Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CgcNjjoV_V7Y6fefFwx8-6aeRD0.cer
File:                     CgcNjjoV_V7Y6fefFwx8-6aeRD0.cer (raw, json)
Hash identifier:          lFIPXDIhw67PpuzkizvYnhMBhE88Jr8uki3VNjdNjes=
Subject key identifier:   0A:07:0D:8E:3A:15:FD:5E:D8:E9:F7:9F:17:0C:7C:FB:A6:9E:44:3D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01DF39
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9182FE1/0375AE6A248111EAB59B5426C4F9AE02/CgcNjjoV_V7Y6fefFwx8-6aeRD0.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9182FE1/0375AE6A248111EAB59B5426C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 16 Feb 2024 16:00:47 +0000
Certificate not after:    Tue 30 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 135370
                          AS: 138533
                          AS: 150346
                          IP: 103.215.176.0/23
                          IP: 2405:4240::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 06:56:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122681 (0x1df39)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb 16 16:00:47 2024 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=A9182FE1/serialNumber=0A070D8E3A15FD5ED8E9F79F170C7CFBA69E443D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:0f:70:f5:11:85:48:86:2d:f6:66:4f:d6:d8:
                    03:d0:c1:48:3f:12:d7:b7:0b:a7:7d:d1:c2:3e:cf:
                    60:d1:61:eb:73:e7:55:1c:d2:24:50:ba:2d:a9:f4:
                    45:66:5f:24:16:2a:78:a3:b2:ba:8c:6c:34:05:7e:
                    7a:90:e7:d6:f0:17:20:4d:c9:a2:33:5f:bd:4b:6f:
                    7f:9c:53:d9:cd:0b:97:3d:50:91:8f:8a:7f:73:2b:
                    e6:e4:ff:81:a0:2c:51:ba:3a:ba:28:63:d5:dc:ed:
                    55:e2:b2:cc:0a:24:87:6f:84:a2:58:9e:6a:b8:a5:
                    81:df:92:cd:7e:f3:70:11:c0:25:af:f4:73:13:39:
                    d1:8a:d0:4a:ac:aa:8f:4f:7c:ab:a7:46:aa:9b:2f:
                    24:7c:63:25:d4:e9:3e:87:5d:37:40:91:b7:cd:7a:
                    4d:31:7d:24:1b:10:34:85:98:fc:47:0c:06:1a:b8:
                    68:35:98:09:6c:ba:3e:c6:d2:db:12:50:50:7e:3a:
                    0e:9b:a7:a1:49:d8:5d:e4:a3:a9:9a:c8:6b:54:c6:
                    60:19:d5:3b:d9:31:7b:15:29:42:0a:c7:1b:da:19:
                    04:7b:39:62:ef:b1:49:dc:f8:bf:1a:ac:72:e2:bc:
                    96:f3:90:f8:72:29:06:41:8f:2b:19:a7:20:23:1a:
                    b1:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:07:0D:8E:3A:15:FD:5E:D8:E9:F7:9F:17:0C:7C:FB:A6:9E:44:3D
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9182FE1/0375AE6A248111EAB59B5426C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9182FE1/0375AE6A248111EAB59B5426C4F9AE02/CgcNjjoV_V7Y6fefFwx8-6aeRD0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  135370
                  138533
                  150346

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.215.176.0/23
                IPv6:
                  2405:4240::/32

    Signature Algorithm: sha256WithRSAEncryption
         6e:7a:61:3d:53:8b:68:ce:22:32:1e:8f:9b:9a:5a:76:5f:d8:
         0b:ed:f7:ad:74:38:ed:68:f4:4a:60:b7:7d:39:d5:70:58:77:
         59:7b:05:d5:e2:56:c0:88:d7:de:33:54:4b:4d:82:99:92:c4:
         88:53:af:6d:e9:a4:c3:e8:29:46:c6:99:16:71:45:23:ad:f5:
         09:30:a0:a4:33:98:34:54:08:cf:7d:ea:ff:f1:72:af:ee:fd:
         25:78:cc:0e:cd:39:86:e9:c2:0d:b0:03:99:8e:3b:d4:3e:f3:
         f6:8a:c2:fb:c3:83:d6:64:6f:63:29:68:45:d2:d5:e3:4c:03:
         16:a6:7f:a4:22:f5:4c:76:bf:57:1d:0e:34:b3:5e:26:17:21:
         6c:34:4a:d9:13:2f:eb:38:44:84:07:3f:95:5e:c6:0a:e8:b0:
         87:d7:cc:3c:6c:07:78:b5:7a:95:76:49:0b:d5:dc:e8:f9:a0:
         43:27:9b:43:cc:fc:96:a3:1e:32:b1:5a:36:35:41:c8:93:b2:
         b9:8f:5d:23:59:ef:fe:9f:0f:3c:1e:a3:80:53:72:9e:05:ab:
         2f:ac:13:f8:d7:7a:4c:21:5b:3f:0d:e8:b6:f0:b5:91:de:cc:
         dc:55:3b:f8:41:48:6d:8d:4a:df:3f:a4:29:b2:ed:3e:8d:f5:
         98:ee:d8:0b
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgIDAd85MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIxNjE2MDA0N1oXDTI0MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxODJGRTExMTAvBgNVBAUTKDBBMDcwRDhFM0ExNUZENUVEOEU5Rjc5
RjE3MEM3Q0ZCQTY5RTQ0M0QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDWD3D1EYVIhi32Zk/W2APQwUg/Ete3C6d90cI+z2DRYetz51Uc0iRQui2p9EVm
XyQWKnijsrqMbDQFfnqQ59bwFyBNyaIzX71Lb3+cU9nNC5c9UJGPin9zK+bk/4Gg
LFG6OrooY9Xc7VXisswKJIdvhKJYnmq4pYHfks1+83ARwCWv9HMTOdGK0Eqsqo9P
fKunRqqbLyR8YyXU6T6HXTdAkbfNek0xfSQbEDSFmPxHDAYauGg1mAlsuj7G0tsS
UFB+Og6bp6FJ2F3ko6mayGtUxmAZ1TvZMXsVKUIKxxvaGQR7OWLvsUnc+L8arHLi
vJbzkPhyKQZBjysZpyAjGrGjAgMBAAGjggMoMIIDJDAdBgNVHQ4EFgQUCgcNjjoV
/V7Y6fefFwx8+6aeRD0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTgyRkUxLzAzNzVBRTZBMjQ4MTExRUFCNTlCNTQyNkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4MkZFMS8wMzc1QUU2QTI0ODExMUVBQjU5QjU0MjZDNEY5QUUwMi9DZ2NOampv
Vl9WN1k2ZmVmRnd4OC02YWVSRDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQgBAf8EFTAT
oBEwDwIDAhDKAgMCHSUCAwJLSjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgME
AWfXsDANBAIAAjAHAwUAJAVCQDANBgkqhkiG9w0BAQsFAAOCAQEAbnphPVOLaM4i
Mh6Pm5padl/YC+33rXQ47Wj0SmC3fTnVcFh3WXsF1eJWwIjX3jNUS02CmZLEiFOv
bemkw+gpRsaZFnFFI631CTCgpDOYNFQIz33q//Fyr+79JXjMDs05hunCDbADmY47
1D7z9orC+8OD1mRvYyloRdLV40wDFqZ/pCL1THa/Vx0ONLNeJhchbDRK2RMv6zhE
hAc/lV7GCuiwh9fMPGwHeLV6lXZJC9Xc6PmgQyebQ8z8lqMeMrFaNjVByJOyuY9d
I1nv/p8PPB6jgFNyngWrL6wT+Nd6TCFbPw3otvC1kd7M3FU7+EFIbY1K3z+kKbLt
Po31mO7YCw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:40:20 2024 by rpki-client on console-fra.rpki-client.org