Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1bScAI9ih18VJth200lAoJsOnW0.cer
File:                     1bScAI9ih18VJth200lAoJsOnW0.cer (raw, json)
Hash identifier:          F4cCqr479z1mfOkk2lKKYuUfXmIqQ5yZjSNlouORkK4=
Subject key identifier:   D5:B4:9C:00:8F:62:87:5F:15:26:D8:76:D3:49:40:A0:9B:0E:9D:6D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01B9DC
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91FB434/E2C6267642D311E8BBDC0941C4F9AE02/1bScAI9ih18VJth200lAoJsOnW0.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91FB434/E2C6267642D311E8BBDC0941C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 30 Aug 2023 17:12:38 +0000
Certificate not after:    Thu 31 Oct 2024 00:00:00 +0000
Subordinate resources:    AS: 151647
                          IP: 103.98.52.0/24
                          IP: 103.112.101.0/24
                          IP: 2001:df2:1500::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 113116 (0x1b9dc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Aug 30 17:12:38 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=A91FB434/serialNumber=D5B49C008F62875F1526D876D34940A09B0E9D6D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:05:a2:dc:0e:4f:9a:0e:11:f4:44:69:46:5d:
                    e1:65:7a:53:e6:b6:e1:e5:c4:2a:07:50:f5:63:94:
                    c3:96:08:24:98:2a:a6:93:6c:ab:3d:86:12:b6:4e:
                    b3:e6:7a:75:a7:e5:0f:4c:e5:dd:55:5d:4c:18:77:
                    4b:ea:b7:eb:a4:96:f3:56:71:79:47:4d:b6:4f:8d:
                    08:54:b8:90:2a:d9:cc:f4:76:67:aa:74:e1:40:83:
                    02:e7:5f:71:f2:f8:9a:46:c5:c2:89:ca:c1:e6:bf:
                    98:7b:6d:9c:fd:58:3e:d7:5c:00:88:4a:48:50:95:
                    d4:3c:d6:40:09:e9:87:1c:8d:a7:c5:00:d9:73:1b:
                    f6:b8:60:02:8f:99:da:9d:55:bc:f2:31:95:58:b2:
                    65:ff:1a:7e:f1:47:e3:c7:4d:52:d3:3c:63:21:7d:
                    af:74:14:f7:a1:5f:5f:42:64:9c:93:fe:49:0d:07:
                    52:a1:d8:d2:b9:33:36:65:22:d4:d5:01:33:f6:e5:
                    c3:ee:48:a2:7b:df:e8:eb:25:b4:16:b6:6a:27:32:
                    fd:c5:8d:0e:c7:0d:97:84:4b:16:40:00:41:79:69:
                    85:39:52:a6:4a:ec:5a:63:c8:90:8d:08:4d:43:56:
                    1b:b2:6d:fc:db:42:d1:f9:cf:4a:70:da:3e:6f:1f:
                    00:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:B4:9C:00:8F:62:87:5F:15:26:D8:76:D3:49:40:A0:9B:0E:9D:6D
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91FB434/E2C6267642D311E8BBDC0941C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91FB434/E2C6267642D311E8BBDC0941C4F9AE02/1bScAI9ih18VJth200lAoJsOnW0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  151647

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.98.52.0/24
                  103.112.101.0/24
                IPv6:
                  2001:df2:1500::/48

    Signature Algorithm: sha256WithRSAEncryption
         b0:70:dc:60:e3:ca:2f:fe:f9:6d:ec:14:a1:23:49:a8:5e:16:
         f7:ff:23:28:46:ee:51:e6:e7:e1:89:d3:c2:60:55:d3:59:b1:
         db:26:2c:af:05:55:78:31:d1:28:8b:fe:ca:1b:23:76:3d:76:
         6a:5a:9f:ec:da:68:ba:6d:b1:2d:1c:0b:24:4c:17:11:cf:cc:
         64:d6:2c:ca:9e:6c:6b:0f:99:d0:9a:6c:84:38:71:c0:98:05:
         3e:f4:f9:08:24:3b:e7:ab:1e:a1:f7:aa:fb:62:2f:e3:00:65:
         8f:36:25:fc:be:b4:58:11:6a:e6:ac:8b:11:dd:2f:83:34:a5:
         43:7e:cd:a8:08:13:b7:d3:76:91:8d:29:bc:8b:f3:44:5b:dc:
         95:cd:99:97:42:48:43:f4:78:a6:bc:75:e1:09:be:af:ba:a1:
         47:a6:84:52:7c:d7:0b:f2:1d:4a:15:ff:01:39:8b:d1:37:2c:
         4c:ca:5f:85:3e:b3:b3:26:a4:63:87:23:d3:af:f6:8c:84:98:
         a2:e0:e7:31:62:d4:63:5f:ed:71:c6:7e:22:32:3a:b9:21:c0:
         2d:8f:4d:8a:59:14:07:99:2f:ee:f0:e4:6a:3e:fb:07:39:7c:
         62:0f:2f:c3:6c:b9:72:a7:f1:47:4a:76:76:54:8e:a6:12:09:
         7d:c6:30:5f
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIDAbncMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDgzMDE3MTIzOFoXDTI0MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRkI0MzQxMTAvBgNVBAUTKEQ1QjQ5QzAwOEY2Mjg3NUYxNTI2RDg3
NkQzNDk0MEEwOUIwRTlENkQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQClBaLcDk+aDhH0RGlGXeFlelPmtuHlxCoHUPVjlMOWCCSYKqaTbKs9hhK2TrPm
enWn5Q9M5d1VXUwYd0vqt+uklvNWcXlHTbZPjQhUuJAq2cz0dmeqdOFAgwLnX3Hy
+JpGxcKJysHmv5h7bZz9WD7XXACISkhQldQ81kAJ6YccjafFANlzG/a4YAKPmdqd
VbzyMZVYsmX/Gn7xR+PHTVLTPGMhfa90FPehX19CZJyT/kkNB1Kh2NK5MzZlItTV
ATP25cPuSKJ73+jrJbQWtmonMv3FjQ7HDZeESxZAAEF5aYU5UqZK7FpjyJCNCE1D
VhuybfzbQtH5z0pw2j5vHwB3AgMBAAGjggMmMIIDIjAdBgNVHQ4EFgQU1bScAI9i
h18VJth200lAoJsOnW0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUZCNDM0L0UyQzYyNjc2NDJEMzExRThCQkRDMDk0MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGQjQzNC9FMkM2MjY3NjQyRDMxMUU4QkJEQzA5NDFDNEY5QUUwMi8xYlNjQUk5
aWgxOFZKdGgyMDBsQW9Kc09uVzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlBfMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAZ2I0AwQAZ3Bl
MA8EAgACMAkDBwAgAQ3yFQAwDQYJKoZIhvcNAQELBQADggEBALBw3GDjyi/++W3s
FKEjSaheFvf/IyhG7lHm5+GJ08JgVdNZsdsmLK8FVXgx0SiL/sobI3Y9dmpan+za
aLptsS0cCyRMFxHPzGTWLMqebGsPmdCabIQ4ccCYBT70+QgkO+erHqH3qvtiL+MA
ZY82Jfy+tFgRauasixHdL4M0pUN+zagIE7fTdpGNKbyL80Rb3JXNmZdCSEP0eKa8
deEJvq+6oUemhFJ81wvyHUoV/wE5i9E3LEzKX4U+s7MmpGOHI9Ov9oyEmKLg5zFi
1GNf7XHGfiIyOrkhwC2PTYpZFAeZL+7w5Go++wc5fGIPL8NsuXKn8UdKdnZUjqYS
CX3GMF8=
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:46:47 2024 by rpki-client on console-ams.rpki-client.org