Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TvPuMcsGjq2Xg6ojjoaIdKM0WE.cer
File:                     9TvPuMcsGjq2Xg6ojjoaIdKM0WE.cer (raw, json)
Hash identifier:          7EpEYws/iOh8F9D3wS8H3WXTMkl7jIDIRzaaeANzCIQ=
Subject key identifier:   F5:3B:CF:B8:C7:2C:1A:3A:B6:5E:0E:A8:8E:3A:1A:21:D2:8C:D1:61
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       0214E1
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9127B24/1E4F3A5C8F7611EF84EC7715C4F9AE02/9TvPuMcsGjq2Xg6ojjoaIdKM0WE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9127B24/1E4F3A5C8F7611EF84EC7715C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 21 Oct 2024 06:31:40 +0000
Certificate not after:    Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources:    AS: 153336
                          IP: 2401:c5e0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 136417 (0x214e1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct 21 06:31:40 2024 GMT
            Not After : Dec 30 00:00:00 2025 GMT
        Subject: CN=A9127B24/serialNumber=F53BCFB8C72C1A3AB65E0EA88E3A1A21D28CD161
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:9a:8b:57:c5:f1:fb:0c:d6:10:7c:e9:84:ba:
                    63:da:d9:2f:34:f4:5e:54:7c:b2:81:a6:2d:bc:48:
                    95:d5:2c:ee:d2:2c:23:3e:ed:0c:29:66:83:02:6e:
                    b8:ec:19:ac:af:c6:8f:1b:fc:8a:fd:8b:d5:b7:45:
                    ce:08:b0:28:55:10:1e:03:44:27:8e:f7:71:a5:96:
                    ee:f8:5e:24:55:3f:69:92:08:8f:e2:4a:93:cc:f0:
                    c4:b1:b4:58:8c:99:04:00:72:90:b2:e3:e1:b6:27:
                    3e:74:cc:2f:b3:c0:88:d3:d1:4c:66:1d:ff:3c:28:
                    ad:8b:02:8f:8c:40:86:dc:17:e0:9a:e5:2c:ae:bb:
                    d2:9e:2b:74:0b:37:54:b8:65:56:f6:21:65:4b:f3:
                    1c:7c:8c:f7:12:08:eb:9c:39:1a:b2:ff:eb:47:a9:
                    ea:b2:c5:e7:19:f4:44:4f:36:d1:f9:7b:85:fe:b5:
                    98:8c:f3:34:bb:f7:f0:d2:f4:43:00:20:58:25:e1:
                    b9:31:47:70:9f:c6:36:a3:b4:7f:3d:57:0f:ad:3e:
                    d7:32:8f:d8:7a:4b:e4:ff:28:0c:a1:57:38:cb:d7:
                    b8:43:94:5e:f6:26:5c:0a:df:85:73:56:85:4c:0c:
                    c9:ae:85:51:62:b2:7c:73:9d:c5:6c:c3:69:cf:85:
                    b3:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:3B:CF:B8:C7:2C:1A:3A:B6:5E:0E:A8:8E:3A:1A:21:D2:8C:D1:61
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9127B24/1E4F3A5C8F7611EF84EC7715C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9127B24/1E4F3A5C8F7611EF84EC7715C4F9AE02/9TvPuMcsGjq2Xg6ojjoaIdKM0WE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  153336

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:c5e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         a9:f7:3c:e2:d4:f8:11:9f:03:a7:10:18:26:da:42:28:92:97:
         79:7d:ae:ae:0e:9e:93:02:86:7d:88:f7:3a:fa:76:d2:59:2c:
         0e:97:66:72:ab:8d:4b:2a:3d:8c:48:14:f9:6d:65:78:6e:5c:
         96:a3:0d:53:96:40:56:79:8d:29:99:ab:fb:0a:8d:44:57:e6:
         d0:31:88:4b:a4:19:49:d3:23:9f:63:19:55:bc:d2:87:a3:9b:
         90:67:79:15:83:d4:09:69:e5:78:36:a5:00:7e:38:07:bb:55:
         88:eb:f9:66:08:44:1c:3a:f2:61:9b:60:1c:a4:f8:bb:e5:84:
         81:79:a4:ad:75:41:89:0b:9c:bc:5f:ea:8e:88:35:28:87:db:
         ed:f8:2a:f3:1e:e5:02:36:39:cb:fd:4c:23:98:91:76:57:a9:
         7b:f0:09:e6:1e:e9:cb:b7:fc:8f:11:c0:c8:0c:d9:db:6c:5d:
         e1:72:ef:af:c8:2d:f5:f4:60:70:14:5e:2a:66:79:55:86:93:
         3b:3f:3b:49:bf:b8:4a:25:fd:66:b7:bd:60:7d:99:d3:9e:70:
         78:13:74:a1:10:b2:ae:5d:ef:f2:ab:df:92:93:b7:a1:28:79:
         87:b4:dd:dc:fe:73:70:bd:01:dd:e4:e2:bb:00:bc:90:49:fe:
         8e:9c:be:72
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAhThMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTAyMTA2MzE0MFoXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjdCMjQxMTAvBgNVBAUTKEY1M0JDRkI4QzcyQzFBM0FCNjVFMEVB
ODhFM0ExQTIxRDI4Q0QxNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCfmotXxfH7DNYQfOmEumPa2S809F5UfLKBpi28SJXVLO7SLCM+7QwpZoMCbrjs
Gayvxo8b/Ir9i9W3Rc4IsChVEB4DRCeO93Gllu74XiRVP2mSCI/iSpPM8MSxtFiM
mQQAcpCy4+G2Jz50zC+zwIjT0UxmHf88KK2LAo+MQIbcF+Ca5Syuu9KeK3QLN1S4
ZVb2IWVL8xx8jPcSCOucORqy/+tHqeqyxecZ9ERPNtH5e4X+tZiM8zS79/DS9EMA
IFgl4bkxR3CfxjajtH89Vw+tPtcyj9h6S+T/KAyhVzjL17hDlF72JlwK34VzVoVM
DMmuhVFisnxzncVsw2nPhbMrAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQU9TvPuMcs
Gjq2Xg6ojjoaIdKM0WEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI3QjI0LzFFNEYzQTVDOEY3NjExRUY4NEVDNzcxNUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyN0IyNC8xRTRGM0E1QzhGNzYxMUVGODRFQzc3MTVDNEY5QUUwMi85VHZQdU1j
c0dqcTJYZzZvampvYUlkS00wV0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlb4MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAHF4DANBgkq
hkiG9w0BAQsFAAOCAQEAqfc84tT4EZ8DpxAYJtpCKJKXeX2urg6ekwKGfYj3Ovp2
0lksDpdmcquNSyo9jEgU+W1leG5clqMNU5ZAVnmNKZmr+wqNRFfm0DGIS6QZSdMj
n2MZVbzSh6ObkGd5FYPUCWnleDalAH44B7tViOv5ZghEHDryYZtgHKT4u+WEgXmk
rXVBiQucvF/qjog1KIfb7fgq8x7lAjY5y/1MI5iRdlepe/AJ5h7py7f8jxHAyAzZ
22xd4XLvr8gt9fRgcBReKmZ5VYaTOz87Sb+4SiX9Zre9YH2Z055weBN0oRCyrl3v
8qvfkpO3oSh5h7Td3P5zcL0B3eTiuwC8kEn+jpy+cg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:13 2024 by rpki-client on console-fra.rpki-client.org