Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer
File:                     4vB0KtgKnbsodRhO4N1elN11eEs.cer (raw, json)
Hash identifier:          g3IVcSYAMZ3v9MmNXKyM/c4y/9kukn9yUyTaoL/MyUk=
Subject key identifier:   E2:F0:74:2A:D8:0A:9D:BB:28:75:18:4E:E0:DD:5E:94:DD:75:78:4B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C758
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 31 Oct 2023 16:42:25 +0000
Certificate not after:    Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 134674
                          IP: 45.119.28.0/22
                          IP: 45.127.44.0/22
                          IP: 58.84.60.0/22
                          IP: 101.0.62.0/23
                          IP: 103.22.140.0/22
                          IP: 103.59.72.0/22
                          IP: 103.76.100.0/22
                          IP: 103.80.160.0/22
                          IP: 103.113.140.0/22
                          IP: 103.195.200.0/22
                          IP: 103.197.72.0/22
                          IP: 103.208.68.0/22
                          IP: 182.50.68.0/22
                          IP: 203.76.182.0/23
                          IP: 210.89.34.0 -- 210.89.37.255
                          IP: 210.89.54.0/23
                          IP: 2402:e280::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 116568 (0x1c758)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct 31 16:42:25 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=A91C23FE/serialNumber=E2F0742AD80A9DBB2875184EE0DD5E94DD75784B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:95:30:b7:d5:d3:e4:1f:92:dc:d6:bd:4b:6a:
                    38:c9:99:82:5d:a4:0e:b1:4a:22:e0:70:31:47:d9:
                    47:5b:2b:20:23:4e:03:14:8a:e0:5f:b8:0d:5c:c8:
                    ab:18:d8:63:8a:7a:5e:aa:c2:6a:84:8f:f3:ee:9f:
                    37:a9:85:7a:12:3d:b4:f0:a0:31:1a:ed:63:8c:c1:
                    50:d8:d0:0c:81:8c:3e:4f:7e:75:4e:87:e6:2e:7b:
                    be:9e:8b:df:8a:a4:27:8c:6f:02:59:d1:70:93:da:
                    0a:25:42:8f:be:87:46:88:34:9f:b0:56:26:0a:9e:
                    7a:a5:70:19:ee:8e:f5:c4:b6:a5:c6:0b:6b:b2:aa:
                    88:a9:15:56:ec:e5:6e:0c:c6:1b:3e:90:3d:56:98:
                    a5:2d:5c:cf:f4:27:b1:c4:7d:6a:97:40:4e:13:f5:
                    84:8f:5c:38:ea:7d:d1:79:76:c7:d9:f8:99:50:40:
                    e4:2e:e0:f6:30:d5:91:11:2c:7d:61:de:56:b3:84:
                    b7:56:74:74:dd:c0:59:b9:fa:63:d0:c7:78:0f:f0:
                    55:f8:e5:e3:ca:fb:28:18:99:3f:db:81:54:02:fd:
                    0d:51:5d:68:05:32:64:6a:6b:4d:ba:06:3c:f0:cb:
                    5b:6d:9e:21:8f:bf:5a:0a:0a:ad:51:83:b3:3e:5b:
                    89:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:F0:74:2A:D8:0A:9D:BB:28:75:18:4E:E0:DD:5E:94:DD:75:78:4B
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  134674

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.119.28.0/22
                  45.127.44.0/22
                  58.84.60.0/22
                  101.0.62.0/23
                  103.22.140.0/22
                  103.59.72.0/22
                  103.76.100.0/22
                  103.80.160.0/22
                  103.113.140.0/22
                  103.195.200.0/22
                  103.197.72.0/22
                  103.208.68.0/22
                  182.50.68.0/22
                  203.76.182.0/23
                  210.89.34.0-210.89.37.255
                  210.89.54.0/23
                IPv6:
                  2402:e280::/32

    Signature Algorithm: sha256WithRSAEncryption
         a9:23:a7:ec:d1:b1:10:c9:b4:1c:e9:38:27:22:97:45:74:ef:
         5f:52:88:16:b2:80:5c:85:f4:72:60:0c:b5:e0:3d:b8:99:9e:
         62:8a:0d:bb:b8:89:2e:62:26:83:df:83:92:d2:69:a2:08:dd:
         f8:e2:76:38:31:84:19:7e:b1:b4:9e:7b:7a:7d:f8:6a:b6:1e:
         d3:b0:d9:95:66:e5:3b:86:cb:34:29:1c:26:cb:73:54:8c:04:
         ed:8b:b4:2f:60:c0:f9:d4:27:85:e3:4b:90:32:04:c4:74:fa:
         ce:9a:7d:cc:63:47:f6:0c:85:61:0b:49:b3:57:01:b5:66:1a:
         6d:e8:8f:c1:87:73:c9:26:91:0e:4d:3b:7e:3e:37:90:ba:b3:
         66:78:63:36:3d:e0:36:8e:d4:ad:1e:f8:fb:7e:10:61:f9:43:
         eb:58:6c:90:6a:ac:61:17:fd:f4:7d:2f:2c:6f:99:1b:03:37:
         62:d6:83:46:ae:4d:22:06:cc:5a:d7:c2:59:c7:f7:b9:29:3a:
         6d:d1:88:de:f2:21:26:0b:6b:6e:00:05:7e:01:cd:ac:bf:a8:
         46:30:01:96:40:40:39:c2:61:cd:4e:3d:3e:fc:ce:1d:da:07:
         71:5b:2d:20:11:27:6c:e7:81:41:48:ac:1e:1d:df:22:68:c2:
         ed:54:1c:d4
-----BEGIN CERTIFICATE-----
MIIGjTCCBXWgAwIBAgIDAcdYMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAzMTE2NDIyNVoXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzIzRkUxMTAvBgNVBAUTKEUyRjA3NDJBRDgwQTlEQkIyODc1MTg0
RUUwREQ1RTk0REQ3NTc4NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDglTC31dPkH5Lc1r1LajjJmYJdpA6xSiLgcDFH2UdbKyAjTgMUiuBfuA1cyKsY
2GOKel6qwmqEj/PunzephXoSPbTwoDEa7WOMwVDY0AyBjD5PfnVOh+Yue76ei9+K
pCeMbwJZ0XCT2golQo++h0aINJ+wViYKnnqlcBnujvXEtqXGC2uyqoipFVbs5W4M
xhs+kD1WmKUtXM/0J7HEfWqXQE4T9YSPXDjqfdF5dsfZ+JlQQOQu4PYw1ZERLH1h
3lazhLdWdHTdwFm5+mPQx3gP8FX45ePK+ygYmT/bgVQC/Q1RXWgFMmRqa026Bjzw
y1ttniGPv1oKCq1Rg7M+W4l1AgMBAAGjggOCMIIDfjAdBgNVHQ4EFgQU4vB0KtgK
nbsodRhO4N1elN11eEswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMyM0ZFLzgyNUNFOUFBRjlFQjExRTZCREU3QTk2OEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDMjNGRS84MjVDRTlBQUY5RUIxMUU2QkRFN0E5NjhDNEY5QUUwMi80dkIwS3Rn
S25ic29kUmhPNE4xZWxOMTFlRXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg4SMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBAItdxwDBAIt
fywDBAI6VDwDBAFlAD4DBAJnFowDBAJnO0gDBAJnTGQDBAJnUKADBAJncYwDBAJn
w8gDBAJnxUgDBAJn0EQDBAK2MkQDBAHLTLYwDAMEAdJZIgMEAdJZJAMEAdJZNjAN
BAIAAjAHAwUAJALigDANBgkqhkiG9w0BAQsFAAOCAQEAqSOn7NGxEMm0HOk4JyKX
RXTvX1KIFrKAXIX0cmAMteA9uJmeYooNu7iJLmImg9+DktJpogjd+OJ2ODGEGX6x
tJ57en34arYe07DZlWblO4bLNCkcJstzVIwE7Yu0L2DA+dQnheNLkDIExHT6zpp9
zGNH9gyFYQtJs1cBtWYabeiPwYdzySaRDk07fj43kLqzZnhjNj3gNo7UrR74+34Q
YflD61hskGqsYRf99H0vLG+ZGwM3YtaDRq5NIgbMWtfCWcf3uSk6bdGI3vIhJgtr
bgAFfgHNrL+oRjABlkBAOcJhzU49PvzOHdoHcVstIBEnbOeBQUisHh3fImjC7VQc
1A==
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:46:50 2024 by rpki-client on console-ams.rpki-client.org