Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer
File:                     4vB0KtgKnbsodRhO4N1elN11eEs.cer (raw, json)
Hash identifier:          w3kxW9hWtETcGaHd6dPU1Lm3TKkFomoKzDrEHsfvgEY=
Subject key identifier:   E2:F0:74:2A:D8:0A:9D:BB:28:75:18:4E:E0:DD:5E:94:DD:75:78:4B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       021380
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 10 Oct 2024 16:24:57 +0000
Certificate not after:    Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources:    AS: 134674
                          IP: 45.119.28.0/22
                          IP: 45.127.44.0/22
                          IP: 58.84.60.0/22
                          IP: 101.0.62.0/23
                          IP: 103.22.140.0/22
                          IP: 103.59.72.0/22
                          IP: 103.76.100.0/22
                          IP: 103.80.160.0/22
                          IP: 103.113.140.0/22
                          IP: 103.195.200.0/22
                          IP: 103.197.72.0/22
                          IP: 103.208.68.0/22
                          IP: 182.50.68.0/22
                          IP: 203.76.182.0/23
                          IP: 210.89.34.0 -- 210.89.37.255
                          IP: 210.89.54.0/23
                          IP: 2402:e280::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 136064 (0x21380)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct 10 16:24:57 2024 GMT
            Not After : Dec 30 00:00:00 2025 GMT
        Subject: CN=A91C23FE/serialNumber=E2F0742AD80A9DBB2875184EE0DD5E94DD75784B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:95:30:b7:d5:d3:e4:1f:92:dc:d6:bd:4b:6a:
                    38:c9:99:82:5d:a4:0e:b1:4a:22:e0:70:31:47:d9:
                    47:5b:2b:20:23:4e:03:14:8a:e0:5f:b8:0d:5c:c8:
                    ab:18:d8:63:8a:7a:5e:aa:c2:6a:84:8f:f3:ee:9f:
                    37:a9:85:7a:12:3d:b4:f0:a0:31:1a:ed:63:8c:c1:
                    50:d8:d0:0c:81:8c:3e:4f:7e:75:4e:87:e6:2e:7b:
                    be:9e:8b:df:8a:a4:27:8c:6f:02:59:d1:70:93:da:
                    0a:25:42:8f:be:87:46:88:34:9f:b0:56:26:0a:9e:
                    7a:a5:70:19:ee:8e:f5:c4:b6:a5:c6:0b:6b:b2:aa:
                    88:a9:15:56:ec:e5:6e:0c:c6:1b:3e:90:3d:56:98:
                    a5:2d:5c:cf:f4:27:b1:c4:7d:6a:97:40:4e:13:f5:
                    84:8f:5c:38:ea:7d:d1:79:76:c7:d9:f8:99:50:40:
                    e4:2e:e0:f6:30:d5:91:11:2c:7d:61:de:56:b3:84:
                    b7:56:74:74:dd:c0:59:b9:fa:63:d0:c7:78:0f:f0:
                    55:f8:e5:e3:ca:fb:28:18:99:3f:db:81:54:02:fd:
                    0d:51:5d:68:05:32:64:6a:6b:4d:ba:06:3c:f0:cb:
                    5b:6d:9e:21:8f:bf:5a:0a:0a:ad:51:83:b3:3e:5b:
                    89:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:F0:74:2A:D8:0A:9D:BB:28:75:18:4E:E0:DD:5E:94:DD:75:78:4B
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  134674

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.119.28.0/22
                  45.127.44.0/22
                  58.84.60.0/22
                  101.0.62.0/23
                  103.22.140.0/22
                  103.59.72.0/22
                  103.76.100.0/22
                  103.80.160.0/22
                  103.113.140.0/22
                  103.195.200.0/22
                  103.197.72.0/22
                  103.208.68.0/22
                  182.50.68.0/22
                  203.76.182.0/23
                  210.89.34.0-210.89.37.255
                  210.89.54.0/23
                IPv6:
                  2402:e280::/32

    Signature Algorithm: sha256WithRSAEncryption
         55:2f:6a:12:4a:ff:bd:1e:7e:dc:36:4e:1d:62:26:eb:71:64:
         f2:33:12:7f:92:c7:32:28:ac:2f:02:03:f0:91:9c:30:43:5f:
         f4:3e:e3:cf:f2:ea:2f:11:20:54:8d:e1:84:bc:39:c3:1f:87:
         75:74:25:e5:62:4b:13:9d:15:25:32:e8:41:3b:e9:3a:f5:d2:
         4a:56:be:d0:6e:d7:1c:b3:1f:75:f9:7a:51:f0:08:c6:89:88:
         19:90:80:57:d9:3e:3b:21:50:88:f9:e1:d2:02:e4:d6:0a:5f:
         ff:e0:6a:e9:61:f2:08:21:60:ca:19:0f:9b:e4:cc:f0:fb:d3:
         f2:9a:79:30:60:77:eb:01:d0:a5:af:55:fa:1b:ff:0a:7f:b9:
         27:35:e6:92:e4:fd:08:dd:c8:8a:a9:21:6a:e4:24:c9:46:30:
         1b:30:4e:cd:1b:d0:e2:1e:7a:62:19:0c:d6:e0:31:35:a6:9e:
         2c:7c:e1:09:69:4b:b6:70:36:07:fa:64:91:25:6f:6a:b8:ee:
         7a:18:c9:c2:21:cb:0b:f6:a9:ca:8b:d4:4f:52:f5:e1:89:74:
         29:6a:5d:e7:d3:e0:9c:bc:f2:e9:dc:bb:6a:bf:2f:7d:fe:79:
         2d:c4:e7:fb:bc:12:d0:ee:13:1b:d1:f0:0d:14:2b:c8:16:2d:
         e4:81:ec:fe
-----BEGIN CERTIFICATE-----
MIIGjTCCBXWgAwIBAgIDAhOAMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTAxMDE2MjQ1N1oXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzIzRkUxMTAvBgNVBAUTKEUyRjA3NDJBRDgwQTlEQkIyODc1MTg0
RUUwREQ1RTk0REQ3NTc4NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDglTC31dPkH5Lc1r1LajjJmYJdpA6xSiLgcDFH2UdbKyAjTgMUiuBfuA1cyKsY
2GOKel6qwmqEj/PunzephXoSPbTwoDEa7WOMwVDY0AyBjD5PfnVOh+Yue76ei9+K
pCeMbwJZ0XCT2golQo++h0aINJ+wViYKnnqlcBnujvXEtqXGC2uyqoipFVbs5W4M
xhs+kD1WmKUtXM/0J7HEfWqXQE4T9YSPXDjqfdF5dsfZ+JlQQOQu4PYw1ZERLH1h
3lazhLdWdHTdwFm5+mPQx3gP8FX45ePK+ygYmT/bgVQC/Q1RXWgFMmRqa026Bjzw
y1ttniGPv1oKCq1Rg7M+W4l1AgMBAAGjggOCMIIDfjAdBgNVHQ4EFgQU4vB0KtgK
nbsodRhO4N1elN11eEswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMyM0ZFLzgyNUNFOUFBRjlFQjExRTZCREU3QTk2OEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDMjNGRS84MjVDRTlBQUY5RUIxMUU2QkRFN0E5NjhDNEY5QUUwMi80dkIwS3Rn
S25ic29kUmhPNE4xZWxOMTFlRXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg4SMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBAItdxwDBAIt
fywDBAI6VDwDBAFlAD4DBAJnFowDBAJnO0gDBAJnTGQDBAJnUKADBAJncYwDBAJn
w8gDBAJnxUgDBAJn0EQDBAK2MkQDBAHLTLYwDAMEAdJZIgMEAdJZJAMEAdJZNjAN
BAIAAjAHAwUAJALigDANBgkqhkiG9w0BAQsFAAOCAQEAVS9qEkr/vR5+3DZOHWIm
63Fk8jMSf5LHMiisLwID8JGcMENf9D7jz/LqLxEgVI3hhLw5wx+HdXQl5WJLE50V
JTLoQTvpOvXSSla+0G7XHLMfdfl6UfAIxomIGZCAV9k+OyFQiPnh0gLk1gpf/+Bq
6WHyCCFgyhkPm+TM8PvT8pp5MGB36wHQpa9V+hv/Cn+5JzXmkuT9CN3IiqkhauQk
yUYwGzBOzRvQ4h56YhkM1uAxNaaeLHzhCWlLtnA2B/pkkSVvarjuehjJwiHLC/ap
yovUT1L14Yl0KWpd59PgnLzy6dy7ar8vff55LcTn+7wS0O4TG9HwDRQryBYt5IHs
/g==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:59:15 2024 by rpki-client on console-ams.rpki-client.org