Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2nNptJciuhObe2DznIi0m9uzXz0.cer
File:                     2nNptJciuhObe2DznIi0m9uzXz0.cer (raw, json)
Hash identifier:          t3vPSMKslan7Fa2lX6DY2jvDIe03nB9LQcf2RF3eq4U=
Subject key identifier:   DA:73:69:B4:97:22:BA:13:9B:7B:60:F3:9C:88:B4:9B:DB:B3:5F:3D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E93D
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A917E623/A25D489E504711EEB677365DC4F9AE02/2nNptJciuhObe2DznIi0m9uzXz0.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A917E623/A25D489E504711EEB677365DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 03 Apr 2024 07:33:53 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 24459
                          AS: 132832
                          AS: 139580
                          IP: 43.239.96.0/22
                          IP: 103.6.212.0/23
                          IP: 103.16.180.0/23
                          IP: 103.248.176.0 -- 103.248.178.255
                          IP: 202.37.129.0/24
                          IP: 2403:4f00::/32
                          IP: 2406:fd00::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 06:14:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 125245 (0x1e93d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Apr  3 07:33:53 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A917E623/serialNumber=DA7369B49722BA139B7B60F39C88B49BDBB35F3D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:2a:30:ff:df:f0:27:6f:8b:96:c0:1d:0d:12:
                    c0:c8:3f:1e:5b:e8:91:8f:8a:f0:c8:fb:9a:58:61:
                    a6:ca:58:8b:cc:da:4d:9b:30:0c:4f:6b:c6:8c:48:
                    34:f3:50:b5:72:2c:d3:49:20:4c:9e:da:81:11:42:
                    c4:f3:1a:be:b7:30:d7:be:85:96:a2:7f:fd:53:11:
                    2f:d2:18:5e:d0:8e:4f:bf:55:e1:07:71:b5:54:38:
                    0b:dd:e4:93:41:48:17:c0:78:6b:ab:c4:6b:6d:39:
                    fd:c8:df:4c:4b:da:fe:24:a9:5a:de:ff:12:67:28:
                    c2:81:40:0d:03:39:c3:bd:37:09:ad:cd:f8:62:11:
                    a3:1d:2e:af:9c:38:76:c1:8f:39:40:1d:e7:9e:63:
                    ba:20:c0:e8:54:a2:da:6a:62:d4:e5:54:80:61:82:
                    e0:78:07:73:18:7e:b3:38:57:1d:8d:91:cb:95:d2:
                    36:b6:b5:2e:1c:f5:c1:eb:bc:ed:63:1c:79:bf:fe:
                    c1:e2:da:39:ad:0d:2d:5f:34:ee:71:67:c4:f8:6b:
                    2b:de:de:33:05:e8:c5:8d:0f:2d:f7:5f:d1:fc:f5:
                    0c:70:cd:ee:c7:46:b0:ce:ac:74:c0:04:65:c0:14:
                    f0:45:4a:56:44:d8:1b:60:d0:4a:59:46:74:9b:16:
                    0a:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:73:69:B4:97:22:BA:13:9B:7B:60:F3:9C:88:B4:9B:DB:B3:5F:3D
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917E623/A25D489E504711EEB677365DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917E623/A25D489E504711EEB677365DC4F9AE02/2nNptJciuhObe2DznIi0m9uzXz0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  24459
                  132832
                  139580

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.239.96.0/22
                  103.6.212.0/23
                  103.16.180.0/23
                  103.248.176.0-103.248.178.255
                  202.37.129.0/24
                IPv6:
                  2403:4f00::/32
                  2406:fd00::/32

    Signature Algorithm: sha256WithRSAEncryption
         c9:7a:c5:f2:79:54:ec:eb:f5:94:5a:a3:1f:dd:c9:36:9e:c6:
         5c:68:dd:13:f8:3f:05:99:b2:99:f4:de:95:68:c0:47:44:45:
         f7:09:35:69:71:dc:1d:f4:60:4d:1b:94:49:9d:c0:78:6d:3a:
         75:ac:9c:02:54:d1:e6:5b:1a:38:da:ec:78:9c:03:31:11:a5:
         31:14:94:ae:91:5a:ff:7a:7c:83:d0:a0:8f:91:76:38:f2:72:
         28:b0:5c:3f:ac:90:7f:32:47:31:55:94:01:09:d3:0d:bb:a1:
         70:56:a8:b9:59:af:85:5d:6e:e4:5f:17:e3:bd:c0:60:24:4a:
         0a:63:a6:85:90:94:b5:4a:be:c8:8d:41:fb:3c:1e:a0:29:9a:
         b1:83:30:cf:03:2d:0a:92:4d:30:92:75:25:15:14:98:c7:c2:
         86:96:90:51:56:5b:14:7a:90:eb:4e:1a:01:b0:b1:18:21:62:
         55:7d:8b:bc:1c:a8:93:ef:7f:a8:7e:60:97:f3:fb:ae:8e:3a:
         5d:41:88:03:08:13:b4:e7:8c:b4:ed:e0:8d:fe:4f:42:5c:da:
         58:9d:92:1f:df:72:43:55:bc:2e:d5:49:96:81:00:85:01:7f:
         17:64:a9:8b:cd:4a:7d:3a:a5:fc:1c:f9:35:73:2d:de:6f:c8:
         5b:78:36:1d
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgIDAek9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQwMzA3MzM1M1oXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxN0U2MjMxMTAvBgNVBAUTKERBNzM2OUI0OTcyMkJBMTM5QjdCNjBG
MzlDODhCNDlCREJCMzVGM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDNKjD/3/Anb4uWwB0NEsDIPx5b6JGPivDI+5pYYabKWIvM2k2bMAxPa8aMSDTz
ULVyLNNJIEye2oERQsTzGr63MNe+hZaif/1TES/SGF7Qjk+/VeEHcbVUOAvd5JNB
SBfAeGurxGttOf3I30xL2v4kqVre/xJnKMKBQA0DOcO9NwmtzfhiEaMdLq+cOHbB
jzlAHeeeY7ogwOhUotpqYtTlVIBhguB4B3MYfrM4Vx2NkcuV0ja2tS4c9cHrvO1j
HHm//sHi2jmtDS1fNO5xZ8T4ayve3jMF6MWNDy33X9H89Qxwze7HRrDOrHTABGXA
FPBFSlZE2Btg0EpZRnSbFgr7AgMBAAGjggNOMIIDSjAdBgNVHQ4EFgQU2nNptJci
uhObe2DznIi0m9uzXz0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdFNjIzL0EyNUQ0ODlFNTA0NzExRUVCNjc3MzY1REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3RTYyMy9BMjVENDg5RTUwNDcxMUVFQjY3NzM2NURDNEY5QUUwMi8ybk5wdEpj
aXVoT2JlMkR6bklpMG05dXpYejAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIwYIKwYBBQUHAQgBAf8EFDAS
oBAwDgICX4sCAwIG4AIDAiE8MFUGCCsGAQUFBwEHAQH/BEYwRDAsBAIAATAmAwQC
K+9gAwQBZwbUAwQBZxC0MAwDBARn+LADBABn+LIDBADKJYEwFAQCAAIwDgMFACQD
TwADBQAkBv0AMA0GCSqGSIb3DQEBCwUAA4IBAQDJesXyeVTs6/WUWqMf3ck2nsZc
aN0T+D8FmbKZ9N6VaMBHREX3CTVpcdwd9GBNG5RJncB4bTp1rJwCVNHmWxo42ux4
nAMxEaUxFJSukVr/enyD0KCPkXY48nIosFw/rJB/MkcxVZQBCdMNu6FwVqi5Wa+F
XW7kXxfjvcBgJEoKY6aFkJS1Sr7IjUH7PB6gKZqxgzDPAy0Kkk0wknUlFRSYx8KG
lpBRVlsUepDrThoBsLEYIWJVfYu8HKiT73+ofmCX8/uujjpdQYgDCBO054y07eCN
/k9CXNpYnZIf33JDVbwu1UmWgQCFAX8XZKmLzUp9OqX8HPk1cy3eb8hbeDYd
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:58:25 2024 by rpki-client on console-fra.rpki-client.org