Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HHHWPtrssQ9TFB6KMIlDlZp8V1o.cer
File:                     HHHWPtrssQ9TFB6KMIlDlZp8V1o.cer (raw, json)
Hash identifier:          USWezt7MeStJ3/f14wTEwVOu4BsHbSfC6STJc6BZ6So=
Subject key identifier:   1C:71:D6:3E:DA:EC:B1:0F:53:14:1E:8A:30:89:43:95:9A:7C:57:5A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01DAE0
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91145A9/EBAC8238785911EDB2FC220EC4F9AE02/HHHWPtrssQ9TFB6KMIlDlZp8V1o.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91145A9/EBAC8238785911EDB2FC220EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 29 Jan 2024 04:49:16 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 150669
                          IP: 103.51.52.0/23
                          IP: 2001:df1:a7c0::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 09:37:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121568 (0x1dae0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan 29 04:49:16 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A91145A9/serialNumber=1C71D63EDAECB10F53141E8A308943959A7C575A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:ac:32:6e:b4:33:a4:bc:30:fe:d2:b4:e5:c9:
                    8c:64:08:3b:f5:1f:76:78:7a:b1:d6:b4:ba:26:dc:
                    27:6d:e1:5d:af:e4:7e:e3:c8:3a:9f:14:94:f5:9d:
                    76:58:13:80:32:f7:da:23:52:1a:98:7e:37:2c:e0:
                    03:9f:f7:76:05:d4:46:32:db:8d:7b:e7:45:73:74:
                    ff:cc:94:eb:de:1d:96:a8:6a:1a:5d:d6:21:46:af:
                    57:3b:a9:a2:cb:ec:3a:1f:4f:26:84:c4:4d:61:8e:
                    ad:8b:f0:02:1d:3b:2f:2c:a9:a5:60:0d:4c:30:71:
                    17:92:0f:bd:54:00:7b:be:71:3b:df:5b:a8:69:05:
                    61:fb:25:ca:e8:eb:de:95:e3:29:a2:8b:2d:b2:57:
                    c7:c5:77:f5:7e:e8:e2:f4:57:67:7c:c5:ab:17:5e:
                    99:5b:62:3f:81:d5:3c:22:1d:00:b8:45:6a:cc:08:
                    23:a7:13:10:41:df:f2:67:6b:ab:3b:b5:04:3e:ed:
                    e0:b9:70:b6:d4:43:82:2a:52:c7:f7:75:90:85:a7:
                    86:bb:69:31:22:06:f2:87:2a:0b:7b:4a:0c:57:67:
                    e4:27:9c:b1:ce:38:da:c6:d9:39:54:05:9f:b8:f9:
                    a1:25:8f:f4:96:f0:17:35:d9:44:6f:84:05:47:60:
                    b2:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:71:D6:3E:DA:EC:B1:0F:53:14:1E:8A:30:89:43:95:9A:7C:57:5A
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91145A9/EBAC8238785911EDB2FC220EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91145A9/EBAC8238785911EDB2FC220EC4F9AE02/HHHWPtrssQ9TFB6KMIlDlZp8V1o.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  150669

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.51.52.0/23
                IPv6:
                  2001:df1:a7c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         9e:16:b6:de:84:01:c0:87:5f:30:f4:0d:cf:b9:fe:20:ec:0b:
         3b:1b:29:b1:a6:3d:a7:47:aa:67:d7:92:7a:cb:b3:16:b2:b8:
         de:e5:da:83:47:cf:20:19:61:c5:e4:f2:9a:d9:00:36:1a:86:
         b3:e1:b6:c5:0f:7b:10:59:0d:80:94:ca:58:b6:67:00:9e:19:
         83:17:29:4e:ca:8c:b8:9d:63:a5:93:f4:cc:be:29:09:5b:15:
         63:23:e4:0e:53:bd:e7:35:93:a2:27:a3:89:a6:54:ad:4d:6b:
         39:00:d3:f6:ee:32:ff:fe:49:9d:28:96:2f:3c:68:d9:4b:b0:
         0d:ac:83:bc:bd:9c:87:64:c8:4f:e2:bd:6f:b4:75:ea:80:73:
         f4:ac:10:10:7b:33:da:25:1f:0f:9b:c4:d5:94:ac:1d:15:80:
         4b:5b:1f:d7:15:f3:36:25:b8:d5:2d:0b:aa:da:79:0c:56:fa:
         e9:33:de:5f:72:18:fb:c1:ec:ff:58:c6:96:90:6c:fc:d7:85:
         fe:3c:00:62:b8:2b:7d:fa:d7:8f:30:44:c3:38:d6:0e:d3:72:
         6c:7e:b5:34:b7:8f:a2:0a:74:8c:f9:30:dc:3c:81:bb:d3:30:
         71:06:71:30:6a:20:ac:e8:5b:c1:ae:8d:3f:03:0a:96:b3:c3:
         93:59:53:97
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAdrgMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEyOTA0NDkxNloXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTQ1QTkxMTAvBgNVBAUTKDFDNzFENjNFREFFQ0IxMEY1MzE0MUU4
QTMwODk0Mzk1OUE3QzU3NUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQrDJutDOkvDD+0rTlyYxkCDv1H3Z4erHWtLom3Cdt4V2v5H7jyDqfFJT1nXZY
E4Ay99ojUhqYfjcs4AOf93YF1EYy241750VzdP/MlOveHZaoahpd1iFGr1c7qaLL
7DofTyaExE1hjq2L8AIdOy8sqaVgDUwwcReSD71UAHu+cTvfW6hpBWH7Jcro696V
4ymiiy2yV8fFd/V+6OL0V2d8xasXXplbYj+B1TwiHQC4RWrMCCOnExBB3/Jna6s7
tQQ+7eC5cLbUQ4IqUsf3dZCFp4a7aTEiBvKHKgt7SgxXZ+QnnLHOONrG2TlUBZ+4
+aElj/SW8Bc12URvhAVHYLIRAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUHHHWPtrs
sQ9TFB6KMIlDlZp8V1owHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE0NUE5L0VCQUM4MjM4Nzg1OTExRURCMkZDMjIwRUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExNDVBOS9FQkFDODIzODc4NTkxMUVEQjJGQzIyMEVDNEY5QUUwMi9ISEhXUHRy
c3NROVRGQjZLTUlsRGxacDhWMW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkyNMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZzM0MA8EAgAC
MAkDBwAgAQ3xp8AwDQYJKoZIhvcNAQELBQADggEBAJ4Wtt6EAcCHXzD0Dc+5/iDs
CzsbKbGmPadHqmfXknrLsxayuN7l2oNHzyAZYcXk8prZADYahrPhtsUPexBZDYCU
yli2ZwCeGYMXKU7KjLidY6WT9My+KQlbFWMj5A5Tvec1k6Ino4mmVK1NazkA0/bu
Mv/+SZ0oli88aNlLsA2sg7y9nIdkyE/ivW+0deqAc/SsEBB7M9olHw+bxNWUrB0V
gEtbH9cV8zYluNUtC6raeQxW+ukz3l9yGPvB7P9YxpaQbPzXhf48AGK4K336148w
RMM41g7Tcmx+tTS3j6IKdIz5MNw8gbvTMHEGcTBqIKzoW8GujT8DCpazw5NZU5c=
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:22:17 2024 by rpki-client on console-fra.rpki-client.org