Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FgxyzFd72N5TouywCYwi81pRqp4.cer
File:                     FgxyzFd72N5TouywCYwi81pRqp4.cer (raw, json)
Hash identifier:          kZKyWBNewui/x+KGkPEnRpGXR5POWN33RmukxZx6O2E=
Subject key identifier:   16:0C:72:CC:57:7B:D8:DE:53:A2:EC:B0:09:8C:22:F3:5A:51:AA:9E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E0B5
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C8066/18A5124894F511EDB10BC27DC4F9AE02/FgxyzFd72N5TouywCYwi81pRqp4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C8066/18A5124894F511EDB10BC27DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 26 Feb 2024 19:21:08 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    AS: 137406
                          IP: 103.107.156.0/22
                          IP: 2403:8c0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123061 (0x1e0b5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb 26 19:21:08 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A91C8066/serialNumber=160C72CC577BD8DE53A2ECB0098C22F35A51AA9E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:12:09:97:b6:5b:fc:e1:98:c5:cd:05:09:b8:
                    33:33:0d:d7:65:7f:65:e0:f2:88:37:e7:5c:a3:c7:
                    94:83:14:7c:28:c0:a1:02:a4:db:4b:56:77:00:f3:
                    87:7a:50:da:12:0a:f1:6e:55:fc:69:05:14:20:62:
                    37:ab:94:63:f3:f2:3d:37:56:fb:c5:5c:6a:22:ca:
                    c3:d3:bf:24:b1:d7:ac:39:2b:a4:22:8d:25:8b:91:
                    66:c5:79:66:cd:06:81:ff:1c:8a:72:ae:48:f3:71:
                    f7:91:e2:6c:2b:35:93:8e:65:0f:84:08:09:fc:e2:
                    d1:0c:1b:d1:2f:3a:5b:71:4b:01:39:67:00:39:d6:
                    fd:4c:2d:2b:3f:1d:95:52:7c:81:bc:8a:5e:93:a1:
                    71:49:77:07:1d:9f:f3:b9:4f:7a:27:c8:9d:af:5f:
                    6d:8b:05:ef:b6:cf:fe:a7:94:d4:bc:ea:0c:83:e5:
                    66:4e:8a:4c:04:b5:cd:a3:21:65:be:22:0e:8b:9a:
                    4b:1c:cf:5f:90:2f:19:b0:76:c4:93:8f:9a:68:0f:
                    c7:6d:26:8e:78:79:0e:4b:8f:8f:dd:36:4b:1a:f8:
                    e7:28:3f:e0:8d:01:1f:9e:3b:5f:3d:a4:11:e9:f1:
                    04:fa:42:58:d0:08:ab:e8:fc:49:84:63:d9:1d:91:
                    5c:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:0C:72:CC:57:7B:D8:DE:53:A2:EC:B0:09:8C:22:F3:5A:51:AA:9E
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C8066/18A5124894F511EDB10BC27DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C8066/18A5124894F511EDB10BC27DC4F9AE02/FgxyzFd72N5TouywCYwi81pRqp4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  137406

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.107.156.0/22
                IPv6:
                  2403:8c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         a7:14:c3:7b:e2:0a:1b:79:ab:9e:65:eb:80:4b:33:3c:5d:36:
         e2:ee:86:68:cc:0c:9a:93:84:8b:cb:c4:f2:77:32:65:fe:cd:
         e1:ef:47:3c:ba:a0:05:f6:76:2b:97:1a:0a:99:15:30:0f:9d:
         3d:f3:a4:9a:5d:b7:24:dd:bc:37:74:57:67:3e:88:0c:f7:be:
         9a:4b:e1:f6:8f:15:b9:aa:47:b5:3e:6e:bc:4b:a5:07:46:a3:
         09:c9:85:e1:64:5d:25:70:49:13:b3:83:f6:a8:eb:7f:39:6b:
         94:f2:41:8a:80:5e:ae:1c:12:a1:18:59:73:ca:eb:c2:dc:25:
         2d:0e:f2:c3:57:7f:8e:70:7b:5c:7d:02:a5:d0:29:fd:ee:87:
         e2:da:84:e3:ea:04:78:de:ae:ee:48:53:58:8d:98:9a:f7:ab:
         c3:b9:4e:72:d7:93:3d:8b:00:36:f8:1e:cc:ea:cd:98:df:4a:
         55:26:fc:19:1b:10:0d:e4:09:2f:36:38:ff:74:62:28:0a:93:
         d4:80:70:2b:9a:27:f0:ab:f5:b1:c5:ea:64:fa:86:54:69:ef:
         53:82:f3:a2:75:b1:77:20:ed:3c:ef:f0:53:c5:49:df:d8:c4:
         c9:5e:22:a6:b9:70:cb:9b:84:95:2e:98:45:24:9a:54:91:ea:
         e1:e1:1c:85
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAeC1MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIyNjE5MjEwOFoXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzgwNjYxMTAvBgNVBAUTKDE2MEM3MkNDNTc3QkQ4REU1M0EyRUNC
MDA5OEMyMkYzNUE1MUFBOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD1EgmXtlv84ZjFzQUJuDMzDddlf2Xg8og351yjx5SDFHwowKECpNtLVncA84d6
UNoSCvFuVfxpBRQgYjerlGPz8j03VvvFXGoiysPTvySx16w5K6QijSWLkWbFeWbN
BoH/HIpyrkjzcfeR4mwrNZOOZQ+ECAn84tEMG9EvOltxSwE5ZwA51v1MLSs/HZVS
fIG8il6ToXFJdwcdn/O5T3onyJ2vX22LBe+2z/6nlNS86gyD5WZOikwEtc2jIWW+
Ig6Lmkscz1+QLxmwdsSTj5poD8dtJo54eQ5Lj4/dNksa+OcoP+CNAR+eO189pBHp
8QT6QljQCKvo/EmEY9kdkVz5AgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUFgxyzFd7
2N5TouywCYwi81pRqp4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM4MDY2LzE4QTUxMjQ4OTRGNTExRURCMTBCQzI3REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDODA2Ni8xOEE1MTI0ODk0RjUxMUVEQjEwQkMyN0RDNEY5QUUwMi9GZ3h5ekZk
NzJONVRvdXl3Q1l3aTgxcFJxcDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhi+MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ2ucMA0EAgAC
MAcDBQAkAwjAMA0GCSqGSIb3DQEBCwUAA4IBAQCnFMN74gobeaueZeuASzM8XTbi
7oZozAyak4SLy8TydzJl/s3h70c8uqAF9nYrlxoKmRUwD50986SaXbck3bw3dFdn
PogM976aS+H2jxW5qke1Pm68S6UHRqMJyYXhZF0lcEkTs4P2qOt/OWuU8kGKgF6u
HBKhGFlzyuvC3CUtDvLDV3+OcHtcfQKl0Cn97ofi2oTj6gR43q7uSFNYjZia96vD
uU5y15M9iwA2+B7M6s2Y30pVJvwZGxAN5AkvNjj/dGIoCpPUgHArmifwq/Wxxepk
+oZUae9TgvOidbF3IO087/BTxUnf2MTJXiKmuXDLm4SVLphFJJpUkerh4RyF
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:59:31 2024 by rpki-client on console-ams.rpki-client.org