Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DOpooCxSn4h1LGQt4NL--fXXoUo.cer
File:                     DOpooCxSn4h1LGQt4NL--fXXoUo.cer (raw, json)
Hash identifier:          IsSoEirRSEMt4ezCmaQAduRh0YFoXrGVIbia/l8NKJk=
Subject key identifier:   0C:EA:68:A0:2C:52:9F:88:75:2C:64:2D:E0:D2:FE:F9:F5:D7:A1:4A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CA46
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A913025C/AC0558265E2511EBAB29892AC4F9AE02/DOpooCxSn4h1LGQt4NL--fXXoUo.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A913025C/AC0558265E2511EBAB29892AC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 10 Nov 2023 13:49:05 +0000
Certificate not after:    Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources:    IP: 45.127.112.0/22
                          IP: 103.196.36.0/22
                          IP: 2402:e580::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 06:56:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117318 (0x1ca46)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov 10 13:49:05 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=A913025C/serialNumber=0CEA68A02C529F88752C642DE0D2FEF9F5D7A14A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:1d:d5:28:c6:49:2c:93:6b:32:d8:5a:90:ce:
                    46:3f:c9:41:cb:c1:a3:d0:1a:a5:1f:e7:ac:d1:59:
                    91:81:e6:1c:ae:dd:5a:61:28:37:3d:75:1e:9a:4e:
                    f4:e8:1d:8e:6e:58:af:9d:aa:fe:38:4a:7f:9e:0f:
                    95:23:35:aa:e2:66:01:b0:0d:3b:08:2f:8a:3c:9c:
                    a9:aa:e0:64:8d:73:20:5b:c7:0b:1f:95:b1:ca:c4:
                    6c:10:73:4e:f8:09:fa:de:19:fc:32:a0:0d:15:f6:
                    ae:49:68:46:7a:4d:56:74:28:6b:a7:a7:78:cc:6e:
                    0a:5e:20:0b:3f:5b:76:63:c2:29:7e:32:a6:38:30:
                    fc:98:04:19:ad:aa:d2:ad:4f:2e:4e:7f:26:51:a0:
                    dc:a4:38:c7:b8:19:52:6a:28:ab:49:d9:95:0a:28:
                    18:36:84:6d:b2:27:61:dd:4e:c8:d5:38:8a:c0:e3:
                    42:e9:b9:8f:a3:2a:fb:eb:a2:e3:f7:ca:17:83:ec:
                    80:d9:93:6e:f6:a7:d7:66:b7:cd:35:91:9e:90:b7:
                    e1:a4:c3:09:48:3a:8f:b7:c3:59:ae:fd:0b:6e:0e:
                    f7:00:2c:12:05:fc:c1:56:23:9e:54:42:ef:2d:e5:
                    8e:38:15:f4:81:14:3c:81:04:34:64:41:3a:54:25:
                    bb:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:EA:68:A0:2C:52:9F:88:75:2C:64:2D:E0:D2:FE:F9:F5:D7:A1:4A
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913025C/AC0558265E2511EBAB29892AC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913025C/AC0558265E2511EBAB29892AC4F9AE02/DOpooCxSn4h1LGQt4NL--fXXoUo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.127.112.0/22
                  103.196.36.0/22
                IPv6:
                  2402:e580::/32

    Signature Algorithm: sha256WithRSAEncryption
         8c:5b:e6:82:36:eb:0d:8a:ce:f5:34:64:cc:b5:a5:46:27:62:
         2c:db:e1:d9:9b:c5:e8:f5:3c:a7:a9:06:af:0f:ce:91:8d:2f:
         ff:9d:f4:07:55:ba:2a:c5:5d:a2:dd:14:2d:d3:bc:8a:1a:90:
         db:ab:ac:9a:33:c3:0f:e0:21:4e:fc:78:94:f8:e2:0c:94:20:
         46:77:58:b6:87:9b:b2:2f:34:b4:10:9d:39:f7:52:1f:41:68:
         a0:c5:97:9d:8e:56:d3:d5:ec:e9:8d:e3:10:3d:d8:6b:ab:a0:
         5b:f6:36:0c:42:8e:4e:6b:18:72:97:17:c7:1c:ef:43:00:a7:
         68:37:19:6d:5c:49:e6:4a:2e:3b:e9:b4:d2:ab:f6:73:9f:77:
         54:c9:b8:96:27:e2:97:cf:4e:bc:90:f9:4f:d0:37:65:65:c2:
         cb:6e:6a:fd:dc:00:97:21:16:d8:b8:fd:20:82:30:d8:59:ec:
         4a:15:d8:f8:61:25:8c:1f:98:89:09:7c:e8:68:37:e6:79:58:
         dc:eb:55:90:6a:4a:95:14:81:6b:78:ba:6f:6f:1d:e8:92:a4:
         d1:35:db:ae:55:8a:02:0b:84:b6:34:89:7d:56:77:b1:d2:5e:
         8c:26:51:89:f4:18:83:16:f4:31:d5:e4:1d:6f:a9:62:6a:f9:
         2a:41:23:56
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgIDAcpGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTExMDEzNDkwNVoXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzAyNUMxMTAvBgNVBAUTKDBDRUE2OEEwMkM1MjlGODg3NTJDNjQy
REUwRDJGRUY5RjVEN0ExNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDPHdUoxkksk2sy2FqQzkY/yUHLwaPQGqUf56zRWZGB5hyu3VphKDc9dR6aTvTo
HY5uWK+dqv44Sn+eD5UjNariZgGwDTsIL4o8nKmq4GSNcyBbxwsflbHKxGwQc074
CfreGfwyoA0V9q5JaEZ6TVZ0KGunp3jMbgpeIAs/W3Zjwil+MqY4MPyYBBmtqtKt
Ty5OfyZRoNykOMe4GVJqKKtJ2ZUKKBg2hG2yJ2HdTsjVOIrA40LpuY+jKvvrouP3
yheD7IDZk272p9dmt801kZ6Qt+GkwwlIOo+3w1mu/QtuDvcALBIF/MFWI55UQu8t
5Y44FfSBFDyBBDRkQTpUJbvTAgMBAAGjggMIMIIDBDAdBgNVHQ4EFgQUDOpooCxS
n4h1LGQt4NL++fXXoUowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTMwMjVDL0FDMDU1ODI2NUUyNTExRUJBQjI5ODkyQUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzMDI1Qy9BQzA1NTgyNjVFMjUxMUVCQUIyOTg5MkFDNEY5QUUwMi9ET3Bvb0N4
U240aDFMR1F0NE5MLS1mWFhvVW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8EJTAj
MBIEAgABMAwDBAItf3ADBAJnxCQwDQQCAAIwBwMFACQC5YAwDQYJKoZIhvcNAQEL
BQADggEBAIxb5oI26w2KzvU0ZMy1pUYnYizb4dmbxej1PKepBq8PzpGNL/+d9AdV
uirFXaLdFC3TvIoakNurrJozww/gIU78eJT44gyUIEZ3WLaHm7IvNLQQnTn3Uh9B
aKDFl52OVtPV7OmN4xA92GuroFv2NgxCjk5rGHKXF8cc70MAp2g3GW1cSeZKLjvp
tNKr9nOfd1TJuJYn4pfPTryQ+U/QN2Vlwstuav3cAJchFti4/SCCMNhZ7EoV2Phh
JYwfmIkJfOhoN+Z5WNzrVZBqSpUUgWt4um9vHeiSpNE1265VigILhLY0iX1Wd7HS
XowmUYn0GIMW9DHV5B1vqWJq+SpBI1Y=
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:16:32 2024 by rpki-client on console-ams.rpki-client.org