Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4_MVTZiCdqL1QeXqYoGMdwu7gOo.cer
File:                     4_MVTZiCdqL1QeXqYoGMdwu7gOo.cer (raw, json)
Hash identifier:          D8NPtkHjIVP5QTVRAi8zUNwtWFql0wQjL+tGBytyQVQ=
Subject key identifier:   E3:F3:15:4D:98:82:76:A2:F5:41:E5:EA:62:81:8C:77:0B:BB:80:EA
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01B548
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A914E1C1/DBE5F2CA10C711ED8BB3B75DC4F9AE02/4_MVTZiCdqL1QeXqYoGMdwu7gOo.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A914E1C1/DBE5F2CA10C711ED8BB3B75DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sun 06 Aug 2023 14:07:04 +0000
Certificate not after:    Thu 31 Oct 2024 00:00:00 +0000
Subordinate resources:    AS: 132561
                          IP: 103.58.180.0/23
                          IP: 2400:9a60::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 14:50:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 111944 (0x1b548)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Aug  6 14:07:04 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=A914E1C1/serialNumber=E3F3154D988276A2F541E5EA62818C770BBB80EA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:bf:35:ae:90:5e:53:d4:50:aa:2f:ea:79:f1:
                    ee:c9:2d:8f:af:4a:9c:15:d0:c9:21:95:05:c3:80:
                    0a:f6:a2:94:a1:fc:5c:bc:5d:8a:1c:4e:e2:cb:76:
                    b6:18:ce:fb:c1:7c:19:4e:6d:d2:4b:64:93:34:f7:
                    51:41:1f:4a:08:4d:40:94:83:78:c3:b2:34:e7:c6:
                    e6:45:35:83:04:8e:bb:9d:c1:19:aa:55:e4:4e:d3:
                    bc:c5:86:4f:74:35:a0:35:99:1e:87:0d:ca:c9:77:
                    f1:3e:67:e4:a5:e1:ef:fa:93:48:0b:10:f3:83:7b:
                    ce:b2:cb:2b:40:1f:65:9f:a1:a1:e7:e4:6e:10:dc:
                    c9:dd:fb:33:2a:ff:22:8f:00:7b:e9:4c:da:ed:30:
                    a8:35:bf:ad:31:f7:3e:da:46:72:02:7a:67:09:b1:
                    6f:53:66:d5:ab:53:dc:2f:5d:f4:c2:0b:36:42:5d:
                    d8:92:4f:47:8b:66:ec:61:d7:81:65:78:b6:25:28:
                    23:62:b5:08:61:dd:08:cf:2e:47:f2:af:65:7b:5d:
                    bd:37:96:e6:cd:5a:3c:b9:b9:33:52:b5:8a:1d:cc:
                    04:5d:57:14:58:a0:19:e5:f4:09:6f:bc:57:15:84:
                    dd:60:c1:6d:9c:8f:36:88:d9:37:f8:b3:5a:4d:44:
                    8d:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:F3:15:4D:98:82:76:A2:F5:41:E5:EA:62:81:8C:77:0B:BB:80:EA
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A914E1C1/DBE5F2CA10C711ED8BB3B75DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A914E1C1/DBE5F2CA10C711ED8BB3B75DC4F9AE02/4_MVTZiCdqL1QeXqYoGMdwu7gOo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  132561

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.58.180.0/23
                IPv6:
                  2400:9a60::/32

    Signature Algorithm: sha256WithRSAEncryption
         0a:21:3b:ac:bd:d4:1b:11:0a:41:7d:8d:c0:31:a3:62:3c:75:
         77:62:0a:c0:b0:78:00:6a:56:aa:5a:74:67:1f:b9:b5:9d:a2:
         9f:65:19:4b:c5:dc:a1:f5:09:3a:59:96:14:66:87:0c:11:2f:
         75:8a:57:35:a3:c6:42:de:c7:83:e4:28:8f:09:65:cb:e6:c7:
         4c:59:fb:08:20:99:ca:96:89:86:b3:a2:6f:36:a1:ff:fb:b9:
         cb:96:2e:5b:c2:bb:fd:ef:c9:7a:58:47:b9:a4:81:66:39:68:
         fc:2d:2c:b7:c7:43:7d:d0:e0:b0:cb:3c:ab:5b:bd:2e:f0:1d:
         e7:15:b9:00:4f:03:1a:15:46:6e:f7:95:7e:29:73:d9:f4:a7:
         6a:60:bd:00:b8:9a:0f:29:24:e5:37:e9:91:de:34:3b:8a:bb:
         82:ab:5d:0a:54:6b:93:cc:96:2d:84:47:27:67:45:f2:6f:7c:
         46:12:0b:04:53:56:4c:50:21:98:c6:f2:fd:59:a6:ad:bf:71:
         a5:28:79:03:e6:bc:6b:75:7b:7b:c1:3b:74:4a:55:46:ee:58:
         85:34:aa:15:5f:c3:8d:6c:58:a7:32:43:32:ae:d6:49:77:ce:
         8e:06:14:5b:79:2b:9e:a8:64:0f:9e:16:fa:61:21:6a:a8:d9:
         4e:d8:e6:f5
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAbVIMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDgwNjE0MDcwNFoXDTI0MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNEUxQzExMTAvBgNVBAUTKEUzRjMxNTREOTg4Mjc2QTJGNTQxRTVF
QTYyODE4Qzc3MEJCQjgwRUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMvzWukF5T1FCqL+p58e7JLY+vSpwV0MkhlQXDgAr2opSh/Fy8XYocTuLLdrYY
zvvBfBlObdJLZJM091FBH0oITUCUg3jDsjTnxuZFNYMEjrudwRmqVeRO07zFhk90
NaA1mR6HDcrJd/E+Z+Sl4e/6k0gLEPODe86yyytAH2WfoaHn5G4Q3Mnd+zMq/yKP
AHvpTNrtMKg1v60x9z7aRnICemcJsW9TZtWrU9wvXfTCCzZCXdiST0eLZuxh14Fl
eLYlKCNitQhh3QjPLkfyr2V7Xb03lubNWjy5uTNStYodzARdVxRYoBnl9AlvvFcV
hN1gwW2cjzaI2Tf4s1pNRI2fAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQU4/MVTZiC
dqL1QeXqYoGMdwu7gOowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTRFMUMxL0RCRTVGMkNBMTBDNzExRUQ4QkIzQjc1REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0RTFDMS9EQkU1RjJDQTEwQzcxMUVEOEJCM0I3NURDNEY5QUUwMi80X01WVFpp
Q2RxTDFRZVhxWW9HTWR3dTdnT28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgXRMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZzq0MA0EAgAC
MAcDBQAkAJpgMA0GCSqGSIb3DQEBCwUAA4IBAQAKITusvdQbEQpBfY3AMaNiPHV3
YgrAsHgAalaqWnRnH7m1naKfZRlLxdyh9Qk6WZYUZocMES91ilc1o8ZC3seD5CiP
CWXL5sdMWfsIIJnKlomGs6JvNqH/+7nLli5bwrv978l6WEe5pIFmOWj8LSy3x0N9
0OCwyzyrW70u8B3nFbkATwMaFUZu95V+KXPZ9KdqYL0AuJoPKSTlN+mR3jQ7iruC
q10KVGuTzJYthEcnZ0Xyb3xGEgsEU1ZMUCGYxvL9Waatv3GlKHkD5rxrdXt7wTt0
SlVG7liFNKoVX8ONbFinMkMyrtZJd86OBhRbeSueqGQPnhb6YSFqqNlO2Ob1
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:07:51 2024 by rpki-client on console-ams.rpki-client.org