Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/As_3eY8FPpyB_czteWLsu3bB0ho.cer
File:                     As_3eY8FPpyB_czteWLsu3bB0ho.cer (raw, json)
Hash identifier:          R26Li1CG5/Nsfz/BzSddzUETAm7rlvaO1FR2kWTILKc=
Subject key identifier:   02:CF:F7:79:8F:05:3E:9C:81:FD:CC:ED:79:62:EC:BB:76:C1:D2:1A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       0206DC
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91A4690/409C970A5AE011EF8582707FC4F9AE02/As_3eY8FPpyB_czteWLsu3bB0ho.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91A4690/409C970A5AE011EF8582707FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 15 Aug 2024 08:27:53 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    AS: 134741
                          IP: 59.153.160.0/22
                          IP: 103.198.204.0/22

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 15:22:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 132828 (0x206dc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Aug 15 08:27:53 2024 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A91A4690/serialNumber=02CFF7798F053E9C81FDCCED7962ECBB76C1D21A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:4f:df:10:33:ac:4a:52:10:ed:b6:12:34:5d:
                    fa:c9:ab:29:b0:cc:9b:de:b1:ab:16:71:b0:21:0c:
                    7b:3a:e5:e4:0f:2d:56:2c:f4:1b:48:ee:86:3f:30:
                    e1:3f:12:1c:c7:40:80:3b:0e:36:27:ca:24:86:fd:
                    19:26:99:19:b7:16:0d:db:5f:57:bc:69:4e:55:55:
                    b0:0d:4b:a3:94:a3:34:a8:9c:eb:87:9f:9e:9d:3c:
                    f9:c2:b9:d6:56:ea:1a:df:93:19:6c:4f:5f:d1:87:
                    e4:1f:91:80:8e:8e:2a:86:5e:d6:ca:3c:44:85:c2:
                    14:13:91:37:0c:75:3f:9a:d3:20:b2:07:d7:d4:9c:
                    c8:4b:8c:72:ec:52:a0:fc:b2:7c:9a:0e:ae:5e:9d:
                    d3:df:0a:8a:e3:47:c6:48:9e:4e:16:aa:62:08:6c:
                    01:bb:8d:8a:eb:f6:2a:05:eb:47:47:fd:97:cd:ae:
                    d1:d9:ae:43:7c:8e:42:66:3a:bc:ae:b1:a3:36:c3:
                    a2:a2:72:03:f9:89:5d:1e:b9:ff:04:bd:8c:89:b0:
                    ce:b9:b4:59:ef:2b:95:46:61:2a:d5:92:64:96:dc:
                    06:cd:72:e0:f3:87:6e:ef:53:b2:fe:90:d3:0a:b5:
                    61:0e:05:89:d3:be:a2:66:54:ac:da:2b:6f:27:ca:
                    5a:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:CF:F7:79:8F:05:3E:9C:81:FD:CC:ED:79:62:EC:BB:76:C1:D2:1A
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A4690/409C970A5AE011EF8582707FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A4690/409C970A5AE011EF8582707FC4F9AE02/As_3eY8FPpyB_czteWLsu3bB0ho.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  134741

            sbgp-ipAddrBlock: critical
                IPv4:
                  59.153.160.0/22
                  103.198.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0c:11:16:c5:80:55:01:99:28:7a:10:ee:82:37:f5:55:31:26:
         58:6d:11:97:77:68:b8:18:d2:a0:b3:f8:c2:42:37:c6:6b:c3:
         5e:32:18:db:a7:11:a7:9e:99:00:42:22:9c:d9:a7:f1:d3:14:
         58:00:c5:72:fc:ce:de:ff:2f:02:e2:9d:24:78:c9:b9:4b:c8:
         29:11:87:3b:8c:77:27:81:21:7b:e1:2b:50:e7:8b:a5:33:33:
         4b:d8:65:d0:d5:06:ab:f0:8a:9d:03:48:20:04:ad:90:f7:68:
         a9:31:ea:8d:f6:62:6b:9d:96:bf:c5:02:02:53:c1:95:a4:f9:
         d9:7b:51:93:1c:0c:7c:cf:89:4c:38:2f:9b:07:9e:b3:d1:4b:
         13:c4:33:c9:4e:20:2e:a1:fc:c0:7c:e5:b3:01:eb:6a:5e:1f:
         0e:18:1c:29:a8:64:0a:d5:13:51:8e:7f:c6:93:fd:a5:3a:0f:
         8c:16:b8:63:fe:4c:47:46:5e:0a:48:36:72:f6:4f:16:e0:03:
         d0:84:1a:59:e0:25:84:09:5f:42:81:92:ed:06:4e:86:10:f6:
         bd:5a:2f:71:a0:3f:ed:a0:0b:b3:60:3a:d2:39:44:47:a9:2b:
         6b:1e:47:c5:e0:81:1e:8a:fb:a8:c1:8b:e8:44:05:4f:5e:49:
         17:8d:36:d0
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgIDAgbcMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDgxNTA4Mjc1M1oXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTQ2OTAxMTAvBgNVBAUTKDAyQ0ZGNzc5OEYwNTNFOUM4MUZEQ0NF
RDc5NjJFQ0JCNzZDMUQyMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDTT98QM6xKUhDtthI0XfrJqymwzJvesasWcbAhDHs65eQPLVYs9BtI7oY/MOE/
EhzHQIA7DjYnyiSG/RkmmRm3Fg3bX1e8aU5VVbANS6OUozSonOuHn56dPPnCudZW
6hrfkxlsT1/Rh+QfkYCOjiqGXtbKPESFwhQTkTcMdT+a0yCyB9fUnMhLjHLsUqD8
snyaDq5endPfCorjR8ZInk4WqmIIbAG7jYrr9ioF60dH/ZfNrtHZrkN8jkJmOryu
saM2w6KicgP5iV0euf8EvYyJsM65tFnvK5VGYSrVkmSW3AbNcuDzh27vU7L+kNMK
tWEOBYnTvqJmVKzaK28nylo9AgMBAAGjggMVMIIDETAdBgNVHQ4EFgQUAs/3eY8F
PpyB/czteWLsu3bB0howHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE0NjkwLzQwOUM5NzBBNUFFMDExRUY4NTgyNzA3RkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBNDY5MC80MDlDOTcwQTVBRTAxMUVGODU4MjcwN0ZDNEY5QUUwMi9Bc18zZVk4
RlBweUJfY3p0ZVdMc3UzYkIwaG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg5VMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCO5mgAwQCZ8bM
MA0GCSqGSIb3DQEBCwUAA4IBAQAMERbFgFUBmSh6EO6CN/VVMSZYbRGXd2i4GNKg
s/jCQjfGa8NeMhjbpxGnnpkAQiKc2afx0xRYAMVy/M7e/y8C4p0keMm5S8gpEYc7
jHcngSF74StQ54ulMzNL2GXQ1Qar8IqdA0ggBK2Q92ipMeqN9mJrnZa/xQICU8GV
pPnZe1GTHAx8z4lMOC+bB56z0UsTxDPJTiAuofzAfOWzAetqXh8OGBwpqGQK1RNR
jn/Gk/2lOg+MFrhj/kxHRl4KSDZy9k8W4APQhBpZ4CWECV9CgZLtBk6GEPa9Wi9x
oD/toAuzYDrSOURHqStrHkfF4IEeivuowYvoRAVPXkkXjTbQ
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:50:20 2024 by rpki-client on console-ams.rpki-client.org