Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7zCiQUbfZrH6b7pdZ2dp62Szh6o.cer
File:                     7zCiQUbfZrH6b7pdZ2dp62Szh6o.cer (raw, json)
Hash identifier:          zH2FHahB3fEk2V9m22cRW0EGgrSAxN8p45BXAkFMxKE=
Subject key identifier:   EF:30:A2:41:46:DF:66:B1:FA:6F:BA:5D:67:67:69:EB:64:B3:87:AA
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D96F
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91D63AF/E14D1AB4B6A611EEA04A8B23C4F9AE02/7zCiQUbfZrH6b7pdZ2dp62Szh6o.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91D63AF/E14D1AB4B6A611EEA04A8B23C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 19 Jan 2024 10:42:35 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    AS: 152339
                          IP: 2001:df3:6240::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121199 (0x1d96f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan 19 10:42:35 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A91D63AF/serialNumber=EF30A24146DF66B1FA6FBA5D676769EB64B387AA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:f9:77:6f:12:bb:8a:fc:16:dd:ab:e2:57:73:
                    55:e0:9e:a9:8a:b1:4f:8a:51:2c:8c:1f:8f:38:fd:
                    b9:72:10:79:04:72:c0:15:17:e7:3c:28:fe:8d:31:
                    86:0d:08:85:d8:ff:4c:2d:06:09:e7:d1:5d:69:6d:
                    c3:3b:32:28:33:6a:1a:5c:9d:3a:ff:24:e5:70:89:
                    c2:82:54:14:0f:49:f1:d6:0b:18:fa:36:d8:fe:c0:
                    b7:55:af:5f:3d:a9:9b:56:f7:4a:d3:c8:ae:97:fa:
                    3d:b1:60:91:ad:71:e6:07:e3:83:97:4a:b7:df:e4:
                    2d:ce:4f:65:e0:15:86:80:9f:cf:7f:dd:15:08:ef:
                    b7:84:3f:7c:b1:61:3d:ca:80:23:53:61:4d:19:02:
                    c7:4a:6e:1f:f0:e7:90:e4:82:d2:de:cf:61:e9:0b:
                    54:6d:50:3d:ac:45:e2:49:da:18:bd:64:9f:02:8b:
                    71:3e:da:cf:82:cb:70:7f:b4:1c:f0:df:b4:36:38:
                    e4:8b:ff:57:b9:64:95:cb:98:9d:a0:33:b2:75:89:
                    a8:a1:e0:dc:62:8e:50:3b:c9:4f:26:c8:3a:54:42:
                    ee:19:eb:61:86:ce:44:09:2f:f2:fd:c9:88:a9:57:
                    9f:58:84:b8:c2:e5:05:5f:7c:e9:47:ed:38:ef:d0:
                    90:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:30:A2:41:46:DF:66:B1:FA:6F:BA:5D:67:67:69:EB:64:B3:87:AA
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D63AF/E14D1AB4B6A611EEA04A8B23C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D63AF/E14D1AB4B6A611EEA04A8B23C4F9AE02/7zCiQUbfZrH6b7pdZ2dp62Szh6o.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  152339

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df3:6240::/48

    Signature Algorithm: sha256WithRSAEncryption
         b1:e8:24:5a:f0:d8:65:7b:d0:f5:7b:4f:91:63:b7:d3:fa:ad:
         8b:e8:73:a4:41:5b:0f:e9:c1:d4:b2:b5:77:62:2f:d4:17:b8:
         ce:fe:f5:51:9e:6d:db:ea:82:7e:65:0f:5a:dd:3e:25:f8:7e:
         8a:5c:25:da:05:a8:0f:6f:e2:81:65:6f:99:e1:ac:d8:a9:94:
         ff:cd:bb:73:76:24:38:33:a7:d9:f0:ee:19:c2:6e:b8:34:49:
         46:7e:00:25:a8:ae:57:0f:22:83:c9:c9:be:7f:a2:20:d2:73:
         7d:83:2e:62:2c:17:8b:1f:7f:f5:73:df:d3:f9:6e:b2:43:42:
         ee:1d:8c:c8:0a:ab:e8:20:00:86:3d:11:c0:5f:31:65:bf:e6:
         2f:e7:2e:fe:be:3e:59:d1:91:57:9d:df:fb:c5:43:0e:d1:8f:
         0a:10:1d:ef:aa:0a:a9:df:c3:e4:11:b3:51:a3:f4:9f:42:4d:
         24:2a:1e:96:b5:3e:49:1e:4c:cb:6d:f0:f6:88:bb:3a:68:da:
         39:e0:e0:b2:ad:60:d8:92:29:ad:5e:36:44:4d:e0:ff:84:25:
         6c:16:fc:a5:f1:f4:1b:67:57:dd:3e:a9:31:22:ef:9d:49:31:
         93:52:dc:6b:a8:40:97:a3:6f:72:4d:13:2c:70:5a:d6:e7:fa:
         2a:bf:6c:7a
-----BEGIN CERTIFICATE-----
MIIGHTCCBQWgAwIBAgIDAdlvMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDExOTEwNDIzNVoXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDYzQUYxMTAvBgNVBAUTKEVGMzBBMjQxNDZERjY2QjFGQTZGQkE1
RDY3Njc2OUVCNjRCMzg3QUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDB+XdvEruK/Bbdq+JXc1XgnqmKsU+KUSyMH484/blyEHkEcsAVF+c8KP6NMYYN
CIXY/0wtBgnn0V1pbcM7MigzahpcnTr/JOVwicKCVBQPSfHWCxj6Ntj+wLdVr189
qZtW90rTyK6X+j2xYJGtceYH44OXSrff5C3OT2XgFYaAn89/3RUI77eEP3yxYT3K
gCNTYU0ZAsdKbh/w55DkgtLez2HpC1RtUD2sReJJ2hi9ZJ8Ci3E+2s+Cy3B/tBzw
37Q2OOSL/1e5ZJXLmJ2gM7J1iaih4NxijlA7yU8myDpUQu4Z62GGzkQJL/L9yYip
V59YhLjC5QVffOlH7Tjv0JCJAgMBAAGjggMSMIIDDjAdBgNVHQ4EFgQU7zCiQUbf
ZrH6b7pdZ2dp62Szh6owHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQ2M0FGL0UxNEQxQUI0QjZBNjExRUVBMDRBOEIyM0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFENjNBRi9FMTREMUFCNEI2QTYxMUVFQTA0QThCMjNDNEY5QUUwMi83ekNpUVVi
ZlpySDZiN3BkWjJkcDYyU3poNm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlMTMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN82JAMA0G
CSqGSIb3DQEBCwUAA4IBAQCx6CRa8Nhle9D1e0+RY7fT+q2L6HOkQVsP6cHUsrV3
Yi/UF7jO/vVRnm3b6oJ+ZQ9a3T4l+H6KXCXaBagPb+KBZW+Z4azYqZT/zbtzdiQ4
M6fZ8O4Zwm64NElGfgAlqK5XDyKDycm+f6Ig0nN9gy5iLBeLH3/1c9/T+W6yQ0Lu
HYzICqvoIACGPRHAXzFlv+Yv5y7+vj5Z0ZFXnd/7xUMO0Y8KEB3vqgqp38PkEbNR
o/SfQk0kKh6WtT5JHkzLbfD2iLs6aNo54OCyrWDYkimtXjZETeD/hCVsFvyl8fQb
Z1fdPqkxIu+dSTGTUtxrqECXo29yTRMscFrW5/oqv2x6
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:24:25 2024 by rpki-client on console-fra.rpki-client.org