Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7drOQHH9qFhc8SNEuCUSze8H860.cer
File:                     7drOQHH9qFhc8SNEuCUSze8H860.cer (raw, json)
Hash identifier:          3vFZQrDP66eqREKBh96tXP9WiFD/8OjpFO/d34+o63o=
Subject key identifier:   ED:DA:CE:40:71:FD:A8:58:5C:F1:23:44:B8:25:12:CD:EF:07:F3:AD
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       019F78
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91D9335/E626E5D01D8B11E2AEFDDAE608B02CD2/7drOQHH9qFhc8SNEuCUSze8H860.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91D9335/E626E5D01D8B11E2AEFDDAE608B02CD2/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 28 Apr 2023 14:43:46 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    IP: 27.121.92.0/22
                          IP: 202.176.8.0/22
                          IP: 203.81.12.0/22
                          IP: 2406:fe00::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 12:49:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 106360 (0x19f78)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Apr 28 14:43:46 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=A91D9335/serialNumber=EDDACE4071FDA8585CF12344B82512CDEF07F3AD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:91:66:66:a9:87:a2:e0:ba:1f:31:84:16:16:
                    44:2f:76:3d:00:8f:59:74:08:e0:10:25:3a:01:4f:
                    81:5d:e9:d0:5b:df:8a:68:bf:66:71:96:a0:84:51:
                    84:21:55:50:4f:12:a1:54:58:96:7a:b6:f3:83:4e:
                    0c:fd:19:a5:f0:a3:ff:2c:00:79:79:a5:5f:84:57:
                    9a:42:18:c1:64:a7:1a:34:64:5a:71:b1:f4:26:49:
                    fa:94:3d:91:5a:2d:ad:32:d0:2b:58:a6:ce:7d:5a:
                    0d:5c:33:4f:7e:93:8e:aa:d2:59:02:b0:4e:1c:f1:
                    c5:9d:60:8d:07:6b:02:fd:dc:62:cc:c5:6a:6f:1c:
                    97:87:57:77:8e:1e:14:33:e2:94:5c:3c:ea:3c:68:
                    57:dd:6f:0e:09:78:72:02:6e:5c:43:0e:eb:8f:6d:
                    94:b7:f8:21:84:ec:d9:8f:ea:e0:0b:41:4f:56:d9:
                    2d:1f:a4:28:ee:58:35:87:b9:cb:8f:04:6b:dd:53:
                    1e:41:d4:ee:69:69:f3:bf:a5:62:b2:50:5c:28:ae:
                    3f:2c:dd:49:30:49:a5:ac:93:45:01:fd:d1:cc:21:
                    dc:ad:3e:03:ed:6b:13:af:21:bb:37:0b:f7:01:a2:
                    ab:b1:eb:89:ae:9b:e7:98:82:54:82:be:69:89:f1:
                    20:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:DA:CE:40:71:FD:A8:58:5C:F1:23:44:B8:25:12:CD:EF:07:F3:AD
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D9335/E626E5D01D8B11E2AEFDDAE608B02CD2/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D9335/E626E5D01D8B11E2AEFDDAE608B02CD2/7drOQHH9qFhc8SNEuCUSze8H860.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.121.92.0/22
                  202.176.8.0/22
                  203.81.12.0/22
                IPv6:
                  2406:fe00::/32

    Signature Algorithm: sha256WithRSAEncryption
         93:50:e0:8c:88:1c:c9:3e:59:26:98:b1:7a:90:9b:6c:a8:40:
         37:d6:d6:f4:68:f3:10:da:82:f0:9c:76:25:52:19:f1:81:19:
         99:5e:4f:50:59:5f:0b:42:bc:f2:b6:bb:a3:13:39:69:97:eb:
         06:9f:1c:b9:db:d7:50:6a:9b:04:93:28:82:4a:d1:1e:ea:c8:
         d9:d1:8c:c4:36:3f:ea:b8:99:ce:77:b0:92:81:e5:7c:8e:b4:
         ef:17:03:5f:34:02:15:0f:67:81:fc:82:ad:b1:1d:40:55:ef:
         3e:0a:24:c3:ea:c7:41:ee:83:fc:5f:44:85:91:d5:72:41:fe:
         1c:18:5f:73:b2:53:90:41:7c:3e:83:85:aa:36:b2:8c:c6:29:
         14:99:e5:a6:41:d7:ef:d5:0b:c0:fa:6e:24:1a:49:cc:18:2f:
         2e:60:34:07:38:ce:dc:c0:2f:da:d8:c7:b0:c5:98:5d:f6:df:
         7d:51:b0:00:3a:95:40:03:2d:28:1a:f5:26:30:cc:05:92:9e:
         a5:85:35:21:0b:86:26:9e:6d:5a:09:a4:cb:9c:08:76:8e:d5:
         f0:60:d2:f6:ac:82:8b:bd:bf:b2:1a:91:38:42:50:97:84:dc:
         b3:91:03:2a:27:df:a7:2c:49:58:9b:f8:df:f5:67:90:b7:a5:
         05:e7:0b:ed
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgIDAZ94MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDQyODE0NDM0NloXDTI0MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDkzMzUxMTAvBgNVBAUTKEVEREFDRTQwNzFGREE4NTg1Q0YxMjM0
NEI4MjUxMkNERUYwN0YzQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC0kWZmqYei4LofMYQWFkQvdj0Aj1l0COAQJToBT4Fd6dBb34pov2ZxlqCEUYQh
VVBPEqFUWJZ6tvODTgz9GaXwo/8sAHl5pV+EV5pCGMFkpxo0ZFpxsfQmSfqUPZFa
La0y0CtYps59Wg1cM09+k46q0lkCsE4c8cWdYI0HawL93GLMxWpvHJeHV3eOHhQz
4pRcPOo8aFfdbw4JeHICblxDDuuPbZS3+CGE7NmP6uALQU9W2S0fpCjuWDWHucuP
BGvdUx5B1O5pafO/pWKyUFworj8s3UkwSaWsk0UB/dHMIdytPgPtaxOvIbs3C/cB
oqux64mum+eYglSCvmmJ8SBnAgMBAAGjggMOMIIDCjAdBgNVHQ4EFgQU7drOQHH9
qFhc8SNEuCUSze8H860wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ5MzM1L0U2MjZFNUQwMUQ4QjExRTJBRUZEREFFNjA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEOTMzNS9FNjI2RTVEMDFEOEIxMUUyQUVGRERBRTYwOEIwMkNEMi83ZHJPUUhI
OXFGaGM4U05FdUNVU3plOEg4NjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8EKzAp
MBgEAgABMBIDBAIbeVwDBALKsAgDBALLUQwwDQQCAAIwBwMFACQG/gAwDQYJKoZI
hvcNAQELBQADggEBAJNQ4IyIHMk+WSaYsXqQm2yoQDfW1vRo8xDagvCcdiVSGfGB
GZleT1BZXwtCvPK2u6MTOWmX6wafHLnb11BqmwSTKIJK0R7qyNnRjMQ2P+q4mc53
sJKB5XyOtO8XA180AhUPZ4H8gq2xHUBV7z4KJMPqx0Hug/xfRIWR1XJB/hwYX3Oy
U5BBfD6Dhao2sozGKRSZ5aZB1+/VC8D6biQaScwYLy5gNAc4ztzAL9rYx7DFmF32
331RsAA6lUADLSga9SYwzAWSnqWFNSELhiaebVoJpMucCHaO1fBg0vasgou9v7Ia
kThCUJeE3LORAyon36csSVib+N/1Z5C3pQXnC+0=
-----END CERTIFICATE-----
Generated at Fri Mar 29 13:44:51 2024 by rpki-client on console-ams.rpki-client.org