Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7bQ_87hP5VlboMvE9ruHNxPkG7I.cer
File:                     7bQ_87hP5VlboMvE9ruHNxPkG7I.cer (raw, json)
Hash identifier:          5kt6nPfqGVn+K7b2l6ylkIpvgbPk89nVrXIWSHawUO0=
Subject key identifier:   ED:B4:3F:F3:B8:4F:E5:59:5B:A0:CB:C4:F6:BB:87:37:13:E4:1B:B2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01BADF
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9167D85/71A6F7D46C6C11EBB9C79D4CC4F9AE02/7bQ_87hP5VlboMvE9ruHNxPkG7I.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9167D85/71A6F7D46C6C11EBB9C79D4CC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 01 Sep 2023 15:22:38 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 134353
                          IP: 103.129.44.0/22
                          IP: 2403:77c0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 113375 (0x1badf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Sep  1 15:22:38 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A9167D85/serialNumber=EDB43FF3B84FE5595BA0CBC4F6BB873713E41BB2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:d2:29:c8:7f:cc:07:f7:5f:df:87:12:e6:4d:
                    12:14:20:45:de:b7:61:2b:bf:54:a4:b5:90:78:86:
                    fb:40:67:07:dd:ef:10:c8:55:94:fc:d2:3f:68:b0:
                    4d:21:34:15:33:4c:6c:17:f7:a4:bc:f5:d3:06:f2:
                    76:ab:dd:71:c4:f1:68:1c:48:02:93:3c:79:b6:20:
                    66:3b:ab:46:2b:68:38:b6:99:7a:c3:1e:2a:11:fb:
                    bc:aa:b1:d1:51:b0:3b:27:c4:a1:4d:28:e6:42:75:
                    41:98:cd:92:e3:e4:2f:c9:1c:17:8f:1f:81:53:79:
                    e5:39:b5:c6:43:5f:60:91:71:ae:3b:d4:cd:c6:b0:
                    35:0e:59:f4:06:06:71:38:b8:59:e4:ec:ae:14:2c:
                    8e:e3:c8:49:a6:ed:28:d3:83:ed:32:b6:d6:30:4b:
                    61:d6:c9:3b:f1:9c:d9:04:ce:4b:ce:ad:e6:12:41:
                    82:b6:da:fb:11:2b:44:f4:dc:cc:6f:b6:bd:cc:40:
                    40:00:e7:1d:dc:4f:a8:8b:fb:4c:b4:52:25:f4:d7:
                    05:35:d3:d7:df:2c:57:90:44:72:aa:76:20:c9:93:
                    e4:24:0b:77:f9:32:21:7b:f2:76:d4:fa:06:97:b1:
                    0d:e0:02:55:50:f2:74:48:09:45:23:95:f0:fe:ae:
                    35:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:B4:3F:F3:B8:4F:E5:59:5B:A0:CB:C4:F6:BB:87:37:13:E4:1B:B2
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9167D85/71A6F7D46C6C11EBB9C79D4CC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9167D85/71A6F7D46C6C11EBB9C79D4CC4F9AE02/7bQ_87hP5VlboMvE9ruHNxPkG7I.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  134353

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.129.44.0/22
                IPv6:
                  2403:77c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         33:72:26:5d:cc:5c:2d:84:59:94:73:ad:6c:a8:c2:cd:34:22:
         b5:da:a4:9d:25:b8:35:28:ff:45:5a:53:cf:a5:d9:f9:4b:43:
         75:2a:61:0b:ed:b4:e2:b8:cf:44:ae:16:32:84:f7:17:7c:8a:
         8c:db:42:24:ed:84:e3:4f:c1:5d:98:2f:c4:86:6f:aa:77:d4:
         1e:09:03:a5:d4:7c:e2:a5:fd:0e:76:69:af:84:0a:dd:09:f4:
         36:ae:b5:0a:32:76:bc:b6:8a:f9:34:75:c6:fc:c0:a7:43:07:
         43:50:34:64:84:bb:05:45:ac:10:9e:1d:a0:c7:3b:0c:c7:54:
         6c:50:e0:e6:fa:eb:09:7c:4c:ef:21:ca:89:9e:88:42:76:5f:
         80:b2:5a:e3:22:c7:1d:7c:e6:52:44:56:4c:75:92:8c:69:a5:
         31:89:8d:54:49:cc:51:90:a1:50:c2:d2:c8:a9:10:7f:fd:e1:
         b6:f8:86:de:8d:36:59:37:c2:f9:fb:3a:e5:54:2f:4c:fb:97:
         64:63:6e:8b:7b:45:af:d2:ea:27:87:42:f7:0d:77:73:7e:56:
         b9:c2:dc:a0:72:80:4c:be:24:ea:d0:87:36:4e:23:b1:f5:85:
         88:45:0e:ad:15:e6:df:02:93:41:86:b5:01:68:36:d7:76:f7:
         f8:f7:53:18
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAbrfMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDkwMTE1MjIzOFoXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjdEODUxMTAvBgNVBAUTKEVEQjQzRkYzQjg0RkU1NTk1QkEwQ0JD
NEY2QkI4NzM3MTNFNDFCQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCs0inIf8wH91/fhxLmTRIUIEXet2Erv1SktZB4hvtAZwfd7xDIVZT80j9osE0h
NBUzTGwX96S89dMG8nar3XHE8WgcSAKTPHm2IGY7q0YraDi2mXrDHioR+7yqsdFR
sDsnxKFNKOZCdUGYzZLj5C/JHBePH4FTeeU5tcZDX2CRca471M3GsDUOWfQGBnE4
uFnk7K4ULI7jyEmm7SjTg+0yttYwS2HWyTvxnNkEzkvOreYSQYK22vsRK0T03Mxv
tr3MQEAA5x3cT6iL+0y0UiX01wU109ffLFeQRHKqdiDJk+QkC3f5MiF78nbU+gaX
sQ3gAlVQ8nRICUUjlfD+rjU3AgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQU7bQ/87hP
5VlboMvE9ruHNxPkG7IwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTY3RDg1LzcxQTZGN0Q0NkM2QzExRUJCOUM3OUQ0Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2N0Q4NS83MUE2RjdENDZDNkMxMUVCQjlDNzlENENDNEY5QUUwMi83YlFfODdo
UDVWbGJvTXZFOXJ1SE54UGtHN0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgzRMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ4EsMA0EAgAC
MAcDBQAkA3fAMA0GCSqGSIb3DQEBCwUAA4IBAQAzciZdzFwthFmUc61sqMLNNCK1
2qSdJbg1KP9FWlPPpdn5S0N1KmEL7bTiuM9ErhYyhPcXfIqM20Ik7YTjT8FdmC/E
hm+qd9QeCQOl1Hzipf0OdmmvhArdCfQ2rrUKMna8tor5NHXG/MCnQwdDUDRkhLsF
RawQnh2gxzsMx1RsUODm+usJfEzvIcqJnohCdl+AslrjIscdfOZSRFZMdZKMaaUx
iY1UScxRkKFQwtLIqRB//eG2+IbejTZZN8L5+zrlVC9M+5dkY26Le0Wv0uonh0L3
DXdzfla5wtygcoBMviTq0Ic2TiOx9YWIRQ6tFebfApNBhrUBaDbXdvf491MY
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:46:52 2024 by rpki-client on console-ams.rpki-client.org