Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0zOneHph_4bHRbR0CWr2muMaz_E.cer
File:                     0zOneHph_4bHRbR0CWr2muMaz_E.cer (raw, json)
Hash identifier:          WV3yrC14IQ4r4Yju1Z43bcgszrdq+7L2B0EYbjm7kDs=
Subject key identifier:   D3:33:A7:78:7A:61:FF:86:C7:45:B4:74:09:6A:F6:9A:E3:1A:CF:F1
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01A3F9
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A911309C/B92E3540B2E911EBB4D9CC31C4F9AE02/0zOneHph_4bHRbR0CWr2muMaz_E.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A911309C/B92E3540B2E911EBB4D9CC31C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 18 May 2023 12:25:43 +0000
Certificate not after:    Tue 30 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 142146
                          IP: 103.166.232.0/23
                          IP: 2001:df6:9c80::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 107513 (0x1a3f9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May 18 12:25:43 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=A911309C/serialNumber=D333A7787A61FF86C745B474096AF69AE31ACFF1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:c2:be:2b:26:0e:bf:32:16:03:01:e1:87:3b:
                    3f:d3:14:93:f4:31:9a:15:c8:3a:74:6e:09:c7:7a:
                    3b:73:c0:2c:a0:9b:33:10:8a:86:ae:f6:22:cc:56:
                    08:8e:e4:c6:5c:d4:24:88:37:a4:1e:34:ea:ba:27:
                    76:f9:82:7c:f0:92:75:81:60:f2:db:29:c3:63:76:
                    30:0c:44:40:a1:e0:84:19:07:c0:95:2e:23:49:33:
                    88:f3:54:13:01:bc:95:dc:70:ae:e2:ed:06:39:fa:
                    a4:e2:14:89:9f:bb:19:71:91:80:46:0f:08:90:90:
                    49:98:07:0a:61:92:88:97:bc:c6:bb:1f:bb:a6:93:
                    fe:17:df:3e:67:41:eb:1e:0d:8d:15:9d:43:4e:a6:
                    52:ef:ef:8e:0a:8c:40:ad:a8:3e:d1:94:d4:17:bd:
                    ea:31:30:f7:38:67:04:b2:dc:92:f2:45:bb:4a:52:
                    35:d0:63:a3:46:f2:d5:2d:8f:8c:0f:f0:c8:d0:f7:
                    c1:c5:01:48:9f:9e:18:99:b4:fd:62:28:67:e2:e6:
                    b8:59:94:46:2a:4a:42:c9:34:93:d6:79:4f:d4:ca:
                    cb:8f:16:f2:df:72:52:1e:b9:65:31:56:e0:07:eb:
                    dd:0e:c3:5e:8f:5d:16:1a:4b:eb:48:a6:b1:1c:80:
                    62:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:33:A7:78:7A:61:FF:86:C7:45:B4:74:09:6A:F6:9A:E3:1A:CF:F1
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911309C/B92E3540B2E911EBB4D9CC31C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911309C/B92E3540B2E911EBB4D9CC31C4F9AE02/0zOneHph_4bHRbR0CWr2muMaz_E.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  142146

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.166.232.0/23
                IPv6:
                  2001:df6:9c80::/48

    Signature Algorithm: sha256WithRSAEncryption
         36:d0:14:c7:f8:ce:b5:f4:4c:15:e9:82:ed:89:8a:6d:fe:4f:
         de:4f:2d:60:a9:6f:74:ac:b6:16:9a:82:86:db:31:9a:58:c4:
         bd:4c:e9:d1:ac:e8:ea:7b:da:65:70:f6:48:e2:bd:6b:8b:eb:
         59:31:64:80:4e:83:dc:3f:d6:9c:d4:da:cc:15:2b:4a:28:55:
         18:8d:c4:ce:3b:97:e7:ad:b9:d4:e4:5f:31:a5:13:f6:ab:3d:
         90:1d:cc:90:48:fa:11:c4:a3:19:3e:c1:bc:00:f8:ea:ce:5f:
         7d:f6:16:aa:85:54:e3:d0:0e:e4:00:aa:88:95:48:69:47:88:
         31:91:4a:da:96:79:8b:da:5a:1b:b2:da:4b:f9:bb:03:d8:79:
         cc:c9:1d:83:75:88:77:25:e7:d4:f7:c7:f2:81:15:78:9d:db:
         24:bc:3d:92:11:ad:29:7c:7a:f7:18:f1:34:42:e2:bd:a1:0b:
         38:a4:8c:28:3d:a8:78:15:8f:e0:21:45:5b:96:68:a0:c6:e4:
         36:71:ee:20:87:ef:ec:10:ce:c8:1e:47:b0:02:d4:37:c8:14:
         48:49:1c:bc:91:88:d6:3c:ed:e3:6d:4f:05:4a:3c:53:ce:0a:
         25:68:74:3d:85:a9:59:75:6e:59:44:e2:2a:8f:89:1f:e4:0f:
         38:bf:7a:93
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAaP5MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDUxODEyMjU0M1oXDTI0MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTMwOUMxMTAvBgNVBAUTKEQzMzNBNzc4N0E2MUZGODZDNzQ1QjQ3
NDA5NkFGNjlBRTMxQUNGRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDswr4rJg6/MhYDAeGHOz/TFJP0MZoVyDp0bgnHejtzwCygmzMQioau9iLMVgiO
5MZc1CSIN6QeNOq6J3b5gnzwknWBYPLbKcNjdjAMRECh4IQZB8CVLiNJM4jzVBMB
vJXccK7i7QY5+qTiFImfuxlxkYBGDwiQkEmYBwphkoiXvMa7H7umk/4X3z5nQese
DY0VnUNOplLv744KjECtqD7RlNQXveoxMPc4ZwSy3JLyRbtKUjXQY6NG8tUtj4wP
8MjQ98HFAUifnhiZtP1iKGfi5rhZlEYqSkLJNJPWeU/UysuPFvLfclIeuWUxVuAH
690Ow16PXRYaS+tIprEcgGL3AgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQU0zOneHph
/4bHRbR0CWr2muMaz/EwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTEzMDlDL0I5MkUzNTQwQjJFOTExRUJCNEQ5Q0MzMUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExMzA5Qy9COTJFMzU0MEIyRTkxMUVCQjREOUNDMzFDNEY5QUUwMi8wek9uZUhw
aF80YkhSYlIwQ1dyMm11TWF6X0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAitCMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ6boMA8EAgAC
MAkDBwAgAQ32nIAwDQYJKoZIhvcNAQELBQADggEBADbQFMf4zrX0TBXpgu2Jim3+
T95PLWCpb3SsthaagobbMZpYxL1M6dGs6Op72mVw9kjivWuL61kxZIBOg9w/1pzU
2swVK0ooVRiNxM47l+etudTkXzGlE/arPZAdzJBI+hHEoxk+wbwA+OrOX332FqqF
VOPQDuQAqoiVSGlHiDGRStqWeYvaWhuy2kv5uwPYeczJHYN1iHcl59T3x/KBFXid
2yS8PZIRrSl8evcY8TRC4r2hCzikjCg9qHgVj+AhRVuWaKDG5DZx7iCH7+wQzsge
R7AC1DfIFEhJHLyRiNY87eNtTwVKPFPOCiVodD2FqVl1bllE4iqPiR/kDzi/epM=
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:46:47 2024 by rpki-client on console-ams.rpki-client.org