Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4PPPvfp9B0J0-nSdQCnO41iPd8M.cer
File:                     4PPPvfp9B0J0-nSdQCnO41iPd8M.cer (raw, json)
Hash identifier:          eFXNn/siuNTVvWRIy8fg+i+p7fl9XOeGMBKadoPX1fI=
Subject key identifier:   E0:F3:CF:BD:FA:7D:07:42:74:FA:74:9D:40:29:CE:E3:58:8F:77:C3
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C8A6
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91D0853/5B94390E044111EB91C43E45C4F9AE02/4PPPvfp9B0J0-nSdQCnO41iPd8M.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91D0853/5B94390E044111EB91C43E45C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 02 Nov 2023 22:45:16 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    AS: 17452
                          IP: 202.91.160.0/20
                          IP: 2401:2880::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 116902 (0x1c8a6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov  2 22:45:16 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A91D0853/serialNumber=E0F3CFBDFA7D074274FA749D4029CEE3588F77C3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:59:2d:32:ce:0a:5d:0e:b6:da:bb:d6:dd:72:
                    19:3b:bb:9d:38:15:f5:e3:0e:51:8a:58:04:20:cc:
                    29:4f:38:eb:3b:26:a5:92:08:8d:27:e0:73:4f:f6:
                    ea:1d:7b:c6:17:1d:ee:98:b1:cd:f7:e6:d8:ac:25:
                    9f:77:cf:36:ac:f6:8d:19:00:e7:0f:41:6f:dd:d8:
                    d7:66:1a:0d:76:fd:42:6f:0b:8a:70:1e:7f:7d:a3:
                    14:23:5d:61:f8:9d:1b:b4:6a:5b:0a:01:03:64:e6:
                    58:a6:3a:bd:85:32:31:ee:38:54:cc:d2:5e:49:6c:
                    78:a7:04:03:d4:cc:26:72:9e:97:cc:fa:24:4c:a0:
                    5d:fb:8b:e1:c8:6d:46:57:f9:80:ab:d6:90:25:fd:
                    bd:ba:92:ad:b1:e6:d9:14:f8:73:0c:33:f5:9f:2a:
                    51:b0:0b:a7:c0:5b:f4:62:5c:21:c8:c1:45:a8:27:
                    88:4a:0c:7b:58:6c:1a:c7:b2:4f:e0:6b:06:20:e4:
                    c5:0b:d5:f4:a3:af:ac:dc:0e:3a:16:d5:8f:67:a0:
                    36:58:34:94:1f:5e:cf:b4:b0:35:1b:6f:39:3a:76:
                    28:20:c1:9d:5a:03:85:53:cf:8c:50:84:d0:0b:ed:
                    36:2f:1c:5d:1e:5a:00:54:94:03:8f:7e:e7:0b:90:
                    f4:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:F3:CF:BD:FA:7D:07:42:74:FA:74:9D:40:29:CE:E3:58:8F:77:C3
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D0853/5B94390E044111EB91C43E45C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D0853/5B94390E044111EB91C43E45C4F9AE02/4PPPvfp9B0J0-nSdQCnO41iPd8M.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  17452

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.91.160.0/20
                IPv6:
                  2401:2880::/32

    Signature Algorithm: sha256WithRSAEncryption
         90:48:56:2a:28:ff:08:0f:cc:c1:73:74:c3:30:d9:3b:e3:72:
         6a:e8:fb:db:fc:a6:05:5f:9c:4e:5c:01:4d:cd:04:1d:fd:b0:
         4c:98:56:99:42:dc:a6:e5:cd:6b:72:5a:91:b4:5e:98:8e:09:
         bb:80:a6:e2:89:09:1f:1d:d2:92:84:61:0c:13:35:46:c9:1f:
         bc:c0:a8:90:1b:74:1d:9d:29:05:80:e6:21:9f:c6:b5:9e:eb:
         62:f3:e7:49:bc:16:5b:81:aa:59:b7:d3:41:a8:fc:d6:55:c4:
         c1:af:ad:47:df:33:ef:f8:3e:32:67:94:f4:50:bb:2e:62:af:
         2b:66:c5:82:42:ec:09:fa:6b:11:e7:43:ac:81:e3:d5:19:13:
         bf:43:5f:b3:d7:ef:83:95:86:69:bc:ec:45:b2:9a:fe:b2:dc:
         8a:9b:94:81:fc:89:ca:ea:1f:bd:4a:51:95:8f:3f:93:2f:80:
         8f:56:70:5d:0f:6a:28:6b:08:85:66:b1:39:9d:7d:8d:28:e7:
         1b:ba:0b:e4:d7:7c:85:c5:e1:e9:db:6c:be:15:92:64:21:06:
         c8:10:70:88:d2:9d:c2:5e:53:78:a6:ff:87:bf:b6:4f:a6:bd:
         44:92:82:0d:85:dc:a5:2e:e1:4e:41:f8:c3:d9:42:d1:d5:c9:
         e6:61:a5:8a
-----BEGIN CERTIFICATE-----
MIIGKDCCBRCgAwIBAgIDAcimMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEwMjIyNDUxNloXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDA4NTMxMTAvBgNVBAUTKEUwRjNDRkJERkE3RDA3NDI3NEZBNzQ5
RDQwMjlDRUUzNTg4Rjc3QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYWS0yzgpdDrbau9bdchk7u504FfXjDlGKWAQgzClPOOs7JqWSCI0n4HNP9uod
e8YXHe6Ysc335tisJZ93zzas9o0ZAOcPQW/d2NdmGg12/UJvC4pwHn99oxQjXWH4
nRu0alsKAQNk5limOr2FMjHuOFTM0l5JbHinBAPUzCZynpfM+iRMoF37i+HIbUZX
+YCr1pAl/b26kq2x5tkU+HMMM/WfKlGwC6fAW/RiXCHIwUWoJ4hKDHtYbBrHsk/g
awYg5MUL1fSjr6zcDjoW1Y9noDZYNJQfXs+0sDUbbzk6diggwZ1aA4VTz4xQhNAL
7TYvHF0eWgBUlAOPfucLkPRnAgMBAAGjggMdMIIDGTAdBgNVHQ4EFgQU4PPPvfp9
B0J0+nSdQCnO41iPd8MwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQwODUzLzVCOTQzOTBFMDQ0MTExRUI5MUM0M0U0NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEMDg1My81Qjk0MzkwRTA0NDExMUVCOTFDNDNFNDVDNEY5QUUwMi80UFBQdmZw
OUIwSjAtblNkUUNuTzQxaVBkOE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICRCwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBATKW6AwDQQCAAIw
BwMFACQBKIAwDQYJKoZIhvcNAQELBQADggEBAJBIVioo/wgPzMFzdMMw2Tvjcmro
+9v8pgVfnE5cAU3NBB39sEyYVplC3KblzWtyWpG0XpiOCbuApuKJCR8d0pKEYQwT
NUbJH7zAqJAbdB2dKQWA5iGfxrWe62Lz50m8FluBqlm300Go/NZVxMGvrUffM+/4
PjJnlPRQuy5irytmxYJC7An6axHnQ6yB49UZE79DX7PX74OVhmm87EWymv6y3Iqb
lIH8icrqH71KUZWPP5MvgI9WcF0PaihrCIVmsTmdfY0o5xu6C+TXfIXF4enbbL4V
kmQhBsgQcIjSncJeU3im/4e/tk+mvUSSgg2F3KUu4U5B+MPZQtHVyeZhpYo=
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:46:50 2024 by rpki-client on console-ams.rpki-client.org