Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3WHCKpWyjv3jeDEqdZ-sr-5AbBg.cer
File:                     3WHCKpWyjv3jeDEqdZ-sr-5AbBg.cer (raw, json)
Hash identifier:          /zs0wj8/tPX/HPVzySDvKeq7KVKBxb7Jw421P3k9GL4=
Subject key identifier:   DD:61:C2:2A:95:B2:8E:FD:E3:78:31:2A:75:9F:AC:AF:EE:40:6C:18
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01BFB7
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A912918B/7E0CEEFAEEB511EAAA4FAD32C4F9AE02/3WHCKpWyjv3jeDEqdZ-sr-5AbBg.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A912918B/7E0CEEFAEEB511EAAA4FAD32C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 26 Sep 2023 13:38:40 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 141154
                          IP: 103.155.98.0/23
                          IP: 2001:df4:c080::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 23:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 114615 (0x1bfb7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Sep 26 13:38:40 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A912918B/serialNumber=DD61C22A95B28EFDE378312A759FACAFEE406C18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:3d:a9:3d:2d:40:03:7b:b1:4d:16:c4:9e:5c:
                    32:0d:b0:79:4d:66:9c:df:52:00:87:df:9b:ff:82:
                    85:c2:4f:77:f4:24:55:34:74:be:2e:f7:3e:41:fc:
                    3d:ab:76:6e:c0:68:83:19:50:4d:fe:32:b0:c9:07:
                    ec:a9:36:33:da:60:56:55:e6:52:de:bc:bb:64:e5:
                    89:ee:21:38:96:62:9e:f6:24:b9:3b:7e:50:a2:43:
                    86:bb:df:0e:ac:5f:f7:c1:ab:d5:f2:c4:d3:ee:4c:
                    0a:7c:b9:9a:aa:fb:ac:bf:f4:2e:96:1b:72:81:3a:
                    ec:bb:d9:d6:fa:8e:8f:90:33:09:d0:f7:e3:82:36:
                    18:e6:ab:f2:a6:36:c8:05:86:e0:53:5a:b7:2b:2f:
                    59:9a:03:ed:a8:f4:8d:a4:26:d8:2f:02:9c:49:ab:
                    cb:7a:26:ff:a3:de:dc:71:63:db:a9:6a:70:80:ea:
                    2b:f6:d3:d2:90:75:35:ec:d7:dc:9c:45:18:f3:3f:
                    56:e3:5f:ec:e7:4e:e1:bc:9c:ab:47:9c:26:80:cf:
                    ec:2c:aa:a6:6f:62:ec:29:af:99:c5:51:e7:e7:fb:
                    20:30:d1:ce:b2:24:64:9b:b9:ce:e4:65:46:40:a9:
                    be:1a:01:bb:f3:3c:e5:20:38:ce:49:e1:17:fc:60:
                    7d:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DD:61:C2:2A:95:B2:8E:FD:E3:78:31:2A:75:9F:AC:AF:EE:40:6C:18
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912918B/7E0CEEFAEEB511EAAA4FAD32C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912918B/7E0CEEFAEEB511EAAA4FAD32C4F9AE02/3WHCKpWyjv3jeDEqdZ-sr-5AbBg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  141154

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.155.98.0/23
                IPv6:
                  2001:df4:c080::/48

    Signature Algorithm: sha256WithRSAEncryption
         ba:5c:f8:51:aa:e7:bc:a1:df:06:57:90:31:38:9e:38:ef:16:
         57:4f:51:4f:6a:72:2b:1d:d2:38:9e:f9:36:c9:fd:37:44:f4:
         c5:ae:e2:7e:e8:ea:11:eb:df:f6:2b:34:db:2e:35:11:ff:e9:
         f3:84:53:35:8b:ca:ad:ae:b1:d5:e8:b7:79:e7:f3:b3:35:ef:
         1e:da:de:ed:f3:c6:93:fd:4a:a0:d1:1e:08:17:65:91:a2:49:
         9d:cc:8d:10:5d:2c:56:32:b9:52:56:ae:5b:a4:c1:5d:99:9b:
         d8:b2:bb:70:5d:67:3c:26:5e:3d:04:1a:58:57:06:8c:82:c5:
         25:65:da:92:12:24:c8:77:5c:9d:ec:f8:c3:cd:3a:97:5a:0b:
         02:17:1b:42:48:65:cf:98:6e:46:85:84:5e:56:2c:4f:2a:ea:
         66:6d:c0:6b:8f:88:2a:9f:01:13:69:e6:31:76:82:92:33:00:
         cf:4b:13:6d:cc:1b:84:bb:4b:75:3e:f4:ed:2c:5a:d4:8f:cd:
         b7:59:08:35:20:e6:81:f0:43:bd:88:15:0e:7f:ea:a7:68:54:
         29:08:dc:57:76:3a:33:8f:c1:a1:c0:35:aa:c6:74:d3:9e:56:
         fa:ee:1d:11:33:4f:0c:8e:cc:3e:43:56:b7:78:f8:f9:11:d8:
         e2:cd:e6:1a
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAb+3MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDkyNjEzMzg0MFoXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjkxOEIxMTAvBgNVBAUTKERENjFDMjJBOTVCMjhFRkRFMzc4MzEy
QTc1OUZBQ0FGRUU0MDZDMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnPak9LUADe7FNFsSeXDINsHlNZpzfUgCH35v/goXCT3f0JFU0dL4u9z5B/D2r
dm7AaIMZUE3+MrDJB+ypNjPaYFZV5lLevLtk5YnuITiWYp72JLk7flCiQ4a73w6s
X/fBq9XyxNPuTAp8uZqq+6y/9C6WG3KBOuy72db6jo+QMwnQ9+OCNhjmq/KmNsgF
huBTWrcrL1maA+2o9I2kJtgvApxJq8t6Jv+j3txxY9upanCA6iv209KQdTXs19yc
RRjzP1bjX+znTuG8nKtHnCaAz+wsqqZvYuwpr5nFUefn+yAw0c6yJGSbuc7kZUZA
qb4aAbvzPOUgOM5J4Rf8YH2nAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQU3WHCKpWy
jv3jeDEqdZ+sr+5AbBgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI5MThCLzdFMENFRUZBRUVCNTExRUFBQTRGQUQzMkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyOTE4Qi83RTBDRUVGQUVFQjUxMUVBQUE0RkFEMzJDNEY5QUUwMi8zV0hDS3BX
eWp2M2plREVxZFotc3ItNUFiQmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAidiMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ5tiMA8EAgAC
MAkDBwAgAQ30wIAwDQYJKoZIhvcNAQELBQADggEBALpc+FGq57yh3wZXkDE4njjv
FldPUU9qcisd0jie+TbJ/TdE9MWu4n7o6hHr3/YrNNsuNRH/6fOEUzWLyq2usdXo
t3nn87M17x7a3u3zxpP9SqDRHggXZZGiSZ3MjRBdLFYyuVJWrlukwV2Zm9iyu3Bd
ZzwmXj0EGlhXBoyCxSVl2pISJMh3XJ3s+MPNOpdaCwIXG0JIZc+YbkaFhF5WLE8q
6mZtwGuPiCqfARNp5jF2gpIzAM9LE23MG4S7S3U+9O0sWtSPzbdZCDUg5oHwQ72I
FQ5/6qdoVCkI3Fd2OjOPwaHANarGdNOeVvruHREzTwyOzD5DVrd4+PkR2OLN5ho=
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:50:06 2024 by rpki-client on console-ams.rpki-client.org