Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2YRcGequkJIocqDK_QUfFmFPhK8.cer
File:                     2YRcGequkJIocqDK_QUfFmFPhK8.cer (raw, json)
Hash identifier:          B4VbBUyDvNDgfc5nf5+kPm7wg+hZ1Ad5EVd3kRqynBo=
Subject key identifier:   D9:84:5C:19:EA:AE:90:92:28:72:A0:CA:FD:05:1F:16:61:4F:84:AF
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E6E8
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/2YRcGequkJIocqDK_QUfFmFPhK8.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 27 Mar 2024 21:04:35 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    AS: 138599
                          IP: 103.134.24.0/22
                          IP: 2404:5b40::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124648 (0x1e6e8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar 27 21:04:35 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A91C6BF0/serialNumber=D9845C19EAAE90922872A0CAFD051F16614F84AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:00:8c:8b:bc:03:dd:5f:1d:26:f7:48:8d:5a:
                    5e:51:92:52:59:88:78:c7:b8:9d:3e:08:60:ab:80:
                    5b:16:a0:8a:b4:86:af:cd:92:97:65:51:23:16:7a:
                    fc:50:ca:52:11:66:f6:79:43:d9:e6:bb:03:61:7b:
                    e0:7d:1c:3d:46:83:8e:c1:00:99:3a:3c:0f:f9:5d:
                    8d:b4:de:71:7d:dd:c4:6a:f5:25:14:e7:96:61:b4:
                    d9:77:4d:26:0c:f0:b4:2b:37:60:6e:e9:09:db:bb:
                    e6:42:a4:1a:e0:22:a3:ce:36:9e:d6:43:7d:92:72:
                    70:79:15:54:b7:bb:62:19:b0:73:f7:33:37:0d:fa:
                    00:ae:73:2d:e3:4b:aa:39:52:bf:fa:16:2c:c8:ce:
                    3d:87:6c:67:31:ae:cc:fe:a6:bc:bd:ea:22:94:0c:
                    9d:4d:07:4b:88:6d:3d:49:ec:6f:ef:bd:b5:2b:7e:
                    c9:22:a2:e9:b8:6c:14:e3:16:56:21:82:b7:16:b4:
                    10:a0:f8:86:9c:b1:b9:0e:ec:01:23:18:41:3c:99:
                    f7:b0:3f:13:d8:f4:9d:e5:dd:b9:1e:f8:63:63:8f:
                    48:d8:6d:6f:48:a8:80:aa:1d:23:91:03:e9:f5:c8:
                    8c:a2:77:0d:93:86:fe:d8:08:c6:2a:51:fd:8c:ee:
                    81:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:84:5C:19:EA:AE:90:92:28:72:A0:CA:FD:05:1F:16:61:4F:84:AF
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/2YRcGequkJIocqDK_QUfFmFPhK8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  138599

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.134.24.0/22
                IPv6:
                  2404:5b40::/32

    Signature Algorithm: sha256WithRSAEncryption
         74:d3:41:58:21:fe:4e:42:cb:cb:72:bc:75:53:48:94:ec:7b:
         7a:42:f2:89:89:79:76:7a:27:02:54:71:e6:76:18:df:02:61:
         57:6f:5a:2c:ad:05:bc:6f:8d:58:a7:6a:13:c8:5a:46:02:d8:
         dc:ba:82:88:23:df:10:90:2f:78:ef:13:b6:88:7c:42:c7:6c:
         bf:c1:cc:c8:a4:47:68:4a:af:df:94:7f:4a:92:f9:40:65:ed:
         df:b9:81:ff:32:e2:84:44:e2:a2:53:2c:97:88:af:31:87:2d:
         09:b5:f7:2b:85:af:3c:51:91:2a:1d:df:35:1e:6d:f4:b1:74:
         fc:c4:4f:b3:34:57:dc:2b:2e:f0:f0:c9:72:b8:56:fa:85:70:
         4b:58:55:1d:04:33:04:f6:c9:33:3c:26:54:eb:ba:62:5f:ef:
         9b:4a:65:37:4a:8b:9f:78:f5:58:f0:11:16:df:5a:57:65:fe:
         3a:e7:08:b0:ff:89:0e:9d:c1:52:56:6a:f4:2c:6f:5d:ab:f6:
         7c:be:b4:be:75:a8:2b:8b:5e:c3:75:f5:68:58:57:20:53:66:
         ff:86:4b:ac:8f:ba:2a:04:11:2d:14:ef:c6:2a:a6:3d:28:bc:
         49:6b:6b:4f:15:66:c4:a7:af:22:d8:a1:f6:2a:24:91:87:21:
         39:57:de:76
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAeboMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMyNzIxMDQzNVoXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzZCRjAxMTAvBgNVBAUTKEQ5ODQ1QzE5RUFBRTkwOTIyODcyQTBD
QUZEMDUxRjE2NjE0Rjg0QUYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC9AIyLvAPdXx0m90iNWl5RklJZiHjHuJ0+CGCrgFsWoIq0hq/NkpdlUSMWevxQ
ylIRZvZ5Q9nmuwNhe+B9HD1Gg47BAJk6PA/5XY203nF93cRq9SUU55ZhtNl3TSYM
8LQrN2Bu6Qnbu+ZCpBrgIqPONp7WQ32ScnB5FVS3u2IZsHP3MzcN+gCucy3jS6o5
Ur/6FizIzj2HbGcxrsz+pry96iKUDJ1NB0uIbT1J7G/vvbUrfskioum4bBTjFlYh
grcWtBCg+IacsbkO7AEjGEE8mfewPxPY9J3l3bke+GNjj0jYbW9IqICqHSORA+n1
yIyidw2Thv7YCMYqUf2M7oEZAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQU2YRcGequ
kJIocqDK/QUfFmFPhK8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM2QkYwLzE0OTE5NzRBQUVCQjExRTk4QTM5MEI1OUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDNkJGMC8xNDkxOTc0QUFFQkIxMUU5OEEzOTBCNTlDNEY5QUUwMi8yWVJjR2Vx
dWtKSW9jcURLX1FVZkZtRlBoSzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAh1nMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ4YYMA0EAgAC
MAcDBQAkBFtAMA0GCSqGSIb3DQEBCwUAA4IBAQB000FYIf5OQsvLcrx1U0iU7Ht6
QvKJiXl2eicCVHHmdhjfAmFXb1osrQW8b41Yp2oTyFpGAtjcuoKII98QkC947xO2
iHxCx2y/wczIpEdoSq/flH9KkvlAZe3fuYH/MuKEROKiUyyXiK8xhy0Jtfcrha88
UZEqHd81Hm30sXT8xE+zNFfcKy7w8MlyuFb6hXBLWFUdBDME9skzPCZU67piX++b
SmU3SoufePVY8BEW31pXZf465wiw/4kOncFSVmr0LG9dq/Z8vrS+dagri17DdfVo
WFcgU2b/hkusj7oqBBEtFO/GKqY9KLxJa2tPFWbEp68i2KH2KiSRhyE5V952
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:06 2024 by rpki-client on console-fra.rpki-client.org