Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1WjiWa6pXRNIxmPjlfyma-wQwwk.cer
File:                     1WjiWa6pXRNIxmPjlfyma-wQwwk.cer (raw, json)
Hash identifier:          INEW8FrC4OIHNh3sAm8UqLlqSEeix3uU4gKi712Ro7I=
Subject key identifier:   D5:68:E2:59:AE:A9:5D:13:48:C6:63:E3:95:FC:A6:6B:EC:10:C3:09
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CF22
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A914C086/A8114F581DA211E2A0558B9508B02CD2/1WjiWa6pXRNIxmPjlfyma-wQwwk.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A914C086/A8114F581DA211E2A0558B9508B02CD2/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sat 02 Dec 2023 15:18:21 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    IP: 103.51.130.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118562 (0x1cf22)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec  2 15:18:21 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A914C086/serialNumber=D568E259AEA95D1348C663E395FCA66BEC10C309
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:e1:17:36:86:1f:dd:bb:e4:a1:91:30:19:4f:
                    76:3f:52:44:76:67:bd:03:48:27:70:b8:94:b1:f9:
                    f0:0d:cc:a9:47:4f:eb:62:7d:5c:69:79:fd:7d:c0:
                    f7:fd:14:d8:46:e4:13:7b:48:cd:2b:e6:53:86:3a:
                    97:6e:61:51:e6:65:b8:93:0e:4c:d6:36:2c:7a:27:
                    1f:4f:5c:9a:c6:12:f7:2d:c5:bc:99:36:11:85:a6:
                    4f:d0:17:24:bf:3a:ad:4e:ed:17:59:df:4e:b2:b5:
                    31:8f:3d:a3:70:f8:54:08:35:52:e6:8a:c3:cd:23:
                    bf:7d:d8:a8:e1:e8:df:1d:45:02:ea:75:0c:14:09:
                    1b:40:68:c9:62:6f:57:77:7c:5d:d4:89:5c:39:9f:
                    e1:bb:a8:49:7a:a6:e3:06:2d:48:ea:17:3d:ef:3e:
                    fe:c3:1e:0e:75:0c:f8:7d:28:54:a7:67:d1:c8:ae:
                    1a:1a:aa:c1:76:88:07:e1:ab:3b:a9:a6:c6:04:00:
                    0e:e3:00:6c:01:30:da:06:17:19:4a:c0:97:07:15:
                    38:94:af:52:6f:91:50:5f:80:7c:ac:2e:1f:23:dc:
                    29:a5:66:38:fd:fe:d0:89:8c:05:a3:0f:84:9a:3a:
                    68:69:39:4d:01:e7:fb:60:00:d6:5e:c3:2b:b2:f5:
                    62:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:68:E2:59:AE:A9:5D:13:48:C6:63:E3:95:FC:A6:6B:EC:10:C3:09
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A914C086/A8114F581DA211E2A0558B9508B02CD2/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A914C086/A8114F581DA211E2A0558B9508B02CD2/1WjiWa6pXRNIxmPjlfyma-wQwwk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.51.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d6:77:f0:cc:50:1b:49:20:75:36:2b:09:a0:b7:b2:a4:30:73:
         f9:7f:b3:ae:cf:bb:28:fe:55:c9:8d:d0:5e:aa:14:11:d3:44:
         ea:30:41:3f:98:43:63:7c:bc:fe:83:f9:7e:31:c6:3e:08:1b:
         71:3e:2d:e6:55:40:00:1d:bb:ac:02:13:5d:8b:7a:cf:86:fb:
         05:db:76:20:f4:4a:ff:49:37:c9:03:f0:e6:69:65:2f:63:cc:
         bb:b2:54:63:2c:ca:f5:d0:b4:1b:ea:13:fa:af:3c:f8:6b:9e:
         41:99:ee:5b:ea:bd:55:f2:0b:fe:5c:9e:7d:be:b7:83:89:99:
         50:f4:9e:f9:90:17:1d:87:8f:88:11:5f:42:10:f1:69:16:ef:
         b0:20:f6:b1:b0:da:97:37:2d:d6:c1:52:28:b3:07:bc:8a:60:
         8a:f2:76:cd:a5:1b:e0:00:85:da:dd:b0:03:3e:ce:04:30:b8:
         9b:be:db:21:46:b1:2d:f2:a5:9a:1e:29:dd:3e:76:7b:72:4d:
         16:8a:b9:e7:dc:9c:fa:b1:7d:13:95:1a:9c:49:eb:11:ff:5d:
         51:13:65:95:ca:3a:e3:b5:fc:a4:2a:51:c0:36:54:04:1d:d1:
         88:f5:0f:a2:e9:af:da:32:d5:cd:bb:51:2e:83:87:ee:b0:8e:
         ca:1e:34:a8
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAc8iMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIwMjE1MTgyMVoXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNEMwODYxMTAvBgNVBAUTKEQ1NjhFMjU5QUVBOTVEMTM0OEM2NjNF
Mzk1RkNBNjZCRUMxMEMzMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDi4Rc2hh/du+ShkTAZT3Y/UkR2Z70DSCdwuJSx+fANzKlHT+tifVxpef19wPf9
FNhG5BN7SM0r5lOGOpduYVHmZbiTDkzWNix6Jx9PXJrGEvctxbyZNhGFpk/QFyS/
Oq1O7RdZ306ytTGPPaNw+FQINVLmisPNI7992Kjh6N8dRQLqdQwUCRtAaMlib1d3
fF3UiVw5n+G7qEl6puMGLUjqFz3vPv7DHg51DPh9KFSnZ9HIrhoaqsF2iAfhqzup
psYEAA7jAGwBMNoGFxlKwJcHFTiUr1JvkVBfgHysLh8j3CmlZjj9/tCJjAWjD4Sa
OmhpOU0B5/tgANZewyuy9WJ/AgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQU1WjiWa6p
XRNIxmPjlfyma+wQwwkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTRDMDg2L0E4MTE0RjU4MURBMjExRTJBMDU1OEI5NTA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0QzA4Ni9BODExNEY1ODFEQTIxMUUyQTA1NThCOTUwOEIwMkNEMi8xV2ppV2E2
cFhSTkl4bVBqbGZ5bWEtd1F3d2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBABnM4IwDQYJKoZIhvcNAQELBQADggEBANZ38MxQG0kgdTYrCaC3
sqQwc/l/s67Puyj+VcmN0F6qFBHTROowQT+YQ2N8vP6D+X4xxj4IG3E+LeZVQAAd
u6wCE12Les+G+wXbdiD0Sv9JN8kD8OZpZS9jzLuyVGMsyvXQtBvqE/qvPPhrnkGZ
7lvqvVXyC/5cnn2+t4OJmVD0nvmQFx2Hj4gRX0IQ8WkW77Ag9rGw2pc3LdbBUiiz
B7yKYIryds2lG+AAhdrdsAM+zgQwuJu+2yFGsS3ypZoeKd0+dntyTRaKuefcnPqx
fROVGpxJ6xH/XVETZZXKOuO1/KQqUcA2VAQd0Yj1D6Lpr9oy1c27US6Dh+6wjsoe
NKg=
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:01:57 2024 by rpki-client on console-fra.rpki-client.org