Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8H-xPvkeIhGw_ryFWt2vMBsGcaQ.cer
File:                     8H-xPvkeIhGw_ryFWt2vMBsGcaQ.cer (raw, json)
Hash identifier:          v05fyOvNV77iZkjNcH6U3j44qq500tXPNENhdMjNBc8=
Subject key identifier:   F0:7F:B1:3E:F9:1E:22:11:B0:FE:BC:85:5A:DD:AF:30:1B:06:71:A4
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CCA2
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91D087E/B019F1CA04FC11EA8CAED415C4F9AE02/8H-xPvkeIhGw_ryFWt2vMBsGcaQ.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91D087E/B019F1CA04FC11EA8CAED415C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 24 Nov 2023 00:36:47 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 24516
                          IP: 43.247.124.0 -- 43.247.131.255
                          IP: 103.227.200.0/22
                          IP: 103.230.172.0/22
                          IP: 103.245.216.0/22
                          IP: 125.254.48.0/23
                          IP: 203.23.139.0/24
                          IP: 2402:fa80::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117922 (0x1cca2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov 24 00:36:47 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=A91D087E/serialNumber=F07FB13EF91E2211B0FEBC855ADDAF301B0671A4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:07:28:19:93:5d:50:f2:aa:9a:36:de:eb:15:
                    4c:a7:3f:cb:e1:c0:dc:5f:5c:65:06:e9:3a:10:3c:
                    c3:94:06:c4:db:f0:4f:07:1d:08:f4:c3:b0:30:0a:
                    5a:5f:28:98:97:7f:55:eb:b8:bf:79:be:77:28:6c:
                    51:1b:d0:94:53:55:6c:6b:92:f1:ff:b9:56:8c:23:
                    22:db:a9:d7:f1:b1:c1:99:d4:e6:99:13:fb:39:5b:
                    e3:dd:44:37:7d:8b:b1:f3:f8:da:e9:6e:5e:09:e6:
                    0f:fd:ce:f1:85:00:fe:23:59:b1:61:46:60:b7:97:
                    6d:bf:78:35:99:3e:33:63:38:e8:77:f1:93:26:bb:
                    18:97:da:a5:71:d2:b9:24:8a:ee:23:d7:10:89:10:
                    69:20:a5:d5:32:91:81:03:f9:d3:f1:69:22:69:15:
                    c8:d1:58:31:07:b3:06:ad:5a:c5:3c:17:d6:68:01:
                    2d:a7:4c:41:dd:fa:c8:6c:86:1d:62:4a:57:92:fe:
                    c6:aa:4c:7f:50:fd:3b:fc:e8:a9:a1:cb:aa:c2:24:
                    a0:05:a0:92:aa:df:12:8f:19:7b:84:39:fe:fa:c2:
                    18:4f:da:bd:c1:9d:af:9a:15:f1:03:bf:47:72:61:
                    74:c2:f4:79:59:42:aa:ce:1e:ab:49:58:f0:87:ff:
                    6c:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:7F:B1:3E:F9:1E:22:11:B0:FE:BC:85:5A:DD:AF:30:1B:06:71:A4
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91D087E/B019F1CA04FC11EA8CAED415C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91D087E/B019F1CA04FC11EA8CAED415C4F9AE02/8H-xPvkeIhGw_ryFWt2vMBsGcaQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  24516

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.247.124.0-43.247.131.255
                  103.227.200.0/22
                  103.230.172.0/22
                  103.245.216.0/22
                  125.254.48.0/23
                  203.23.139.0/24
                IPv6:
                  2402:fa80::/32

    Signature Algorithm: sha256WithRSAEncryption
         5f:58:4e:ea:3b:9d:dc:d6:da:93:a0:f2:03:e2:54:2e:a0:58:
         ca:26:ec:01:29:0d:96:99:21:c8:1a:b3:4f:43:0b:0d:54:14:
         11:27:cb:5b:28:e3:3b:16:d0:aa:94:f9:c9:5a:8c:7d:9a:ec:
         c5:6e:9c:43:e9:ef:86:bf:4f:30:8a:32:0f:9a:1c:1e:fb:6c:
         52:75:29:2d:06:46:0f:98:6e:7c:a6:71:d6:cf:aa:de:e3:6d:
         79:0f:4f:7e:e9:03:18:54:e3:19:9e:83:54:4f:ce:3f:f7:b6:
         f7:4a:c2:e8:93:93:1a:ba:66:b1:81:84:6f:4e:36:f8:f0:87:
         7d:86:f3:8f:ae:d2:71:5c:46:9e:ec:74:3d:c7:3d:a6:4e:27:
         55:49:3a:93:fb:b0:77:3c:3a:d3:19:64:11:6e:38:ff:c2:c4:
         60:26:7b:62:aa:d8:94:c1:c6:ef:f4:a6:2a:7d:1d:52:d4:c7:
         39:10:8e:c7:11:44:cd:08:9f:91:37:c9:92:43:ea:c1:4b:23:
         20:9a:61:4c:fc:10:83:d4:e2:c5:da:d9:2b:e3:8a:85:9a:2e:
         41:f8:9f:ba:c3:38:4e:81:7d:7d:74:c3:c8:98:a9:7d:f2:bd:
         12:ff:db:ec:7c:d0:d2:d6:79:e3:90:04:60:90:c1:33:2f:22:
         a9:cb:01:46
-----BEGIN CERTIFICATE-----
MIIGTjCCBTagAwIBAgIDAcyiMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEyNDAwMzY0N1oXDTI0MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRDA4N0UxMTAvBgNVBAUTKEYwN0ZCMTNFRjkxRTIyMTFCMEZFQkM4
NTVBRERBRjMwMUIwNjcxQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCzBygZk11Q8qqaNt7rFUynP8vhwNxfXGUG6ToQPMOUBsTb8E8HHQj0w7AwClpf
KJiXf1XruL95vncobFEb0JRTVWxrkvH/uVaMIyLbqdfxscGZ1OaZE/s5W+PdRDd9
i7Hz+Nrpbl4J5g/9zvGFAP4jWbFhRmC3l22/eDWZPjNjOOh38ZMmuxiX2qVx0rkk
iu4j1xCJEGkgpdUykYED+dPxaSJpFcjRWDEHswatWsU8F9ZoAS2nTEHd+shshh1i
SleS/saqTH9Q/Tv86Kmhy6rCJKAFoJKq3xKPGXuEOf76whhP2r3Bna+aFfEDv0dy
YXTC9HlZQqrOHqtJWPCH/2wXAgMBAAGjggNDMIIDPzAdBgNVHQ4EFgQU8H+xPvke
IhGw/ryFWt2vMBsGcaQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUQwODdFL0IwMTlGMUNBMDRGQzExRUE4Q0FFRDQxNUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFEMDg3RS9CMDE5RjFDQTA0RkMxMUVBOENBRUQ0MTVDNEY5QUUwMi84SC14UHZr
ZUloR3dfcnlGV3Qydk1Cc0djYVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICX8QwVAYIKwYBBQUHAQcBAf8ERTBDMDIEAgABMCwwDAMEAiv3fAMEAiv3
gAMEAmfjyAMEAmfmrAMEAmf12AMEAX3+MAMEAMsXizANBAIAAjAHAwUAJAL6gDAN
BgkqhkiG9w0BAQsFAAOCAQEAX1hO6jud3Nbak6DyA+JULqBYyibsASkNlpkhyBqz
T0MLDVQUESfLWyjjOxbQqpT5yVqMfZrsxW6cQ+nvhr9PMIoyD5ocHvtsUnUpLQZG
D5hufKZx1s+q3uNteQ9PfukDGFTjGZ6DVE/OP/e290rC6JOTGrpmsYGEb042+PCH
fYbzj67ScVxGnux0Pcc9pk4nVUk6k/uwdzw60xlkEW44/8LEYCZ7YqrYlMHG7/Sm
Kn0dUtTHORCOxxFEzQifkTfJkkPqwUsjIJphTPwQg9TixdrZK+OKhZouQfifusM4
ToF9fXTDyJipffK9Ev/b7HzQ0tZ545AEYJDBMy8iqcsBRg==
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:03 2024 by rpki-client on console-fra.rpki-client.org