Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8VAZIKVfOnwnEDkUn_oop8HMOPE.cer
File:                     8VAZIKVfOnwnEDkUn_oop8HMOPE.cer (raw, json)
Hash identifier:          X4MUjCy1uYRDP2IwMoth7giLkAGsKQ3fR0YqJ1z3OVU=
Subject key identifier:   F1:50:19:20:A5:5F:3A:7C:27:10:39:14:9F:FA:28:A7:C1:CC:38:F1
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CA15
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 09 Nov 2023 19:57:44 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    AS: 139726
                          IP: 103.144.52.0/23
                          IP: 2405:66c0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 13:06:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117269 (0x1ca15)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov  9 19:57:44 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A91B49C0/serialNumber=F1501920A55F3A7C271039149FFA28A7C1CC38F1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:77:ef:ed:bb:0b:01:7f:f8:87:cb:08:6d:5c:
                    d8:0f:6a:cd:bd:9d:ca:5a:bb:a7:19:1a:f2:ad:78:
                    77:07:3c:0f:ed:ce:ec:97:79:31:00:57:9b:50:33:
                    55:4d:e1:b1:49:a6:0d:a8:ee:d4:99:9e:7b:45:47:
                    cd:37:0e:c0:ec:46:b6:9c:ad:dd:92:67:47:1a:f4:
                    13:e6:87:7c:c9:3e:47:0a:e7:ad:b3:d7:99:c6:ec:
                    39:48:be:07:a1:94:ec:8f:2b:b9:68:93:fb:be:fa:
                    1e:20:6d:c6:57:b5:b6:84:1c:5a:e6:32:05:13:e4:
                    87:00:28:b1:6e:3d:6f:a7:a6:d0:23:18:9d:8f:c0:
                    8b:99:4a:48:08:77:61:ce:bf:7f:b8:6b:42:d8:8b:
                    52:fd:a1:e6:bb:4f:f6:19:4b:d9:8a:49:cb:65:02:
                    ad:eb:66:a9:df:9f:96:46:74:3e:a2:6e:3d:f3:19:
                    0c:0b:ca:2f:2d:4e:d5:61:b2:35:cf:e0:40:7e:a2:
                    b7:e9:35:ef:e3:2e:6d:bf:fa:1a:58:b6:09:84:60:
                    6b:5e:00:60:51:34:58:60:5f:1a:6c:b2:2e:ca:f1:
                    4d:4a:88:cf:ef:d3:96:4b:fa:86:18:88:7a:fa:d0:
                    c3:3d:a6:69:bd:79:28:d4:26:09:46:ea:7c:58:2c:
                    7f:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:50:19:20:A5:5F:3A:7C:27:10:39:14:9F:FA:28:A7:C1:CC:38:F1
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  139726

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.144.52.0/23
                IPv6:
                  2405:66c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         a9:d9:86:6a:b4:5f:c6:f1:48:de:15:d7:9d:db:0d:c6:9c:5b:
         d3:85:42:30:65:de:1d:72:8a:87:6e:21:75:21:a6:82:d2:16:
         4b:5a:f0:d3:45:df:54:57:51:a1:07:0a:df:10:69:74:c9:bc:
         c0:de:41:8e:db:ee:f5:8b:29:00:b0:74:94:b0:52:6a:48:29:
         a3:f5:97:1f:64:15:dc:cb:c6:b4:ad:b1:a8:25:04:c1:9a:75:
         99:3e:63:f2:3f:0d:93:d3:f1:8f:b3:14:5d:db:ea:d0:8a:e9:
         74:9a:e2:25:e0:48:c7:6e:0c:ef:46:cd:14:de:bf:79:c6:d2:
         e3:9d:76:d1:0c:0d:78:2d:d0:67:ea:c8:59:47:e2:9f:84:69:
         38:60:b0:79:ce:fd:9a:2c:23:69:9b:18:ed:a0:83:76:c9:77:
         54:ff:89:f6:42:bc:1b:e8:1a:ec:a9:31:39:ca:33:b5:f6:ac:
         af:05:12:fc:41:9c:5b:dd:74:2e:d6:76:b2:d3:a6:ac:7b:1a:
         b1:87:34:b2:80:bf:c1:37:40:75:27:84:64:76:f2:0f:52:cc:
         d3:33:e2:17:15:13:06:01:34:c2:33:ab:b4:53:b1:ba:9a:40:
         e5:48:41:56:9c:59:85:af:49:81:c4:b6:63:0e:00:d7:1e:bc:
         9f:a8:b0:04
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAcoVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEwOTE5NTc0NFoXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjQ5QzAxMTAvBgNVBAUTKEYxNTAxOTIwQTU1RjNBN0MyNzEwMzkx
NDlGRkEyOEE3QzFDQzM4RjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCwd+/tuwsBf/iHywhtXNgPas29ncpau6cZGvKteHcHPA/tzuyXeTEAV5tQM1VN
4bFJpg2o7tSZnntFR803DsDsRracrd2SZ0ca9BPmh3zJPkcK562z15nG7DlIvgeh
lOyPK7lok/u++h4gbcZXtbaEHFrmMgUT5IcAKLFuPW+nptAjGJ2PwIuZSkgId2HO
v3+4a0LYi1L9oea7T/YZS9mKSctlAq3rZqnfn5ZGdD6ibj3zGQwLyi8tTtVhsjXP
4EB+orfpNe/jLm2/+hpYtgmEYGteAGBRNFhgXxpssi7K8U1KiM/v05ZL+oYYiHr6
0MM9pmm9eSjUJglG6nxYLH9vAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQU8VAZIKVf
OnwnEDkUn/oop8HMOPEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUI0OUMwLzZDQjM4MzU4QjM0NDExRUNBQkNFMkE2MkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCNDlDMC82Q0IzODM1OEIzNDQxMUVDQUJDRTJBNjJDNEY5QUUwMi84VkFaSUtW
Zk9ud25FRGtVbl9vb3A4SE1PUEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiHOMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ5A0MA0EAgAC
MAcDBQAkBWbAMA0GCSqGSIb3DQEBCwUAA4IBAQCp2YZqtF/G8UjeFded2w3GnFvT
hUIwZd4dcoqHbiF1IaaC0hZLWvDTRd9UV1GhBwrfEGl0ybzA3kGO2+71iykAsHSU
sFJqSCmj9ZcfZBXcy8a0rbGoJQTBmnWZPmPyPw2T0/GPsxRd2+rQiul0muIl4EjH
bgzvRs0U3r95xtLjnXbRDA14LdBn6shZR+KfhGk4YLB5zv2aLCNpmxjtoIN2yXdU
/4n2Qrwb6BrsqTE5yjO19qyvBRL8QZxb3XQu1nay06asexqxhzSygL/BN0B1J4Rk
dvIPUszTM+IXFRMGATTCM6u0U7G6mkDlSEFWnFmFr0mBxLZjDgDXHryfqLAE
-----END CERTIFICATE-----
Generated at Thu Mar 28 14:07:36 2024 by rpki-client on console-fra.rpki-client.org