Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fh4CKuiXURLudYnUmzFmDKkKBBA.cer
File:                     Fh4CKuiXURLudYnUmzFmDKkKBBA.cer (raw, json)
Hash identifier:          1F+08trYFqx0Gk5BUbBcZm/QG1WUaVAyJ7waQKZxt/g=
Subject key identifier:   16:1E:02:2A:E8:97:51:12:EE:75:89:D4:9B:31:66:0C:A9:0A:04:10
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01BA9B
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91A865F/BF966E4A1C8911EAA9B95761C4F9AE02/Fh4CKuiXURLudYnUmzFmDKkKBBA.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91A865F/BF966E4A1C8911EAA9B95761C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 31 Aug 2023 19:31:57 +0000
Certificate not after:    Thu 31 Oct 2024 00:00:00 +0000
Subordinate resources:    IP: 45.123.104.0/22
                          IP: 103.63.228.0/22
                          IP: 2403:4e80::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 06:56:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 113307 (0x1ba9b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Aug 31 19:31:57 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=A91A865F/serialNumber=161E022AE8975112EE7589D49B31660CA90A0410
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:29:2c:37:94:32:ef:6c:77:97:3c:c6:3d:fd:
                    39:75:3f:52:f6:45:39:c9:23:9a:08:21:59:36:5c:
                    47:22:7f:53:5d:f7:aa:00:a4:64:42:6a:60:18:48:
                    a7:ad:2c:e1:a5:e0:c2:71:9c:bf:48:b8:d9:1e:df:
                    9e:0c:60:fb:10:4e:45:76:9a:37:9b:98:a7:01:a7:
                    54:9f:4a:f3:b0:d6:19:f3:8e:36:02:a4:be:44:9f:
                    18:98:7c:b3:27:1f:a3:1e:22:e5:85:08:6e:32:75:
                    f5:fa:b1:2c:de:2e:05:2d:bb:88:36:db:e0:59:aa:
                    e7:2f:20:36:27:f7:4a:2d:b8:51:d3:04:c2:e2:99:
                    40:cb:9d:f6:72:e3:0a:73:23:f5:c2:b2:6e:e8:3e:
                    23:ff:d2:b7:60:04:ff:56:64:86:46:70:e8:8d:31:
                    c8:e9:d6:2f:d5:7e:60:0f:e8:66:bf:05:68:00:bf:
                    58:bf:bd:0b:96:98:11:ff:64:a8:41:51:4e:d0:5e:
                    0f:d1:38:10:b4:d0:4a:f2:e5:25:95:05:8a:a4:ab:
                    88:7b:e1:c8:e1:b9:c2:f0:79:4d:10:5f:2c:80:64:
                    c6:de:99:52:62:50:82:63:81:c1:75:4d:3e:62:6d:
                    9d:09:81:24:3f:d6:52:f6:7f:48:9e:89:97:17:1d:
                    6f:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:1E:02:2A:E8:97:51:12:EE:75:89:D4:9B:31:66:0C:A9:0A:04:10
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A865F/BF966E4A1C8911EAA9B95761C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A865F/BF966E4A1C8911EAA9B95761C4F9AE02/Fh4CKuiXURLudYnUmzFmDKkKBBA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.123.104.0/22
                  103.63.228.0/22
                IPv6:
                  2403:4e80::/32

    Signature Algorithm: sha256WithRSAEncryption
         41:4c:26:06:ff:57:c7:36:e9:d6:62:bb:f4:d4:06:9e:3e:81:
         e6:3f:53:83:23:20:45:ea:87:55:73:3b:fd:0e:52:e4:23:0c:
         00:36:a0:73:8a:10:68:8c:1b:e0:77:b0:aa:b1:e1:86:4e:dd:
         10:02:a6:e5:d4:8c:47:0e:5e:b0:0a:d7:3a:9f:94:4b:03:6a:
         9b:8c:fb:c4:a8:fa:a4:77:a2:53:bd:5b:72:77:0f:9b:d3:b6:
         79:29:6a:5a:95:64:ec:2a:af:47:65:4d:ca:1b:a7:13:fa:f2:
         3c:4d:0e:f7:66:92:59:1b:1f:12:20:5d:cf:61:0d:6a:10:e3:
         23:f7:8f:8d:77:c4:fb:98:e8:b5:f6:48:65:ae:13:ee:de:b2:
         23:a9:7c:ae:c0:ff:43:8d:be:0a:ba:3d:17:41:c7:2b:31:13:
         69:4b:59:8a:01:97:18:c3:2b:34:7b:b4:4c:72:f3:6b:d1:1b:
         a9:06:b3:c9:ae:4c:07:7d:6f:5a:12:82:a7:e8:4e:c9:e9:e1:
         38:06:cd:bd:50:5c:14:d0:93:60:3f:57:65:2c:38:e8:9f:7b:
         e2:67:54:66:80:ef:72:31:dc:03:11:db:a6:f4:23:3c:50:a6:
         45:b8:9a:f5:af:5f:cc:de:4f:25:83:54:19:e0:00:12:ed:e3:
         ed:f2:b8:c7
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgIDAbqbMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDgzMTE5MzE1N1oXDTI0MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTg2NUYxMTAvBgNVBAUTKDE2MUUwMjJBRTg5NzUxMTJFRTc1ODlE
NDlCMzE2NjBDQTkwQTA0MTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFKSw3lDLvbHeXPMY9/Tl1P1L2RTnJI5oIIVk2XEcif1Nd96oApGRCamAYSKet
LOGl4MJxnL9IuNke354MYPsQTkV2mjebmKcBp1SfSvOw1hnzjjYCpL5EnxiYfLMn
H6MeIuWFCG4ydfX6sSzeLgUtu4g22+BZqucvIDYn90otuFHTBMLimUDLnfZy4wpz
I/XCsm7oPiP/0rdgBP9WZIZGcOiNMcjp1i/VfmAP6Ga/BWgAv1i/vQuWmBH/ZKhB
UU7QXg/ROBC00Ery5SWVBYqkq4h74cjhucLweU0QXyyAZMbemVJiUIJjgcF1TT5i
bZ0JgSQ/1lL2f0ieiZcXHW8HAgMBAAGjggMIMIIDBDAdBgNVHQ4EFgQUFh4CKuiX
URLudYnUmzFmDKkKBBAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUE4NjVGL0JGOTY2RTRBMUM4OTExRUFBOUI5NTc2MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBODY1Ri9CRjk2NkU0QTFDODkxMUVBQTlCOTU3NjFDNEY5QUUwMi9GaDRDS3Vp
WFVSTHVkWW5VbXpGbURLa0tCQkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8EJTAj
MBIEAgABMAwDBAIte2gDBAJnP+QwDQQCAAIwBwMFACQDToAwDQYJKoZIhvcNAQEL
BQADggEBAEFMJgb/V8c26dZiu/TUBp4+geY/U4MjIEXqh1VzO/0OUuQjDAA2oHOK
EGiMG+B3sKqx4YZO3RACpuXUjEcOXrAK1zqflEsDapuM+8So+qR3olO9W3J3D5vT
tnkpalqVZOwqr0dlTcobpxP68jxNDvdmklkbHxIgXc9hDWoQ4yP3j413xPuY6LX2
SGWuE+7esiOpfK7A/0ONvgq6PRdBxysxE2lLWYoBlxjDKzR7tExy82vRG6kGs8mu
TAd9b1oSgqfoTsnp4TgGzb1QXBTQk2A/V2UsOOife+JnVGaA73Ix3AMR26b0IzxQ
pkW4mvWvX8zeTyWDVBngABLt4+3yuMc=
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:40:23 2024 by rpki-client on console-fra.rpki-client.org