Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7ErjVswCMimNPNn9IEE1Z9u3_CU.cer
File:                     7ErjVswCMimNPNn9IEE1Z9u3_CU.cer (raw, json)
Hash identifier:          WbTvQX7EcrOmdp8z07MsqF6HToinkjpVpxn0aEVoy+M=
Subject key identifier:   EC:4A:E3:56:CC:02:32:29:8D:3C:D9:FD:20:41:35:67:DB:B7:FC:25
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01FD41
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91830A5/D82418FE516611ECAD565867C4F9AE02/7ErjVswCMimNPNn9IEE1Z9u3_CU.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91830A5/D82418FE516611ECAD565867C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 02 Jul 2024 18:27:24 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    AS: 58434
                          IP: 203.96.252.0/22
                          IP: 203.147.92.0/22
                          IP: 2402:2f00::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 11:16:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 130369 (0x1fd41)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul  2 18:27:24 2024 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A91830A5/serialNumber=EC4AE356CC0232298D3CD9FD20413567DBB7FC25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:92:cb:e2:90:4f:ed:64:aa:6b:33:05:ee:d4:
                    83:42:f5:3a:a0:50:f5:e0:26:aa:71:19:dd:59:eb:
                    2a:15:7a:5f:e9:da:48:a9:66:b5:bd:b7:f3:a7:03:
                    5d:c7:6c:53:74:8d:1b:3b:14:b9:15:11:2f:13:5b:
                    91:27:fc:1e:a8:b7:9f:4c:53:2c:2f:a2:76:90:fa:
                    0b:24:91:b4:b6:97:b8:ec:39:f5:38:20:4c:a1:71:
                    43:f5:21:1a:18:50:2e:25:86:72:5a:05:3d:4b:c4:
                    36:e1:6b:5a:37:d0:2b:d0:2c:a5:3d:5e:46:dd:34:
                    82:13:3d:5d:91:27:c8:e3:4d:45:77:c6:c9:17:00:
                    93:5e:15:84:0c:b9:cc:bb:fd:02:29:81:f3:13:60:
                    fc:de:9a:9e:96:e4:ce:48:00:d5:86:76:dc:ee:a2:
                    82:79:e0:7f:1b:17:0b:29:5d:f0:d1:96:87:25:b9:
                    f9:fa:bb:ac:6d:d0:a8:5d:a8:89:fc:9b:b2:d2:dd:
                    c3:72:ca:a1:37:83:4e:df:72:4b:f0:9b:3b:d4:84:
                    b7:c6:ea:17:c7:26:97:e5:6f:3d:4e:a2:46:67:c0:
                    54:4a:99:17:c2:51:7e:3a:b3:e0:1b:42:24:d2:e5:
                    0f:05:ad:1a:a1:e7:70:cd:fb:7a:0a:44:aa:68:8b:
                    28:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:4A:E3:56:CC:02:32:29:8D:3C:D9:FD:20:41:35:67:DB:B7:FC:25
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91830A5/D82418FE516611ECAD565867C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91830A5/D82418FE516611ECAD565867C4F9AE02/7ErjVswCMimNPNn9IEE1Z9u3_CU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  58434

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.96.252.0/22
                  203.147.92.0/22
                IPv6:
                  2402:2f00::/32

    Signature Algorithm: sha256WithRSAEncryption
         6b:05:b9:ba:e2:be:45:dc:d1:c7:01:de:0f:1f:6e:cb:8a:e6:
         e7:6c:f1:e3:84:2c:62:55:a5:21:e4:a2:c5:84:fe:5f:4d:12:
         7f:91:f7:c5:17:37:8e:18:69:51:68:a5:23:cb:a3:44:92:53:
         d1:f0:80:cd:83:e2:cb:c9:6e:4c:fd:74:a6:a9:87:f8:46:d2:
         28:96:11:cd:cf:c2:88:6d:fe:ab:7d:90:9a:3e:ce:35:3d:97:
         8c:fd:49:60:c0:e0:cf:77:f1:1a:e8:8f:96:5b:6f:39:71:11:
         53:a4:01:12:b9:21:10:01:ae:4b:ed:00:e9:4f:03:2a:4a:b4:
         d8:27:f8:ad:e0:d9:e3:e6:76:3b:4c:85:0c:58:ab:c0:1a:a5:
         2a:83:c4:bb:d1:33:59:1e:11:ca:20:0b:1e:f8:fc:e6:ba:02:
         7d:70:84:25:66:4f:34:90:4d:be:c9:dd:12:76:3f:80:07:fb:
         77:15:14:a2:88:42:fa:88:76:3a:b4:03:ae:20:a7:2f:37:8d:
         a7:df:2f:fe:9b:fa:0d:4c:77:64:17:85:34:05:05:22:9c:67:
         a2:4f:a2:88:2d:45:c9:60:9a:4d:18:8e:78:f1:01:d4:67:1b:
         17:27:14:2d:fe:d8:14:21:69:b3:0a:74:f1:a1:2f:80:0f:17:
         bb:94:33:1a
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAf1BMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDcwMjE4MjcyNFoXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxODMwQTUxMTAvBgNVBAUTKEVDNEFFMzU2Q0MwMjMyMjk4RDNDRDlG
RDIwNDEzNTY3REJCN0ZDMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCqksvikE/tZKprMwXu1INC9TqgUPXgJqpxGd1Z6yoVel/p2kipZrW9t/OnA13H
bFN0jRs7FLkVES8TW5En/B6ot59MUywvonaQ+gskkbS2l7jsOfU4IEyhcUP1IRoY
UC4lhnJaBT1LxDbha1o30CvQLKU9XkbdNIITPV2RJ8jjTUV3xskXAJNeFYQMucy7
/QIpgfMTYPzemp6W5M5IANWGdtzuooJ54H8bFwspXfDRloclufn6u6xt0KhdqIn8
m7LS3cNyyqE3g07fckvwmzvUhLfG6hfHJpflbz1OokZnwFRKmRfCUX46s+AbQiTS
5Q8FrRqh53DN+3oKRKpoiyilAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQU7ErjVswC
MimNPNn9IEE1Z9u3/CUwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTgzMEE1L0Q4MjQxOEZFNTE2NjExRUNBRDU2NTg2N0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4MzBBNS9EODI0MThGRTUxNjYxMUVDQUQ1NjU4NjdDNEY5QUUwMi83RXJqVnN3
Q01pbU5QTm45SUVFMVo5dTNfQ1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAORCMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCy2D8AwQCy5Nc
MA0EAgACMAcDBQAkAi8AMA0GCSqGSIb3DQEBCwUAA4IBAQBrBbm64r5F3NHHAd4P
H27LiubnbPHjhCxiVaUh5KLFhP5fTRJ/kffFFzeOGGlRaKUjy6NEklPR8IDNg+LL
yW5M/XSmqYf4RtIolhHNz8KIbf6rfZCaPs41PZeM/UlgwODPd/Ea6I+WW285cRFT
pAESuSEQAa5L7QDpTwMqSrTYJ/it4Nnj5nY7TIUMWKvAGqUqg8S70TNZHhHKIAse
+PzmugJ9cIQlZk80kE2+yd0Sdj+AB/t3FRSiiEL6iHY6tAOuIKcvN42n3y/+m/oN
THdkF4U0BQUinGeiT6KILUXJYJpNGI548QHUZxsXJxQt/tgUIWmzCnTxoS+ADxe7
lDMa
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:37:13 2024 by rpki-client on console-ams.rpki-client.org