcYAFfFW+dolm3F6tpUFIKZMkt/8+kqQ
wM/AdM7SiZNYNgnkJ7bqX2TJM8Y11bMk9JvfPqIjkN0ql6dJh0fP+ZWXqfMy8xKH
1GB2LmmCUlY=
-----END CERTIFICATE-----
Generated at Wed Nov 27 04:03:11 2024 by rpki-client on console-fra.rpki-client.org