Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/62gLfeTEobRDq9eZuvUkndSw6pA.cer
File:                     62gLfeTEobRDq9eZuvUkndSw6pA.cer (raw, json)
Hash identifier:          /9yr5ztahWBClabodSNmps94sGSoycxsJ5FwXLDYiCM=
Subject key identifier:   EB:68:0B:7D:E4:C4:A1:B4:43:AB:D7:99:BA:F5:24:9D:D4:B0:EA:90
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CC9D
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91DC866/6A0DF9BA1D9611E2B7B5057F08B02CD2/62gLfeTEobRDq9eZuvUkndSw6pA.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91DC866/6A0DF9BA1D9611E2B7B5057F08B02CD2/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 23 Nov 2023 20:25:59 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    AS: 38896
                          AS: 58425
                          IP: 103.2.144.0/22
                          IP: 121.58.184.0/21
                          IP: 122.129.96.0 -- 122.129.119.255
                          IP: 2402:8600::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 14:50:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117917 (0x1cc9d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov 23 20:25:59 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A91DC866/serialNumber=EB680B7DE4C4A1B443ABD799BAF5249DD4B0EA90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:51:3b:de:d6:a0:02:4b:ff:7b:ec:46:18:6f:
                    13:83:28:cc:87:3f:d5:04:54:6f:a3:b6:65:c1:1c:
                    3f:fa:bf:33:de:9a:1a:2b:fd:87:2c:a6:e2:33:8f:
                    27:11:84:da:0a:9d:45:27:f7:c2:42:0b:e9:8a:bf:
                    1f:22:cf:43:e1:f7:73:b5:39:0e:9a:09:0a:78:63:
                    cf:ae:af:d6:8e:ae:2c:7f:a8:03:a2:1f:53:b1:71:
                    18:0d:c6:73:c5:c3:52:bd:8f:93:aa:48:ad:96:ed:
                    84:fb:be:ba:74:ed:ef:5b:cc:d3:60:9b:c4:7a:74:
                    18:54:62:fc:0e:b2:3f:f8:c2:86:9f:1e:e0:d8:d0:
                    48:d1:fe:49:cc:91:ad:d3:13:63:84:9e:c1:9b:f3:
                    29:35:47:35:6f:13:fa:ad:11:34:4a:b9:df:90:2c:
                    e6:97:49:59:64:49:10:d9:eb:e8:70:87:45:d0:77:
                    c4:77:14:f3:55:1f:0f:73:dd:0f:6b:75:e5:a5:87:
                    b3:2d:7b:8d:6f:75:cb:ca:3a:f4:f2:a5:72:e5:08:
                    81:99:92:1b:15:ba:88:78:1e:85:06:06:7b:43:db:
                    7c:07:b1:8c:30:54:91:d7:14:18:4b:cf:53:71:60:
                    c4:63:75:e4:ca:77:11:10:de:f1:8e:53:ea:87:e1:
                    c6:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:68:0B:7D:E4:C4:A1:B4:43:AB:D7:99:BA:F5:24:9D:D4:B0:EA:90
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91DC866/6A0DF9BA1D9611E2B7B5057F08B02CD2/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91DC866/6A0DF9BA1D9611E2B7B5057F08B02CD2/62gLfeTEobRDq9eZuvUkndSw6pA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  38896
                  58425

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.2.144.0/22
                  121.58.184.0/21
                  122.129.96.0-122.129.119.255
                IPv6:
                  2402:8600::/32

    Signature Algorithm: sha256WithRSAEncryption
         50:bc:74:3b:50:18:ae:90:95:1d:fd:d3:0f:ef:ef:5a:18:f7:
         cf:66:32:25:39:16:3d:b6:11:67:67:a9:c3:47:5b:54:1e:af:
         24:e6:66:68:91:ee:9d:a9:ef:56:c7:1d:9a:72:97:7f:ad:fe:
         7d:59:78:80:f8:d2:b2:31:25:6a:bc:9a:8a:ff:cf:a0:90:7e:
         37:a1:41:ed:56:06:79:9e:ee:39:1c:12:8e:1d:b1:79:a3:2e:
         67:bb:f3:47:18:06:23:cb:8c:bb:b2:90:87:e9:a8:97:8e:2d:
         b3:fd:76:30:63:0d:58:bf:99:77:b7:d9:26:2a:cb:b4:0e:cf:
         43:98:f6:c5:58:ed:95:66:3f:8b:1e:34:83:ac:53:5f:c8:25:
         fe:0e:e5:1c:94:d9:c2:7a:45:d6:96:3e:68:dd:25:c7:a5:59:
         cb:75:91:20:8f:bd:33:9a:70:f5:ef:d8:88:03:56:dc:51:14:
         34:70:49:4e:8e:9a:ae:23:b1:32:40:2a:61:4b:25:90:99:e4:
         23:6b:91:b7:f1:93:03:06:be:ef:27:bb:d6:5e:6d:f1:29:5d:
         be:05:09:75:f5:b9:38:d0:70:63:1f:80:28:e3:ff:32:e7:ca:
         01:13:38:e0:07:7d:a4:8d:51:26:f6:75:44:3e:c7:b2:61:c6:
         5a:44:fe:af
-----BEGIN CERTIFICATE-----
MIIGQjCCBSqgAwIBAgIDAcydMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEyMzIwMjU1OVoXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxREM4NjYxMTAvBgNVBAUTKEVCNjgwQjdERTRDNEExQjQ0M0FCRDc5
OUJBRjUyNDlERDRCMEVBOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHUTve1qACS/977EYYbxODKMyHP9UEVG+jtmXBHD/6vzPemhor/YcspuIzjycR
hNoKnUUn98JCC+mKvx8iz0Ph93O1OQ6aCQp4Y8+ur9aOrix/qAOiH1OxcRgNxnPF
w1K9j5OqSK2W7YT7vrp07e9bzNNgm8R6dBhUYvwOsj/4woafHuDY0EjR/knMka3T
E2OEnsGb8yk1RzVvE/qtETRKud+QLOaXSVlkSRDZ6+hwh0XQd8R3FPNVHw9z3Q9r
deWlh7Mte41vdcvKOvTypXLlCIGZkhsVuoh4HoUGBntD23wHsYwwVJHXFBhLz1Nx
YMRjdeTKdxEQ3vGOU+qH4ca3AgMBAAGjggM3MIIDMzAdBgNVHQ4EFgQU62gLfeTE
obRDq9eZuvUkndSw6pAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MURDODY2LzZBMERGOUJBMUQ5NjExRTJCN0I1MDU3RjA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEQzg2Ni82QTBERjlCQTFEOTYxMUUyQjdCNTA1N0YwOEIwMkNEMi82MmdMZmVU
RW9iUkRxOWVadXZVa25kU3c2cEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAJfwAgMA5DkwQgYIKwYBBQUHAQcBAf8EMzAxMCAEAgABMBoDBAJnApAD
BAN5OrgwDAMEBXqBYAMEA3qBcDANBAIAAjAHAwUAJAKGADANBgkqhkiG9w0BAQsF
AAOCAQEAULx0O1AYrpCVHf3TD+/vWhj3z2YyJTkWPbYRZ2epw0dbVB6vJOZmaJHu
nanvVscdmnKXf63+fVl4gPjSsjElaryaiv/PoJB+N6FB7VYGeZ7uORwSjh2xeaMu
Z7vzRxgGI8uMu7KQh+mol44ts/12MGMNWL+Zd7fZJirLtA7PQ5j2xVjtlWY/ix40
g6xTX8gl/g7lHJTZwnpF1pY+aN0lx6VZy3WRII+9M5pw9e/YiANW3FEUNHBJTo6a
riOxMkAqYUslkJnkI2uRt/GTAwa+7ye71l5t8SldvgUJdfW5ONBwYx+AKOP/MufK
ARM44Ad9pI1RJvZ1RD7HsmHGWkT+rw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:07:52 2024 by rpki-client on console-ams.rpki-client.org