Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQIPvxAg_WO-V9oblwSwqoEDREo.cer
File:                     BQIPvxAg_WO-V9oblwSwqoEDREo.cer (raw, json)
Hash identifier:          QkssunudsdzK7teJCRUbMNxf396VumHd5MshaGxV+rQ=
Subject key identifier:   05:02:0F:BF:10:20:FD:63:BE:57:DA:1B:97:04:B0:AA:81:03:44:4A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       020DF3
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/BQIPvxAg_WO-V9oblwSwqoEDREo.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 17 Sep 2024 14:01:00 +0000
Certificate not after:    Fri 31 Oct 2025 00:00:00 +0000
Subordinate resources:    AS: 63526
                          IP: 45.125.220.0/22
                          IP: 103.239.252.0/22
                          IP: 2404:4580::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 134643 (0x20df3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Sep 17 14:01:00 2024 GMT
            Not After : Oct 31 00:00:00 2025 GMT
        Subject: CN=A914A140/serialNumber=05020FBF1020FD63BE57DA1B9704B0AA8103444A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:02:6f:79:ec:f8:5e:50:23:60:aa:59:9f:ad:
                    f4:12:62:e8:cb:43:c3:45:8a:99:4b:a8:d4:ee:b4:
                    79:f5:7b:08:0a:fe:0a:cd:94:ee:fe:a0:c2:28:2e:
                    d8:dc:eb:77:34:0f:01:2d:b6:98:e6:99:2d:a4:e2:
                    4e:e9:a6:10:b7:e7:0a:c3:bc:fc:4d:e3:7d:71:41:
                    4b:74:c7:83:ca:f7:28:a8:ba:c9:de:f8:1d:1a:99:
                    96:a3:5c:61:3a:08:4f:5c:ea:f3:c9:aa:5f:27:43:
                    d2:ad:24:7d:a3:65:14:a9:a3:fa:ee:51:a2:95:72:
                    e8:c7:c4:31:ed:e7:81:a6:14:b9:82:4d:fb:1f:48:
                    d2:6b:9b:65:fd:24:b5:df:44:76:cf:b4:c8:55:21:
                    06:33:23:c1:28:70:a9:08:ca:fd:5a:01:a7:ac:d8:
                    19:4f:a5:97:bf:4e:c4:1e:dd:8c:a1:ec:65:42:81:
                    95:ee:d2:e9:16:55:15:19:8e:12:d4:e0:df:ef:af:
                    9d:45:1c:38:a6:81:16:d0:67:a6:cb:7c:51:d7:3f:
                    77:e7:95:fe:84:72:31:85:7d:21:52:b9:94:ce:7d:
                    b3:03:78:f7:15:c3:b6:92:d4:ac:84:90:f4:ec:ef:
                    b4:c4:9c:5d:b4:ad:2b:7d:33:fc:91:a6:ac:55:81:
                    a7:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:02:0F:BF:10:20:FD:63:BE:57:DA:1B:97:04:B0:AA:81:03:44:4A
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A914A140/CC1DCCE8C77411E69816B068C4F9AE02/BQIPvxAg_WO-V9oblwSwqoEDREo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  63526

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.125.220.0/22
                  103.239.252.0/22
                IPv6:
                  2404:4580::/32

    Signature Algorithm: sha256WithRSAEncryption
         cd:dd:94:f2:75:08:0d:92:a8:f9:ba:d6:8d:9b:f1:7a:1f:bc:
         51:db:5c:a6:5d:16:6c:b2:5e:df:4f:27:de:9d:2b:a6:fa:8c:
         ee:03:e0:fb:fa:0a:f1:6b:fe:9b:f4:84:a5:b1:c5:04:59:29:
         2d:af:55:83:fe:f8:fc:c5:4d:f3:44:14:c3:ea:1f:e9:86:f9:
         23:aa:22:98:47:1e:3b:9b:48:06:d5:e3:a1:d2:c3:e8:a2:10:
         f1:2c:16:fc:34:75:1d:8e:bb:a0:e7:ff:4e:68:b2:4d:33:64:
         7b:b9:5e:81:41:bf:b3:00:42:8a:27:95:da:21:83:02:08:cf:
         44:ba:bd:f6:93:d0:46:02:c8:28:06:56:3e:9e:13:07:c2:27:
         64:ff:a5:ee:71:20:58:48:93:05:87:b4:3d:a9:7d:6b:00:3d:
         42:3f:7e:79:72:b6:65:a4:2a:63:39:b9:35:ba:c7:05:b5:b1:
         dd:96:7b:2a:2d:b3:5d:d9:c4:2b:c7:6b:7d:6f:52:6f:f0:42:
         24:4c:3a:61:c3:51:4d:11:4b:25:b0:d9:e1:5d:29:c4:5c:ad:
         bb:81:05:87:d1:77:62:3d:30:11:f7:ef:77:5c:a4:46:69:e9:
         cc:9a:f5:3b:3b:c6:18:d3:a1:32:71:ba:7a:e3:78:37:16:8e:
         a1:83:0c:cf
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAg3zMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDkxNzE0MDEwMFoXDTI1MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNEExNDAxMTAvBgNVBAUTKDA1MDIwRkJGMTAyMEZENjNCRTU3REEx
Qjk3MDRCMEFBODEwMzQ0NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDxAm957PheUCNgqlmfrfQSYujLQ8NFiplLqNTutHn1ewgK/grNlO7+oMIoLtjc
63c0DwEttpjmmS2k4k7pphC35wrDvPxN431xQUt0x4PK9yiousne+B0amZajXGE6
CE9c6vPJql8nQ9KtJH2jZRSpo/ruUaKVcujHxDHt54GmFLmCTfsfSNJrm2X9JLXf
RHbPtMhVIQYzI8EocKkIyv1aAaes2BlPpZe/TsQe3Yyh7GVCgZXu0ukWVRUZjhLU
4N/vr51FHDimgRbQZ6bLfFHXP3fnlf6EcjGFfSFSuZTOfbMDePcVw7aS1KyEkPTs
77TEnF20rSt9M/yRpqxVgadlAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUBQIPvxAg
/WO+V9oblwSwqoEDREowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTRBMTQwL0NDMURDQ0U4Qzc3NDExRTY5ODE2QjA2OEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0QTE0MC9DQzFEQ0NFOEM3NzQxMUU2OTgxNkIwNjhDNEY5QUUwMi9CUUlQdnhB
Z19XTy1WOW9ibHdTd3FvRURSRW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAPgmMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLX3cAwQCZ+/8
MA0EAgACMAcDBQAkBEWAMA0GCSqGSIb3DQEBCwUAA4IBAQDN3ZTydQgNkqj5utaN
m/F6H7xR21ymXRZssl7fTyfenSum+ozuA+D7+grxa/6b9ISlscUEWSktr1WD/vj8
xU3zRBTD6h/phvkjqiKYRx47m0gG1eOh0sPoohDxLBb8NHUdjrug5/9OaLJNM2R7
uV6BQb+zAEKKJ5XaIYMCCM9Eur32k9BGAsgoBlY+nhMHwidk/6XucSBYSJMFh7Q9
qX1rAD1CP355crZlpCpjObk1uscFtbHdlnsqLbNd2cQrx2t9b1Jv8EIkTDphw1FN
EUslsNnhXSnEXK27gQWH0XdiPTAR9+93XKRGaenMmvU7O8YY06Eycbp643g3Fo6h
gwzP
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:15 2024 by rpki-client on console-fra.rpki-client.org