Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer
File:                     3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer (raw, json)
Hash identifier:          TgYWsUBMdk0eEdX0Q+34TlSW4/kskqZzKcHUw+s4CQ0=
Subject key identifier:   DC:1B:39:B5:4F:60:89:1A:C7:78:A9:31:6D:71:B0:BE:80:06:39:6E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01EF5C
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 02 May 2024 03:13:02 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 136473
                          IP: 103.89.140.0/22
                          IP: 202.14.204.0/22
                          IP: 2400:f040::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 18:35:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 126812 (0x1ef5c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May  2 03:13:02 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A91DC4E1/serialNumber=DC1B39B54F60891AC778A9316D71B0BE8006396E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:6f:08:84:8a:44:28:7c:8f:eb:aa:54:93:1f:
                    5e:98:e0:95:d1:a9:ec:9f:65:f7:b4:db:9f:ca:39:
                    42:43:40:6e:6c:2d:98:2c:23:55:89:ec:71:3f:98:
                    89:8e:73:53:46:88:60:0f:ff:c3:06:aa:e9:20:4a:
                    3f:4d:3f:4b:53:de:09:b0:c0:8a:28:74:a0:93:f1:
                    af:90:1a:bd:39:e2:af:17:bd:fa:93:29:cf:68:bd:
                    dd:4c:7c:65:cd:b6:cc:a2:e1:99:f1:d9:4e:74:95:
                    cf:d6:ec:fb:3a:29:44:3d:a2:cc:f1:a6:58:44:ab:
                    bc:0f:11:c3:52:81:df:7b:9b:57:27:5a:42:4a:23:
                    2f:61:49:97:1e:16:96:03:5e:6d:7a:59:fb:44:e9:
                    85:2e:b4:18:f3:99:78:e2:cf:5c:fb:b7:46:d8:b3:
                    e8:70:5c:74:39:2b:d2:89:65:77:39:5c:f4:e0:fc:
                    3f:5f:a6:94:b0:70:ff:96:89:c6:57:8c:e2:b1:8b:
                    ec:5e:76:58:94:79:d5:c0:42:d0:80:05:0f:1b:29:
                    4e:d4:e0:c3:0c:19:ae:9e:d4:0e:23:7b:13:56:b8:
                    0d:a2:49:7c:77:bb:a8:82:99:10:60:f7:68:d9:16:
                    08:af:8b:17:5c:4f:b2:53:af:de:e9:8f:4d:91:43:
                    d0:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:1B:39:B5:4F:60:89:1A:C7:78:A9:31:6D:71:B0:BE:80:06:39:6E
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  136473

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.89.140.0/22
                  202.14.204.0/22
                IPv6:
                  2400:f040::/32

    Signature Algorithm: sha256WithRSAEncryption
         c6:45:27:c1:e5:5a:2f:cd:75:45:e5:f7:e3:3d:f9:a4:f3:d2:
         99:33:ac:84:bb:79:d3:21:43:a5:3b:bc:54:71:5f:0f:3a:55:
         a4:03:e5:ac:e3:5b:8f:66:0a:9f:5f:a7:7a:04:05:6f:24:14:
         9c:75:67:4f:60:3a:59:af:7c:1c:e0:17:1b:06:2b:48:46:64:
         e3:13:19:74:51:66:39:4c:90:83:72:27:f7:f3:87:39:10:06:
         09:f9:5c:32:3f:a6:aa:af:cc:a7:fa:56:87:4b:63:43:1d:f0:
         67:ed:77:7a:1c:ee:bb:e3:af:14:25:b8:df:29:94:ea:ed:6e:
         6d:7f:1d:ad:4a:51:7a:e7:a4:ba:9f:72:31:79:ab:f8:02:74:
         f2:4f:c4:79:bc:d6:b6:98:07:76:18:c8:33:aa:b1:f7:15:7d:
         92:f6:28:da:83:d3:5b:77:98:df:4a:48:aa:5f:4f:f0:44:5d:
         57:32:ff:e7:ac:d3:90:10:75:bc:b9:6c:58:b6:30:c2:8b:4c:
         3d:ff:da:10:9a:d3:bc:b6:00:fc:40:6d:bc:23:fa:e3:13:f0:
         2a:c7:a7:eb:2b:2a:0f:58:66:05:5b:50:c9:f9:57:59:92:af:
         80:f5:5f:5e:ae:d7:96:cd:b0:f9:77:2a:9b:a8:87:df:96:ad:
         b1:20:c2:61
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAe9cMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDUwMjAzMTMwMloXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxREM0RTExMTAvBgNVBAUTKERDMUIzOUI1NEY2MDg5MUFDNzc4QTkz
MTZENzFCMEJFODAwNjM5NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDcbwiEikQofI/rqlSTH16Y4JXRqeyfZfe025/KOUJDQG5sLZgsI1WJ7HE/mImO
c1NGiGAP/8MGqukgSj9NP0tT3gmwwIoodKCT8a+QGr054q8XvfqTKc9ovd1MfGXN
tsyi4Znx2U50lc/W7Ps6KUQ9oszxplhEq7wPEcNSgd97m1cnWkJKIy9hSZceFpYD
Xm16WftE6YUutBjzmXjiz1z7t0bYs+hwXHQ5K9KJZXc5XPTg/D9fppSwcP+WicZX
jOKxi+xedliUedXAQtCABQ8bKU7U4MMMGa6e1A4jexNWuA2iSXx3u6iCmRBg92jZ
FgivixdcT7JTr97pj02RQ9ArAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQU3Bs5tU9g
iRrHeKkxbXGwvoAGOW4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MURDNEUxLzIwMDRGMTQ0MTYwMTExRTdBOEFDMjI1REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEQzRFMS8yMDA0RjE0NDE2MDExMUU3QThBQzIyNURDNEY5QUUwMi8zQnM1dFU5
Z2lSckhlS2t4YlhHd3ZvQUdPVzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhUZMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ1mMAwQCyg7M
MA0EAgACMAcDBQAkAPBAMA0GCSqGSIb3DQEBCwUAA4IBAQDGRSfB5VovzXVF5ffj
Pfmk89KZM6yEu3nTIUOlO7xUcV8POlWkA+Ws41uPZgqfX6d6BAVvJBScdWdPYDpZ
r3wc4BcbBitIRmTjExl0UWY5TJCDcif384c5EAYJ+VwyP6aqr8yn+laHS2NDHfBn
7Xd6HO67468UJbjfKZTq7W5tfx2tSlF656S6n3Ixeav4AnTyT8R5vNa2mAd2GMgz
qrH3FX2S9ijag9Nbd5jfSkiqX0/wRF1XMv/nrNOQEHW8uWxYtjDCi0w9/9oQmtO8
tgD8QG28I/rjE/Aqx6frKyoPWGYFW1DJ+VdZkq+A9V9erteWzbD5dyqbqIfflq2x
IMJh
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:32 2024 by rpki-client on console-ams.rpki-client.org