Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5iFGnNWlePlHq0frDs6Ik5uH6_s.cer
File:                     5iFGnNWlePlHq0frDs6Ik5uH6_s.cer (raw, json)
Hash identifier:          Ebx5kJvLx/hXw+NrgJ0sAPjzzFJiu8K6mN/Bs4wDTxI=
Subject key identifier:   E6:21:46:9C:D5:A5:78:F9:47:AB:47:EB:0E:CE:88:93:9B:87:EB:FB
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D0D6
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9170982/D8B68696AC1311ECB776B209C4F9AE02/5iFGnNWlePlHq0frDs6Ik5uH6_s.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9170982/D8B68696AC1311ECB776B209C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sat 09 Dec 2023 02:49:09 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    IP: 103.23.64.0/22
                          IP: 2406:9f00::/31

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118998 (0x1d0d6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec  9 02:49:09 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A9170982/serialNumber=E621469CD5A578F947AB47EB0ECE88939B87EBFB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:75:e4:01:55:c3:9b:2e:35:e2:6e:5f:09:ed:
                    07:6e:4f:8c:b0:9a:7d:5d:33:ca:19:a8:aa:28:ed:
                    3c:cd:86:a5:25:15:a5:4e:0d:82:38:91:ca:26:2d:
                    77:7b:50:90:68:e5:0f:fc:76:89:5a:ae:c8:0e:ae:
                    56:09:54:3a:ff:a3:ed:a0:83:7f:7f:99:5c:04:75:
                    52:dc:03:47:fc:78:5c:53:91:a5:1e:09:5b:a3:84:
                    dc:e1:a5:fe:81:fd:61:ac:01:f5:fb:c2:3d:04:d6:
                    22:9d:43:40:1f:bf:99:43:5d:66:71:5b:f2:f1:bf:
                    08:a3:2e:83:8f:9e:bd:e3:68:e6:08:5f:8c:5f:d7:
                    b0:b7:ee:4d:b5:4d:74:b1:dd:29:76:2b:a0:3c:d9:
                    fb:f7:57:9e:25:f3:85:82:91:03:d6:5c:24:97:31:
                    d8:b2:68:67:d7:78:1f:3a:d9:12:03:ca:07:2b:56:
                    b1:2d:38:6b:c9:a1:30:d3:5e:69:1f:9f:4d:e9:93:
                    25:5b:09:f4:bf:33:46:bf:33:4f:52:ac:eb:fb:f9:
                    b2:44:7d:6e:0c:f0:da:58:5f:aa:50:4e:f1:1c:58:
                    84:81:85:d3:e0:6a:9b:b2:0f:00:0f:59:cf:f3:41:
                    88:f9:19:fe:77:4b:a1:d8:d6:73:a9:a4:14:07:f4:
                    a3:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:21:46:9C:D5:A5:78:F9:47:AB:47:EB:0E:CE:88:93:9B:87:EB:FB
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9170982/D8B68696AC1311ECB776B209C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9170982/D8B68696AC1311ECB776B209C4F9AE02/5iFGnNWlePlHq0frDs6Ik5uH6_s.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.23.64.0/22
                IPv6:
                  2406:9f00::/31

    Signature Algorithm: sha256WithRSAEncryption
         18:d8:05:34:e3:25:7e:63:2d:ac:9d:f2:5e:15:d2:bb:10:d2:
         6d:74:6d:31:8a:e2:2f:f3:e2:89:ac:db:71:b4:02:76:8e:09:
         80:0d:68:0a:7e:99:b7:65:12:28:bc:b7:85:de:24:0e:5c:83:
         a0:8f:6b:35:d8:8e:e3:9e:94:af:d4:e1:e8:00:cd:32:12:1f:
         a1:68:2c:9e:74:d8:6b:ef:de:da:d1:ee:dc:6a:65:82:70:f7:
         60:e8:90:13:4e:a4:af:db:38:31:31:78:ed:e4:74:db:a0:e1:
         fa:96:b4:78:5b:a5:03:95:15:c8:3b:f4:07:a3:cc:e1:d8:58:
         65:26:b3:f3:bd:f7:36:43:14:84:14:7d:85:6e:77:56:48:35:
         ca:63:76:c7:c0:51:96:5b:36:3c:c9:71:c0:14:d8:33:36:32:
         fe:b5:c3:b5:4f:ab:c8:ed:ea:03:7c:95:85:9c:e1:76:f3:52:
         3c:d1:ce:1b:37:57:f1:bd:c9:df:96:e7:68:50:3a:c6:c4:c8:
         08:60:6c:fe:fe:d7:04:78:aa:d7:fe:9c:18:e8:61:42:c8:f7:
         33:dd:5e:65:17:da:ed:61:7a:02:c7:3e:b5:ab:d7:e4:1f:a8:
         ff:d0:51:b2:95:c2:72:54:c9:4c:9a:1c:4f:65:30:35:b7:13:
         4b:35:cc:06
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgIDAdDWMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIwOTAyNDkwOVoXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNzA5ODIxMTAvBgNVBAUTKEU2MjE0NjlDRDVBNTc4Rjk0N0FCNDdF
QjBFQ0U4ODkzOUI4N0VCRkIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQdeQBVcObLjXibl8J7QduT4ywmn1dM8oZqKoo7TzNhqUlFaVODYI4kcomLXd7
UJBo5Q/8dolarsgOrlYJVDr/o+2gg39/mVwEdVLcA0f8eFxTkaUeCVujhNzhpf6B
/WGsAfX7wj0E1iKdQ0Afv5lDXWZxW/LxvwijLoOPnr3jaOYIX4xf17C37k21TXSx
3Sl2K6A82fv3V54l84WCkQPWXCSXMdiyaGfXeB862RIDygcrVrEtOGvJoTDTXmkf
n03pkyVbCfS/M0a/M09SrOv7+bJEfW4M8NpYX6pQTvEcWISBhdPgapuyDwAPWc/z
QYj5Gf53S6HY1nOppBQH9KPrAgMBAAGjggMCMIIC/jAdBgNVHQ4EFgQU5iFGnNWl
ePlHq0frDs6Ik5uH6/swHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTcwOTgyL0Q4QjY4Njk2QUMxMzExRUNCNzc2QjIwOUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3MDk4Mi9EOEI2ODY5NkFDMTMxMUVDQjc3NkIyMDlDNEY5QUUwMi81aUZHbk5X
bGVQbEhxMGZyRHM2SWs1dUg2X3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8EHzAd
MAwEAgABMAYDBAJnF0AwDQQCAAIwBwMFASQGnwAwDQYJKoZIhvcNAQELBQADggEB
ABjYBTTjJX5jLayd8l4V0rsQ0m10bTGK4i/z4oms23G0AnaOCYANaAp+mbdlEii8
t4XeJA5cg6CPazXYjuOelK/U4egAzTISH6FoLJ502Gvv3trR7txqZYJw92DokBNO
pK/bODExeO3kdNug4fqWtHhbpQOVFcg79AejzOHYWGUms/O99zZDFIQUfYVud1ZI
NcpjdsfAUZZbNjzJccAU2DM2Mv61w7VPq8jt6gN8lYWc4XbzUjzRzhs3V/G9yd+W
52hQOsbEyAhgbP7+1wR4qtf+nBjoYULI9zPdXmUX2u1hegLHPrWr1+QfqP/QUbKV
wnJUyUyaHE9lMDW3E0s1zAY=
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:01 2024 by rpki-client on console-fra.rpki-client.org