Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ae4IndSGeyyydlgqqXsxj1Cepu4.cer
File:                     Ae4IndSGeyyydlgqqXsxj1Cepu4.cer (raw, json)
Hash identifier:          /2ck0bCTAKefHs5G5jfovXA65z0BeFxkMYdV+CHHAHs=
Subject key identifier:   01:EE:08:9D:D4:86:7B:2C:B2:76:58:2A:A9:7B:31:8F:50:9E:A6:EE
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CEF5
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/Ae4IndSGeyyydlgqqXsxj1Cepu4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 01 Dec 2023 23:27:08 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 43.239.104.0/22
                          IP: 45.124.204.0/22
                          IP: 103.23.128.0/22
                          IP: 103.25.100.0/22
                          IP: 103.244.220.0/22
                          IP: 103.249.184.0/22

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118517 (0x1cef5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec  1 23:27:08 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A91B3D30/serialNumber=01EE089DD4867B2CB276582AA97B318F509EA6EE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:e6:4f:f4:be:ee:2a:84:1c:76:84:45:cb:fd:
                    e3:ba:a2:bf:3b:e4:05:a0:b2:8d:7d:ba:3e:b5:7a:
                    ef:44:4a:44:d9:5f:a7:44:ff:d7:4d:44:1a:7f:58:
                    96:68:59:4c:84:92:fa:10:f4:33:c3:68:50:38:ce:
                    ae:27:e5:17:d4:2f:3b:32:60:fe:cd:12:ba:51:20:
                    66:95:cc:0a:e2:18:36:07:5d:14:78:bb:de:7e:39:
                    ae:00:91:15:da:ec:ca:5a:3f:ae:5f:f8:df:09:f7:
                    81:0a:a6:1b:b5:c9:5f:97:40:e7:a4:5e:5f:a0:73:
                    b9:fa:9e:05:9d:43:eb:68:87:e8:9b:c8:58:89:e4:
                    28:12:5b:16:6d:3c:9a:0e:8b:10:cf:db:91:f0:1a:
                    cd:da:26:fd:cf:e0:81:78:39:09:ac:f7:6a:0e:28:
                    61:ca:9a:92:fc:33:18:e9:a6:59:7e:d9:0f:7d:4b:
                    cc:6b:ae:a3:1c:58:5a:32:f2:36:6a:81:aa:ad:95:
                    5d:f1:5b:d7:15:4f:64:07:58:cd:2e:56:c1:4a:cc:
                    12:b2:81:1c:03:1b:cc:a3:6c:e5:86:46:ed:28:70:
                    5a:14:a4:1b:1e:e6:80:10:bf:9b:9b:74:fc:ec:25:
                    ba:b5:b0:ad:b4:51:06:1a:d5:b2:16:20:62:db:6f:
                    d5:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:EE:08:9D:D4:86:7B:2C:B2:76:58:2A:A9:7B:31:8F:50:9E:A6:EE
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B3D30/E3DF469C416811EAAE8A7750C4F9AE02/Ae4IndSGeyyydlgqqXsxj1Cepu4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.239.104.0/22
                  45.124.204.0/22
                  103.23.128.0/22
                  103.25.100.0/22
                  103.244.220.0/22
                  103.249.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         47:3c:14:d2:68:01:1a:d2:90:7e:3a:92:9a:dd:5b:76:fe:bb:
         9f:b8:f6:48:b2:4c:57:eb:4e:0b:06:79:0b:67:0a:a0:cc:5a:
         66:53:18:bf:28:45:1b:24:b3:e6:d7:6d:57:aa:cd:f4:52:0a:
         50:10:7b:64:ae:a7:93:d7:5a:57:22:e6:27:53:3b:de:90:31:
         10:58:3c:47:c4:31:09:ea:ee:b4:46:06:2f:99:77:6d:29:46:
         d6:7d:a6:c6:1b:8a:b4:9d:a3:e0:84:78:91:a1:be:61:86:4b:
         f8:de:9d:86:8a:cb:b8:35:8f:55:22:c8:4f:10:67:0d:b4:db:
         99:8b:9a:9c:44:8a:3a:ad:73:88:69:38:ce:79:53:1e:da:0b:
         5a:74:1f:02:d4:ec:b9:41:a5:ad:af:4a:5d:96:b9:f8:06:dc:
         22:5c:a1:2a:9d:ca:28:cd:4d:8c:62:23:53:47:fb:0b:58:c1:
         72:ee:c8:b9:8f:9e:9d:79:c6:17:1a:95:16:9b:7d:5d:39:66:
         aa:6d:6e:9e:dd:a7:bf:54:c2:a1:cc:2b:6a:c0:fc:68:61:45:
         cd:47:8a:d9:1a:9e:a1:47:2c:75:2a:53:c1:08:cd:9a:81:02:
         66:1a:ce:33:56:ad:53:4b:ee:19:e8:d1:2e:af:51:2c:95:f6:
         2c:1c:7a:f9
-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgIDAc71MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIwMTIzMjcwOFoXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjNEMzAxMTAvBgNVBAUTKDAxRUUwODlERDQ4NjdCMkNCMjc2NTgy
QUE5N0IzMThGNTA5RUE2RUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDC5k/0vu4qhBx2hEXL/eO6or875AWgso19uj61eu9ESkTZX6dE/9dNRBp/WJZo
WUyEkvoQ9DPDaFA4zq4n5RfULzsyYP7NErpRIGaVzAriGDYHXRR4u95+Oa4AkRXa
7MpaP65f+N8J94EKphu1yV+XQOekXl+gc7n6ngWdQ+toh+ibyFiJ5CgSWxZtPJoO
ixDP25HwGs3aJv3P4IF4OQms92oOKGHKmpL8Mxjppll+2Q99S8xrrqMcWFoy8jZq
gaqtlV3xW9cVT2QHWM0uVsFKzBKygRwDG8yjbOWGRu0ocFoUpBse5oAQv5ubdPzs
Jbq1sK20UQYa1bIWIGLbb9V/AgMBAAGjggMRMIIDDTAdBgNVHQ4EFgQUAe4IndSG
eyyydlgqqXsxj1Cepu4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUIzRDMwL0UzREY0NjlDNDE2ODExRUFBRThBNzc1MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCM0QzMC9FM0RGNDY5QzQxNjgxMUVBQUU4QTc3NTBDNEY5QUUwMi9BZTRJbmRT
R2V5eXlkbGdxcVhzeGoxQ2VwdTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8ELjAs
MCoEAgABMCQDBAIr72gDBAItfMwDBAJnF4ADBAJnGWQDBAJn9NwDBAJn+bgwDQYJ
KoZIhvcNAQELBQADggEBAEc8FNJoARrSkH46kprdW3b+u5+49kiyTFfrTgsGeQtn
CqDMWmZTGL8oRRsks+bXbVeqzfRSClAQe2Sup5PXWlci5idTO96QMRBYPEfEMQnq
7rRGBi+Zd20pRtZ9psYbirSdo+CEeJGhvmGGS/jenYaKy7g1j1UiyE8QZw2025mL
mpxEijqtc4hpOM55Ux7aC1p0HwLU7LlBpa2vSl2WufgG3CJcoSqdyijNTYxiI1NH
+wtYwXLuyLmPnp15xhcalRabfV05Zqptbp7dp79UwqHMK2rA/GhhRc1HitkanqFH
LHUqU8EIzZqBAmYazjNWrVNL7hno0S6vUSyV9iwcevk=
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:05 2024 by rpki-client on console-fra.rpki-client.org