Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Gns-z0RjPh6iTJBhetOXRV505rI.cer
File:                     Gns-z0RjPh6iTJBhetOXRV505rI.cer (raw, json)
Hash identifier:          9lfGGD71AfDc8KwKMHozFzAHTcHfNi56dshyqBD5/2Q=
Subject key identifier:   1A:7B:3E:CF:44:63:3E:1E:A2:4C:90:61:7A:D3:97:45:5E:74:E6:B2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01DBBE
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91CE9F1/EE695FE6875D11EE8F489913C4F9AE02/Gns-z0RjPh6iTJBhetOXRV505rI.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91CE9F1/EE695FE6875D11EE8F489913C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 31 Jan 2024 01:41:25 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    AS: 150714
                          IP: 103.66.140.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121790 (0x1dbbe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan 31 01:41:25 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A91CE9F1/serialNumber=1A7B3ECF44633E1EA24C90617AD397455E74E6B2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:29:5b:eb:4e:bb:9e:46:22:31:8c:8b:9e:14:
                    46:b3:a7:c2:fe:b2:12:ea:00:d2:fd:4c:40:f2:da:
                    a9:43:4f:41:8b:96:20:fa:9f:de:9f:22:d8:80:4c:
                    0a:cf:38:f8:89:3c:0f:3d:af:a7:a6:6a:c8:75:72:
                    d5:d1:ab:52:cd:18:d9:0b:c5:87:a5:fc:3a:1a:84:
                    45:48:0f:85:95:60:28:e3:f5:dd:a3:b2:0f:7d:5f:
                    dd:ec:85:ec:28:0d:0d:92:04:0f:b1:40:60:c6:38:
                    e7:05:91:38:3a:91:ab:1b:2e:82:27:e0:84:84:83:
                    dd:b4:7a:5f:0b:30:57:04:34:47:8a:ba:53:ea:ba:
                    67:69:03:f6:21:03:5c:17:6a:d8:f1:54:41:9f:59:
                    9e:86:6c:28:ce:01:f4:6b:ed:a0:97:9b:d4:f9:d5:
                    3e:f8:ed:ff:e5:ff:a7:ca:66:d1:c2:4e:26:e5:51:
                    07:c0:a5:dc:4e:28:97:ff:52:42:c6:bb:be:d1:ee:
                    c0:21:df:bc:93:26:14:cc:94:c4:31:d9:ed:f8:40:
                    6d:45:aa:00:89:75:74:c8:93:e5:fe:b4:92:95:a5:
                    ef:b2:f3:6e:a9:f1:ac:f8:ff:ce:6f:88:16:7a:95:
                    11:bd:76:1b:3d:28:27:16:27:a9:02:03:40:6d:7e:
                    df:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:7B:3E:CF:44:63:3E:1E:A2:4C:90:61:7A:D3:97:45:5E:74:E6:B2
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CE9F1/EE695FE6875D11EE8F489913C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CE9F1/EE695FE6875D11EE8F489913C4F9AE02/Gns-z0RjPh6iTJBhetOXRV505rI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  150714

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.66.140.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7a:ce:f7:c3:15:23:c9:28:2d:39:db:2c:49:46:51:61:19:fb:
         b6:f7:98:7a:b8:41:f0:e3:52:79:0e:05:f2:4f:fb:dd:9a:ba:
         71:c1:42:6c:64:6f:f2:f5:54:3a:45:4a:24:af:8c:d7:05:2f:
         7b:53:f3:41:74:eb:64:7b:44:3b:9c:bd:0a:45:e2:e0:c5:bf:
         18:0d:e0:e1:52:79:29:a6:ea:3c:9b:36:dd:63:42:6e:df:b3:
         9f:46:c1:d5:35:17:ab:10:83:87:7d:5d:db:6c:c7:b5:5e:71:
         0f:0d:3f:5a:42:1b:1f:79:03:50:a6:35:e3:94:bd:4d:74:b7:
         83:a9:da:34:d8:53:13:83:b0:f5:a1:38:fd:2c:39:00:f9:e7:
         44:30:91:0a:fb:18:d1:c3:bc:d2:c2:03:d2:c0:0f:e0:12:c3:
         0b:38:6c:51:07:cf:cf:33:3f:8e:8e:84:ae:f1:ff:f6:c9:e3:
         f0:9c:0a:f4:79:8e:93:21:d6:97:ba:20:70:be:c6:76:77:80:
         7b:0e:b0:44:da:ea:ba:a5:42:21:bd:eb:b2:38:fa:f8:80:26:
         58:98:c9:2c:69:96:34:bc:86:7c:93:7d:1c:97:4f:56:fe:bc:
         20:f9:2a:ef:57:36:72:01:cb:23:7b:00:65:ad:74:17:c0:0a:
         5a:ab:14:64
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAdu+MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEzMTAxNDEyNVoXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQ0U5RjExMTAvBgNVBAUTKDFBN0IzRUNGNDQ2MzNFMUVBMjRDOTA2
MTdBRDM5NzQ1NUU3NEU2QjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCwKVvrTrueRiIxjIueFEazp8L+shLqANL9TEDy2qlDT0GLliD6n96fItiATArP
OPiJPA89r6emash1ctXRq1LNGNkLxYel/DoahEVID4WVYCjj9d2jsg99X93shewo
DQ2SBA+xQGDGOOcFkTg6kasbLoIn4ISEg920el8LMFcENEeKulPqumdpA/YhA1wX
atjxVEGfWZ6GbCjOAfRr7aCXm9T51T747f/l/6fKZtHCTiblUQfApdxOKJf/UkLG
u77R7sAh37yTJhTMlMQx2e34QG1FqgCJdXTIk+X+tJKVpe+y826p8az4/85viBZ6
lRG9dhs9KCcWJ6kCA0Btft/LAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUGns+z0Rj
Ph6iTJBhetOXRV505rIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNFOUYxL0VFNjk1RkU2ODc1RDExRUU4RjQ4OTkxM0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDRTlGMS9FRTY5NUZFNjg3NUQxMUVFOEY0ODk5MTNDNEY5QUUwMi9HbnMtejBS
alBoNmlUSkJoZXRPWFJWNTA1ckkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAky6MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ0KMMA0GCSqG
SIb3DQEBCwUAA4IBAQB6zvfDFSPJKC052yxJRlFhGfu295h6uEHw41J5DgXyT/vd
mrpxwUJsZG/y9VQ6RUokr4zXBS97U/NBdOtke0Q7nL0KReLgxb8YDeDhUnkppuo8
mzbdY0Ju37OfRsHVNRerEIOHfV3bbMe1XnEPDT9aQhsfeQNQpjXjlL1NdLeDqdo0
2FMTg7D1oTj9LDkA+edEMJEK+xjRw7zSwgPSwA/gEsMLOGxRB8/PMz+OjoSu8f/2
yePwnAr0eY6TIdaXuiBwvsZ2d4B7DrBE2uq6pUIhveuyOPr4gCZYmMksaZY0vIZ8
k30cl09W/rwg+SrvVzZyAcsjewBlrXQXwApaqxRk
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:20 2024 by rpki-client on console-fra.rpki-client.org