Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gE-F4NYyzWot2XJvAkK6c8cT74.cer
File:                     2gE-F4NYyzWot2XJvAkK6c8cT74.cer (raw, json)
Hash identifier:          FsvYvsOakQW/9rMY6ZYkWLLpIeij+0tBj1wr8nbbZVo=
Subject key identifier:   DA:01:3E:17:83:58:CB:35:A8:B7:65:C9:BC:09:0A:E9:CF:1C:4F:BE
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       02198D
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/2gE-F4NYyzWot2XJvAkK6c8cT74.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 06 Nov 2024 03:00:42 +0000
Certificate not after:    Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources:    AS: 23936
                          IP: 103.229.96.0/24
                          IP: 180.178.72.0/21
                          IP: 2402:4400::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 137613 (0x2198d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov  6 03:00:42 2024 GMT
            Not After : Dec 30 00:00:00 2025 GMT
        Subject: CN=A91B2C88/serialNumber=DA013E178358CB35A8B765C9BC090AE9CF1C4FBE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:90:48:a0:3e:e7:44:a9:c2:63:eb:69:c3:26:
                    df:4f:03:c3:18:a7:a6:68:fc:88:aa:a0:1a:64:72:
                    32:e3:59:c5:e9:3e:ea:e8:fb:4a:40:6a:f3:14:1f:
                    38:5b:cd:ad:49:4c:0d:4c:80:3e:29:a8:39:65:d3:
                    5b:eb:e2:5d:62:74:eb:54:85:f7:8d:09:15:d5:6d:
                    77:32:e2:cc:c7:a3:a7:03:c8:da:52:51:c4:3c:03:
                    e6:00:b6:4c:fe:96:89:d9:c5:2f:84:d5:56:d3:95:
                    02:c5:7d:79:3b:98:4b:22:2b:36:97:22:be:57:a0:
                    0a:32:06:e8:cc:2d:c4:4f:a2:fc:b9:9f:b8:40:bc:
                    99:44:0e:77:69:22:1d:ca:3b:57:31:fe:8e:e0:a5:
                    d5:01:4a:d1:59:38:a9:77:eb:f8:b3:c3:63:42:3d:
                    ce:99:59:29:ec:86:3d:a6:d5:e2:dc:be:4e:dd:28:
                    76:c3:62:6e:10:d1:f4:df:10:0e:25:f1:13:aa:39:
                    9c:4e:51:6a:7d:09:49:3c:e0:b2:5a:63:6f:6c:2a:
                    f2:b9:52:df:8f:fa:72:09:8f:e5:be:fe:72:f6:17:
                    e5:3c:65:28:5a:ed:47:12:8c:88:c3:ce:db:c6:7d:
                    ab:53:ab:3f:8f:a0:4f:ba:ba:19:46:0a:08:0e:de:
                    ca:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:01:3E:17:83:58:CB:35:A8:B7:65:C9:BC:09:0A:E9:CF:1C:4F:BE
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B2C88/24299DCA978E11EBBD81B055C4F9AE02/2gE-F4NYyzWot2XJvAkK6c8cT74.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  23936

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.229.96.0/24
                  180.178.72.0/21
                IPv6:
                  2402:4400::/32

    Signature Algorithm: sha256WithRSAEncryption
         a6:67:eb:32:6f:09:62:62:16:80:6f:f3:16:55:07:0f:b4:04:
         19:1b:52:7f:02:b1:ce:fa:e0:b7:00:39:4b:eb:b3:d1:4f:e6:
         de:9d:82:06:6d:76:ba:6b:e8:59:12:d5:09:82:3f:5f:c8:bd:
         c4:61:fe:84:db:1c:c0:df:a6:9b:88:5a:d7:c7:0f:91:d7:67:
         3f:52:1c:15:00:8a:fd:5e:3c:50:b8:9e:10:bc:63:70:fb:a8:
         b1:7d:38:8f:db:8a:97:74:35:8d:de:15:f5:22:2c:69:85:6b:
         3f:cd:3b:17:71:ca:04:29:c3:c1:df:5d:11:87:ce:f5:bc:bf:
         c9:cc:83:14:bd:d0:2f:5f:28:50:94:44:b7:c1:ed:2c:30:b6:
         d0:17:7e:68:ff:70:95:0d:5d:05:ba:61:cd:24:2b:c2:33:99:
         70:63:7e:81:e2:72:24:e2:d1:28:02:48:09:b0:09:3b:46:8c:
         16:c4:9b:b9:41:5a:e2:53:a8:e7:2e:04:fe:fa:da:0f:83:d6:
         47:8c:df:38:f1:bd:b0:2d:90:ae:ae:59:15:f6:30:ee:f5:2f:
         a8:a5:92:71:a7:05:16:bf:7d:d2:6f:22:1b:eb:d8:ee:fb:da:
         09:43:77:6c:41:96:c5:17:a7:f2:44:b9:95:67:ca:4f:36:19:
         0e:8c:f4:5f
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgIDAhmNMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTEwNjAzMDA0MloXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjJDODgxMTAvBgNVBAUTKERBMDEzRTE3ODM1OENCMzVBOEI3NjVD
OUJDMDkwQUU5Q0YxQzRGQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCjkEigPudEqcJj62nDJt9PA8MYp6Zo/IiqoBpkcjLjWcXpPuro+0pAavMUHzhb
za1JTA1MgD4pqDll01vr4l1idOtUhfeNCRXVbXcy4szHo6cDyNpSUcQ8A+YAtkz+
lonZxS+E1VbTlQLFfXk7mEsiKzaXIr5XoAoyBujMLcRPovy5n7hAvJlEDndpIh3K
O1cx/o7gpdUBStFZOKl36/izw2NCPc6ZWSnshj2m1eLcvk7dKHbDYm4Q0fTfEA4l
8ROqOZxOUWp9CUk84LJaY29sKvK5Ut+P+nIJj+W+/nL2F+U8ZSha7UcSjIjDztvG
fatTqz+PoE+6uhlGCggO3spJAgMBAAGjggMjMIIDHzAdBgNVHQ4EFgQU2gE+F4NY
yzWot2XJvAkK6c8cT74wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUIyQzg4LzI0Mjk5RENBOTc4RTExRUJCRDgxQjA1NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCMkM4OC8yNDI5OURDQTk3OEUxMUVCQkQ4MUIwNTVDNEY5QUUwMi8yZ0UtRjRO
WXl6V290MlhKdkFrSzZjOGNUNzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICXYAwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBABn5WADBAO0skgw
DQQCAAIwBwMFACQCRAAwDQYJKoZIhvcNAQELBQADggEBAKZn6zJvCWJiFoBv8xZV
Bw+0BBkbUn8Csc764LcAOUvrs9FP5t6dggZtdrpr6FkS1QmCP1/IvcRh/oTbHMDf
ppuIWtfHD5HXZz9SHBUAiv1ePFC4nhC8Y3D7qLF9OI/bipd0NY3eFfUiLGmFaz/N
OxdxygQpw8HfXRGHzvW8v8nMgxS90C9fKFCURLfB7SwwttAXfmj/cJUNXQW6Yc0k
K8IzmXBjfoHiciTi0SgCSAmwCTtGjBbEm7lBWuJTqOcuBP762g+D1keM3zjxvbAt
kK6uWRX2MO71L6ilknGnBRa/fdJvIhvr2O772glDd2xBlsUXp/JEuZVnyk82GQ6M
9F8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:14:57 2024 by rpki-client on console-ams.rpki-client.org