Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HNyP8SmsVhBgxHINdUk_12hGxhU.cer
File:                     HNyP8SmsVhBgxHINdUk_12hGxhU.cer (raw, json)
Hash identifier:          wXz/A1BYX413MNfu0rtLi9Vc8wsJDnWQ1/WAQOu+CgI=
Subject key identifier:   1C:DC:8F:F1:29:AC:56:10:60:C4:72:0D:75:49:3F:D7:68:46:C6:15
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D393
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A919FE07/A16A88DA306A11EA998C8F30C4F9AE02/HNyP8SmsVhBgxHINdUk_12hGxhU.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A919FE07/A16A88DA306A11EA998C8F30C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 21 Dec 2023 19:42:02 +0000
Certificate not after:    Tue 30 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 132628
                          IP: 123.253.76.0/22

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 09:37:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119699 (0x1d393)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec 21 19:42:02 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=A919FE07/serialNumber=1CDC8FF129AC561060C4720D75493FD76846C615
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:42:98:ce:dc:27:2e:68:ad:32:63:d4:98:9e:
                    df:8c:4f:07:46:23:e3:e0:5b:1b:53:ba:ea:88:d0:
                    d4:a1:1d:06:72:4a:a3:1c:ce:53:c6:74:bc:b2:2e:
                    fb:19:f8:be:d6:94:ab:9e:d9:23:0c:40:2e:d5:66:
                    ca:ed:5b:b9:3e:8d:f8:04:bf:44:87:07:dd:37:43:
                    43:1a:3a:89:c4:cc:03:83:e1:a9:2d:31:74:cc:a2:
                    6b:aa:95:d8:db:d5:d1:57:a7:1b:22:1d:70:88:cf:
                    e5:8f:8d:f4:59:87:b4:b6:c4:8c:db:b3:f4:2b:65:
                    15:d9:29:71:24:8e:84:52:b8:5b:01:d5:82:90:a4:
                    8d:de:af:4b:b0:d3:33:c4:34:ef:7a:99:c7:eb:94:
                    dd:4f:a3:e2:30:48:5c:80:44:f7:2a:6b:9a:ba:fc:
                    22:7e:04:52:41:69:6b:ca:2d:c3:bf:1b:7c:4c:42:
                    06:b7:c0:97:41:ee:e6:c4:88:aa:9e:92:ef:4c:28:
                    00:d2:6a:2d:17:5d:09:af:71:7c:a2:c9:99:f2:2e:
                    6c:b2:90:a4:a9:bf:f9:a2:ea:95:b3:fd:d6:13:bf:
                    84:0a:6f:5d:7b:f5:b0:0f:c0:1f:be:21:c8:27:bb:
                    37:0e:32:ee:45:db:f0:da:35:65:6f:73:14:78:7f:
                    ba:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:DC:8F:F1:29:AC:56:10:60:C4:72:0D:75:49:3F:D7:68:46:C6:15
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919FE07/A16A88DA306A11EA998C8F30C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919FE07/A16A88DA306A11EA998C8F30C4F9AE02/HNyP8SmsVhBgxHINdUk_12hGxhU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  132628

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.253.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         32:bf:34:2d:b4:38:fe:9f:9e:6e:e8:8d:a1:37:ca:5a:07:56:
         d4:d1:a3:5f:82:0e:8b:d1:52:d5:94:79:b3:29:b9:83:65:70:
         43:91:49:18:b3:1d:cd:82:51:95:45:83:2a:4b:3d:82:c1:0e:
         f2:7e:72:1f:8f:66:3a:16:6d:b2:f8:c9:6a:e5:5a:e7:ec:5b:
         a5:66:22:6e:09:fe:e2:0b:17:3b:56:9d:49:40:2e:8a:16:3a:
         48:4f:59:6c:9e:c9:02:d6:4b:b2:49:d1:2f:cb:7c:4d:1e:b8:
         c6:1a:f9:a1:00:9d:69:c2:48:0b:d4:f6:25:1a:08:93:82:36:
         13:a2:7b:3b:83:dd:31:8b:2d:b4:ba:62:c8:a4:02:67:91:ef:
         54:6f:32:1e:2b:07:79:92:21:39:4e:a5:81:81:ce:cf:8d:d4:
         11:a3:e8:03:ea:6a:54:0f:cc:1d:17:78:55:8b:71:53:45:05:
         27:54:c4:89:0d:f9:59:56:ab:3b:94:19:20:3a:ed:2c:ef:a8:
         8a:2b:4a:fc:c5:de:ec:75:a9:3c:95:06:e0:7a:a0:ce:94:cb:
         6b:00:e3:3d:3f:07:27:c7:1d:93:4f:39:6b:48:d4:1a:c3:c6:
         1c:7c:dc:ea:72:5a:39:26:a6:e5:ab:d3:eb:5a:12:2d:3f:80:
         1b:dd:a0:b7
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAdOTMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIyMTE5NDIwMloXDTI0MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOUZFMDcxMTAvBgNVBAUTKDFDREM4RkYxMjlBQzU2MTA2MEM0NzIw
RDc1NDkzRkQ3Njg0NkM2MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCzQpjO3CcuaK0yY9SYnt+MTwdGI+PgWxtTuuqI0NShHQZySqMczlPGdLyyLvsZ
+L7WlKue2SMMQC7VZsrtW7k+jfgEv0SHB903Q0MaOonEzAOD4aktMXTMomuqldjb
1dFXpxsiHXCIz+WPjfRZh7S2xIzbs/QrZRXZKXEkjoRSuFsB1YKQpI3er0uw0zPE
NO96mcfrlN1Po+IwSFyARPcqa5q6/CJ+BFJBaWvKLcO/G3xMQga3wJdB7ubEiKqe
ku9MKADSai0XXQmvcXyiyZnyLmyykKSpv/mi6pWz/dYTv4QKb1179bAPwB++Icgn
uzcOMu5F2/DaNWVvcxR4f7rFAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUHNyP8Sms
VhBgxHINdUk/12hGxhUwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlGRTA3L0ExNkE4OERBMzA2QTExRUE5OThDOEYzMEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5RkUwNy9BMTZBODhEQTMwNkExMUVBOTk4QzhGMzBDNEY5QUUwMi9ITnlQOFNt
c1ZoQmd4SElOZFVrXzEyaEd4aFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgYUMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCe/1MMA0GCSqG
SIb3DQEBCwUAA4IBAQAyvzQttDj+n55u6I2hN8paB1bU0aNfgg6L0VLVlHmzKbmD
ZXBDkUkYsx3NglGVRYMqSz2CwQ7yfnIfj2Y6Fm2y+Mlq5Vrn7FulZiJuCf7iCxc7
Vp1JQC6KFjpIT1lsnskC1kuySdEvy3xNHrjGGvmhAJ1pwkgL1PYlGgiTgjYTons7
g90xiy20umLIpAJnke9UbzIeKwd5kiE5TqWBgc7PjdQRo+gD6mpUD8wdF3hVi3FT
RQUnVMSJDflZVqs7lBkgOu0s76iKK0r8xd7sdak8lQbgeqDOlMtrAOM9Pwcnxx2T
TzlrSNQaw8YcfNzqclo5Jqblq9PrWhItP4Ab3aC3
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:22:17 2024 by rpki-client on console-fra.rpki-client.org