Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GF_2ZH4elndQE3e1UVR5uelGEGc.cer
File:                     GF_2ZH4elndQE3e1UVR5uelGEGc.cer (raw, json)
Hash identifier:          Gze/tvbwEdXpj6t/QsJymun2ieDKjosPjhH62X79EQc=
Subject key identifier:   18:5F:F6:64:7E:1E:96:77:50:13:77:B5:51:54:79:B9:E9:46:10:67
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01DC17
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9193C85/4FF4CB72FDE011E88EDE4513C4F9AE02/GF_2ZH4elndQE3e1UVR5uelGEGc.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9193C85/4FF4CB72FDE011E88EDE4513C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 31 Jan 2024 17:52:13 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 103.127.4.0/22
                          IP: 2404:1740::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121879 (0x1dc17)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan 31 17:52:13 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A9193C85/serialNumber=185FF6647E1E9677501377B5515479B9E9461067
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:98:4e:8c:59:f7:8a:a6:66:63:03:64:b7:1b:
                    d8:5e:bd:07:4e:a8:52:86:62:5e:3e:83:5d:40:44:
                    5f:c9:7b:f2:df:07:e4:0a:4f:3d:4d:35:54:a9:f0:
                    12:51:c5:42:4d:1c:ca:b2:5c:de:6c:47:38:af:c1:
                    d0:22:bb:19:56:fb:df:bb:80:4a:45:3a:0b:66:96:
                    6c:ae:9f:5d:09:43:2a:33:a6:c3:16:1f:51:b1:bc:
                    ea:4b:4e:e0:07:ad:48:b4:a1:0b:65:ea:3e:20:ed:
                    f9:4d:2b:d1:e2:29:c6:05:09:bf:e4:20:cd:05:cc:
                    8f:8e:5b:ec:e9:1f:62:b3:87:b8:4b:dc:5a:2e:03:
                    98:05:3c:de:60:e3:83:2b:3b:77:8e:65:2c:fa:20:
                    29:d9:31:f0:18:07:de:4c:b1:a9:a7:75:39:78:7a:
                    60:8b:6f:95:d9:86:c9:80:7b:29:3e:36:7f:1b:76:
                    bf:42:c5:00:a5:cd:1d:66:92:76:d3:95:79:e7:6d:
                    1c:f1:05:e8:1b:38:ab:60:64:b6:85:6b:10:5a:48:
                    a6:b2:6d:83:19:88:70:49:03:ad:9c:dd:a6:8c:be:
                    54:dd:19:f6:ff:26:64:54:79:87:3c:91:d1:f5:6f:
                    ba:91:5e:cd:9f:75:06:c0:17:e7:82:5b:ca:5e:9b:
                    ea:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:5F:F6:64:7E:1E:96:77:50:13:77:B5:51:54:79:B9:E9:46:10:67
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9193C85/4FF4CB72FDE011E88EDE4513C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9193C85/4FF4CB72FDE011E88EDE4513C4F9AE02/GF_2ZH4elndQE3e1UVR5uelGEGc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.127.4.0/22
                IPv6:
                  2404:1740::/32

    Signature Algorithm: sha256WithRSAEncryption
         d0:f9:69:e3:3b:de:87:4f:73:cf:f6:ed:8e:a4:63:fb:9d:78:
         78:6f:94:db:d1:bd:e7:f8:f2:33:6f:4d:d7:17:ae:3f:96:5d:
         6c:51:85:b3:ec:a6:cf:2b:bb:31:30:02:a1:c1:27:20:78:91:
         04:60:bf:55:ee:02:61:96:78:c7:f9:24:3b:40:62:10:11:e2:
         a3:f4:c3:38:31:d7:2f:c4:36:57:27:95:51:d9:fd:eb:f0:6b:
         31:09:8a:9c:93:37:a7:fb:17:0d:ec:6a:d1:ef:39:a0:67:63:
         8f:63:f0:d4:04:1c:83:b8:9f:a4:fc:c2:b8:cd:ce:a5:6e:b8:
         37:cb:51:4d:be:de:e4:43:de:f9:08:4c:c3:0e:e6:36:e1:fe:
         90:71:57:c5:5c:0d:e9:2f:3e:dd:0c:59:23:d0:41:12:11:ae:
         2a:54:8f:78:28:36:b7:a0:b0:a6:4b:be:bd:d5:49:92:2f:e5:
         db:e6:35:e5:15:2b:7c:c8:e1:18:2e:80:ab:94:47:2c:4b:79:
         6c:7c:22:0d:32:19:e9:03:be:cf:41:d1:a0:63:21:c0:b9:42:
         4c:ce:40:50:55:9e:c8:fd:84:b8:80:4c:be:23:91:8d:bc:5a:
         9d:69:d8:f5:db:a3:60:1e:44:a5:7f:0b:c6:74:ce:73:cc:7d:
         74:a4:7d:09
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgIDAdwXMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEzMTE3NTIxM1oXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTNDODUxMTAvBgNVBAUTKDE4NUZGNjY0N0UxRTk2Nzc1MDEzNzdC
NTUxNTQ3OUI5RTk0NjEwNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQComE6MWfeKpmZjA2S3G9hevQdOqFKGYl4+g11ARF/Je/LfB+QKTz1NNVSp8BJR
xUJNHMqyXN5sRzivwdAiuxlW+9+7gEpFOgtmlmyun10JQyozpsMWH1GxvOpLTuAH
rUi0oQtl6j4g7flNK9HiKcYFCb/kIM0FzI+OW+zpH2Kzh7hL3FouA5gFPN5g44Mr
O3eOZSz6ICnZMfAYB95MsamndTl4emCLb5XZhsmAeyk+Nn8bdr9CxQClzR1mknbT
lXnnbRzxBegbOKtgZLaFaxBaSKaybYMZiHBJA62c3aaMvlTdGfb/JmRUeYc8kdH1
b7qRXs2fdQbAF+eCW8pem+prAgMBAAGjggMCMIIC/jAdBgNVHQ4EFgQUGF/2ZH4e
lndQE3e1UVR5uelGEGcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTkzQzg1LzRGRjRDQjcyRkRFMDExRTg4RURFNDUxM0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5M0M4NS80RkY0Q0I3MkZERTAxMUU4OEVERTQ1MTNDNEY5QUUwMi9HRl8yWkg0
ZWxuZFFFM2UxVVZSNXVlbEdFR2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8EHzAd
MAwEAgABMAYDBAJnfwQwDQQCAAIwBwMFACQEF0AwDQYJKoZIhvcNAQELBQADggEB
AND5aeM73odPc8/27Y6kY/udeHhvlNvRvef48jNvTdcXrj+WXWxRhbPsps8ruzEw
AqHBJyB4kQRgv1XuAmGWeMf5JDtAYhAR4qP0wzgx1y/ENlcnlVHZ/evwazEJipyT
N6f7Fw3satHvOaBnY49j8NQEHIO4n6T8wrjNzqVuuDfLUU2+3uRD3vkITMMO5jbh
/pBxV8VcDekvPt0MWSPQQRIRripUj3goNregsKZLvr3VSZIv5dvmNeUVK3zI4Rgu
gKuURyxLeWx8Ig0yGekDvs9B0aBjIcC5QkzOQFBVnsj9hLiATL4jkY28Wp1p2PXb
o2AeRKV/C8Z0znPMfXSkfQk=
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:10 2024 by rpki-client on console-fra.rpki-client.org