Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9iXWv81CG9Pbl8aVlBS8cJRuq8Q.cer
File:                     9iXWv81CG9Pbl8aVlBS8cJRuq8Q.cer (raw, json)
Hash identifier:          j2kXTgItQ/pnKVuTedey+xWgmXEqPMXeAUISGrmJcHQ=
Subject key identifier:   F6:25:D6:BF:CD:42:1B:D3:DB:97:C6:95:94:14:BC:70:94:6E:AB:C4
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D60F
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A919834A/2C0474746E3511E782DEFE55C4F9AE02/9iXWv81CG9Pbl8aVlBS8cJRuq8Q.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A919834A/2C0474746E3511E782DEFE55C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 02 Jan 2024 16:50:33 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 45326
                          IP: 103.30.28.0/22
                          IP: 119.18.144.0/21
                          IP: 202.5.32.0/19
                          IP: 2401:8a40::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 04 Dec 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120335 (0x1d60f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan  2 16:50:33 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A919834A/serialNumber=F625D6BFCD421BD3DB97C6959414BC70946EABC4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:ed:e3:fd:4c:9e:09:2e:67:6f:18:2e:92:60:
                    48:89:90:f3:31:71:10:9d:9b:93:af:85:24:f0:c9:
                    87:29:00:8c:51:4a:1d:4b:ec:e8:3f:49:db:9b:2e:
                    48:b6:95:bb:2f:9b:da:44:3b:be:4a:75:67:20:00:
                    1c:f4:2c:44:e8:f8:02:cb:0b:67:c8:68:d3:a6:c6:
                    d4:5a:67:4e:9d:1c:2b:3c:8f:84:6f:0e:38:92:18:
                    29:ad:0d:18:d7:8e:d3:ee:83:32:13:90:17:0d:12:
                    f5:e9:a7:cc:aa:a5:41:40:64:cb:e1:2e:9a:ef:38:
                    4c:e3:d8:b3:e2:16:44:52:a7:8f:6c:26:ad:e0:19:
                    e7:1f:ac:6b:fd:30:e6:88:69:81:51:85:2e:20:4c:
                    4e:77:61:54:e9:4f:e4:0a:84:b8:08:e7:44:9c:98:
                    08:b4:46:e0:f5:93:66:4f:08:e8:ac:05:81:e7:06:
                    19:a4:aa:c2:17:4f:bb:68:88:b6:ee:d3:af:77:a3:
                    c4:8a:6d:21:2f:32:f7:08:27:dd:76:73:7f:20:e5:
                    c5:fd:40:38:09:b4:b3:b6:cd:79:b3:85:dd:6a:7f:
                    52:cc:c4:fa:32:8e:1a:7b:a7:e2:2b:9f:96:d7:08:
                    14:78:e1:54:4e:65:c3:0f:a2:44:76:03:79:79:d8:
                    19:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:25:D6:BF:CD:42:1B:D3:DB:97:C6:95:94:14:BC:70:94:6E:AB:C4
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919834A/2C0474746E3511E782DEFE55C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919834A/2C0474746E3511E782DEFE55C4F9AE02/9iXWv81CG9Pbl8aVlBS8cJRuq8Q.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  45326

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.30.28.0/22
                  119.18.144.0/21
                  202.5.32.0/19
                IPv6:
                  2401:8a40::/32

    Signature Algorithm: sha256WithRSAEncryption
         82:27:6a:7d:cb:66:cd:b3:ad:70:81:2d:0f:92:1c:c1:6f:da:
         0d:84:3f:f9:69:c5:d6:51:f5:71:93:a0:e0:7d:af:2f:e5:a1:
         9f:d6:8c:0c:bf:11:d0:0c:06:5c:e8:5b:5f:ac:82:53:01:c5:
         f2:53:20:2a:f4:4c:80:57:f5:65:fb:99:29:db:2d:04:d7:cb:
         72:15:3c:49:9f:55:99:e7:68:33:96:65:40:9b:e0:fd:2c:c4:
         c5:2c:21:ea:ce:8a:39:15:27:fd:02:5a:79:e2:f8:f6:3c:32:
         f9:eb:e4:07:37:ad:a2:6a:92:c8:4a:f7:cc:51:44:ba:08:f2:
         d3:58:c7:67:8c:4a:72:6e:61:6c:80:f0:47:4e:65:52:d1:16:
         fd:40:82:8a:12:8f:9c:2c:22:36:e2:c9:0a:f6:50:db:fa:4f:
         25:1e:6e:5d:fe:82:f0:13:5c:a9:35:7c:9b:c3:c3:6b:44:e7:
         94:d2:27:6a:6b:3b:6e:63:b9:47:aa:29:3a:92:af:67:0d:19:
         84:4f:39:66:ab:b4:d4:c4:4e:dd:d2:5c:1c:c5:b9:b0:6f:55:
         9c:ab:e9:ad:d7:04:6f:bd:1a:5b:70:87:91:83:6c:3b:d2:68:
         a7:30:e4:1b:ac:00:d3:02:7a:ba:05:de:c4:5d:3d:6f:9e:ad:
         98:a3:f2:20
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgIDAdYPMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEwMjE2NTAzM1oXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTgzNEExMTAvBgNVBAUTKEY2MjVENkJGQ0Q0MjFCRDNEQjk3QzY5
NTk0MTRCQzcwOTQ2RUFCQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCn7eP9TJ4JLmdvGC6SYEiJkPMxcRCdm5OvhSTwyYcpAIxRSh1L7Og/SdubLki2
lbsvm9pEO75KdWcgABz0LETo+ALLC2fIaNOmxtRaZ06dHCs8j4RvDjiSGCmtDRjX
jtPugzITkBcNEvXpp8yqpUFAZMvhLprvOEzj2LPiFkRSp49sJq3gGecfrGv9MOaI
aYFRhS4gTE53YVTpT+QKhLgI50ScmAi0RuD1k2ZPCOisBYHnBhmkqsIXT7toiLbu
0693o8SKbSEvMvcIJ912c38g5cX9QDgJtLO2zXmzhd1qf1LMxPoyjhp7p+Irn5bX
CBR44VROZcMPokR2A3l52BmfAgMBAAGjggMqMIIDJjAdBgNVHQ4EFgQU9iXWv81C
G9Pbl8aVlBS8cJRuq8QwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk4MzRBLzJDMDQ3NDc0NkUzNTExRTc4MkRFRkU1NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5ODM0QS8yQzA0NzQ3NDZFMzUxMUU3ODJERUZFNTVDNEY5QUUwMi85aVhXdjgx
Q0c5UGJsOGFWbEJTOGNKUnVxOFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDALEOMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCZx4cAwQDdxKQ
AwQFygUgMA0EAgACMAcDBQAkAYpAMA0GCSqGSIb3DQEBCwUAA4IBAQCCJ2p9y2bN
s61wgS0PkhzBb9oNhD/5acXWUfVxk6Dgfa8v5aGf1owMvxHQDAZc6FtfrIJTAcXy
UyAq9EyAV/Vl+5kp2y0E18tyFTxJn1WZ52gzlmVAm+D9LMTFLCHqzoo5FSf9Alp5
4vj2PDL56+QHN62iapLISvfMUUS6CPLTWMdnjEpybmFsgPBHTmVS0Rb9QIKKEo+c
LCI24skK9lDb+k8lHm5d/oLwE1ypNXybw8NrROeU0idqaztuY7lHqik6kq9nDRmE
Tzlmq7TUxE7d0lwcxbmwb1Wcq+mt1wRvvRpbcIeRg2w70minMOQbrADTAnq6Bd7E
XT1vnq2Yo/Ig
-----END CERTIFICATE-----
Generated at Wed Nov 27 04:07:29 2024 by rpki-client on console-ams.rpki-client.org