Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3EdNayXV4aHNHSkADMwU6vkzQdI.cer
File:                     3EdNayXV4aHNHSkADMwU6vkzQdI.cer (raw, json)
Hash identifier:          yoZHF+Zimyu2MgTYQagSUs+hVDEOl1eak8Jnqyea75I=
Subject key identifier:   DC:47:4D:6B:25:D5:E1:A1:CD:1D:29:00:0C:CC:14:EA:F9:33:41:D2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01B90C
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A917C373/CFCAC6106FF511E69F2B1023C4F9AE02/3EdNayXV4aHNHSkADMwU6vkzQdI.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A917C373/CFCAC6106FF511E69F2B1023C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sun 27 Aug 2023 16:45:25 +0000
Certificate not after:    Thu 31 Oct 2024 00:00:00 +0000
Subordinate resources:    AS: 10112
                          IP: 103.70.136.0/23
                          IP: 2001:df3:b200::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 112908 (0x1b90c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Aug 27 16:45:25 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=A917C373/serialNumber=DC474D6B25D5E1A1CD1D29000CCC14EAF93341D2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:8b:ae:df:e7:43:8d:56:b8:ac:50:f3:bb:54:
                    12:88:4f:3e:0b:64:19:a3:fd:04:61:ba:ef:f9:60:
                    c9:57:ec:77:88:77:2b:ff:35:e6:03:f5:88:1e:26:
                    7d:2c:94:9e:f2:4b:52:16:53:2d:b5:14:79:d1:7f:
                    f6:2f:6a:e1:2e:c6:bd:09:7b:c4:59:79:67:58:99:
                    3a:c2:1e:57:68:38:11:3b:c5:0c:93:78:98:3a:7f:
                    a7:53:7d:16:50:58:5e:96:97:78:9b:d7:c2:a8:88:
                    c7:8f:fc:df:a1:af:bf:4b:63:f4:55:57:64:9a:8b:
                    f8:64:f5:3e:41:5f:fa:9c:15:98:41:35:e4:08:28:
                    d1:07:6f:79:e2:6a:ec:30:c3:37:23:84:9a:d0:4e:
                    87:3f:bf:e5:72:2b:50:12:64:5a:51:cf:76:a5:e9:
                    0d:ac:c1:82:6c:13:52:3d:af:9e:99:12:f9:cd:35:
                    d0:6e:c6:32:2f:0e:d0:4b:a8:43:e3:a2:3d:84:ac:
                    89:61:2d:af:18:03:57:cc:6d:9b:eb:62:c3:b8:fa:
                    79:31:b4:2f:19:ae:17:5f:4d:8c:c8:08:3b:a6:02:
                    ba:92:25:23:22:3e:ac:ce:78:31:74:84:64:39:8c:
                    69:93:84:65:b8:18:6b:c1:a4:d7:af:6b:d0:42:ed:
                    39:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:47:4D:6B:25:D5:E1:A1:CD:1D:29:00:0C:CC:14:EA:F9:33:41:D2
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917C373/CFCAC6106FF511E69F2B1023C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917C373/CFCAC6106FF511E69F2B1023C4F9AE02/3EdNayXV4aHNHSkADMwU6vkzQdI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  10112

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.70.136.0/23
                IPv6:
                  2001:df3:b200::/48

    Signature Algorithm: sha256WithRSAEncryption
         d4:7a:b8:6e:27:92:37:7c:36:f2:f7:b6:df:02:fd:6f:79:8d:
         34:a6:38:6a:89:88:48:e8:d6:aa:60:71:bd:25:04:33:27:2c:
         24:9b:39:bc:89:8b:44:fb:04:1e:cd:17:df:9d:64:a6:e7:b1:
         7e:5e:3e:bd:9f:a9:b6:8a:e7:1e:ea:00:72:88:27:1a:06:e4:
         3e:00:cb:20:ae:59:b4:40:a1:a5:49:4a:fc:fb:4a:d5:86:cd:
         b4:c5:d3:a9:79:7b:27:e9:19:06:6f:c7:0f:96:ee:42:79:82:
         4a:fe:01:ed:d0:8f:97:2e:e5:b8:0f:df:3b:c8:57:a3:c7:35:
         58:05:a6:7f:b2:71:2d:9f:d4:22:98:cd:2e:5f:97:09:d6:8a:
         44:c1:0d:d3:d5:97:08:ea:da:e7:92:bb:61:15:b6:4e:a6:1a:
         af:90:84:b2:61:88:1e:14:dc:c3:ed:00:01:f2:7e:a8:a1:6b:
         c1:a3:71:b6:d2:ba:ce:57:44:b0:e3:c3:65:2e:60:b2:e7:17:
         2d:e1:bc:c8:59:14:4d:cc:c6:d6:21:77:c3:83:b2:e2:5a:bf:
         94:ae:b3:5c:a9:bc:1f:ee:ff:e1:c4:9a:81:42:aa:ce:35:db:
         7c:b8:b9:6f:5f:1b:47:a9:91:28:a1:1c:77:e9:af:8e:3b:1a:
         b1:5f:e0:03
-----BEGIN CERTIFICATE-----
MIIGKjCCBRKgAwIBAgIDAbkMMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDgyNzE2NDUyNVoXDTI0MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxN0MzNzMxMTAvBgNVBAUTKERDNDc0RDZCMjVENUUxQTFDRDFEMjkw
MDBDQ0MxNEVBRjkzMzQxRDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAi67f50ONVrisUPO7VBKITz4LZBmj/QRhuu/5YMlX7HeIdyv/NeYD9YgeJn0s
lJ7yS1IWUy21FHnRf/YvauEuxr0Je8RZeWdYmTrCHldoOBE7xQyTeJg6f6dTfRZQ
WF6Wl3ib18KoiMeP/N+hr79LY/RVV2Sai/hk9T5BX/qcFZhBNeQIKNEHb3niauww
wzcjhJrQToc/v+VyK1ASZFpRz3al6Q2swYJsE1I9r56ZEvnNNdBuxjIvDtBLqEPj
oj2ErIlhLa8YA1fMbZvrYsO4+nkxtC8ZrhdfTYzICDumArqSJSMiPqzOeDF0hGQ5
jGmThGW4GGvBpNeva9BC7TmjAgMBAAGjggMfMIIDGzAdBgNVHQ4EFgQU3EdNayXV
4aHNHSkADMwU6vkzQdIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdDMzczL0NGQ0FDNjEwNkZGNTExRTY5RjJCMTAyM0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3QzM3My9DRkNBQzYxMDZGRjUxMUU2OUYyQjEwMjNDNEY5QUUwMi8zRWROYXlY
VjRhSE5IU2tBRE13VTZ2a3pRZEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICJ4AwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAFnRogwDwQCAAIw
CQMHACABDfOyADANBgkqhkiG9w0BAQsFAAOCAQEA1Hq4bieSN3w28ve23wL9b3mN
NKY4aomISOjWqmBxvSUEMycsJJs5vImLRPsEHs0X351kpuexfl4+vZ+ptornHuoA
cognGgbkPgDLIK5ZtEChpUlK/PtK1YbNtMXTqXl7J+kZBm/HD5buQnmCSv4B7dCP
ly7luA/fO8hXo8c1WAWmf7JxLZ/UIpjNLl+XCdaKRMEN09WXCOra55K7YRW2TqYa
r5CEsmGIHhTcw+0AAfJ+qKFrwaNxttK6zldEsOPDZS5gsucXLeG8yFkUTczG1iF3
w4Oy4lq/lK6zXKm8H+7/4cSagUKqzjXbfLi5b18bR6mRKKEcd+mvjjsasV/gAw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:01:59 2024 by rpki-client on console-fra.rpki-client.org