Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CeskiT_4OKrchy_8N1hCf2rsIXI.cer
File:                     CeskiT_4OKrchy_8N1hCf2rsIXI.cer (raw, json)
Hash identifier:          QoRI6ZGC+4AxIAoV7TbNZpN/HAfB/utksJdbsDCpvuk=
Subject key identifier:   09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01BEA3
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 20 Sep 2023 17:24:17 +0000
Certificate not after:    Thu 31 Oct 2024 00:00:00 +0000
Subordinate resources:    AS: 142605
                          IP: 103.170.204.0/23
                          IP: 2001:df7:2780::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 13:06:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 114339 (0x1bea3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Sep 20 17:24:17 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=A918F7A1/serialNumber=09EB24893FF838AADC872FFC3758427F6AEC2172
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:65:31:8d:14:c0:d8:28:88:81:a5:71:b3:57:
                    20:9d:c3:5e:6a:a5:88:38:5c:5e:c5:49:89:4d:71:
                    1a:cb:1e:19:b7:c0:88:80:31:c7:f0:88:02:d3:80:
                    3e:6f:86:9f:3d:37:f6:48:12:49:b1:70:ab:d7:7d:
                    dc:6d:92:44:84:0f:62:56:eb:5b:33:6c:62:b6:7a:
                    e2:77:d4:62:97:ba:7c:55:b3:27:7a:1f:51:27:2d:
                    71:88:9b:61:f4:67:18:69:cc:8d:40:a8:c9:c0:84:
                    5e:ab:4b:82:b1:a8:32:13:e8:37:f4:0d:0f:75:15:
                    3a:e5:ef:c4:b5:48:3a:ac:72:94:d7:ce:a3:86:d5:
                    0e:ce:89:64:98:13:a7:3c:c7:9c:2a:1a:19:91:8c:
                    86:21:56:84:95:7f:72:12:b1:b5:85:68:97:64:21:
                    e3:30:87:ff:14:2b:9e:55:52:94:d9:7b:a3:55:8e:
                    f9:70:ad:52:63:10:48:96:14:64:90:5c:ad:82:c4:
                    ee:36:27:1f:60:49:e5:2d:de:6b:86:36:e3:1f:60:
                    fe:f5:7a:47:cb:a2:c3:24:3d:34:69:ac:ea:6e:7d:
                    1b:75:f0:c3:23:3f:bd:10:c4:ab:35:fa:17:df:8d:
                    01:e9:07:59:10:c5:57:e2:43:93:fa:18:6d:f7:ff:
                    0b:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:EB:24:89:3F:F8:38:AA:DC:87:2F:FC:37:58:42:7F:6A:EC:21:72
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918F7A1/91E8E284F43711EBB5D5691CC4F9AE02/CeskiT_4OKrchy_8N1hCf2rsIXI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  142605

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.170.204.0/23
                IPv6:
                  2001:df7:2780::/48

    Signature Algorithm: sha256WithRSAEncryption
         7b:68:ef:63:33:d4:69:e9:8f:c8:9b:c0:14:2f:ab:03:c6:13:
         24:b7:ad:6e:57:37:4b:27:d8:43:ca:19:9c:82:76:d1:a4:65:
         a0:e5:5f:92:18:05:63:e6:5f:1a:d1:66:69:f9:40:02:b9:cf:
         41:39:39:a4:31:11:cd:f5:93:a0:dc:6a:e6:66:9c:6b:67:f5:
         42:d5:44:4e:fb:93:2d:90:50:93:42:db:96:80:1f:17:83:87:
         60:cb:bb:e5:f4:19:c8:ff:0e:e6:a8:2d:b2:e5:be:e0:f6:28:
         7c:a4:19:57:b7:af:46:a4:d6:8e:92:0e:fe:e9:95:4c:4c:5c:
         89:5f:7f:bc:5f:b9:37:55:63:e6:b2:d6:7e:2f:e3:75:fe:d0:
         13:d4:df:47:d4:f0:f5:9b:c9:21:a3:28:58:01:eb:95:6b:06:
         d6:a1:bd:de:00:c2:f6:0b:c2:f0:7a:d7:39:c9:11:6c:a9:31:
         68:74:a1:fe:80:7c:3b:59:f6:b8:8b:35:8a:de:24:40:03:2c:
         cf:11:db:9e:23:75:ca:60:c3:ea:0a:85:66:4b:30:58:d2:ca:
         24:bd:da:5b:17:70:d2:a3:ff:1b:9a:b8:14:e9:42:2f:24:35:
         10:b4:e5:52:cd:af:7e:8a:a0:ac:a9:04:44:c5:b9:37:af:e3:
         69:65:84:cc
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAb6jMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDkyMDE3MjQxN1oXDTI0MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOEY3QTExMTAvBgNVBAUTKDA5RUIyNDg5M0ZGODM4QUFEQzg3MkZG
QzM3NTg0MjdGNkFFQzIxNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCqZTGNFMDYKIiBpXGzVyCdw15qpYg4XF7FSYlNcRrLHhm3wIiAMcfwiALTgD5v
hp89N/ZIEkmxcKvXfdxtkkSED2JW61szbGK2euJ31GKXunxVsyd6H1EnLXGIm2H0
ZxhpzI1AqMnAhF6rS4KxqDIT6Df0DQ91FTrl78S1SDqscpTXzqOG1Q7OiWSYE6c8
x5wqGhmRjIYhVoSVf3ISsbWFaJdkIeMwh/8UK55VUpTZe6NVjvlwrVJjEEiWFGSQ
XK2CxO42Jx9gSeUt3muGNuMfYP71ekfLosMkPTRprOpufRt18MMjP70QxKs1+hff
jQHpB1kQxVfiQ5P6GG33/wuPAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUCeskiT/4
OKrchy/8N1hCf2rsIXIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThGN0ExLzkxRThFMjg0RjQzNzExRUJCNUQ1NjkxQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4RjdBMS85MUU4RTI4NEY0MzcxMUVCQjVENTY5MUNDNEY5QUUwMi9DZXNraVRf
NE9LcmNoeV84TjFoQ2YycnNJWEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAi0NMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ6rMMA8EAgAC
MAkDBwAgAQ33J4AwDQYJKoZIhvcNAQELBQADggEBAHto72Mz1Gnpj8ibwBQvqwPG
EyS3rW5XN0sn2EPKGZyCdtGkZaDlX5IYBWPmXxrRZmn5QAK5z0E5OaQxEc31k6Dc
auZmnGtn9ULVRE77ky2QUJNC25aAHxeDh2DLu+X0Gcj/DuaoLbLlvuD2KHykGVe3
r0ak1o6SDv7plUxMXIlff7xfuTdVY+ay1n4v43X+0BPU30fU8PWbySGjKFgB65Vr
Btahvd4AwvYLwvB61znJEWypMWh0of6AfDtZ9riLNYreJEADLM8R254jdcpgw+oK
hWZLMFjSyiS92lsXcNKj/xuauBTpQi8kNRC05VLNr36KoKypBETFuTev42llhMw=
-----END CERTIFICATE-----
Generated at Thu Mar 28 14:07:39 2024 by rpki-client on console-fra.rpki-client.org