Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5dmsjXWxbbnyPICt2LO72OWLaHg.cer
File:                     5dmsjXWxbbnyPICt2LO72OWLaHg.cer (raw, json)
Hash identifier:          rQRI5HVc7VeuMpcB9x/s2OFnUuMoq87kI1J3eK9Wkng=
Subject key identifier:   E5:D9:AC:8D:75:B1:6D:B9:F2:3C:80:AD:D8:B3:BB:D8:E5:8B:68:78
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01DC49
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91D8400/F681BBA4781111ECA397D034C4F9AE02/5dmsjXWxbbnyPICt2LO72OWLaHg.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91D8400/F681BBA4781111ECA397D034C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 01 Feb 2024 02:44:08 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 149310
                          IP: 103.178.118.0/23
                          IP: 2400:4660::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 12:32:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121929 (0x1dc49)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb  1 02:44:08 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A91D8400/serialNumber=E5D9AC8D75B16DB9F23C80ADD8B3BBD8E58B6878
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:e2:94:12:d2:88:85:62:db:8b:d8:00:ed:0b:
                    bb:2b:30:6a:ae:35:69:5d:3b:2b:e7:cc:c2:7c:75:
                    e3:1f:be:a0:26:35:7f:fa:c9:d8:59:45:64:01:90:
                    24:d3:d8:01:fd:3e:2c:67:96:5e:93:56:58:92:db:
                    dc:49:8c:00:fe:df:53:85:90:cc:3f:59:4d:fc:5e:
                    bc:6f:c9:38:e2:c2:4c:51:88:17:c2:76:bf:4e:79:
                    ef:a6:b3:6d:0f:b0:bb:9a:23:0a:54:fd:89:0c:7d:
                    d5:e9:70:47:c0:df:ba:be:2c:b6:47:14:f5:22:c0:
                    04:6e:70:fe:6d:84:61:99:9f:51:25:c6:e7:51:e9:
                    34:08:e1:5b:e6:ea:74:f4:cd:47:ca:f6:2c:5e:89:
                    48:aa:4a:43:6e:52:45:19:79:89:30:c3:03:07:f3:
                    14:8e:de:eb:87:e4:c1:ff:b6:3e:ef:6b:78:89:e4:
                    7e:15:30:29:6e:51:64:cd:6a:f3:60:cf:d1:86:26:
                    1e:43:b1:88:c2:b4:23:59:e1:e5:d0:1b:ab:a7:84:
                    da:82:e6:3b:05:38:bf:7e:52:04:ee:26:a1:48:42:
                    c7:c0:12:84:7d:8e:2f:11:db:da:db:1c:b0:7e:d6:
                    fa:49:94:8e:b1:ed:73:c3:3e:76:66:e9:da:3c:ba:
                    97:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:D9:AC:8D:75:B1:6D:B9:F2:3C:80:AD:D8:B3:BB:D8:E5:8B:68:78
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D8400/F681BBA4781111ECA397D034C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D8400/F681BBA4781111ECA397D034C4F9AE02/5dmsjXWxbbnyPICt2LO72OWLaHg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  149310

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.178.118.0/23
                IPv6:
                  2400:4660::/32

    Signature Algorithm: sha256WithRSAEncryption
         a6:8d:37:d2:dc:b8:17:a3:2d:23:2a:5a:08:c3:b6:a8:0d:b2:
         d9:23:7c:5a:50:6b:18:68:b1:c1:cd:be:33:04:14:88:da:1f:
         a8:01:96:4c:03:4c:4c:e7:ba:27:c1:ca:eb:ca:55:12:0d:c5:
         53:f8:d1:00:32:d6:a4:05:81:dd:c1:88:95:30:21:2a:75:fe:
         40:d1:e4:8b:4c:fc:d2:94:04:27:8a:8a:c0:88:1a:a7:c4:04:
         a1:db:c3:fe:48:3a:8a:13:dc:f1:e4:13:90:a8:b0:02:79:f1:
         e6:6d:46:de:d6:1c:a3:72:e8:ce:29:8e:0c:6a:9d:28:a5:fa:
         23:b2:ad:7a:76:ff:35:89:11:a4:a2:4f:b0:b4:b9:c0:4f:b6:
         3d:d6:a0:02:b3:9e:27:4d:3b:ee:07:6a:68:f5:17:69:68:4b:
         c7:fd:75:bb:ce:19:44:11:fb:9f:ee:bc:d1:30:40:b7:c5:f0:
         38:4f:a4:4f:38:db:5b:6d:e5:ec:cc:50:c2:64:da:ec:f1:f1:
         82:3c:bc:d9:24:50:59:c8:e6:8c:46:0f:ab:07:43:5d:83:be:
         c9:91:82:91:cc:12:cf:a7:bf:6c:f1:1d:b6:cc:e7:ce:e9:9c:
         18:69:82:c6:44:c7:47:f9:d2:85:96:8e:d6:9b:a0:89:9b:78:
         3a:09:4d:8f
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAdxJMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIwMTAyNDQwOFoXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDg0MDAxMTAvBgNVBAUTKEU1RDlBQzhENzVCMTZEQjlGMjNDODBB
REQ4QjNCQkQ4RTU4QjY4NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCu4pQS0oiFYtuL2ADtC7srMGquNWldOyvnzMJ8deMfvqAmNX/6ydhZRWQBkCTT
2AH9Pixnll6TVliS29xJjAD+31OFkMw/WU38XrxvyTjiwkxRiBfCdr9Oee+ms20P
sLuaIwpU/YkMfdXpcEfA37q+LLZHFPUiwARucP5thGGZn1ElxudR6TQI4Vvm6nT0
zUfK9ixeiUiqSkNuUkUZeYkwwwMH8xSO3uuH5MH/tj7va3iJ5H4VMCluUWTNavNg
z9GGJh5DsYjCtCNZ4eXQG6unhNqC5jsFOL9+UgTuJqFIQsfAEoR9ji8R29rbHLB+
1vpJlI6x7XPDPnZm6do8upeXAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQU5dmsjXWx
bbnyPICt2LO72OWLaHgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ4NDAwL0Y2ODFCQkE0NzgxMTExRUNBMzk3RDAzNEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEODQwMC9GNjgxQkJBNDc4MTExMUVDQTM5N0QwMzRDNEY5QUUwMi81ZG1zalhX
eGJibnlQSUN0MkxPNzJPV0xhSGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkc+MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ7J2MA0EAgAC
MAcDBQAkAEZgMA0GCSqGSIb3DQEBCwUAA4IBAQCmjTfS3LgXoy0jKloIw7aoDbLZ
I3xaUGsYaLHBzb4zBBSI2h+oAZZMA0xM57onwcrrylUSDcVT+NEAMtakBYHdwYiV
MCEqdf5A0eSLTPzSlAQniorAiBqnxASh28P+SDqKE9zx5BOQqLACefHmbUbe1hyj
cujOKY4Map0opfojsq16dv81iRGkok+wtLnAT7Y91qACs54nTTvuB2po9RdpaEvH
/XW7zhlEEfuf7rzRMEC3xfA4T6RPONtbbeXszFDCZNrs8fGCPLzZJFBZyOaMRg+r
B0Ndg77JkYKRzBLPp79s8R22zOfO6ZwYaYLGRMdH+dKFlo7Wm6CJm3g6CU2P
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:33:44 2024 by rpki-client on console-ams.rpki-client.org