Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/788FLZiSks6xBQkSnI3iA9SfaAQ.cer
File:                     788FLZiSks6xBQkSnI3iA9SfaAQ.cer (raw, json)
Hash identifier:          yfVtZThmX5V475wLqDPauFXtcsVTuWEo4BuCWSrg5ZM=
Subject key identifier:   EF:CF:05:2D:98:92:92:CE:B1:05:09:12:9C:8D:E2:03:D4:9F:68:04
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01F8D0
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/788FLZiSks6xBQkSnI3iA9SfaAQ.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 12 Jun 2024 19:04:35 +0000
Certificate not after:    Wed 30 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 136379
                          AS: 149448
                          AS: 150158
                          IP: 103.138.192.0/23
                          IP: 2001:df0:5080::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 129232 (0x1f8d0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jun 12 19:04:35 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=A91EB9C0/serialNumber=EFCF052D989292CEB10509129C8DE203D49F6804
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:eb:b6:a1:bf:12:c4:5a:94:e3:45:9e:e7:e7:
                    ed:c9:ca:d6:ba:ed:c6:99:b1:ca:ed:9c:4c:21:7c:
                    1d:79:4d:a0:d0:76:05:95:8c:7c:92:f2:37:45:56:
                    b1:14:c4:24:74:9b:bc:b6:fb:ac:3e:b1:b5:ca:b6:
                    bc:71:b0:b5:88:2a:2e:23:a1:54:b3:a6:15:30:86:
                    97:5b:10:00:c4:95:7a:5a:6c:93:26:30:74:cf:4f:
                    b5:6c:4b:b8:ec:64:42:ce:ed:2d:ba:f3:7c:a4:8d:
                    9a:dd:97:39:0f:00:09:06:43:3a:15:9f:c2:66:c9:
                    52:03:10:d5:e0:73:94:95:e7:0c:db:3e:38:8e:3b:
                    55:80:c8:24:8d:38:fd:2a:1d:e0:e0:e4:7a:51:9c:
                    80:1b:0e:3e:69:eb:0c:d7:64:e1:44:bc:34:b0:83:
                    0d:2e:29:d2:28:89:0c:5f:5a:0f:38:b4:ea:4c:83:
                    25:91:88:60:ea:e8:d7:e4:2d:4b:2a:c9:da:b9:c8:
                    56:ad:03:a4:8f:43:8e:4d:19:07:2d:4f:f3:af:a7:
                    0b:8d:f9:31:be:23:e9:11:79:47:d8:20:75:e1:d7:
                    a1:a5:bf:7b:97:01:62:04:89:3f:35:65:af:fb:9c:
                    c0:da:bb:39:3e:7b:5d:86:12:f3:8b:31:f8:74:f2:
                    b5:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:CF:05:2D:98:92:92:CE:B1:05:09:12:9C:8D:E2:03:D4:9F:68:04
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/788FLZiSks6xBQkSnI3iA9SfaAQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  136379
                  149448
                  150158

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.138.192.0/23
                IPv6:
                  2001:df0:5080::/48

    Signature Algorithm: sha256WithRSAEncryption
         6d:32:f3:13:a1:5c:d5:08:8e:a9:9c:53:6d:2f:9b:49:ae:0a:
         95:15:7b:d9:2d:61:2c:95:7d:65:ea:6e:f3:a5:ae:0f:5a:d6:
         bc:78:7c:c1:4c:4c:40:54:4d:93:dc:dc:66:c6:f2:ef:3d:ff:
         00:d5:66:d4:5e:e8:2d:57:c5:eb:8d:7e:75:2d:c7:cf:3e:2b:
         ef:bf:b7:91:3a:e7:5d:c4:f0:7a:71:99:6f:f7:5c:21:cd:b3:
         d6:b1:db:8e:82:53:d0:a2:c3:fd:df:8e:0e:23:fd:e2:d3:14:
         97:de:a4:57:d1:dd:25:8b:e7:d6:1a:79:70:27:7e:82:f4:37:
         32:21:ce:b7:69:86:67:b0:1a:c0:a3:29:49:1f:4b:94:4a:aa:
         b2:73:f5:42:34:52:09:0c:85:74:cc:1b:23:7e:ec:e1:e5:c6:
         80:5c:49:b8:ee:42:06:3e:fb:8d:05:96:d7:53:d8:8d:88:8e:
         75:74:11:50:55:76:71:15:3a:0b:de:aa:e2:10:78:b2:8b:6f:
         d8:b8:41:53:f2:c8:10:63:09:21:04:b5:ea:a8:5a:18:87:20:
         fc:f4:90:d1:a1:66:bd:03:01:09:ec:1c:0d:31:04:dd:ef:71:
         71:60:8a:99:57:ac:d0:60:39:f8:97:c6:5f:46:5f:bc:1c:bf:
         c4:f8:2c:70
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgIDAfjQMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDYxMjE5MDQzNVoXDTI1MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRUI5QzAxMTAvBgNVBAUTKEVGQ0YwNTJEOTg5MjkyQ0VCMTA1MDkx
MjlDOERFMjAzRDQ5RjY4MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/67ahvxLEWpTjRZ7n5+3Jyta67caZscrtnEwhfB15TaDQdgWVjHyS8jdFVrEU
xCR0m7y2+6w+sbXKtrxxsLWIKi4joVSzphUwhpdbEADElXpabJMmMHTPT7VsS7js
ZELO7S2683ykjZrdlzkPAAkGQzoVn8JmyVIDENXgc5SV5wzbPjiOO1WAyCSNOP0q
HeDg5HpRnIAbDj5p6wzXZOFEvDSwgw0uKdIoiQxfWg84tOpMgyWRiGDq6NfkLUsq
ydq5yFatA6SPQ45NGQctT/OvpwuN+TG+I+kReUfYIHXh16Glv3uXAWIEiT81Za/7
nMDauzk+e12GEvOLMfh08rWfAgMBAAGjggMqMIIDJjAdBgNVHQ4EFgQU788FLZiS
ks6xBQkSnI3iA9SfaAQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVCOUMwL0QzNjRGMENDRDIxQTExRTk4M0Y5RTUyNEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFQjlDMC9EMzY0RjBDQ0QyMUExMUU5ODNGOUU1MjRDNEY5QUUwMi83ODhGTFpp
U2tzNnhCUWtTbkkzaUE5U2ZhQVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQgBAf8EFTAT
oBEwDwIDAhS7AgMCR8gCAwJKjjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgME
AWeKwDAPBAIAAjAJAwcAIAEN8FCAMA0GCSqGSIb3DQEBCwUAA4IBAQBtMvMToVzV
CI6pnFNtL5tJrgqVFXvZLWEslX1l6m7zpa4PWta8eHzBTExAVE2T3NxmxvLvPf8A
1WbUXugtV8XrjX51LcfPPivvv7eROuddxPB6cZlv91whzbPWsduOglPQosP9344O
I/3i0xSX3qRX0d0li+fWGnlwJ36C9DcyIc63aYZnsBrAoylJH0uUSqqyc/VCNFIJ
DIV0zBsjfuzh5caAXEm47kIGPvuNBZbXU9iNiI51dBFQVXZxFToL3qriEHiyi2/Y
uEFT8sgQYwkhBLXqqFoYhyD89JDRoWa9AwEJ7BwNMQTd73FxYIqZV6zQYDn4l8Zf
Rl+8HL/E+Cxw
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:10 2024 by rpki-client on console-fra.rpki-client.org