Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1u0VCduHw0xGCiZBoZt_SE5NxEU.cer
File:                     1u0VCduHw0xGCiZBoZt_SE5NxEU.cer (raw, json)
Hash identifier:          D7QdtQz74P/b0f+gf1GvrX8ATfAOCtNoW8cx0OORuVk=
Subject key identifier:   D6:ED:15:09:DB:87:C3:4C:46:0A:26:41:A1:9B:7F:48:4E:4D:C4:45
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01EB15
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91F5216/6645ACA66E0811EDBEED6284C4F9AE02/1u0VCduHw0xGCiZBoZt_SE5NxEU.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91F5216/6645ACA66E0811EDBEED6284C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 11 Apr 2024 05:06:29 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 55491
                          IP: 2404:ed40::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 125717 (0x1eb15)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Apr 11 05:06:29 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A91F5216/serialNumber=D6ED1509DB87C34C460A2641A19B7F484E4DC445
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:66:02:09:f7:f5:66:ab:9c:00:d2:3c:95:2d:
                    1c:3b:ad:e9:ce:73:d5:03:15:10:27:22:a0:02:8c:
                    78:c5:b9:32:83:15:16:da:1a:5d:6b:ca:38:ac:a9:
                    f4:29:4e:7e:c7:1c:bb:3d:b6:5d:2b:f7:e0:f1:52:
                    41:5b:45:89:4c:8d:45:aa:5a:e7:0b:51:5a:eb:d8:
                    ae:80:04:fe:d3:34:56:0d:7d:ca:fb:46:10:47:88:
                    08:d6:8c:f2:a1:97:9a:4b:ea:20:05:08:52:55:c6:
                    30:c7:fb:b2:3f:9d:29:5a:c7:2d:2e:69:11:e3:8f:
                    5f:53:29:1d:de:f0:c4:6e:3f:e2:76:b4:32:3c:ea:
                    85:2a:19:02:2c:f6:6f:7e:30:9f:f9:77:cf:b9:89:
                    fe:68:9f:ac:27:ac:12:02:bc:51:22:46:cb:cf:a9:
                    21:27:94:73:b4:c6:f1:b6:2d:20:a5:0d:56:67:b8:
                    08:9c:ee:19:37:46:b2:99:a0:d8:6c:4b:fe:0c:7d:
                    c7:72:c9:c2:aa:c9:b7:57:b6:0b:05:3a:88:9a:9d:
                    b5:1f:19:18:ad:5d:56:e2:e5:a3:d2:e2:d6:16:66:
                    99:5d:e5:10:cb:b1:0e:ff:93:a3:b3:0c:fe:9b:cd:
                    96:b8:f5:fa:a3:58:d1:be:8b:32:d6:a2:79:32:62:
                    47:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:ED:15:09:DB:87:C3:4C:46:0A:26:41:A1:9B:7F:48:4E:4D:C4:45
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F5216/6645ACA66E0811EDBEED6284C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F5216/6645ACA66E0811EDBEED6284C4F9AE02/1u0VCduHw0xGCiZBoZt_SE5NxEU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  55491

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:ed40::/32

    Signature Algorithm: sha256WithRSAEncryption
         5f:de:a7:f2:21:6c:1c:36:3a:1f:a7:77:6a:24:1b:3f:8c:a5:
         2c:6c:6a:85:8b:b5:3b:1d:a3:c9:e8:c9:ac:72:9b:97:89:95:
         84:57:f1:ee:73:41:ff:d5:47:06:ca:68:24:58:c8:31:4a:92:
         8e:79:1d:c3:cc:b0:24:85:96:99:8e:d0:f6:3b:db:06:1e:91:
         1d:fc:43:a8:6e:11:15:5d:50:19:1a:64:eb:52:c5:c5:f3:4a:
         73:8e:9e:b9:8d:d4:4e:26:7f:37:e4:89:12:df:6f:92:bc:5d:
         54:12:d7:f6:23:95:f5:f1:50:4c:de:09:f1:38:83:be:81:09:
         6d:8d:a6:e5:df:63:6b:5b:08:a7:0c:c9:e6:d4:ca:f6:61:91:
         5a:eb:33:32:ae:31:a6:a9:25:fb:83:16:bd:10:e9:69:25:9b:
         1c:5b:ae:82:b4:a4:19:06:a1:28:23:22:8f:f7:52:24:21:f6:
         e1:cc:73:a0:5c:57:3f:50:3d:e5:63:1b:7d:96:ea:84:2e:1e:
         85:1a:1a:ae:2d:8f:de:b1:f5:1c:b3:fa:d9:13:a5:8f:7f:ec:
         4e:2a:94:85:e5:81:41:58:aa:02:f7:2d:44:90:4f:a7:40:85:
         d6:b1:70:a5:54:72:de:33:36:8c:c1:d2:81:9d:de:a6:c9:b2:
         ac:e3:ca:86
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAesVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQxMTA1MDYyOVoXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRjUyMTYxMTAvBgNVBAUTKEQ2RUQxNTA5REI4N0MzNEM0NjBBMjY0
MUExOUI3RjQ4NEU0REM0NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBZgIJ9/Vmq5wA0jyVLRw7renOc9UDFRAnIqACjHjFuTKDFRbaGl1ryjisqfQp
Tn7HHLs9tl0r9+DxUkFbRYlMjUWqWucLUVrr2K6ABP7TNFYNfcr7RhBHiAjWjPKh
l5pL6iAFCFJVxjDH+7I/nSlaxy0uaRHjj19TKR3e8MRuP+J2tDI86oUqGQIs9m9+
MJ/5d8+5if5on6wnrBICvFEiRsvPqSEnlHO0xvG2LSClDVZnuAic7hk3RrKZoNhs
S/4MfcdyycKqybdXtgsFOoianbUfGRitXVbi5aPS4tYWZpld5RDLsQ7/k6OzDP6b
zZa49fqjWNG+izLWonkyYkfPAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQU1u0VCduH
w0xGCiZBoZt/SE5NxEUwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUY1MjE2LzY2NDVBQ0E2NkUwODExRURCRUVENjI4NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGNTIxNi82NjQ1QUNBNjZFMDgxMUVEQkVFRDYyODRDNEY5QUUwMi8xdTBWQ2R1
SHcweEdDaVpCb1p0X1NFNU54RVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDANjDMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJATtQDANBgkq
hkiG9w0BAQsFAAOCAQEAX96n8iFsHDY6H6d3aiQbP4ylLGxqhYu1Ox2jyejJrHKb
l4mVhFfx7nNB/9VHBspoJFjIMUqSjnkdw8ywJIWWmY7Q9jvbBh6RHfxDqG4RFV1Q
GRpk61LFxfNKc46euY3UTiZ/N+SJEt9vkrxdVBLX9iOV9fFQTN4J8TiDvoEJbY2m
5d9ja1sIpwzJ5tTK9mGRWuszMq4xpqkl+4MWvRDpaSWbHFuugrSkGQahKCMij/dS
JCH24cxzoFxXP1A95WMbfZbqhC4ehRoari2P3rH1HLP62ROlj3/sTiqUheWBQViq
AvctRJBPp0CF1rFwpVRy3jM2jMHSgZ3epsmyrOPKhg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:14:57 2024 by rpki-client on console-ams.rpki-client.org