Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4wmBgry5qhAuyyIhp2e5jm7MwxA.cer
File:                     4wmBgry5qhAuyyIhp2e5jm7MwxA.cer (raw, json)
Hash identifier:          b7ReaDRLOnnVtnYLWL8dMHbLMZ3xcaEk4glRoM5xF2A=
Subject key identifier:   E3:09:81:82:BC:B9:AA:10:2E:CB:22:21:A7:67:B9:8E:6E:CC:C3:10
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01BD8C
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://0.sb/repo/sb/20/E3098182BCB9AA102ECB2221A767B98E6ECCC310.mft
caRepository:             rsync://0.sb/repo/sb/20/
Notify URL:               https://0.sb/rrdp/notification.xml
Certificate not before:   Thu 14 Sep 2023 14:29:17 +0000
Certificate not after:    Mon 30 Sep 2024 00:00:00 +0000
Subordinate resources:    IP: 103.169.92.0/23
                          IP: 2407:9e40::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 06:56:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 114060 (0x1bd8c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Sep 14 14:29:17 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=A91C44A00000/serialNumber=E3098182BCB9AA102ECB2221A767B98E6ECCC310
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:26:ea:af:ae:39:0b:7d:b1:87:a2:50:9c:33:
                    09:99:2a:e3:8b:ff:90:54:e9:57:27:ce:b9:34:9b:
                    0d:98:c3:52:aa:e7:40:50:86:87:18:be:5c:b1:7b:
                    01:56:80:ec:fa:ce:1d:0f:0c:b6:19:1f:a2:92:e1:
                    c6:c5:45:d5:4e:b0:cd:c5:75:8e:38:c8:35:52:c5:
                    0d:a6:41:4a:8b:2a:3d:f6:aa:c6:8c:0f:3a:b8:6a:
                    7d:56:16:a8:23:79:75:0c:ff:15:d3:35:79:93:5d:
                    2d:f8:66:cd:4b:5f:82:93:e7:e3:de:3d:46:c9:33:
                    78:19:07:66:62:a5:59:ae:37:4e:80:7c:ca:44:0a:
                    35:7f:78:7f:11:73:60:5f:c9:47:e8:86:7c:b0:be:
                    ad:53:e3:0c:36:5a:cb:2d:6c:42:7b:8c:19:69:5a:
                    e6:66:87:df:86:dc:67:39:22:0d:7e:6c:0e:f2:bb:
                    d0:6c:c5:eb:9c:3d:ed:73:8d:6a:b2:54:fc:01:fd:
                    af:c2:aa:5c:e7:59:b9:c4:11:12:2c:0b:62:40:e4:
                    52:43:cd:01:d9:52:13:63:16:6f:da:10:18:d5:bb:
                    ae:20:9a:9b:f6:1f:7b:5c:e7:c0:f1:a5:0b:62:73:
                    d0:62:ba:f7:ae:35:68:fd:53:e0:76:f8:37:59:6a:
                    7a:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:09:81:82:BC:B9:AA:10:2E:CB:22:21:A7:67:B9:8E:6E:CC:C3:10
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://0.sb/repo/sb/20/
                RPKI Manifest - URI:rsync://0.sb/repo/sb/20/E3098182BCB9AA102ECB2221A767B98E6ECCC310.mft
                RPKI Notify - URI:https://0.sb/rrdp/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.169.92.0/23
                IPv6:
                  2407:9e40::/32

    Signature Algorithm: sha256WithRSAEncryption
         c9:ef:20:d4:c8:11:3b:71:3a:81:5f:25:33:1e:1f:bd:de:a6:
         ea:13:20:9e:ba:cc:84:f1:6b:de:49:d4:80:b7:5f:e2:dd:9e:
         7f:b9:e7:f0:36:f1:80:59:86:8f:fb:96:ee:a4:d4:72:87:20:
         e5:3f:5e:58:54:72:b3:0b:4a:2a:ad:af:9a:77:a1:ac:30:47:
         76:6a:96:4b:27:cb:1f:ab:3e:4e:bd:c2:01:a0:de:8e:55:66:
         5b:6f:ad:2b:b9:4b:1a:fb:01:72:6c:50:6f:03:cf:8b:57:34:
         9d:de:84:aa:a5:9d:ca:50:28:b2:9d:f8:3d:35:24:40:95:cf:
         45:cd:68:ae:72:c8:33:26:19:ef:84:2a:95:3b:65:91:7e:5d:
         39:88:22:79:f9:62:bf:d9:0a:2c:20:a5:cc:94:12:b8:6e:66:
         57:40:80:16:7f:14:c3:ef:21:7c:ce:3d:6e:ec:66:90:ac:4f:
         00:16:74:f6:48:07:ac:55:05:75:05:5a:37:e3:fd:f0:85:15:
         42:d0:16:6d:89:63:e4:af:49:cc:6d:ec:ac:ef:fe:af:e2:89:
         c9:43:7f:1b:ff:cc:b8:c1:e2:f3:d6:21:9b:7d:b7:22:cd:09:
         b2:02:1f:dc:16:16:7d:3e:ff:78:03:8f:68:e0:51:07:93:06:
         f3:b5:56:40
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIDAb2MMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDkxNDE0MjkxN1oXDTI0MDkzMDAwMDAwMFowSjEVMBMG
A1UEAxMMQTkxQzQ0QTAwMDAwMTEwLwYDVQQFEyhFMzA5ODE4MkJDQjlBQTEwMkVD
QjIyMjFBNzY3Qjk4RTZFQ0NDMzEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAuibqr645C32xh6JQnDMJmSrji/+QVOlXJ865NJsNmMNSqudAUIaHGL5c
sXsBVoDs+s4dDwy2GR+ikuHGxUXVTrDNxXWOOMg1UsUNpkFKiyo99qrGjA86uGp9
VhaoI3l1DP8V0zV5k10t+GbNS1+Ck+fj3j1GyTN4GQdmYqVZrjdOgHzKRAo1f3h/
EXNgX8lH6IZ8sL6tU+MMNlrLLWxCe4wZaVrmZoffhtxnOSINfmwO8rvQbMXrnD3t
c41qslT8Af2vwqpc51m5xBESLAtiQORSQ80B2VITYxZv2hAY1buuIJqb9h97XOfA
8aULYnPQYrr3rjVo/VPgdvg3WWp6QQIDAQABo4ICkTCCAo0wHQYDVR0OBBYEFOMJ
gYK8uaoQLssiIadnuY5uzMMQMB8GA1UdIwQYMBaAFA5lpPX9NrW9aOs8kjQIl4yQ
eqefMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1
ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9EbVdrOWYwMnRiMW82enlTTkFpWGpK
QjZwNTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3RTExRTdBOTZBMzk1
MjFBNEY0RkI0L0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1OC5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMIG4BggrBgEFBQcBCwSBqzCBqDAkBggrBgEF
BQcwBYYYcnN5bmM6Ly8wLnNiL3JlcG8vc2IvMjAvMFAGCCsGAQUFBzAKhkRyc3lu
YzovLzAuc2IvcmVwby9zYi8yMC9FMzA5ODE4MkJDQjlBQTEwMkVDQjIyMjFBNzY3
Qjk4RTZFQ0NDMzEwLm1mdDAuBggrBgEFBQcwDYYiaHR0cHM6Ly8wLnNiL3JyZHAv
bm90aWZpY2F0aW9uLnhtbDAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAWep
XDANBAIAAjAHAwUAJAeeQDANBgkqhkiG9w0BAQsFAAOCAQEAye8g1MgRO3E6gV8l
Mx4fvd6m6hMgnrrMhPFr3knUgLdf4t2ef7nn8DbxgFmGj/uW7qTUcocg5T9eWFRy
swtKKq2vmnehrDBHdmqWSyfLH6s+Tr3CAaDejlVmW2+tK7lLGvsBcmxQbwPPi1c0
nd6EqqWdylAosp34PTUkQJXPRc1ornLIMyYZ74QqlTtlkX5dOYgiefliv9kKLCCl
zJQSuG5mV0CAFn8Uw+8hfM49buxmkKxPABZ09kgHrFUFdQVaN+P98IUVQtAWbYlj
5K9JzG3srO/+r+KJyUN/G//MuMHi89Yhm323Is0JsgIf3BYWfT7/eAOPaOBRB5MG
87VWQA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:40:13 2024 by rpki-client on console-fra.rpki-client.org