Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
File:                     4eaQihbsgT2qC9ZHl66dvesJIlc.cer (raw, json)
Hash identifier:          uEribpLL0JKvNS7fC6oQCCc+iO8VT6ThozmRSaGpRiM=
Subject key identifier:   E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C1FB
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 04 Oct 2023 14:29:49 +0000
Certificate not after:    Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 17469
                          AS: 18012
                          IP: 175.29.0.0/16
                          IP: 202.22.192.0/20
                          IP: 203.76.144.0/20
                          IP: 203.82.192.0/20
                          IP: 2404:150::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 115195 (0x1c1fb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct  4 14:29:49 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:7e:b7:50:ed:9d:6b:72:44:07:91:c7:b6:08:
                    ac:d7:62:d4:7a:1b:8e:5e:5e:45:c6:12:22:38:2b:
                    d0:3e:cc:d7:1f:e1:dc:d3:5f:a0:46:c5:ce:ec:ca:
                    fa:08:53:86:c4:d8:30:42:95:84:1c:13:bd:a6:47:
                    84:ec:2c:b9:d3:c2:fb:7b:09:18:1a:f3:7c:c1:32:
                    95:6f:c8:14:8a:3a:5c:9b:11:b2:60:5d:a5:f3:49:
                    9b:d0:7c:98:5c:f0:3c:ed:47:67:e4:9c:b9:86:b8:
                    f3:11:c6:dc:49:5e:19:54:d4:18:b4:e2:4c:c9:0b:
                    38:ef:71:65:be:2f:7a:7b:a9:19:72:94:fb:3e:84:
                    03:d1:8e:b8:3e:f9:a4:02:7e:d4:d5:a0:10:ff:91:
                    62:37:da:eb:cc:f5:65:70:e6:5b:5c:4e:e1:be:08:
                    e1:8d:90:dc:42:bd:91:00:d2:3e:99:87:c6:61:d6:
                    5a:19:0c:ff:18:36:a5:6d:ba:21:51:6c:d5:6d:ce:
                    62:62:4d:a7:dd:0f:13:b5:87:1a:41:6e:e7:a6:ed:
                    0b:91:c4:a2:a9:2e:de:88:e2:33:e2:10:cf:0f:69:
                    7d:e1:66:c1:36:fd:3e:5a:4d:f1:14:83:1e:ac:38:
                    5b:f4:c2:30:d0:96:cf:cf:0a:f3:3e:f9:75:ac:42:
                    85:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  17469
                  18012

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.29.0.0/16
                  202.22.192.0/20
                  203.76.144.0/20
                  203.82.192.0/20
                IPv6:
                  2404:150::/32

    Signature Algorithm: sha256WithRSAEncryption
         8f:4c:f9:e8:57:65:78:b1:1c:d3:1f:05:37:66:f3:e5:6a:f2:
         6b:08:12:df:f7:64:9c:3d:a5:a3:a3:40:b5:b1:25:bd:a8:71:
         3a:6d:b1:7e:53:5f:5c:a0:d5:f4:cc:88:24:f1:8a:f1:1e:f4:
         2c:6c:20:47:20:8c:c0:5f:bd:c5:17:25:f5:6f:e6:50:8a:a9:
         31:e3:25:56:a0:bb:32:f0:a4:db:c2:98:67:89:d2:38:dd:1e:
         d2:9b:08:81:84:ee:ed:fb:46:0d:17:6f:31:ab:55:38:3f:dd:
         67:6c:b6:61:40:27:8f:ac:6f:8d:e0:00:88:71:06:dc:ee:3e:
         52:8b:75:70:ce:ee:42:4d:72:3a:39:96:17:27:0b:81:24:98:
         cb:2e:e6:6e:c5:7d:6e:b8:99:a1:b8:dd:04:a8:6a:35:27:54:
         b0:22:d3:33:cc:f1:53:04:b0:81:71:49:7e:d1:bb:e6:a9:92:
         70:2a:ef:ca:bb:0f:6c:94:13:8f:af:3f:76:4a:12:3f:31:c0:
         12:e1:6a:1d:48:06:4a:00:96:f3:20:d3:d8:53:4e:ac:8f:68:
         a7:de:9b:0a:f7:45:54:0e:36:f8:42:ed:06:bb:97:f9:85:a8:
         7c:a6:f5:59:01:3d:3c:f9:bc:04:52:e8:6e:ca:79:7e:d4:75:
         57:33:17:3d
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgIDAcH7MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAwNDE0Mjk0OVoXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0
Nzk3QUU5REJERUIwOTIyNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6frdQ7Z1rckQHkce2CKzXYtR6G45eXkXGEiI4K9A+zNcf4dzTX6BGxc7syvoI
U4bE2DBClYQcE72mR4TsLLnTwvt7CRga83zBMpVvyBSKOlybEbJgXaXzSZvQfJhc
8DztR2fknLmGuPMRxtxJXhlU1Bi04kzJCzjvcWW+L3p7qRlylPs+hAPRjrg++aQC
ftTVoBD/kWI32uvM9WVw5ltcTuG+COGNkNxCvZEA0j6Zh8Zh1loZDP8YNqVtuiFR
bNVtzmJiTafdDxO1hxpBbuem7QuRxKKpLt6I4jPiEM8PaX3hZsE2/T5aTfEUgx6s
OFv0wjDQls/PCvM++XWsQoXDAgMBAAGjggMyMIIDLjAdBgNVHQ4EFgQU4eaQihbs
gT2qC9ZHl66dvesJIlcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTUxMEFELzhCNUU3NUZFMUQ4NzExRTI4NEIzODNERjA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1MTBBRC84QjVFNzVGRTFEODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhi
c2dUMnFDOVpIbDY2ZHZlc0pJbGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHQYIKwYBBQUHAQgBAf8EDjAM
oAowCAICRD0CAkZcMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMArx0DBATK
FsADBATLTJADBATLUsAwDQQCAAIwBwMFACQEAVAwDQYJKoZIhvcNAQELBQADggEB
AI9M+ehXZXixHNMfBTdm8+Vq8msIEt/3ZJw9paOjQLWxJb2ocTptsX5TX1yg1fTM
iCTxivEe9CxsIEcgjMBfvcUXJfVv5lCKqTHjJVaguzLwpNvCmGeJ0jjdHtKbCIGE
7u37Rg0XbzGrVTg/3WdstmFAJ4+sb43gAIhxBtzuPlKLdXDO7kJNcjo5lhcnC4Ek
mMsu5m7FfW64maG43QSoajUnVLAi0zPM8VMEsIFxSX7Ru+apknAq78q7D2yUE4+v
P3ZKEj8xwBLhah1IBkoAlvMg09hTTqyPaKfemwr3RVQONvhC7Qa7l/mFqHym9VkB
PTz5vARS6G7KeX7UdVczFz0=
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:46:50 2024 by rpki-client on console-ams.rpki-client.org