Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F5SMh3nFnmXK_OLv3LHLUJEThEw.cer
File:                     F5SMh3nFnmXK_OLv3LHLUJEThEw.cer (raw, json)
Hash identifier:          /mIKoGvLlEgvBXHvnIrc1TXBgl9e087/2iHkm5sN3d0=
Subject key identifier:   17:94:8C:87:79:C5:9E:65:CA:FC:E2:EF:DC:B1:CB:50:91:13:84:4C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C209
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A915FC0B/BEE7558045B011EBA3696D63C4F9AE02/F5SMh3nFnmXK_OLv3LHLUJEThEw.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A915FC0B/BEE7558045B011EBA3696D63C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 04 Oct 2023 16:00:31 +0000
Certificate not after:    Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 139668
                          IP: 103.143.91.0/24
                          IP: 103.177.19.0/24
                          IP: 2001:df0:20c0::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 18:26:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 115209 (0x1c209)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct  4 16:00:31 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=A915FC0B/serialNumber=17948C8779C59E65CAFCE2EFDCB1CB509113844C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:34:8b:e9:cd:77:81:d2:66:32:31:b8:8f:cd:
                    e8:b0:54:09:97:97:d0:b2:97:02:72:2a:e5:65:78:
                    4b:58:5c:35:51:1f:d1:66:b8:9e:d0:d5:56:64:98:
                    7f:0e:df:ad:df:31:26:63:8b:e8:41:fd:6e:37:31:
                    41:8b:be:3f:8f:1e:1a:3b:26:c6:09:db:3f:9d:bd:
                    0a:1d:88:96:c8:c7:04:f5:26:8d:42:d3:b6:89:e0:
                    c9:cd:ca:f9:a6:4a:fc:dd:fc:eb:eb:0f:c4:fa:9b:
                    b1:c6:1e:19:03:47:8c:80:e6:e2:b2:ab:2b:96:01:
                    29:b0:61:40:90:45:31:65:64:5d:3f:7c:2b:2d:16:
                    c2:0d:b4:d5:ba:91:d5:08:8a:6a:f2:31:1a:43:91:
                    ad:4c:c2:70:05:79:bc:d4:61:26:af:43:1b:4f:50:
                    96:0b:13:73:98:e4:d9:d7:02:e4:55:4e:b5:ff:fd:
                    7d:ff:41:56:75:ca:1c:80:62:39:8b:0f:1a:ba:d1:
                    c2:a3:5e:de:54:17:a1:f0:48:c3:b7:26:4f:cc:32:
                    3c:cf:eb:12:5f:bb:01:11:6b:bd:98:2a:fa:73:71:
                    5b:c4:bd:af:86:2a:2a:2f:f9:ac:c7:5d:4b:23:71:
                    77:e6:b9:fa:db:a9:3a:b4:2c:fb:8f:f2:e0:2a:56:
                    35:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:94:8C:87:79:C5:9E:65:CA:FC:E2:EF:DC:B1:CB:50:91:13:84:4C
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A915FC0B/BEE7558045B011EBA3696D63C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A915FC0B/BEE7558045B011EBA3696D63C4F9AE02/F5SMh3nFnmXK_OLv3LHLUJEThEw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  139668

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.143.91.0/24
                  103.177.19.0/24
                IPv6:
                  2001:df0:20c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         c3:8a:5c:3b:b4:a3:08:8f:e8:20:6a:bb:04:a5:42:e7:04:4a:
         91:ac:47:40:38:5a:38:b6:d7:3b:b1:36:5c:2d:c9:b3:52:3b:
         5d:1b:f5:95:8b:5b:78:90:b2:d2:d9:06:70:62:35:74:6b:a4:
         11:60:b3:73:53:ce:bd:65:c7:f7:96:1d:05:7a:5a:5d:62:3b:
         c2:a3:15:2d:23:f1:92:c4:ea:24:32:45:3c:7b:bc:c4:2d:4f:
         fb:1d:29:6f:d0:6a:9d:b2:24:cb:ad:67:3f:33:3a:8c:8d:9c:
         ca:a2:fd:c6:79:cf:4f:02:4b:54:79:6a:05:8e:a0:d5:c0:7b:
         07:a4:0f:4f:75:38:be:85:52:82:c9:3e:e9:c8:99:c0:af:e3:
         a7:a3:07:93:89:ef:09:ca:35:03:df:ee:cb:6c:19:02:14:6d:
         98:3f:6b:06:74:53:18:4f:c9:2e:4a:e2:43:52:86:28:cb:fa:
         39:d9:14:35:92:fa:68:6f:03:5a:f4:26:8c:c9:fc:20:9b:88:
         94:45:a8:d9:9c:93:0b:28:17:de:eb:ed:f4:f7:c3:ed:db:f4:
         2a:18:ef:ef:93:25:2f:f6:c8:2e:24:5f:6f:b6:e9:57:6d:74:
         d6:e7:3b:83:52:8f:87:54:6d:68:ba:12:a3:d6:35:a0:03:40:
         8b:f4:56:ec
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIDAcIJMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAwNDE2MDAzMVoXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNUZDMEIxMTAvBgNVBAUTKDE3OTQ4Qzg3NzlDNTlFNjVDQUZDRTJF
RkRDQjFDQjUwOTExMzg0NEMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDeNIvpzXeB0mYyMbiPzeiwVAmXl9CylwJyKuVleEtYXDVRH9FmuJ7Q1VZkmH8O
363fMSZji+hB/W43MUGLvj+PHho7JsYJ2z+dvQodiJbIxwT1Jo1C07aJ4MnNyvmm
Svzd/OvrD8T6m7HGHhkDR4yA5uKyqyuWASmwYUCQRTFlZF0/fCstFsINtNW6kdUI
imryMRpDka1MwnAFebzUYSavQxtPUJYLE3OY5NnXAuRVTrX//X3/QVZ1yhyAYjmL
Dxq60cKjXt5UF6HwSMO3Jk/MMjzP6xJfuwERa72YKvpzcVvEva+GKiov+azHXUsj
cXfmufrbqTq0LPuP8uAqVjXxAgMBAAGjggMmMIIDIjAdBgNVHQ4EFgQUF5SMh3nF
nmXK/OLv3LHLUJEThEwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTVGQzBCL0JFRTc1NTgwNDVCMDExRUJBMzY5NkQ2M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1RkMwQi9CRUU3NTU4MDQ1QjAxMUVCQTM2OTZENjNDNEY5QUUwMi9GNVNNaDNu
Rm5tWEtfT0x2M0xITFVKRVRoRXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiGUMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAZ49bAwQAZ7ET
MA8EAgACMAkDBwAgAQ3wIMAwDQYJKoZIhvcNAQELBQADggEBAMOKXDu0owiP6CBq
uwSlQucESpGsR0A4Wji21zuxNlwtybNSO10b9ZWLW3iQstLZBnBiNXRrpBFgs3NT
zr1lx/eWHQV6Wl1iO8KjFS0j8ZLE6iQyRTx7vMQtT/sdKW/Qap2yJMutZz8zOoyN
nMqi/cZ5z08CS1R5agWOoNXAewekD091OL6FUoLJPunImcCv46ejB5OJ7wnKNQPf
7stsGQIUbZg/awZ0UxhPyS5K4kNShijL+jnZFDWS+mhvA1r0JozJ/CCbiJRFqNmc
kwsoF97r7fT3w+3b9CoY7++TJS/2yC4kX2+26VdtdNbnO4NSj4dUbWi6EqPWNaAD
QIv0Vuw=
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:44:41 2024 by rpki-client on console-fra.rpki-client.org