Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7NpzBwy2x3kNxguGn7sEMdln3k4.cer
File:                     7NpzBwy2x3kNxguGn7sEMdln3k4.cer (raw, json)
Hash identifier:          leidVH3LICruXNwz/kKokhqYc87PdzBeIJnNO6RAcHk=
Subject key identifier:   EC:DA:73:07:0C:B6:C7:79:0D:C6:0B:86:9F:BB:04:31:D9:67:DE:4E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01DCD9
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91A5C43/89E36E6A4B2C11EB911BAD70C4F9AE02/7NpzBwy2x3kNxguGn7sEMdln3k4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91A5C43/89E36E6A4B2C11EB911BAD70C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 02 Feb 2024 01:26:23 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 134507
                          IP: 103.231.204.0/22

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122073 (0x1dcd9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb  2 01:26:23 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A91A5C43/serialNumber=ECDA73070CB6C7790DC60B869FBB0431D967DE4E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:03:7e:97:6f:d8:8e:ed:39:04:75:fb:f9:62:
                    96:11:1d:6c:fe:0f:d3:f5:f0:47:22:3a:5d:27:29:
                    df:86:10:f8:57:1b:5f:6c:1d:ea:1e:4a:1c:07:72:
                    e8:05:95:0f:09:76:26:2c:00:27:e8:f9:90:e4:6a:
                    77:c0:39:87:5b:6b:02:71:8c:7c:45:e7:3f:19:8a:
                    16:60:16:22:fc:b4:65:d9:80:16:72:54:56:3d:fe:
                    7a:0b:3e:82:9a:ec:b1:34:ed:af:22:9e:76:43:24:
                    3d:e4:2d:3a:d4:a4:1e:53:94:82:82:68:64:a6:4d:
                    38:44:c9:d7:14:d0:31:05:9e:19:cd:d3:2a:b1:55:
                    ec:50:91:89:e3:53:4f:d6:4e:c2:8a:29:5f:d3:08:
                    e9:2d:52:c8:48:11:ea:c0:fe:7b:87:f8:ff:db:98:
                    f7:4c:7d:4e:48:f7:b1:5f:20:40:60:77:7b:fd:15:
                    ca:07:26:c8:56:e4:df:26:b4:6f:02:9b:c7:ef:98:
                    f6:a7:1f:bd:f8:8e:22:0d:c9:c1:87:57:3f:a8:39:
                    c0:15:05:75:f2:38:99:ef:db:25:fc:bf:0f:86:94:
                    88:5f:a5:b9:38:2a:25:61:c6:ea:b9:e5:a4:6a:eb:
                    c5:23:27:a4:7e:fa:a6:fd:36:02:e2:1d:45:06:e5:
                    d6:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:DA:73:07:0C:B6:C7:79:0D:C6:0B:86:9F:BB:04:31:D9:67:DE:4E
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A5C43/89E36E6A4B2C11EB911BAD70C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A5C43/89E36E6A4B2C11EB911BAD70C4F9AE02/7NpzBwy2x3kNxguGn7sEMdln3k4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  134507

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.231.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         63:06:87:7d:fd:aa:07:04:48:b8:73:86:19:ae:64:51:56:a2:
         fd:62:0f:56:61:38:70:8e:f8:ef:3c:2a:22:f7:5c:c7:80:9b:
         cd:c7:10:ee:ce:d3:7e:d3:f0:a2:39:4e:92:e7:1c:44:14:19:
         bc:90:c3:47:b5:45:06:9f:9e:ab:73:0f:e6:5d:2f:c8:82:aa:
         cc:ac:9a:25:ce:fa:39:e3:e4:91:36:49:24:02:20:42:7b:8f:
         5f:40:9c:ab:32:b9:43:13:65:0a:1a:8c:5f:99:f6:51:be:d2:
         65:3a:2f:c5:5f:4a:f1:be:37:11:c0:85:f7:f9:c2:bd:b8:ed:
         1e:17:00:27:36:c4:3b:c5:54:3e:71:98:85:97:54:fe:44:32:
         4f:ae:41:16:5c:7a:e7:19:df:c3:25:57:3b:bf:54:8e:d5:59:
         01:f4:9b:ee:61:a3:9f:7a:63:d4:b7:59:66:09:ab:0f:bc:3d:
         d8:40:ce:b8:a0:ab:19:a8:34:c5:ed:cd:a6:8d:44:87:98:67:
         1e:9e:c7:5a:fd:f3:de:f6:c0:75:4c:a1:64:b4:59:97:27:f0:
         3e:a8:4f:e7:8c:52:89:8f:f6:60:d6:f3:7c:56:38:45:2f:2f:
         91:8c:d5:0e:bb:86:0a:9c:db:30:95:64:17:3a:50:1d:8f:a3:
         eb:f0:44:dd
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAdzZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIwMjAxMjYyM1oXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTVDNDMxMTAvBgNVBAUTKEVDREE3MzA3MENCNkM3NzkwREM2MEI4
NjlGQkIwNDMxRDk2N0RFNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDA36Xb9iO7TkEdfv5YpYRHWz+D9P18EciOl0nKd+GEPhXG19sHeoeShwHcugF
lQ8JdiYsACfo+ZDkanfAOYdbawJxjHxF5z8ZihZgFiL8tGXZgBZyVFY9/noLPoKa
7LE07a8innZDJD3kLTrUpB5TlIKCaGSmTThEydcU0DEFnhnN0yqxVexQkYnjU0/W
TsKKKV/TCOktUshIEerA/nuH+P/bmPdMfU5I97FfIEBgd3v9FcoHJshW5N8mtG8C
m8fvmPanH734jiINycGHVz+oOcAVBXXyOJnv2yX8vw+GlIhfpbk4KiVhxuq55aRq
68UjJ6R++qb9NgLiHUUG5dZ7AgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQU7NpzBwy2
x3kNxguGn7sEMdln3k4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE1QzQzLzg5RTM2RTZBNEIyQzExRUI5MTFCQUQ3MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBNUM0My84OUUzNkU2QTRCMkMxMUVCOTExQkFENzBDNEY5QUUwMi83TnB6Qnd5
Mngza054Z3VHbjdzRU1kbG4zazQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg1rMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ+fMMA0GCSqG
SIb3DQEBCwUAA4IBAQBjBod9/aoHBEi4c4YZrmRRVqL9Yg9WYThwjvjvPCoi91zH
gJvNxxDuztN+0/CiOU6S5xxEFBm8kMNHtUUGn56rcw/mXS/IgqrMrJolzvo54+SR
NkkkAiBCe49fQJyrMrlDE2UKGoxfmfZRvtJlOi/FX0rxvjcRwIX3+cK9uO0eFwAn
NsQ7xVQ+cZiFl1T+RDJPrkEWXHrnGd/DJVc7v1SO1VkB9JvuYaOfemPUt1lmCasP
vD3YQM64oKsZqDTF7c2mjUSHmGcensda/fPe9sB1TKFktFmXJ/A+qE/njFKJj/Zg
1vN8VjhFLy+RjNUOu4YKnNswlWQXOlAdj6Pr8ETd
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:03 2024 by rpki-client on console-fra.rpki-client.org