Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TkpGRnN4USwNO8oiwpjR4PoLH8.cer
File:                     9TkpGRnN4USwNO8oiwpjR4PoLH8.cer (raw, json)
Hash identifier:          fRS2n4D1NONUfZm996zxvhXM7F6rN4o31hE+i4pDFOU=
Subject key identifier:   F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E6CF
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/9TkpGRnN4USwNO8oiwpjR4PoLH8.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 27 Mar 2024 15:24:09 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    AS: 136272
                          IP: 116.204.140.0/22
                          IP: 2400:c7c0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 18:03:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124623 (0x1e6cf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar 27 15:24:09 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A916C61B/serialNumber=F539291919CDE144B034EF288B0A634783E82C7F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:fa:5e:e1:e0:8d:b2:21:4c:7a:53:76:11:fb:
                    13:3c:b5:e5:4c:8b:c7:1b:0b:03:e2:28:f8:be:36:
                    dc:bb:7d:bd:1f:1e:d9:af:58:ca:c3:c6:25:82:a4:
                    cd:f6:98:a7:6e:2c:19:da:bd:c4:96:5f:ac:d7:51:
                    98:c3:05:2c:97:68:a4:41:a0:e6:bd:b1:9e:c6:77:
                    87:da:4b:25:a9:73:38:5c:88:60:0a:c2:98:a6:76:
                    c0:56:4b:9f:40:26:1e:ad:b8:f2:6f:1f:2b:c4:a4:
                    ba:3e:84:17:a7:b2:6b:02:b5:3f:28:46:cd:20:6b:
                    b0:fd:56:ef:3b:42:36:c3:f6:6b:e6:a4:dd:33:52:
                    00:e6:e9:20:ff:41:7f:90:e0:e3:08:a5:0f:67:9e:
                    fb:06:b6:70:96:4b:c0:5b:f6:33:41:ac:c4:49:9c:
                    ec:b1:05:b9:ac:45:c6:9d:44:f4:9d:92:6b:88:7c:
                    16:8f:63:d2:4f:9f:ad:7f:94:2e:11:8c:c7:2d:48:
                    9a:dc:5e:92:24:0b:29:64:56:f5:b4:ec:cf:3b:4b:
                    52:24:52:d0:b0:00:82:bc:bf:e9:02:d6:83:3b:aa:
                    09:fa:0a:f1:e8:33:6c:a9:93:34:6a:04:a6:a8:ef:
                    ab:31:fc:cb:32:5b:08:e6:1f:e9:ea:7f:46:c8:f5:
                    f4:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/9TkpGRnN4USwNO8oiwpjR4PoLH8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  136272

            sbgp-ipAddrBlock: critical
                IPv4:
                  116.204.140.0/22
                IPv6:
                  2400:c7c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         68:f8:03:6b:dd:ee:0d:ec:76:05:72:b4:dd:03:43:6c:95:25:
         f8:fe:9a:3b:f6:5e:f3:23:1d:a5:75:8a:59:6e:1c:1b:63:71:
         b6:6c:a0:d8:b4:d1:f1:00:44:b4:78:57:02:f9:d8:08:73:fb:
         a4:68:ca:56:9b:86:7a:ef:05:8b:7c:08:55:f5:90:99:8c:a5:
         b0:b7:bc:42:45:e5:53:73:04:c1:22:b0:cf:8b:b4:cc:d1:c0:
         50:42:a1:14:a9:c0:21:76:c1:b8:9b:45:db:12:a6:74:2b:01:
         40:27:6b:03:cb:63:37:45:36:2c:14:8a:6b:99:62:22:7d:95:
         2a:a7:05:92:f2:64:30:4c:4e:7f:62:6d:d0:d2:44:34:8e:1b:
         0e:90:e1:42:c2:60:ca:4a:3d:f1:82:60:b8:d8:d1:41:fa:d4:
         71:ae:9c:4c:0d:20:d2:e1:f4:03:14:53:68:91:36:00:9f:91:
         01:da:a0:eb:92:27:07:a2:ee:13:91:15:77:7e:c3:ec:f7:11:
         46:a4:cd:8b:dd:d0:2b:21:f6:a5:c1:7d:a8:47:46:ae:ac:9b:
         af:4d:b6:cf:cc:38:2c:7b:79:b5:d6:79:db:37:50:06:03:27:
         6d:9f:08:17:6b:50:9e:6d:30:d5:31:92:54:12:98:ff:5c:1a:
         1b:97:2a:8c
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAebPMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMyNzE1MjQwOVoXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNkM2MUIxMTAvBgNVBAUTKEY1MzkyOTE5MTlDREUxNDRCMDM0RUYy
ODhCMEE2MzQ3ODNFODJDN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCV+l7h4I2yIUx6U3YR+xM8teVMi8cbCwPiKPi+Nty7fb0fHtmvWMrDxiWCpM32
mKduLBnavcSWX6zXUZjDBSyXaKRBoOa9sZ7Gd4faSyWpczhciGAKwpimdsBWS59A
Jh6tuPJvHyvEpLo+hBensmsCtT8oRs0ga7D9Vu87QjbD9mvmpN0zUgDm6SD/QX+Q
4OMIpQ9nnvsGtnCWS8Bb9jNBrMRJnOyxBbmsRcadRPSdkmuIfBaPY9JPn61/lC4R
jMctSJrcXpIkCylkVvW07M87S1IkUtCwAIK8v+kC1oM7qgn6CvHoM2ypkzRqBKao
76sx/MsyWwjmH+nqf0bI9fQRAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQU9TkpGRnN
4USwNO8oiwpjR4PoLH8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTZDNjFCLzUxRUZGQTMwODI2OTExRUNBRDJFOTUyNEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2QzYxQi81MUVGRkEzMDgyNjkxMUVDQUQyRTk1MjRDNEY5QUUwMi85VGtwR1Ju
TjRVU3dOTzhvaXdwalI0UG9MSDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhRQMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCdMyMMA0EAgAC
MAcDBQAkAMfAMA0GCSqGSIb3DQEBCwUAA4IBAQBo+ANr3e4N7HYFcrTdA0NslSX4
/po79l7zIx2ldYpZbhwbY3G2bKDYtNHxAES0eFcC+dgIc/ukaMpWm4Z67wWLfAhV
9ZCZjKWwt7xCReVTcwTBIrDPi7TM0cBQQqEUqcAhdsG4m0XbEqZ0KwFAJ2sDy2M3
RTYsFIprmWIifZUqpwWS8mQwTE5/Ym3Q0kQ0jhsOkOFCwmDKSj3xgmC42NFB+tRx
rpxMDSDS4fQDFFNokTYAn5EB2qDrkicHou4TkRV3fsPs9xFGpM2L3dArIfalwX2o
R0aurJuvTbbPzDgse3m11nnbN1AGAydtnwgXa1CebTDVMZJUEpj/XBoblyqM
-----END CERTIFICATE-----
Generated at Thu Mar 28 18:54:54 2024 by rpki-client on console-ams.rpki-client.org