Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aq6E9hG36C_X1v-PRS2HJe9IkIg.cer
File:                     Aq6E9hG36C_X1v-PRS2HJe9IkIg.cer (raw, json)
Hash identifier:          6TbfIUvwt1MklXmsWHdfiHOYWR2MPR8/Chlq8bYLoHk=
Subject key identifier:   02:AE:84:F6:11:B7:E8:2F:D7:D6:FF:8F:45:2D:87:25:EF:48:90:88
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E27E
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91642A0/CA7D1162F67611E990BAA222C4F9AE02/Aq6E9hG36C_X1v-PRS2HJe9IkIg.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91642A0/CA7D1162F67611E990BAA222C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sun 03 Mar 2024 15:19:31 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    AS: 138612
                          IP: 103.134.124.0/22
                          IP: 2404:6440::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 02:50:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123518 (0x1e27e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar  3 15:19:31 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A91642A0/serialNumber=02AE84F611B7E82FD7D6FF8F452D8725EF489088
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:c8:58:85:ae:e2:cc:60:15:92:1d:44:9b:d8:
                    6c:c7:36:d5:04:68:4b:cf:da:ff:b7:cc:e4:b9:26:
                    c0:7a:cf:52:01:16:54:1f:b2:7b:e9:11:0f:03:81:
                    44:94:96:e8:ef:2e:c6:60:98:1b:6f:73:a1:93:4b:
                    3a:3e:50:a4:6e:79:cb:1b:45:7e:77:4a:6b:5c:89:
                    16:3f:95:0f:f3:e4:20:24:a1:c2:17:5a:e9:49:eb:
                    68:a7:2c:24:79:82:5c:ef:14:74:2d:5b:a2:99:3d:
                    fb:15:93:07:47:72:97:64:c5:0e:17:54:cd:a3:27:
                    31:44:53:3f:1e:a7:39:50:b8:6b:f1:fa:f6:37:83:
                    4a:31:a0:07:c6:2d:76:99:c9:b4:91:d1:8e:8d:d8:
                    b0:83:c3:f6:81:e8:59:43:c4:85:0e:88:6c:2b:bb:
                    b3:0d:67:00:6b:bf:35:bf:9b:67:82:c0:c5:95:60:
                    5b:7a:3a:e3:dd:8c:a7:03:99:b4:3d:94:ab:3d:3d:
                    a7:2e:82:d6:31:5a:72:75:f7:c5:a9:b3:42:f9:d7:
                    6e:78:55:ad:ce:48:6e:6e:98:7b:ed:af:43:c2:23:
                    7d:97:f7:cb:9f:37:80:ce:1a:5e:32:af:d4:53:22:
                    19:80:78:bc:9e:bc:f9:56:ca:4c:e1:c4:8e:ad:b9:
                    5e:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:AE:84:F6:11:B7:E8:2F:D7:D6:FF:8F:45:2D:87:25:EF:48:90:88
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91642A0/CA7D1162F67611E990BAA222C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91642A0/CA7D1162F67611E990BAA222C4F9AE02/Aq6E9hG36C_X1v-PRS2HJe9IkIg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  138612

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.134.124.0/22
                IPv6:
                  2404:6440::/32

    Signature Algorithm: sha256WithRSAEncryption
         b5:12:22:5e:c4:f0:44:9e:d1:3f:a4:60:28:e1:d0:9c:cc:b8:
         29:17:54:8f:20:b6:8a:49:c8:a0:7b:62:bb:9d:36:57:1b:6b:
         79:66:b0:a4:5b:ef:55:4f:4f:33:ae:d3:ad:c2:ff:b8:ac:ae:
         2e:b0:43:7f:a2:33:f0:7e:c4:36:46:c3:b1:22:2b:3c:56:d0:
         66:ce:c9:b9:d9:5c:22:cd:3b:11:ce:9b:20:6a:83:d2:98:54:
         b5:7d:d9:56:ab:da:39:ea:3b:a2:a4:b1:3c:3d:5b:76:32:f2:
         74:32:1d:74:e2:14:44:1a:82:2b:74:b2:14:27:ee:05:fc:bf:
         58:ff:0f:cf:db:5f:cd:a0:7b:8d:12:21:01:99:b3:6a:8a:03:
         b7:51:37:bc:d0:23:ed:d5:09:a9:29:75:18:96:f3:4f:a1:5f:
         97:04:68:1c:6e:ff:51:9d:c2:ef:3d:67:63:cf:d4:9a:c7:b7:
         92:07:73:82:12:e6:4e:02:ab:2e:ee:66:1c:eb:39:85:09:86:
         63:14:22:a5:5d:90:03:91:7c:34:eb:6f:ba:57:a4:62:a5:a5:
         c1:e4:b4:7a:46:19:f1:35:c4:f9:ba:8f:c5:69:f7:45:1c:8c:
         78:09:dc:39:fa:fd:db:03:b3:9e:b3:f5:2b:85:92:3a:09:82:
         15:e7:73:ab
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAeJ+MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMwMzE1MTkzMVoXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjQyQTAxMTAvBgNVBAUTKDAyQUU4NEY2MTFCN0U4MkZEN0Q2RkY4
RjQ1MkQ4NzI1RUY0ODkwODgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCqyFiFruLMYBWSHUSb2GzHNtUEaEvP2v+3zOS5JsB6z1IBFlQfsnvpEQ8DgUSU
lujvLsZgmBtvc6GTSzo+UKRuecsbRX53SmtciRY/lQ/z5CAkocIXWulJ62inLCR5
glzvFHQtW6KZPfsVkwdHcpdkxQ4XVM2jJzFEUz8epzlQuGvx+vY3g0oxoAfGLXaZ
ybSR0Y6N2LCDw/aB6FlDxIUOiGwru7MNZwBrvzW/m2eCwMWVYFt6OuPdjKcDmbQ9
lKs9PacugtYxWnJ198Wps0L51254Va3OSG5umHvtr0PCI32X98ufN4DOGl4yr9RT
IhmAeLyevPlWykzhxI6tuV4JAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUAq6E9hG3
6C/X1v+PRS2HJe9IkIgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTY0MkEwL0NBN0QxMTYyRjY3NjExRTk5MEJBQTIyMkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2NDJBMC9DQTdEMTE2MkY2NzYxMUU5OTBCQUEyMjJDNEY5QUUwMi9BcTZFOWhH
MzZDX1gxdi1QUlMySEplOUlrSWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAh10MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ4Z8MA0EAgAC
MAcDBQAkBGRAMA0GCSqGSIb3DQEBCwUAA4IBAQC1EiJexPBEntE/pGAo4dCczLgp
F1SPILaKScige2K7nTZXG2t5ZrCkW+9VT08zrtOtwv+4rK4usEN/ojPwfsQ2RsOx
Iis8VtBmzsm52VwizTsRzpsgaoPSmFS1fdlWq9o56juipLE8PVt2MvJ0Mh104hRE
GoIrdLIUJ+4F/L9Y/w/P21/NoHuNEiEBmbNqigO3UTe80CPt1QmpKXUYlvNPoV+X
BGgcbv9RncLvPWdjz9Sax7eSB3OCEuZOAqsu7mYc6zmFCYZjFCKlXZADkXw062+6
V6RipaXB5LR6RhnxNcT5uo/FafdFHIx4Cdw5+v3bA7Oes/UrhZI6CYIV53Or
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:44:05 2024 by rpki-client on console-fra.rpki-client.org