Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6wSl6qrVHVvys-1-Z1_U1Ka2QFk.cer
File:                     6wSl6qrVHVvys-1-Z1_U1Ka2QFk.cer (raw, json)
Hash identifier:          8vDJfG54kOJgZrZAkLxd3QFVNLsEHvoNrDPmyyfKGfo=
Subject key identifier:   EB:04:A5:EA:AA:D5:1D:5B:F2:B3:ED:7E:67:5F:D4:D4:A6:B6:40:59
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C069
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A918BFA2/137678201D9611E2B3FB577E08B02CD2/6wSl6qrVHVvys-1-Z1_U1Ka2QFk.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A918BFA2/137678201D9611E2B3FB577E08B02CD2/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 28 Sep 2023 14:56:07 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 55775
                          IP: 203.9.58.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 23:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 114793 (0x1c069)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Sep 28 14:56:07 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A918BFA2/serialNumber=EB04A5EAAAD51D5BF2B3ED7E675FD4D4A6B64059
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:33:09:dc:14:63:df:64:71:ac:6a:47:f9:d3:
                    61:58:99:56:dc:d5:39:f8:b8:54:1b:a0:ee:92:8c:
                    0d:19:c6:0b:4c:04:7d:6a:34:ba:23:f5:1e:6c:b0:
                    37:16:1d:16:29:9f:4c:05:44:2d:e2:e6:d2:d0:d6:
                    35:72:f5:55:df:24:2a:93:a8:45:2e:03:cc:71:af:
                    3a:0f:b4:5a:63:9c:8f:ab:0c:c4:9c:99:20:d0:07:
                    b2:68:e0:e4:e4:7f:53:7c:f2:a4:26:03:ee:81:7e:
                    d7:b9:19:6a:f3:40:6e:c1:92:a2:e5:7b:9b:f9:d3:
                    f7:07:5c:3f:06:24:68:82:c7:0b:6c:01:58:8d:60:
                    38:71:e7:64:99:dc:f7:76:3f:ec:33:88:0a:9b:12:
                    08:35:76:51:47:6c:a5:4e:59:a6:3a:cd:1d:be:93:
                    09:89:df:1a:a1:58:df:86:f0:7a:2b:ab:29:d4:d0:
                    d2:9a:f6:a0:0d:a2:a4:18:69:01:e4:c1:7e:03:f2:
                    6a:7c:5b:1d:db:36:2a:83:be:90:be:f1:14:54:49:
                    52:88:fa:12:bb:16:3c:dd:42:f6:d4:75:d7:22:09:
                    8d:28:46:81:98:95:6c:1f:0d:19:ee:15:91:17:c5:
                    ec:bc:a9:ab:d5:94:49:02:a8:8c:52:9b:ad:cc:ca:
                    a6:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:04:A5:EA:AA:D5:1D:5B:F2:B3:ED:7E:67:5F:D4:D4:A6:B6:40:59
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918BFA2/137678201D9611E2B3FB577E08B02CD2/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918BFA2/137678201D9611E2B3FB577E08B02CD2/6wSl6qrVHVvys-1-Z1_U1Ka2QFk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  55775

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.9.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:c9:2d:9a:25:19:66:c7:1b:2d:45:12:22:e8:56:43:5f:d7:
         65:38:98:42:be:98:a4:1e:35:02:c4:5b:b1:d4:6c:0e:40:28:
         55:09:e9:a3:63:fe:20:d0:d6:b0:3e:68:e1:6e:da:ed:46:bc:
         fe:93:ed:31:8e:c4:64:ff:7b:65:2b:08:47:9a:27:43:0f:52:
         f3:14:1d:8a:55:fa:94:a6:7b:ca:d5:48:9c:ae:02:7a:81:9d:
         69:4a:dd:26:54:f8:66:c6:1a:a1:62:98:c0:ce:0a:eb:91:6d:
         43:8c:4f:6a:ae:f7:bf:ce:43:74:65:ed:57:3b:fd:a5:af:b9:
         88:28:53:6e:85:fb:b2:61:cc:ec:93:43:b9:8e:9c:a3:cb:2f:
         28:2c:a7:fa:75:db:d1:78:a2:ec:8a:7b:a9:4f:cf:04:6e:02:
         8b:ed:0d:a6:c5:f5:15:db:ca:17:ec:11:dd:51:e2:27:7b:91:
         16:f2:88:f6:53:73:fa:69:b9:6e:7f:c8:d4:28:e4:ad:cd:8e:
         80:c0:c6:14:28:8c:a9:c9:1c:ec:93:e5:d7:db:0b:2a:b5:72:
         2c:a8:c8:c4:5f:ff:5f:f4:b6:e6:3a:33:aa:62:ea:a8:37:7b:
         b3:80:e7:1a:70:d2:a0:0a:8a:3c:74:c8:b8:4e:53:4d:33:ec:
         94:3f:13:40
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAcBpMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDkyODE0NTYwN1oXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOEJGQTIxMTAvBgNVBAUTKEVCMDRBNUVBQUFENTFENUJGMkIzRUQ3
RTY3NUZENEQ0QTZCNjQwNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCyMwncFGPfZHGsakf502FYmVbc1Tn4uFQboO6SjA0ZxgtMBH1qNLoj9R5ssDcW
HRYpn0wFRC3i5tLQ1jVy9VXfJCqTqEUuA8xxrzoPtFpjnI+rDMScmSDQB7Jo4OTk
f1N88qQmA+6Bfte5GWrzQG7BkqLle5v50/cHXD8GJGiCxwtsAViNYDhx52SZ3Pd2
P+wziAqbEgg1dlFHbKVOWaY6zR2+kwmJ3xqhWN+G8HorqynU0NKa9qANoqQYaQHk
wX4D8mp8Wx3bNiqDvpC+8RRUSVKI+hK7FjzdQvbUddciCY0oRoGYlWwfDRnuFZEX
xey8qavVlEkCqIxSm63MyqYrAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQU6wSl6qrV
HVvys+1+Z1/U1Ka2QFkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThCRkEyLzEzNzY3ODIwMUQ5NjExRTJCM0ZCNTc3RTA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4QkZBMi8xMzc2NzgyMDFEOTYxMUUyQjNGQjU3N0UwOEIwMkNEMi82d1NsNnFy
VkhWdnlzLTEtWjFfVTFLYTJRRmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDANnfMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAywk6MA0GCSqG
SIb3DQEBCwUAA4IBAQBAyS2aJRlmxxstRRIi6FZDX9dlOJhCvpikHjUCxFux1GwO
QChVCemjY/4g0NawPmjhbtrtRrz+k+0xjsRk/3tlKwhHmidDD1LzFB2KVfqUpnvK
1UicrgJ6gZ1pSt0mVPhmxhqhYpjAzgrrkW1DjE9qrve/zkN0Ze1XO/2lr7mIKFNu
hfuyYczsk0O5jpyjyy8oLKf6ddvReKLsinupT88EbgKL7Q2mxfUV28oX7BHdUeIn
e5EW8oj2U3P6abluf8jUKOStzY6AwMYUKIypyRzsk+XX2wsqtXIsqMjEX/9f9Lbm
OjOqYuqoN3uzgOcacNKgCoo8dMi4TlNNM+yUPxNA
-----END CERTIFICATE-----
Generated at Fri Mar 29 00:00:12 2024 by rpki-client on console-fra.rpki-client.org