Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7MBefFuSR4uMxDst35ql9slCnyE.cer
File:                     7MBefFuSR4uMxDst35ql9slCnyE.cer (raw, json)
Hash identifier:          gDmgN74IStOXDl1mDK/MYtLjg5jKOc0dGNL7ixyA/Q4=
Subject key identifier:   EC:C0:5E:7C:5B:92:47:8B:8C:C4:3B:2D:DF:9A:A5:F6:C9:42:9F:21
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D471
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9190D0D/F037BD08476611EAABB11A65C4F9AE02/7MBefFuSR4uMxDst35ql9slCnyE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9190D0D/F037BD08476611EAABB11A65C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 27 Dec 2023 17:37:12 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 139793
                          IP: 103.145.76.0/23
                          IP: 2001:df2:bf80::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119921 (0x1d471)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec 27 17:37:12 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A9190D0D/serialNumber=ECC05E7C5B92478B8CC43B2DDF9AA5F6C9429F21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:38:57:38:bf:b2:37:43:dd:8d:e3:dc:b2:02:
                    ac:af:89:78:23:83:ce:c4:a2:89:20:c1:ab:c0:64:
                    8c:fc:d0:1d:5d:9e:ff:b2:80:83:0f:f0:64:03:b5:
                    6c:17:f0:38:46:ce:24:e3:da:56:c6:e9:f3:b5:9c:
                    0e:2a:1f:7a:71:ae:81:16:8f:00:f0:69:ce:a8:87:
                    89:ec:d6:58:10:53:fd:19:ff:85:b0:5c:d7:67:7e:
                    97:d3:d3:47:b2:d5:cd:47:e0:1b:8b:9e:d8:53:c6:
                    41:ff:4f:00:58:eb:3e:3a:10:7b:e9:41:78:0d:8a:
                    ca:92:7e:03:74:b2:93:fe:0b:b5:28:58:44:f9:43:
                    e2:f2:9a:33:bb:53:c1:d6:38:54:a2:26:b0:5e:ce:
                    d3:11:8b:d0:9c:c0:c7:6e:d4:c5:d9:3d:f1:ae:b1:
                    37:18:bf:be:9e:95:e5:1b:74:1e:3a:52:13:79:80:
                    b1:46:79:c0:6d:1b:28:6b:39:87:e9:4a:11:e9:17:
                    4a:09:ae:41:39:4b:60:8c:64:93:9d:71:45:12:b6:
                    d5:0e:b9:34:86:ba:d4:4b:8e:35:97:ad:3e:79:92:
                    32:f2:51:13:d2:63:36:3f:77:f1:e9:39:4c:03:3b:
                    47:d9:93:a8:f5:2f:48:6b:18:c5:42:c6:ee:61:8f:
                    f6:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:C0:5E:7C:5B:92:47:8B:8C:C4:3B:2D:DF:9A:A5:F6:C9:42:9F:21
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9190D0D/F037BD08476611EAABB11A65C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9190D0D/F037BD08476611EAABB11A65C4F9AE02/7MBefFuSR4uMxDst35ql9slCnyE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  139793

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.145.76.0/23
                IPv6:
                  2001:df2:bf80::/48

    Signature Algorithm: sha256WithRSAEncryption
         45:f8:d3:8e:f9:8e:98:86:eb:64:63:b1:59:50:97:5d:20:33:
         cb:bf:f9:7a:d8:1a:37:4a:4f:91:4a:a1:71:e2:0a:10:65:0a:
         07:a5:c5:88:2b:5a:94:ab:5e:43:20:a2:c4:cd:be:b1:99:a7:
         21:a8:13:a2:51:92:45:bc:63:a1:a0:94:ef:71:f6:af:df:25:
         82:d4:7c:e9:13:86:73:56:2c:93:49:55:b2:41:01:5f:55:75:
         6b:41:67:a1:00:e9:55:13:12:14:6c:ad:54:db:1a:db:93:80:
         ad:32:9c:d9:fe:d3:60:d6:dd:aa:81:eb:98:4f:8d:e1:be:af:
         b8:b9:9c:0d:62:55:8f:c3:17:b0:23:18:c0:f3:df:3c:44:7b:
         6d:17:3e:4e:61:9d:cf:46:71:5c:90:2b:13:65:94:47:af:12:
         17:d5:f3:96:e3:4c:1a:f8:15:75:bf:bc:5d:1d:e0:7d:67:dd:
         d3:42:03:76:52:6c:74:db:d8:90:b4:63:eb:93:fc:f2:e7:a4:
         0a:ef:68:e8:eb:ef:b1:cc:8f:87:e4:b9:92:2a:06:2f:a6:74:
         3d:71:bf:39:f5:71:ad:0b:62:b3:d7:04:18:fd:50:32:02:ea:
         53:12:09:3f:71:e8:3c:6d:39:f3:25:02:5e:de:34:b9:88:90:
         79:69:c9:ef
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAdRxMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIyNzE3MzcxMloXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTBEMEQxMTAvBgNVBAUTKEVDQzA1RTdDNUI5MjQ3OEI4Q0M0M0Iy
RERGOUFBNUY2Qzk0MjlGMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCoOFc4v7I3Q92N49yyAqyviXgjg87EookgwavAZIz80B1dnv+ygIMP8GQDtWwX
8DhGziTj2lbG6fO1nA4qH3pxroEWjwDwac6oh4ns1lgQU/0Z/4WwXNdnfpfT00ey
1c1H4BuLnthTxkH/TwBY6z46EHvpQXgNisqSfgN0spP+C7UoWET5Q+LymjO7U8HW
OFSiJrBeztMRi9CcwMdu1MXZPfGusTcYv76eleUbdB46UhN5gLFGecBtGyhrOYfp
ShHpF0oJrkE5S2CMZJOdcUUSttUOuTSGutRLjjWXrT55kjLyURPSYzY/d/HpOUwD
O0fZk6j1L0hrGMVCxu5hj/apAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQU7MBefFuS
R4uMxDst35ql9slCnyEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTkwRDBEL0YwMzdCRDA4NDc2NjExRUFBQkIxMUE2NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5MEQwRC9GMDM3QkQwODQ3NjYxMUVBQUJCMTFBNjVDNEY5QUUwMi83TUJlZkZ1
U1I0dU14RHN0MzVxbDlzbENueUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiIRMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ5FMMA8EAgAC
MAkDBwAgAQ3yv4AwDQYJKoZIhvcNAQELBQADggEBAEX40475jpiG62RjsVlQl10g
M8u/+XrYGjdKT5FKoXHiChBlCgelxYgrWpSrXkMgosTNvrGZpyGoE6JRkkW8Y6Gg
lO9x9q/fJYLUfOkThnNWLJNJVbJBAV9VdWtBZ6EA6VUTEhRsrVTbGtuTgK0ynNn+
02DW3aqB65hPjeG+r7i5nA1iVY/DF7AjGMDz3zxEe20XPk5hnc9GcVyQKxNllEev
EhfV85bjTBr4FXW/vF0d4H1n3dNCA3ZSbHTb2JC0Y+uT/PLnpArvaOjr77HMj4fk
uZIqBi+mdD1xvzn1ca0LYrPXBBj9UDIC6lMSCT9x6DxtOfMlAl7eNLmIkHlpye8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:59:19 2024 by rpki-client on console-ams.rpki-client.org