Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F_RkaDqcrP_uOS3atV7AQQwpaqE.cer
File:                     F_RkaDqcrP_uOS3atV7AQQwpaqE.cer (raw, json)
Hash identifier:          scoNJjmrZp1BcpJOPhnuoagb7MgT9yPxvRQRkSVxxmo=
Subject key identifier:   17:F4:64:68:3A:9C:AC:FF:EE:39:2D:DA:B5:5E:C0:41:0C:29:6A:A1
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01DB51
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A911549E/B225B19C7CCD11ED9F8E0B2FC4F9AE02/F_RkaDqcrP_uOS3atV7AQQwpaqE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A911549E/B225B19C7CCD11ED9F8E0B2FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 30 Jan 2024 12:31:13 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 133607
                          AS: 149052
                          IP: 103.51.100.0/23
                          IP: 103.232.226.0/23
                          IP: 2401:1aa0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121681 (0x1db51)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan 30 12:31:13 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A911549E/serialNumber=17F464683A9CACFFEE392DDAB55EC0410C296AA1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:c7:3d:34:e3:6d:42:ce:ae:5f:55:6f:ba:05:
                    6d:79:47:ab:ff:ec:37:70:0f:74:69:29:77:22:57:
                    c2:8a:74:e4:3f:06:ab:05:21:ac:94:9b:1c:7e:f8:
                    f7:ab:e7:70:8f:3d:6c:aa:73:7b:36:e5:6d:76:2c:
                    2a:b9:60:b3:e5:eb:52:58:30:e7:70:55:29:47:af:
                    7d:2c:3e:2e:42:ef:c4:b4:f2:e2:10:15:05:df:27:
                    37:e9:cf:15:f6:a4:5e:f9:b5:0b:f4:83:05:13:8c:
                    e3:30:36:cd:6d:ab:85:bb:e4:9c:67:44:c4:09:fa:
                    1c:67:2d:b8:61:cb:81:b7:7b:34:db:fb:44:b1:6e:
                    00:be:4b:35:d9:61:94:18:00:84:73:a8:da:57:e5:
                    a6:a6:b5:12:35:9d:44:70:60:e9:ee:4e:bc:26:0e:
                    53:4c:9e:04:32:d4:dd:21:5f:9f:d0:4a:fe:bc:a5:
                    d8:1f:64:2d:b0:f7:c6:21:34:6d:9d:80:78:51:5b:
                    87:4b:5e:ca:7c:07:77:9f:bc:ed:f5:f1:2c:c6:40:
                    62:13:63:0a:df:1c:e1:11:ff:59:9e:80:ac:02:04:
                    23:0e:c3:cf:84:d3:7d:17:d7:2b:95:05:a2:2d:90:
                    f3:d3:f3:ce:5d:18:8c:53:bb:eb:91:56:4d:5c:d0:
                    44:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:F4:64:68:3A:9C:AC:FF:EE:39:2D:DA:B5:5E:C0:41:0C:29:6A:A1
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911549E/B225B19C7CCD11ED9F8E0B2FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911549E/B225B19C7CCD11ED9F8E0B2FC4F9AE02/F_RkaDqcrP_uOS3atV7AQQwpaqE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  133607
                  149052

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.51.100.0/23
                  103.232.226.0/23
                IPv6:
                  2401:1aa0::/32

    Signature Algorithm: sha256WithRSAEncryption
         50:fc:60:b2:7a:73:3a:5a:cd:93:8d:9b:d8:f6:70:2f:9c:a8:
         23:20:cf:bf:cc:57:1b:31:42:4d:de:b3:1c:3c:ee:6c:f3:a4:
         c7:47:4e:1f:15:87:e8:e1:73:a1:5a:36:89:cd:38:84:fa:eb:
         a0:45:0f:85:ab:c9:00:b8:9a:b0:14:d8:ba:f3:1f:d1:a2:7a:
         f5:f1:f0:83:dc:6e:08:51:12:a5:48:02:32:a4:57:16:40:b6:
         b9:14:b4:e0:79:fd:33:fc:e2:7d:b9:33:55:7f:dd:c2:91:13:
         d1:b0:e2:21:af:7e:55:a0:0e:cd:21:6f:0e:92:59:6c:ce:95:
         f6:b8:f8:5f:ac:96:92:a0:7a:de:27:79:db:39:87:16:a7:f1:
         b2:23:58:21:d2:06:6b:7b:65:82:19:b5:ad:a6:8d:74:3f:79:
         23:67:4c:e5:f0:ee:4a:93:0e:e5:26:b1:33:61:9e:c8:b9:12:
         c6:26:2a:c1:d4:e9:9c:d7:a1:80:21:0f:d4:21:3d:7f:fb:2e:
         51:bc:a9:fe:49:42:ec:b7:ca:06:88:1c:f7:80:30:2f:16:10:
         eb:c1:c8:c2:c0:fd:9a:05:c1:97:c6:be:9c:70:3f:87:92:b8:
         5e:33:43:2b:3c:50:2f:ad:09:65:9b:c1:dd:66:15:07:96:e7:
         92:ed:0a:a8
-----BEGIN CERTIFICATE-----
MIIGNDCCBRygAwIBAgIDAdtRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEzMDEyMzExM1oXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTU0OUUxMTAvBgNVBAUTKDE3RjQ2NDY4M0E5Q0FDRkZFRTM5MkRE
QUI1NUVDMDQxMEMyOTZBQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCuxz00421Czq5fVW+6BW15R6v/7DdwD3RpKXciV8KKdOQ/BqsFIayUmxx++Per
53CPPWyqc3s25W12LCq5YLPl61JYMOdwVSlHr30sPi5C78S08uIQFQXfJzfpzxX2
pF75tQv0gwUTjOMwNs1tq4W75JxnRMQJ+hxnLbhhy4G3ezTb+0SxbgC+SzXZYZQY
AIRzqNpX5aamtRI1nURwYOnuTrwmDlNMngQy1N0hX5/QSv68pdgfZC2w98YhNG2d
gHhRW4dLXsp8B3efvO318SzGQGITYwrfHOER/1megKwCBCMOw8+E030X1yuVBaIt
kPPT885dGIxTu+uRVk1c0ET7AgMBAAGjggMpMIIDJTAdBgNVHQ4EFgQUF/RkaDqc
rP/uOS3atV7AQQwpaqEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE1NDlFL0IyMjVCMTlDN0NDRDExRUQ5RjhFMEIyRkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExNTQ5RS9CMjI1QjE5QzdDQ0QxMUVEOUY4RTBCMkZDNEY5QUUwMi9GX1JrYURx
Y3JQX3VPUzNhdFY3QVFRd3BhcUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAgnnAgMCRjwwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAFnM2QD
BAFn6OIwDQQCAAIwBwMFACQBGqAwDQYJKoZIhvcNAQELBQADggEBAFD8YLJ6czpa
zZONm9j2cC+cqCMgz7/MVxsxQk3esxw87mzzpMdHTh8Vh+jhc6FaNonNOIT666BF
D4WryQC4mrAU2LrzH9GievXx8IPcbghREqVIAjKkVxZAtrkUtOB5/TP84n25M1V/
3cKRE9Gw4iGvflWgDs0hbw6SWWzOlfa4+F+slpKget4neds5hxan8bIjWCHSBmt7
ZYIZta2mjXQ/eSNnTOXw7kqTDuUmsTNhnsi5EsYmKsHU6ZzXoYAhD9QhPX/7LlG8
qf5JQuy3ygaIHPeAMC8WEOvByMLA/ZoFwZfGvpxwP4eSuF4zQys8UC+tCWWbwd1m
FQeW55LtCqg=
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:46:59 2024 by rpki-client on console-ams.rpki-client.org