Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/57QbPSVuxr0M5xIbNw3kdBuDXmE.cer
File:                     57QbPSVuxr0M5xIbNw3kdBuDXmE.cer (raw, json)
Hash identifier:          49Hl1EhwSCDMIUSn3cPpNMAjrVM0YzKpeV05OBQJ3F8=
Subject key identifier:   E7:B4:1B:3D:25:6E:C6:BD:0C:E7:12:1B:37:0D:E4:74:1B:83:5E:61
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E04A
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C6A39/730F00B2B1C411E9BECB1825C4F9AE02/57QbPSVuxr0M5xIbNw3kdBuDXmE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C6A39/730F00B2B1C411E9BECB1825C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 22 Feb 2024 18:39:57 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 9216
                          AS: 56179
                          IP: 122.144.32.0/19
                          IP: 202.154.192.0/19
                          IP: 203.135.64.0/19
                          IP: 2402:4900::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122954 (0x1e04a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb 22 18:39:57 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A91C6A39/serialNumber=E7B41B3D256EC6BD0CE7121B370DE4741B835E61
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:76:3b:23:38:72:92:6f:7a:ac:34:48:3c:d7:
                    91:cd:6c:82:71:62:a7:cd:9b:5c:8e:25:a9:9e:66:
                    2a:51:dc:e7:b9:81:6d:3c:24:20:b9:4e:32:1e:fa:
                    01:80:ee:e0:3b:3d:3d:81:57:5d:d4:f9:64:90:5f:
                    2c:85:55:f2:99:2b:ac:09:2c:76:19:a9:ed:9c:40:
                    2c:cf:51:45:7a:b7:64:83:64:1e:0f:ce:bb:f3:5d:
                    ca:fc:4f:b8:27:56:27:9e:93:cc:fe:d0:40:1d:4a:
                    95:ae:26:ec:97:dd:e9:3c:ce:92:9d:2b:ef:4e:6f:
                    99:e8:5c:f2:90:53:65:e6:60:12:41:21:3d:3b:6f:
                    6f:0c:36:59:1e:11:a6:0b:cc:d3:b5:36:b6:e8:39:
                    86:52:4a:8f:6f:31:57:b9:17:fb:48:4c:b4:2a:f8:
                    12:63:ce:93:c0:c1:94:f9:74:7e:5c:2d:a3:0f:d8:
                    50:be:c3:1f:ea:5f:48:d8:51:98:8c:79:0b:3a:b6:
                    00:5c:17:dd:f6:30:11:7d:00:3b:39:a1:77:b2:3e:
                    f2:05:b9:93:40:a6:b1:f0:60:10:01:86:38:8d:86:
                    aa:83:86:4e:2e:21:5a:a7:4a:83:54:5e:aa:74:43:
                    28:b3:bc:eb:da:9a:eb:35:11:1b:9d:71:d2:98:57:
                    9a:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:B4:1B:3D:25:6E:C6:BD:0C:E7:12:1B:37:0D:E4:74:1B:83:5E:61
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C6A39/730F00B2B1C411E9BECB1825C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C6A39/730F00B2B1C411E9BECB1825C4F9AE02/57QbPSVuxr0M5xIbNw3kdBuDXmE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  9216
                  56179

            sbgp-ipAddrBlock: critical
                IPv4:
                  122.144.32.0/19
                  202.154.192.0/19
                  203.135.64.0/19
                IPv6:
                  2402:4900::/32

    Signature Algorithm: sha256WithRSAEncryption
         8b:82:41:47:30:dd:f6:12:95:b7:f8:b0:62:8e:2e:9a:52:fc:
         3a:f3:90:49:ba:d8:3b:99:b6:6b:58:8c:2b:cb:bb:7b:0b:67:
         91:ea:74:ac:ec:74:0a:e1:a6:4c:28:02:8e:29:f7:36:a9:26:
         9d:80:9c:c0:07:d9:e5:6d:8b:04:f5:e6:15:e3:44:03:c5:be:
         af:33:df:21:c9:4b:d2:02:6d:04:e4:7c:9e:2b:d4:91:18:8d:
         db:83:67:0a:e4:3c:3d:4f:5d:df:88:a0:d3:6b:78:38:b0:a5:
         03:2e:85:ce:59:87:fb:cb:70:37:01:a1:31:d2:0c:b1:9e:b9:
         1a:8c:02:11:00:22:c9:fe:58:85:e2:bb:9f:8c:5a:ce:a7:62:
         28:01:ae:01:90:fc:e2:26:0a:63:24:a9:2e:bc:9a:96:e1:ad:
         2c:55:2c:ca:e3:5c:14:33:b4:d0:5c:62:4c:b1:5d:41:82:6f:
         b5:8e:57:07:3e:8b:79:13:a8:7e:64:07:40:12:96:03:ef:cc:
         20:14:20:cc:d9:8b:42:96:72:67:45:bd:98:f5:b8:ec:50:f9:
         7b:cc:3b:02:a4:83:f7:1d:e7:58:fa:12:f7:f6:32:f8:73:cf:
         47:ed:b7:e8:c3:1a:34:11:c8:10:da:52:26:94:ce:8b:23:52:
         76:3a:c9:47
-----BEGIN CERTIFICATE-----
MIIGOTCCBSGgAwIBAgIDAeBKMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIyMjE4Mzk1N1oXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzZBMzkxMTAvBgNVBAUTKEU3QjQxQjNEMjU2RUM2QkQwQ0U3MTIx
QjM3MERFNDc0MUI4MzVFNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDzdjsjOHKSb3qsNEg815HNbIJxYqfNm1yOJameZipR3Oe5gW08JCC5TjIe+gGA
7uA7PT2BV13U+WSQXyyFVfKZK6wJLHYZqe2cQCzPUUV6t2SDZB4PzrvzXcr8T7gn
Vieek8z+0EAdSpWuJuyX3ek8zpKdK+9Ob5noXPKQU2XmYBJBIT07b28MNlkeEaYL
zNO1NrboOYZSSo9vMVe5F/tITLQq+BJjzpPAwZT5dH5cLaMP2FC+wx/qX0jYUZiM
eQs6tgBcF932MBF9ADs5oXeyPvIFuZNAprHwYBABhjiNhqqDhk4uIVqnSoNUXqp0
QyizvOvamus1ERudcdKYV5rvAgMBAAGjggMuMIIDKjAdBgNVHQ4EFgQU57QbPSVu
xr0M5xIbNw3kdBuDXmEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM2QTM5LzczMEYwMEIyQjFDNDExRTlCRUNCMTgyNUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDNkEzOS83MzBGMDBCMkIxQzQxMUU5QkVDQjE4MjVDNEY5QUUwMi81N1FiUFNW
dXhyME01eEliTncza2RCdURYbUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQgBAf8EDzAN
oAswCQICJAACAwDbczA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBXqQIAME
BcqawAMEBcuHQDANBAIAAjAHAwUAJAJJADANBgkqhkiG9w0BAQsFAAOCAQEAi4JB
RzDd9hKVt/iwYo4umlL8OvOQSbrYO5m2a1iMK8u7ewtnkep0rOx0CuGmTCgCjin3
NqkmnYCcwAfZ5W2LBPXmFeNEA8W+rzPfIclL0gJtBOR8nivUkRiN24NnCuQ8PU9d
34ig02t4OLClAy6FzlmH+8twNwGhMdIMsZ65GowCEQAiyf5YheK7n4xazqdiKAGu
AZD84iYKYySpLryaluGtLFUsyuNcFDO00FxiTLFdQYJvtY5XBz6LeROofmQHQBKW
A+/MIBQgzNmLQpZyZ0W9mPW47FD5e8w7AqSD9x3nWPoS9/Yy+HPPR+236MMaNBHI
ENpSJpTOiyNSdjrJRw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:24:22 2024 by rpki-client on console-fra.rpki-client.org