Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4x5nyg5b7bJI-Xplfe_2LshvUks.cer
File:                     4x5nyg5b7bJI-Xplfe_2LshvUks.cer (raw, json)
Hash identifier:          pGZkZLbDF51GXQqsC0wfSFBczJTRrrAtzZLmbQTLzSs=
Subject key identifier:   E3:1E:67:CA:0E:5B:ED:B2:48:F9:7A:65:7D:EF:F6:2E:C8:6F:52:4B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D448
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91ED5D9/89E87FE00CC811EDB33B1371C4F9AE02/4x5nyg5b7bJI-Xplfe_2LshvUks.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91ED5D9/89E87FE00CC811EDB33B1371C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 27 Dec 2023 03:44:18 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 64065
                          IP: 103.19.36.0/24
                          IP: 103.88.136.0/23
                          IP: 2001:df5:6600::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 02:50:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119880 (0x1d448)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec 27 03:44:18 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A91ED5D9/serialNumber=E31E67CA0E5BEDB248F97A657DEFF62EC86F524B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:01:3c:4d:87:30:48:9d:6f:ff:bc:b0:df:f5:
                    d5:44:b6:72:4d:c0:eb:27:00:11:e7:7e:3a:0e:3e:
                    64:cf:30:11:27:db:00:50:b6:c9:0a:62:1f:77:b2:
                    db:06:7c:b4:e7:60:9b:e0:f0:2d:96:00:aa:6d:2c:
                    a8:cb:b6:a1:a2:cc:78:e0:66:fa:d9:1f:61:ee:33:
                    d3:38:a6:92:e9:56:d6:e3:3a:1c:87:a7:b1:c8:eb:
                    ed:8c:06:9d:ca:6b:cf:bf:02:4a:74:a3:e9:5e:2b:
                    cf:6e:44:12:29:2e:14:19:9b:bc:00:22:02:54:ad:
                    06:95:52:6a:84:c7:a2:ac:10:f1:62:74:5d:73:3e:
                    f4:81:1a:7c:b9:ae:03:3a:cd:e6:3f:9f:0f:21:6e:
                    f8:85:49:0e:3f:19:0e:a8:75:31:e5:cb:95:1d:2e:
                    52:04:87:6a:3b:e3:a2:e4:71:df:45:2b:73:63:25:
                    b0:f9:5f:2e:2b:47:05:10:cf:18:6a:a8:ca:83:fc:
                    12:ad:f0:c1:50:44:31:54:9b:8f:e1:c6:eb:82:8c:
                    3a:8e:8d:90:61:60:89:14:e3:2f:55:c4:d9:30:fc:
                    ec:59:c3:0c:a0:87:5b:37:78:0f:c1:ad:90:ad:20:
                    91:a4:6d:bc:47:0f:7c:95:ea:41:da:0a:6a:53:6d:
                    50:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:1E:67:CA:0E:5B:ED:B2:48:F9:7A:65:7D:EF:F6:2E:C8:6F:52:4B
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91ED5D9/89E87FE00CC811EDB33B1371C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91ED5D9/89E87FE00CC811EDB33B1371C4F9AE02/4x5nyg5b7bJI-Xplfe_2LshvUks.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  64065

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.19.36.0/24
                  103.88.136.0/23
                IPv6:
                  2001:df5:6600::/48

    Signature Algorithm: sha256WithRSAEncryption
         9d:b4:e3:86:75:b0:e5:6d:96:c7:f6:41:5b:c1:00:e7:6b:bb:
         4e:d7:50:19:59:ef:61:d9:ae:8a:10:14:29:9d:4f:c4:1e:d3:
         12:f4:78:2a:8a:b3:70:d5:43:1b:b5:a5:1d:a4:be:d5:96:f1:
         16:9e:5a:36:73:b5:3a:b0:9b:28:30:4d:be:3d:16:f3:1a:cf:
         b0:ba:ae:91:7b:d8:1a:54:4e:c8:76:35:6f:ff:1b:a8:db:2e:
         95:68:fd:06:25:68:cc:94:b2:f6:a5:7d:46:c5:86:76:b5:db:
         e7:cd:f3:2e:26:b0:e7:43:2d:d1:c0:d9:3e:60:f1:30:c8:c0:
         d1:62:3f:91:eb:4a:d6:c6:cd:46:1c:5d:95:10:bf:65:eb:ed:
         1b:1c:c7:26:a0:38:43:bc:99:55:68:4e:1d:0f:38:6d:ae:a7:
         90:a4:40:5e:41:de:42:0f:f2:3c:06:99:70:56:ed:00:2c:26:
         31:4c:62:7f:d2:20:65:2a:12:83:55:67:c4:2b:fa:15:d1:db:
         25:e9:06:b7:d5:da:25:52:b8:11:1d:c0:f9:42:46:8a:b7:af:
         c9:7b:9c:fb:5b:c6:01:40:4a:8d:26:59:8b:f9:35:ff:fd:8a:
         01:db:10:80:80:13:6f:84:f4:5f:06:f1:6d:7e:07:8e:68:c7:
         47:09:1a:c6
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIDAdRIMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIyNzAzNDQxOFoXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRUQ1RDkxMTAvBgNVBAUTKEUzMUU2N0NBMEU1QkVEQjI0OEY5N0E2
NTdERUZGNjJFQzg2RjUyNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAATxNhzBInW//vLDf9dVEtnJNwOsnABHnfjoOPmTPMBEn2wBQtskKYh93stsG
fLTnYJvg8C2WAKptLKjLtqGizHjgZvrZH2HuM9M4ppLpVtbjOhyHp7HI6+2MBp3K
a8+/Akp0o+leK89uRBIpLhQZm7wAIgJUrQaVUmqEx6KsEPFidF1zPvSBGny5rgM6
zeY/nw8hbviFSQ4/GQ6odTHly5UdLlIEh2o746Lkcd9FK3NjJbD5Xy4rRwUQzxhq
qMqD/BKt8MFQRDFUm4/hxuuCjDqOjZBhYIkU4y9VxNkw/OxZwwygh1s3eA/BrZCt
IJGkbbxHD3yV6kHaCmpTbVBvAgMBAAGjggMmMIIDIjAdBgNVHQ4EFgQU4x5nyg5b
7bJI+Xplfe/2LshvUkswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVENUQ5Lzg5RTg3RkUwMENDODExRURCMzNCMTM3MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFRDVEOS84OUU4N0ZFMDBDQzgxMUVEQjMzQjEzNzFDNEY5QUUwMi80eDVueWc1
YjdiSkktWHBsZmVfMkxzaHZVa3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAPpBMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAZxMkAwQBZ1iI
MA8EAgACMAkDBwAgAQ31ZgAwDQYJKoZIhvcNAQELBQADggEBAJ2044Z1sOVtlsf2
QVvBAOdru07XUBlZ72HZrooQFCmdT8Qe0xL0eCqKs3DVQxu1pR2kvtWW8RaeWjZz
tTqwmygwTb49FvMaz7C6rpF72BpUTsh2NW//G6jbLpVo/QYlaMyUsvalfUbFhna1
2+fN8y4msOdDLdHA2T5g8TDIwNFiP5HrStbGzUYcXZUQv2Xr7RscxyagOEO8mVVo
Th0POG2up5CkQF5B3kIP8jwGmXBW7QAsJjFMYn/SIGUqEoNVZ8Qr+hXR2yXpBrfV
2iVSuBEdwPlCRoq3r8l7nPtbxgFASo0mWYv5Nf/9igHbEICAE2+E9F8G8W1+B45o
x0cJGsY=
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:44:00 2024 by rpki-client on console-fra.rpki-client.org