Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/47y6iL7cKnaKmGX0FtaKfDAz9Gk.cer
File:                     47y6iL7cKnaKmGX0FtaKfDAz9Gk.cer (raw, json)
Hash identifier:          teGHldh1wyFucZH404rU1ktIJhB/Y95FH0l5dNUbonk=
Subject key identifier:   E3:BC:BA:88:BE:DC:2A:76:8A:98:65:F4:16:D6:8A:7C:30:33:F4:69
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CDE2
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9123072/0CEA495C0B5C11EB99A17562C4F9AE02/47y6iL7cKnaKmGX0FtaKfDAz9Gk.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9123072/0CEA495C0B5C11EB99A17562C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 30 Nov 2023 13:26:10 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    AS: 135017
                          IP: 45.116.164.0/22
                          IP: 59.153.148.0/22
                          IP: 61.4.112.0/20
                          IP: 103.198.192.0/22
                          IP: 103.229.64.0/22
                          IP: 103.229.224.0/22
                          IP: 103.230.144.0/22
                          IP: 103.232.136.0/22
                          IP: 114.29.252.0/22
                          IP: 118.107.224.0/21
                          IP: 118.107.244.0 -- 118.107.255.255
                          IP: 185.189.160.0/22

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118242 (0x1cde2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov 30 13:26:10 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A9123072/serialNumber=E3BCBA88BEDC2A768A9865F416D68A7C3033F469
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:2c:f0:37:08:98:04:09:6a:fb:d3:60:18:22:
                    09:81:3c:92:4a:b7:d4:9f:01:79:25:09:3c:66:d5:
                    f4:29:f0:9e:d5:a2:d7:da:7c:27:00:b5:6f:b4:ea:
                    38:24:c9:16:4f:43:fa:aa:94:05:27:2e:6f:a9:8f:
                    e5:d0:7e:bf:86:d6:3e:fa:4a:81:a1:0c:3f:5f:b8:
                    5d:e4:a7:75:69:e1:92:c9:e1:a5:d8:a6:7a:2b:20:
                    26:45:e3:f6:a6:76:8f:09:1f:47:0c:bf:ad:2b:bc:
                    39:3a:98:1c:50:1d:e8:e6:7e:a5:10:d5:f4:0e:1c:
                    58:aa:00:92:6c:5e:2e:85:3b:e5:25:12:62:2a:eb:
                    48:51:23:3c:10:a3:e2:47:2a:4d:d4:33:7b:70:66:
                    ab:dc:f7:a1:2c:48:ca:81:4e:53:ee:77:65:94:89:
                    9c:74:50:1f:1e:35:7f:cb:23:3f:ef:6d:ed:cd:3d:
                    8b:83:ce:07:eb:55:66:ff:8e:c3:f3:30:5d:49:70:
                    9c:40:b3:42:2a:a8:89:e0:f7:97:07:94:6b:bb:bf:
                    e3:85:81:eb:5b:90:d6:3c:53:38:bb:30:d0:73:f9:
                    8e:9d:85:77:39:77:96:da:1e:43:71:95:77:46:50:
                    d3:60:37:d1:12:75:41:9f:1c:e1:c7:07:1d:6d:73:
                    47:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:BC:BA:88:BE:DC:2A:76:8A:98:65:F4:16:D6:8A:7C:30:33:F4:69
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9123072/0CEA495C0B5C11EB99A17562C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9123072/0CEA495C0B5C11EB99A17562C4F9AE02/47y6iL7cKnaKmGX0FtaKfDAz9Gk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  135017

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.116.164.0/22
                  59.153.148.0/22
                  61.4.112.0/20
                  103.198.192.0/22
                  103.229.64.0/22
                  103.229.224.0/22
                  103.230.144.0/22
                  103.232.136.0/22
                  114.29.252.0/22
                  118.107.224.0/21
                  118.107.244.0-118.107.255.255
                  185.189.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ac:b9:ee:cc:8f:cf:a7:8f:3e:3f:69:b9:d7:94:d5:80:cb:76:
         eb:a8:f4:6f:ea:ff:d7:c0:13:1b:d9:ef:44:98:82:0a:b6:b8:
         bf:a8:80:d2:1d:e9:2f:b0:14:6a:c1:f0:ec:63:0b:be:77:1c:
         57:19:c3:98:1e:2b:7f:5e:67:f8:52:5d:db:83:88:b5:66:48:
         e2:be:cc:25:f6:a7:83:53:07:59:8d:d2:b7:62:56:7e:ee:39:
         40:0e:41:09:b9:e1:28:98:eb:f0:60:59:e3:93:dc:b2:2b:df:
         47:16:f6:60:2f:b2:3b:11:de:b8:cf:03:73:54:48:bd:ec:31:
         db:74:3f:25:89:d7:e3:ee:4b:6e:ba:87:54:6d:09:0d:4b:7d:
         14:5e:d6:2f:43:a7:3c:38:9c:f1:cd:bf:bf:cd:89:68:7b:2a:
         fc:40:86:98:a3:6a:4e:19:4a:7a:d6:75:fb:cf:11:a7:5d:f0:
         bc:99:27:52:ca:9c:0a:a9:a2:a1:f0:a0:1a:89:06:df:a6:d2:
         9d:f9:d8:96:36:0e:de:18:5e:9b:44:6b:7e:cb:ab:cf:f7:25:
         bb:d4:f3:5b:88:0b:23:aa:96:28:4b:b3:7d:85:7a:28:b1:90:
         f0:a5:99:38:93:0d:6d:76:90:82:c3:a5:f6:c6:80:3e:6a:7d:
         79:2c:9f:59
-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgIDAc3iMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEzMDEzMjYxMFoXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjMwNzIxMTAvBgNVBAUTKEUzQkNCQTg4QkVEQzJBNzY4QTk4NjVG
NDE2RDY4QTdDMzAzM0Y0NjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJLPA3CJgECWr702AYIgmBPJJKt9SfAXklCTxm1fQp8J7VotfafCcAtW+06jgk
yRZPQ/qqlAUnLm+pj+XQfr+G1j76SoGhDD9fuF3kp3Vp4ZLJ4aXYpnorICZF4/am
do8JH0cMv60rvDk6mBxQHejmfqUQ1fQOHFiqAJJsXi6FO+UlEmIq60hRIzwQo+JH
Kk3UM3twZqvc96EsSMqBTlPud2WUiZx0UB8eNX/LIz/vbe3NPYuDzgfrVWb/jsPz
MF1JcJxAs0IqqIng95cHlGu7v+OFgetbkNY8Uzi7MNBz+Y6dhXc5d5baHkNxlXdG
UNNgN9ESdUGfHOHHBx1tc0cDAgMBAAGjggNYMIIDVDAdBgNVHQ4EFgQU47y6iL7c
KnaKmGX0FtaKfDAz9GkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTIzMDcyLzBDRUE0OTVDMEI1QzExRUI5OUExNzU2MkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyMzA3Mi8wQ0VBNDk1QzBCNUMxMUVCOTlBMTc1NjJDNEY5QUUwMi80N3k2aUw3
Y0tuYUttR1gwRnRhS2ZEQXo5R2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg9pMGgGCCsGAQUFBwEHAQH/BFkwVzBVBAIAATBPAwQCLXSkAwQCO5mU
AwQEPQRwAwQCZ8bAAwQCZ+VAAwQCZ+XgAwQCZ+aQAwQCZ+iIAwQCch38AwQDdmvg
MAsDBAJ2a/QDAwJ2aAMEArm9oDANBgkqhkiG9w0BAQsFAAOCAQEArLnuzI/Pp48+
P2m515TVgMt266j0b+r/18ATG9nvRJiCCra4v6iA0h3pL7AUasHw7GMLvnccVxnD
mB4rf15n+FJd24OItWZI4r7MJfang1MHWY3St2JWfu45QA5BCbnhKJjr8GBZ45Pc
sivfRxb2YC+yOxHeuM8Dc1RIvewx23Q/JYnX4+5LbrqHVG0JDUt9FF7WL0OnPDic
8c2/v82JaHsq/ECGmKNqThlKetZ1+88Rp13wvJknUsqcCqmiofCgGokG36bSnfnY
ljYO3hhem0Rrfsurz/clu9TzW4gLI6qWKEuzfYV6KLGQ8KWZOJMNbXaQgsOl9saA
Pmp9eSyfWQ==
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:46:49 2024 by rpki-client on console-ams.rpki-client.org