Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/54D6N3e4HUz2o1QG6lz0vk9l6fo.cer
File:                     54D6N3e4HUz2o1QG6lz0vk9l6fo.cer (raw, json)
Hash identifier:          M3srLFNQqT5jd4QZdk0AslUACbLiWfuTx2figeHg+Bg=
Subject key identifier:   E7:80:FA:37:77:B8:1D:4C:F6:A3:54:06:EA:5C:F4:BE:4F:65:E9:FA
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D945
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A917530D/E64001F4B64B11EE91463760C4F9AE02/54D6N3e4HUz2o1QG6lz0vk9l6fo.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A917530D/E64001F4B64B11EE91463760C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 18 Jan 2024 21:52:46 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    AS: 152333
                          IP: 2401:7860::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121157 (0x1d945)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan 18 21:52:46 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A917530D/serialNumber=E780FA3777B81D4CF6A35406EA5CF4BE4F65E9FA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:c3:f0:a6:be:91:fb:f1:c8:60:e6:65:d6:8e:
                    b4:5f:e3:ab:fd:51:7b:f9:fc:4d:52:96:56:9b:6e:
                    1e:95:09:7f:75:14:f8:d9:8b:4c:15:4d:63:f2:11:
                    91:d9:52:e4:f3:7f:f9:cd:7f:6b:e7:9f:d2:a9:ec:
                    5f:57:48:ee:2d:65:b9:df:2c:90:5f:d9:fe:80:46:
                    35:52:d9:d8:22:6c:e9:6a:9b:17:50:e1:5d:93:0c:
                    3b:27:7a:9b:eb:5d:70:4a:74:f9:3b:10:73:fc:86:
                    74:1f:11:b8:c7:d0:60:e3:61:d5:bb:83:b6:1d:f0:
                    85:c9:09:4f:8a:af:8f:41:f6:93:bf:8a:07:7e:be:
                    0c:d0:a5:52:25:31:1b:d9:46:3c:4a:09:36:68:51:
                    15:df:18:98:e5:6a:90:29:ee:40:f6:c6:58:9b:16:
                    19:c6:65:09:0d:3b:ea:55:1b:f7:57:f4:3f:8b:a3:
                    80:48:2f:ac:69:22:c8:6a:d7:a5:dd:88:12:7d:80:
                    ad:2a:63:e0:21:49:92:0c:3f:12:60:36:45:85:05:
                    aa:1a:b1:88:95:9d:89:99:5f:ba:ef:3d:9e:2c:3b:
                    8b:a3:78:66:88:b5:ed:12:3d:70:94:5a:95:02:77:
                    f0:1a:38:71:97:03:83:45:fa:88:6d:27:45:ac:9f:
                    ab:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:80:FA:37:77:B8:1D:4C:F6:A3:54:06:EA:5C:F4:BE:4F:65:E9:FA
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917530D/E64001F4B64B11EE91463760C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917530D/E64001F4B64B11EE91463760C4F9AE02/54D6N3e4HUz2o1QG6lz0vk9l6fo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  152333

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:7860::/32

    Signature Algorithm: sha256WithRSAEncryption
         21:1b:5e:69:82:be:55:87:94:39:b1:5f:69:ce:af:0d:e6:26:
         ed:94:46:eb:7a:40:46:4e:45:29:6a:c9:da:9c:2b:97:01:d2:
         97:de:e2:76:60:f6:ea:7b:22:f1:2b:97:42:91:b8:5b:7f:a5:
         b0:87:c0:fd:7f:2d:3c:96:e5:0e:7a:4d:81:07:43:f7:72:f8:
         5a:ab:1f:57:26:f9:b6:65:91:13:ca:94:a1:4c:77:e6:d8:34:
         54:52:55:8b:bc:91:ce:1c:43:d8:4f:29:59:67:85:24:ba:49:
         9d:68:b5:9a:43:41:18:ee:f4:56:ef:57:36:4c:61:d8:51:9e:
         bc:75:c0:7c:60:5a:97:22:c3:88:3f:a0:90:b7:c2:71:0b:61:
         64:99:a0:d3:5f:5d:b6:c9:71:46:f8:e9:5a:22:08:23:09:b2:
         31:03:fd:39:ca:33:23:91:86:8d:8d:55:26:1f:19:d8:b6:8d:
         86:12:0e:b2:d9:20:b8:c9:09:c6:b2:b3:a5:4b:ce:16:8d:2c:
         e1:25:18:f6:b9:cb:f7:67:ac:9b:a7:5b:ad:6c:51:78:02:6d:
         eb:1a:77:e3:c4:81:8c:c9:44:c5:39:25:f0:c8:bc:39:54:1e:
         0c:8b:3a:d0:7d:ff:fb:cb:e8:16:c7:2e:bd:08:a1:00:29:48:
         6a:44:0f:e0
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAdlFMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDExODIxNTI0NloXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNzUzMEQxMTAvBgNVBAUTKEU3ODBGQTM3NzdCODFENENGNkEzNTQw
NkVBNUNGNEJFNEY2NUU5RkEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDJw/CmvpH78chg5mXWjrRf46v9UXv5/E1Sllabbh6VCX91FPjZi0wVTWPyEZHZ
UuTzf/nNf2vnn9Kp7F9XSO4tZbnfLJBf2f6ARjVS2dgibOlqmxdQ4V2TDDsnepvr
XXBKdPk7EHP8hnQfEbjH0GDjYdW7g7Yd8IXJCU+Kr49B9pO/igd+vgzQpVIlMRvZ
RjxKCTZoURXfGJjlapAp7kD2xlibFhnGZQkNO+pVG/dX9D+Lo4BIL6xpIshq16Xd
iBJ9gK0qY+AhSZIMPxJgNkWFBaoasYiVnYmZX7rvPZ4sO4ujeGaIte0SPXCUWpUC
d/AaOHGXA4NF+ohtJ0Wsn6uRAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQU54D6N3e4
HUz2o1QG6lz0vk9l6fowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTc1MzBEL0U2NDAwMUY0QjY0QjExRUU5MTQ2Mzc2MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3NTMwRC9FNjQwMDFGNEI2NEIxMUVFOTE0NjM3NjBDNEY5QUUwMi81NEQ2TjNl
NEhVejJvMVFHNmx6MHZrOWw2Zm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlMNMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAF4YDANBgkq
hkiG9w0BAQsFAAOCAQEAIRteaYK+VYeUObFfac6vDeYm7ZRG63pARk5FKWrJ2pwr
lwHSl97idmD26nsi8SuXQpG4W3+lsIfA/X8tPJblDnpNgQdD93L4WqsfVyb5tmWR
E8qUoUx35tg0VFJVi7yRzhxD2E8pWWeFJLpJnWi1mkNBGO70Vu9XNkxh2FGevHXA
fGBalyLDiD+gkLfCcQthZJmg019dtslxRvjpWiIIIwmyMQP9OcozI5GGjY1VJh8Z
2LaNhhIOstkguMkJxrKzpUvOFo0s4SUY9rnL92esm6dbrWxReAJt6xp348SBjMlE
xTkl8Mi8OVQeDIs60H3/+8voFscuvQihAClIakQP4A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:24:22 2024 by rpki-client on console-fra.rpki-client.org