Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7FGp6gbByFf0jr0tJzpB8gHqZDQ.cer
File:                     7FGp6gbByFf0jr0tJzpB8gHqZDQ.cer (raw, json)
Hash identifier:          b3eCDlx4NZnG6lrOaROIIaYxoQ1AWO00RxOoCUbONIQ=
Subject key identifier:   EC:51:A9:EA:06:C1:C8:57:F4:8E:BD:2D:27:3A:41:F2:01:EA:64:34
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CFCA
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A912DD15/C761A0AACC5211EDA8291D10C4F9AE02/7FGp6gbByFf0jr0tJzpB8gHqZDQ.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A912DD15/C761A0AACC5211EDA8291D10C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 05 Dec 2023 05:17:04 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 202.0.108.0/24
                          IP: 202.2.0.0/22
                          IP: 203.7.130.0/23
                          IP: 203.26.100.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118730 (0x1cfca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec  5 05:17:04 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A912DD15/serialNumber=EC51A9EA06C1C857F48EBD2D273A41F201EA6434
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:74:0a:bb:a0:b2:c4:0f:22:83:76:54:c3:d2:
                    58:6f:d1:91:fa:20:57:d9:fe:63:69:fd:5a:c5:d3:
                    f0:3d:b5:48:e4:f6:c1:b3:ba:ef:4e:48:a5:19:62:
                    8f:a9:30:6d:80:1b:4f:64:08:55:87:4d:7e:81:82:
                    96:54:a2:73:31:a3:b9:2a:f0:da:41:b0:47:76:b2:
                    2e:84:08:bf:ba:58:25:17:b4:d8:e4:d0:6a:f2:93:
                    ed:10:89:ae:07:cd:e0:3c:53:3a:ad:c5:f5:28:33:
                    a7:09:68:1f:2b:6c:4a:7e:f2:ec:7a:13:23:18:c6:
                    2b:b3:b4:e2:ed:29:13:5c:39:ca:a7:79:79:8a:ec:
                    08:07:a8:d2:c2:11:93:1b:0d:39:4a:cf:6c:1e:8b:
                    b2:ce:dd:e6:b5:86:3e:78:de:1a:ad:c7:76:44:4a:
                    17:09:9b:13:23:f2:4b:21:0a:c0:4e:82:5a:a0:63:
                    54:a7:76:85:3e:90:85:30:be:98:21:30:52:b1:87:
                    4a:3c:36:73:a7:cc:01:b5:56:8e:e4:06:5e:86:a3:
                    5e:82:ac:52:24:12:4d:f5:05:a0:87:78:e5:25:c0:
                    8f:f9:d9:2b:26:7a:fa:20:5d:db:81:6f:ea:42:85:
                    85:bb:ce:8d:15:99:a0:10:b3:86:2f:b6:5c:54:eb:
                    88:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:51:A9:EA:06:C1:C8:57:F4:8E:BD:2D:27:3A:41:F2:01:EA:64:34
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912DD15/C761A0AACC5211EDA8291D10C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912DD15/C761A0AACC5211EDA8291D10C4F9AE02/7FGp6gbByFf0jr0tJzpB8gHqZDQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.0.108.0/24
                  202.2.0.0/22
                  203.7.130.0/23
                  203.26.100.0/24

    Signature Algorithm: sha256WithRSAEncryption
         87:2e:55:58:21:0a:be:c3:5a:8a:e3:c4:c1:a4:f8:55:24:f2:
         3c:3e:03:6c:a7:69:3b:15:4f:76:ce:85:20:7d:d7:b2:63:0b:
         63:3d:71:70:60:df:71:74:69:36:d5:47:92:2c:5f:19:10:d0:
         82:98:bd:11:ea:ba:c0:3e:44:d4:5b:0c:52:e0:45:0f:a8:5f:
         0e:cf:c0:1c:55:c5:e8:e0:93:49:ad:c4:bb:98:0f:7e:ae:6c:
         f3:4c:54:02:8e:fa:15:38:1d:f6:ff:14:30:cc:da:85:3b:46:
         56:92:4a:61:e8:aa:92:f0:32:94:83:4b:03:39:c8:52:5a:36:
         50:51:67:a9:9c:88:a7:7f:3a:78:c0:05:11:f5:a5:72:70:a1:
         75:4a:1e:6a:a1:ce:ed:17:db:85:77:6e:cb:97:18:33:54:03:
         94:32:1f:66:25:1b:94:4e:2a:cc:32:59:e2:a0:d1:e2:3d:3d:
         68:01:e9:18:9c:1c:7b:b2:ea:ff:8e:1e:6e:a1:eb:36:56:60:
         51:e4:f8:f5:3a:22:ee:bc:43:8b:70:ba:92:5d:fb:0e:09:57:
         89:fa:34:f9:0f:f1:8a:a6:d7:0f:fc:6f:da:7b:07:98:02:4e:
         f9:4a:ee:15:ae:de:0b:9a:50:25:fc:8f:fa:1d:df:39:e5:21:
         54:8d:8e:c4
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgIDAc/KMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIwNTA1MTcwNFoXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMkREMTUxMTAvBgNVBAUTKEVDNTFBOUVBMDZDMUM4NTdGNDhFQkQy
RDI3M0E0MUYyMDFFQTY0MzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6dAq7oLLEDyKDdlTD0lhv0ZH6IFfZ/mNp/VrF0/A9tUjk9sGzuu9OSKUZYo+p
MG2AG09kCFWHTX6BgpZUonMxo7kq8NpBsEd2si6ECL+6WCUXtNjk0Gryk+0Qia4H
zeA8UzqtxfUoM6cJaB8rbEp+8ux6EyMYxiuztOLtKRNcOcqneXmK7AgHqNLCEZMb
DTlKz2wei7LO3ea1hj543hqtx3ZEShcJmxMj8kshCsBOglqgY1SndoU+kIUwvpgh
MFKxh0o8NnOnzAG1Vo7kBl6Go16CrFIkEk31BaCHeOUlwI/52SsmevogXduBb+pC
hYW7zo0VmaAQs4YvtlxU64jZAgMBAAGjggMFMIIDATAdBgNVHQ4EFgQU7FGp6gbB
yFf0jr0tJzpB8gHqZDQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJERDE1L0M3NjFBMEFBQ0M1MjExRURBODI5MUQxMEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyREQxNS9DNzYxQTBBQUNDNTIxMUVEQTgyOTFEMTBDNEY5QUUwMi83RkdwNmdi
QnlGZjBqcjB0SnpwQjhnSHFaRFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8EIjAg
MB4EAgABMBgDBADKAGwDBALKAgADBAHLB4IDBADLGmQwDQYJKoZIhvcNAQELBQAD
ggEBAIcuVVghCr7DWorjxMGk+FUk8jw+A2ynaTsVT3bOhSB917JjC2M9cXBg33F0
aTbVR5IsXxkQ0IKYvRHqusA+RNRbDFLgRQ+oXw7PwBxVxejgk0mtxLuYD36ubPNM
VAKO+hU4Hfb/FDDM2oU7RlaSSmHoqpLwMpSDSwM5yFJaNlBRZ6mciKd/OnjABRH1
pXJwoXVKHmqhzu0X24V3bsuXGDNUA5QyH2YlG5ROKswyWeKg0eI9PWgB6RicHHuy
6v+OHm6h6zZWYFHk+PU6Iu68Q4twupJd+w4JV4n6NPkP8Yqm1w/8b9p7B5gCTvlK
7hWu3guaUCX8j/od3znlIVSNjsQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:15:00 2024 by rpki-client on console-ams.rpki-client.org