Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7MHcgoj4Rakcn2zBh6mcmdkJjBw.cer
File:                     7MHcgoj4Rakcn2zBh6mcmdkJjBw.cer (raw, json)
Hash identifier:          XIAUoqFLYSYAfAi8wqi7T/Yp+lnJ7Y8azd9V8qcsUg0=
Subject key identifier:   EC:C1:DC:82:88:F8:45:A9:1C:9F:6C:C1:87:A9:9C:99:D9:09:8C:1C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D357
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91F9F87/7027C29C2A2011EAA1152C2EC4F9AE02/7MHcgoj4Rakcn2zBh6mcmdkJjBw.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91F9F87/7027C29C2A2011EAA1152C2EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 20 Dec 2023 22:33:15 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 139885
                          IP: 103.146.146.0/24
                          IP: 2001:df2:6380::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119639 (0x1d357)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec 20 22:33:15 2023 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A91F9F87/serialNumber=ECC1DC8288F845A91C9F6CC187A99C99D9098C1C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:57:f7:9d:9f:9c:e4:b0:73:d4:87:f0:5b:b2:
                    e1:ef:bc:b5:5b:3c:78:53:9a:fe:16:78:ba:15:55:
                    c0:59:fa:eb:61:bc:17:64:6e:1d:ed:bc:51:2f:4f:
                    e6:e5:78:48:33:22:3c:01:f2:c1:6f:68:1d:f1:a0:
                    62:37:be:3e:5f:82:2a:af:4a:ce:bf:f1:7b:a8:da:
                    59:bd:ab:ba:3a:5a:2f:8f:e9:a5:3c:ee:92:05:f1:
                    a1:e8:30:94:19:5d:9b:69:a5:22:35:84:e7:df:3d:
                    21:ee:a6:58:e4:7b:72:1a:80:23:91:4a:81:85:2d:
                    20:35:15:a6:3c:d3:11:eb:5e:a6:ee:ab:ec:40:d4:
                    74:d3:93:f3:27:c7:1c:f2:81:54:b4:48:a1:39:77:
                    9d:83:70:c9:e5:f7:90:4f:c3:89:b0:2b:d6:8a:ab:
                    67:b6:9a:bf:3d:f9:57:fe:6b:2e:0d:9d:d5:8a:1b:
                    d8:f5:03:1d:8a:e1:cd:9f:57:ca:40:80:45:ca:ff:
                    2f:16:75:05:ae:aa:04:1b:e2:e8:39:10:e9:25:b1:
                    c3:be:fd:33:11:2f:15:c0:b8:ba:3c:5d:cf:80:28:
                    8b:fc:18:e8:f9:53:ab:a9:18:71:d9:2b:be:7c:e1:
                    f1:b6:f9:59:18:2c:1f:67:f0:3c:df:72:58:3d:02:
                    91:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:C1:DC:82:88:F8:45:A9:1C:9F:6C:C1:87:A9:9C:99:D9:09:8C:1C
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F9F87/7027C29C2A2011EAA1152C2EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F9F87/7027C29C2A2011EAA1152C2EC4F9AE02/7MHcgoj4Rakcn2zBh6mcmdkJjBw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  139885

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.146.146.0/24
                IPv6:
                  2001:df2:6380::/48

    Signature Algorithm: sha256WithRSAEncryption
         6c:43:20:13:e8:36:35:bc:5e:f0:65:48:f8:65:6d:c8:fb:d4:
         3d:47:e4:4d:9b:58:c6:33:db:ee:69:52:69:83:df:43:8d:cc:
         8c:c8:7b:f1:49:7f:b4:b7:f8:7e:8b:bb:a4:d3:c5:79:80:77:
         1d:be:e5:b1:d9:81:d7:ee:c8:24:94:e9:59:be:bd:0e:81:84:
         20:a5:b0:f5:5d:d5:21:9c:d4:83:8b:fb:aa:55:1c:05:bc:14:
         c1:92:81:c8:3d:49:f6:0b:7b:b1:73:51:e6:23:03:13:78:28:
         87:9c:55:4b:0b:a0:31:67:e6:16:77:76:dd:6b:08:4e:ef:69:
         cd:25:e2:a8:83:e8:87:9f:f6:ca:d9:26:04:8c:c9:6a:ff:62:
         65:2f:5f:0a:75:0f:9b:d3:97:b7:c8:06:52:62:30:b2:e5:42:
         03:f0:7e:29:60:a3:47:ed:95:15:aa:c1:36:0e:82:d2:55:e9:
         f8:2f:e5:81:dd:56:6c:ac:15:ae:01:ee:b1:26:b7:f4:21:b0:
         40:a5:95:f4:b2:56:2a:03:fe:7e:5c:06:1f:1a:ba:53:9b:06:
         3a:51:2c:b2:52:10:5a:cf:26:d4:70:da:44:8f:97:20:75:76:
         7e:46:61:ee:75:9a:52:3d:b2:8e:4f:29:a1:37:09:41:49:3d:
         77:02:f3:59
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAdNXMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIyMDIyMzMxNVoXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRjlGODcxMTAvBgNVBAUTKEVDQzFEQzgyODhGODQ1QTkxQzlGNkND
MTg3QTk5Qzk5RDkwOThDMUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCpV/edn5zksHPUh/BbsuHvvLVbPHhTmv4WeLoVVcBZ+uthvBdkbh3tvFEvT+bl
eEgzIjwB8sFvaB3xoGI3vj5fgiqvSs6/8Xuo2lm9q7o6Wi+P6aU87pIF8aHoMJQZ
XZtppSI1hOffPSHupljke3IagCORSoGFLSA1FaY80xHrXqbuq+xA1HTTk/Mnxxzy
gVS0SKE5d52DcMnl95BPw4mwK9aKq2e2mr89+Vf+ay4NndWKG9j1Ax2K4c2fV8pA
gEXK/y8WdQWuqgQb4ug5EOklscO+/TMRLxXAuLo8Xc+AKIv8GOj5U6upGHHZK758
4fG2+VkYLB9n8Dzfclg9ApFfAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQU7MHcgoj4
Rakcn2zBh6mcmdkJjBwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUY5Rjg3LzcwMjdDMjlDMkEyMDExRUFBMTE1MkMyRUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGOUY4Ny83MDI3QzI5QzJBMjAxMUVBQTExNTJDMkVDNEY5QUUwMi83TUhjZ29q
NFJha2NuMnpCaDZtY21ka0pqQncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiJtMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAZ5KSMA8EAgAC
MAkDBwAgAQ3yY4AwDQYJKoZIhvcNAQELBQADggEBAGxDIBPoNjW8XvBlSPhlbcj7
1D1H5E2bWMYz2+5pUmmD30ONzIzIe/FJf7S3+H6Lu6TTxXmAdx2+5bHZgdfuyCSU
6Vm+vQ6BhCClsPVd1SGc1IOL+6pVHAW8FMGSgcg9SfYLe7FzUeYjAxN4KIecVUsL
oDFn5hZ3dt1rCE7vac0l4qiD6Ief9srZJgSMyWr/YmUvXwp1D5vTl7fIBlJiMLLl
QgPwfilgo0ftlRWqwTYOgtJV6fgv5YHdVmysFa4B7rEmt/QhsECllfSyVioD/n5c
Bh8aulObBjpRLLJSEFrPJtRw2kSPlyB1dn5GYe51mlI9so5PKaE3CUFJPXcC81k=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:59:19 2024 by rpki-client on console-ams.rpki-client.org