Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3oFz59KP6tHsOpLJdljacyhQk-U.cer
File:                     3oFz59KP6tHsOpLJdljacyhQk-U.cer (raw, json)
Hash identifier:          obAOX8JpZDg8c4J3xSEoQ1GECoajpYPgSCfHVG32Er4=
Subject key identifier:   DE:81:73:E7:D2:8F:EA:D1:EC:3A:92:C9:76:58:DA:73:28:50:93:E5
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D6C7
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A917C11A/C086EA985A3911EB8E59C266C4F9AE02/3oFz59KP6tHsOpLJdljacyhQk-U.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A917C11A/C086EA985A3911EB8E59C266C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 04 Jan 2024 17:33:43 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 134474
                          IP: 103.160.66.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120519 (0x1d6c7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan  4 17:33:43 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A917C11A/serialNumber=DE8173E7D28FEAD1EC3A92C97658DA73285093E5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:52:14:19:1d:17:86:2f:67:c3:9a:63:1d:46:
                    dd:a0:4a:a1:3c:44:38:9c:72:1f:58:33:94:66:f8:
                    80:ec:9a:d9:0f:39:cb:e6:88:51:39:2c:0c:1e:e6:
                    76:49:02:03:60:d9:88:87:cd:0c:1b:37:50:3f:2c:
                    c7:29:c4:a6:30:91:e7:59:78:40:93:27:d5:94:a4:
                    2e:88:d6:9c:e0:1b:36:38:68:8a:87:3b:5d:cd:39:
                    4b:45:65:ad:b4:4f:95:c5:92:1b:f5:cd:fb:0a:1f:
                    e0:70:bf:eb:e1:ff:17:32:27:5f:e0:ad:4e:16:6d:
                    3e:4c:6a:02:44:e3:6c:54:87:e9:4f:a5:d9:a0:25:
                    4c:67:d3:a9:97:b5:5b:dd:27:ca:93:da:97:60:95:
                    23:1f:8f:d1:9e:ba:0f:f9:ca:39:75:0f:b4:b3:af:
                    b2:da:5d:f4:96:69:b0:39:b4:d3:85:18:cb:2c:b1:
                    b6:66:e3:a6:02:25:24:e8:a6:72:77:43:79:d5:54:
                    79:29:0f:94:b5:f4:ee:9b:61:16:c9:26:14:f4:62:
                    74:41:18:e4:e1:d1:2a:35:61:24:39:63:fb:c9:4e:
                    a2:42:73:d3:ea:59:4f:c2:0e:32:09:9d:7f:de:c8:
                    a0:1f:9b:22:c0:7a:e1:b0:1b:1f:70:09:4f:65:d4:
                    7c:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:81:73:E7:D2:8F:EA:D1:EC:3A:92:C9:76:58:DA:73:28:50:93:E5
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917C11A/C086EA985A3911EB8E59C266C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917C11A/C086EA985A3911EB8E59C266C4F9AE02/3oFz59KP6tHsOpLJdljacyhQk-U.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  134474

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.160.66.0/23

    Signature Algorithm: sha256WithRSAEncryption
         bc:86:8c:0a:57:d2:15:74:e6:9f:eb:28:a0:4b:b5:0a:e8:8f:
         71:74:db:de:83:4e:e0:3f:1f:f0:c0:7a:60:e6:78:b8:e3:d6:
         f3:2d:bb:7c:93:77:68:89:43:b0:32:4d:df:99:e7:1a:d2:62:
         4d:b0:f2:5e:6a:18:4f:3f:92:13:be:00:3d:b0:21:ca:bd:ea:
         a9:65:c4:3a:68:16:fe:1f:3d:d9:53:49:5e:aa:b9:52:70:1c:
         91:0b:a4:f1:1a:f1:31:b5:c1:1f:05:89:e2:5b:ca:7f:8c:32:
         3b:34:52:c9:e7:77:51:c8:dd:4a:e2:8c:0b:7b:08:90:55:2e:
         e0:80:57:f3:7b:4c:52:f3:39:23:28:30:dc:83:80:bb:df:b1:
         dc:56:85:b9:17:7c:89:79:40:f8:23:f1:4f:ad:53:62:bd:fc:
         02:e6:f1:6e:ac:7b:8f:e7:c8:7e:df:ac:ac:5c:1a:ff:d0:df:
         fb:55:48:ce:12:e1:35:80:85:3d:a5:0c:29:f5:67:f4:f5:07:
         2d:fa:7a:70:c8:e2:84:9e:1e:8d:d2:fc:26:44:b2:52:9e:de:
         ea:a9:74:5b:68:d0:60:0b:e4:be:51:4b:87:88:4e:b9:6b:47:
         e2:21:ea:3b:03:7f:68:ac:00:de:8a:38:c3:48:18:ac:b4:2e:
         6e:b1:dc:b6
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAdbHMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEwNDE3MzM0M1oXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxN0MxMUExMTAvBgNVBAUTKERFODE3M0U3RDI4RkVBRDFFQzNBOTJD
OTc2NThEQTczMjg1MDkzRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC4UhQZHReGL2fDmmMdRt2gSqE8RDicch9YM5Rm+IDsmtkPOcvmiFE5LAwe5nZJ
AgNg2YiHzQwbN1A/LMcpxKYwkedZeECTJ9WUpC6I1pzgGzY4aIqHO13NOUtFZa20
T5XFkhv1zfsKH+Bwv+vh/xcyJ1/grU4WbT5MagJE42xUh+lPpdmgJUxn06mXtVvd
J8qT2pdglSMfj9Geug/5yjl1D7Szr7LaXfSWabA5tNOFGMsssbZm46YCJSTopnJ3
Q3nVVHkpD5S19O6bYRbJJhT0YnRBGOTh0So1YSQ5Y/vJTqJCc9PqWU/CDjIJnX/e
yKAfmyLAeuGwGx9wCU9l1HypAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQU3oFz59KP
6tHsOpLJdljacyhQk+UwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdDMTFBL0MwODZFQTk4NUEzOTExRUI4RTU5QzI2NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3QzExQS9DMDg2RUE5ODVBMzkxMUVCOEU1OUMyNjZDNEY5QUUwMi8zb0Z6NTlL
UDZ0SHNPcExKZGxqYWN5aFFrLVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg1KMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ6BCMA0GCSqG
SIb3DQEBCwUAA4IBAQC8howKV9IVdOaf6yigS7UK6I9xdNveg07gPx/wwHpg5ni4
49bzLbt8k3doiUOwMk3fmeca0mJNsPJeahhPP5ITvgA9sCHKveqpZcQ6aBb+Hz3Z
U0leqrlScByRC6TxGvExtcEfBYniW8p/jDI7NFLJ53dRyN1K4owLewiQVS7ggFfz
e0xS8zkjKDDcg4C737HcVoW5F3yJeUD4I/FPrVNivfwC5vFurHuP58h+36ysXBr/
0N/7VUjOEuE1gIU9pQwp9Wf09Qct+npwyOKEnh6N0vwmRLJSnt7qqXRbaNBgC+S+
UUuHiE65a0fiIeo7A39orADeijjDSBistC5usdy2
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:07 2024 by rpki-client on console-fra.rpki-client.org