Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5NzsWVobtnOJciNlasY5uVNS3XM.cer
File:                     5NzsWVobtnOJciNlasY5uVNS3XM.cer (raw, json)
Hash identifier:          C+T3IL/E9ETwkYnyw2wyCCxX9K75hvtkb6uf6gahKVc=
Subject key identifier:   E4:DC:EC:59:5A:1B:B6:73:89:72:23:65:6A:C6:39:B9:53:52:DD:73
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01FD45
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91D604E/91B5C0C0F4ED11E98CBFA013C4F9AE02/5NzsWVobtnOJciNlasY5uVNS3XM.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91D604E/91B5C0C0F4ED11E98CBFA013C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 02 Jul 2024 18:52:49 +0000
Certificate not after:    Sun 31 Aug 2025 00:00:00 +0000
Subordinate resources:    AS: 135517
                          AS: 149297
                          IP: 2400:f8c0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 130373 (0x1fd45)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul  2 18:52:49 2024 GMT
            Not After : Aug 31 00:00:00 2025 GMT
        Subject: CN=A91D604E/serialNumber=E4DCEC595A1BB673897223656AC639B95352DD73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:8f:b1:bf:ed:2a:ba:69:5f:c5:ec:2b:57:87:
                    18:f6:06:6f:84:0a:8e:c5:16:95:47:27:85:26:a4:
                    2c:12:f3:5b:48:9d:f3:a5:ee:29:2a:82:de:c1:0a:
                    42:0b:78:63:a5:92:f1:83:cf:37:ed:76:c1:b3:19:
                    c7:9a:3b:0b:47:88:a2:6c:99:fa:a5:ee:31:81:fd:
                    d9:06:d6:8b:e6:3b:13:fa:4c:96:78:97:5c:9c:07:
                    c4:70:83:15:ea:6e:7d:77:03:0d:c1:bd:54:a2:7f:
                    a9:19:50:6b:7d:e2:b9:2f:dd:dc:31:fc:15:81:a6:
                    e4:bb:37:5e:d1:8a:e8:86:b4:ab:13:01:c0:d5:80:
                    b9:39:fb:3b:58:ba:20:1a:d1:cf:8f:3a:10:59:18:
                    11:6b:f5:c5:ba:96:a6:16:61:4f:44:6e:c2:03:cf:
                    71:ea:6e:f4:52:ff:e1:d3:04:48:b2:2e:c6:6c:93:
                    80:8a:70:70:11:e6:9b:f7:d7:04:73:ff:2c:5f:27:
                    23:de:b1:3f:cc:3d:81:48:8c:33:91:42:76:29:17:
                    38:55:20:2a:7b:4c:bb:19:1e:21:ed:fc:19:e5:78:
                    9b:11:f1:c2:1b:a2:50:cd:13:76:88:75:cf:9a:32:
                    a8:d0:65:16:2a:94:6f:d5:78:97:93:1b:fc:d7:9f:
                    28:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:DC:EC:59:5A:1B:B6:73:89:72:23:65:6A:C6:39:B9:53:52:DD:73
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D604E/91B5C0C0F4ED11E98CBFA013C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D604E/91B5C0C0F4ED11E98CBFA013C4F9AE02/5NzsWVobtnOJciNlasY5uVNS3XM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  135517
                  149297

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:f8c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         9b:96:c0:5a:cb:9d:d9:67:4e:2c:45:78:95:17:fa:c4:d1:e7:
         79:62:be:ce:bb:63:8e:d8:3b:be:d7:b5:3e:d8:bc:c7:bc:c4:
         ed:67:17:31:bd:99:ca:28:d0:53:a7:15:a2:3b:52:3e:3b:84:
         26:d2:d2:c0:5b:48:c6:fb:6d:e4:4b:3a:47:82:48:24:2a:b0:
         35:9b:f2:22:c1:e8:86:09:75:a3:52:b9:bb:b1:19:f0:de:17:
         e8:02:d4:75:03:c4:76:b5:ff:4f:12:1e:86:a5:7b:e0:fd:a3:
         4e:07:b4:52:d6:a4:b3:0f:cb:ff:41:9d:ca:77:8f:34:8a:26:
         5b:d4:3b:3b:d2:9f:65:dc:20:52:09:e0:15:34:18:98:19:35:
         9c:49:1b:36:02:d5:a5:42:eb:a4:05:4b:4d:62:b3:c5:7b:ed:
         3d:42:35:ae:84:9e:31:1a:88:51:85:3b:80:08:31:76:66:72:
         9f:e0:70:c0:05:de:4f:cd:b3:d0:3a:b0:ae:ce:26:19:55:2d:
         6e:a2:76:e3:ee:fa:6e:0a:a3:7d:38:7d:b8:00:8a:ce:42:72:
         36:8f:b0:2e:16:6f:58:b5:2d:ee:ab:7c:6b:d0:d6:76:85:92:
         9d:77:e0:4e:03:4e:b9:55:3e:36:49:4b:0f:71:41:ac:9a:99:
         17:54:9d:e5
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgIDAf1FMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDcwMjE4NTI0OVoXDTI1MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDYwNEUxMTAvBgNVBAUTKEU0RENFQzU5NUExQkI2NzM4OTcyMjM2
NTZBQzYzOUI5NTM1MkRENzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMj7G/7Sq6aV/F7CtXhxj2Bm+ECo7FFpVHJ4UmpCwS81tInfOl7ikqgt7BCkIL
eGOlkvGDzzftdsGzGceaOwtHiKJsmfql7jGB/dkG1ovmOxP6TJZ4l1ycB8RwgxXq
bn13Aw3BvVSif6kZUGt94rkv3dwx/BWBpuS7N17RiuiGtKsTAcDVgLk5+ztYuiAa
0c+POhBZGBFr9cW6lqYWYU9EbsIDz3HqbvRS/+HTBEiyLsZsk4CKcHAR5pv31wRz
/yxfJyPesT/MPYFIjDORQnYpFzhVICp7TLsZHiHt/BnleJsR8cIbolDNE3aIdc+a
MqjQZRYqlG/VeJeTG/zXnyj7AgMBAAGjggMVMIIDETAdBgNVHQ4EFgQU5NzsWVob
tnOJciNlasY5uVNS3XMwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ2MDRFLzkxQjVDMEMwRjRFRDExRTk4Q0JGQTAxM0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFENjA0RS85MUI1QzBDMEY0RUQxMUU5OENCRkEwMTNDNEY5QUUwMi81TnpzV1Zv
YnRuT0pjaU5sYXNZNXVWTlMzWE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAhFdAgMCRzEwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAPjA
MA0GCSqGSIb3DQEBCwUAA4IBAQCblsBay53ZZ04sRXiVF/rE0ed5Yr7Ou2OO2Du+
17U+2LzHvMTtZxcxvZnKKNBTpxWiO1I+O4Qm0tLAW0jG+23kSzpHgkgkKrA1m/Ii
weiGCXWjUrm7sRnw3hfoAtR1A8R2tf9PEh6GpXvg/aNOB7RS1qSzD8v/QZ3Kd480
iiZb1Ds70p9l3CBSCeAVNBiYGTWcSRs2AtWlQuukBUtNYrPFe+09QjWuhJ4xGohR
hTuACDF2ZnKf4HDABd5PzbPQOrCuziYZVS1uonbj7vpuCqN9OH24AIrOQnI2j7Au
Fm9YtS3uq3xr0NZ2hZKdd+BOA065VT42SUsPcUGsmpkXVJ3l
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:09 2024 by rpki-client on console-fra.rpki-client.org