Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HaAa_AiIyqYXHgoOdBz8kE7S328.cer
File:                     HaAa_AiIyqYXHgoOdBz8kE7S328.cer (raw, json)
Hash identifier:          Df3/qfjyhWTJO+XWsIHQLEMAA+v4gHwPxUxcyG1Fulk=
Subject key identifier:   1D:A0:1A:FC:08:88:CA:A6:17:1E:0A:0E:74:1C:FC:90:4E:D2:DF:6F
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       0192AE
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 23 Mar 2023 13:21:57 +0000
Certificate not after:    Wed 29 May 2024 00:00:00 +0000
Subordinate resources:    AS: 135107
                          IP: 103.86.188.0/23
                          IP: 103.209.152.0/23
                          IP: 202.27.10.0/23
                          IP: 2401:f340::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 18:26:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 103086 (0x192ae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar 23 13:21:57 2023 GMT
            Not After : May 29 00:00:00 2024 GMT
        Subject: CN=A91352C6/serialNumber=1DA01AFC0888CAA6171E0A0E741CFC904ED2DF6F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:a2:f6:86:6e:4c:23:45:c8:3d:f4:1d:a1:f7:
                    3a:84:fa:dc:86:75:7a:f2:e5:b0:f9:3f:8c:4f:81:
                    32:59:5d:0a:0e:d6:7e:c3:05:7a:60:9b:f5:bb:dc:
                    e1:1f:44:bb:f9:ca:73:ad:69:a7:e1:f4:9b:fd:3a:
                    ff:71:bf:1c:49:a9:a4:e6:80:db:c9:e4:ec:26:9a:
                    f8:41:24:8d:e2:8a:82:fb:ca:26:50:17:76:76:04:
                    ce:cd:ff:08:65:d6:45:6d:75:75:b8:2e:0c:ee:12:
                    e5:bc:fd:2d:e5:2d:a6:3b:58:32:42:9a:69:bf:4c:
                    5d:2b:21:af:cb:82:f3:72:27:cb:1e:b5:92:37:d0:
                    e4:8f:7f:87:7c:ad:8c:51:e1:be:cc:0d:51:b0:38:
                    c0:5c:3d:2c:01:b2:2a:cd:aa:82:2a:3a:0b:9d:cf:
                    00:2e:98:d8:b7:38:09:02:29:75:8b:5d:21:d6:31:
                    23:b1:ac:67:a6:91:73:86:85:29:40:b6:9c:da:97:
                    fa:8c:12:84:0d:e4:26:10:59:bb:b8:20:5b:8c:b2:
                    f3:d3:01:4f:9b:d9:03:66:b3:dd:c4:ef:ab:21:b8:
                    0d:17:0f:a6:c1:50:5c:49:41:81:71:a2:ed:c3:20:
                    d3:13:77:0a:3d:5a:04:ef:a0:86:69:04:4b:d2:13:
                    d3:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:A0:1A:FC:08:88:CA:A6:17:1E:0A:0E:74:1C:FC:90:4E:D2:DF:6F
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  135107

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.86.188.0/23
                  103.209.152.0/23
                  202.27.10.0/23
                IPv6:
                  2401:f340::/32

    Signature Algorithm: sha256WithRSAEncryption
         80:59:5a:44:af:96:b3:3f:33:40:f6:b0:1d:ea:ce:0e:47:b3:
         be:55:2b:cc:8b:2c:2b:b2:98:48:85:42:a5:11:f1:c9:bd:09:
         b6:f0:56:80:71:20:7c:f9:c1:ed:21:11:78:36:1f:a5:c5:8f:
         83:8e:35:b7:a6:80:c8:dd:d2:4f:ff:27:ec:cd:2b:66:3e:0d:
         42:f5:44:9e:43:b6:63:f3:fe:55:68:7f:bb:67:22:97:80:0b:
         a3:26:ca:f5:5f:72:65:36:be:a5:2d:5e:44:13:d5:5a:c8:d4:
         c8:05:ec:00:6f:54:2b:5f:b9:f7:dd:23:ce:66:dd:73:82:a4:
         2b:42:20:c7:24:b6:6f:7b:ac:bf:29:64:c5:12:33:87:1e:7d:
         bd:a1:67:12:cf:2a:a4:22:ad:e9:32:07:51:ce:e3:5f:64:67:
         b4:96:70:44:8a:25:0d:78:68:a1:2a:34:3d:fd:16:dc:63:0b:
         22:7e:34:b5:94:86:02:ab:fe:19:bf:03:50:5f:4f:5a:14:d5:
         98:ba:71:16:81:85:ce:94:39:51:0b:9e:0b:ea:11:03:00:aa:
         10:e8:93:f0:a5:f7:d5:e0:22:a7:7e:24:cb:b8:3e:fe:e0:73:
         28:20:df:0a:bc:56:04:54:0c:3c:4f:82:58:4b:9d:45:c0:d2:
         f9:0a:3b:79
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgIDAZKuMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDMyMzEzMjE1N1oXDTI0MDUyOTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzUyQzYxMTAvBgNVBAUTKDFEQTAxQUZDMDg4OENBQTYxNzFFMEEw
RTc0MUNGQzkwNEVEMkRGNkYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCoovaGbkwjRcg99B2h9zqE+tyGdXry5bD5P4xPgTJZXQoO1n7DBXpgm/W73OEf
RLv5ynOtaafh9Jv9Ov9xvxxJqaTmgNvJ5OwmmvhBJI3iioL7yiZQF3Z2BM7N/whl
1kVtdXW4LgzuEuW8/S3lLaY7WDJCmmm/TF0rIa/LgvNyJ8setZI30OSPf4d8rYxR
4b7MDVGwOMBcPSwBsirNqoIqOgudzwAumNi3OAkCKXWLXSHWMSOxrGemkXOGhSlA
tpzal/qMEoQN5CYQWbu4IFuMsvPTAU+b2QNms93E76shuA0XD6bBUFxJQYFxou3D
INMTdwo9WgTvoIZpBEvSE9MRAgMBAAGjggMqMIIDJjAdBgNVHQ4EFgQUHaAa/AiI
yqYXHgoOdBz8kE7S328wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM1MkM2LzFFREZFNDk2QjFENDExRUFBNDZGMDAxQUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzNTJDNi8xRURGRTQ5NkIxRDQxMUVBQTQ2RjAwMUFDNEY5QUUwMi9IYUFhX0Fp
SXlxWVhIZ29PZEJ6OGtFN1MzMjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg/DMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBZ1a8AwQBZ9GY
AwQByhsKMA0EAgACMAcDBQAkAfNAMA0GCSqGSIb3DQEBCwUAA4IBAQCAWVpEr5az
PzNA9rAd6s4OR7O+VSvMiywrsphIhUKlEfHJvQm28FaAcSB8+cHtIRF4Nh+lxY+D
jjW3poDI3dJP/yfszStmPg1C9USeQ7Zj8/5VaH+7ZyKXgAujJsr1X3JlNr6lLV5E
E9VayNTIBewAb1QrX7n33SPOZt1zgqQrQiDHJLZve6y/KWTFEjOHHn29oWcSzyqk
Iq3pMgdRzuNfZGe0lnBEiiUNeGihKjQ9/RbcYwsifjS1lIYCq/4ZvwNQX09aFNWY
unEWgYXOlDlRC54L6hEDAKoQ6JPwpffV4CKnfiTLuD7+4HMoIN8KvFYEVAw8T4JY
S51FwNL5Cjt5
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:44:43 2024 by rpki-client on console-fra.rpki-client.org