Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.cer
File:                     HfnAzvmnfc0Vu1H5P9NCmZvhFlg.cer (raw, json)
Hash identifier:          rA/ZI7OOilsKdHMg5XJnK9oZPkkkXoXegXttlqUiZIA=
Subject key identifier:   1D:F9:C0:CE:F9:A7:7D:CD:15:BB:51:F9:3F:D3:42:99:9B:E1:16:58
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01DE1F
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 09 Feb 2024 01:32:35 +0000
Certificate not after:    Wed 28 May 2025 00:00:00 +0000
Subordinate resources:    AS: 10104
                          IP: 2001:df3:6c40::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122399 (0x1de1f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb  9 01:32:35 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=A9178C1E/serialNumber=1DF9C0CEF9A77DCD15BB51F93FD342999BE11658
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:d4:f8:8a:d0:77:0b:d1:fd:68:3b:71:11:0d:
                    bf:50:8c:92:3a:4a:ad:f2:53:be:d3:8e:ad:f8:15:
                    92:87:c1:52:73:f9:9f:d1:11:f4:67:93:cf:0a:99:
                    72:9a:02:e4:c4:ec:93:30:47:bd:7a:eb:3e:f3:f9:
                    e8:93:b7:34:8a:1d:2c:86:7f:9d:bc:4d:d0:85:d0:
                    bb:6c:21:98:ac:32:d3:10:1a:0b:8c:68:4b:3e:0a:
                    f9:a4:d8:2c:4e:37:91:40:33:a1:90:cc:56:4b:76:
                    4a:a6:74:88:56:bb:c3:86:88:3f:41:4d:3f:55:ae:
                    82:41:34:36:42:42:ef:d1:d8:6c:52:ec:5a:49:c1:
                    b2:36:b2:d5:b0:c2:cb:1a:22:82:68:09:31:01:27:
                    f3:f2:7c:33:62:c8:0a:8e:de:bd:8f:ec:0a:bf:09:
                    c9:12:d0:e9:9b:aa:ba:4d:a6:1f:7f:4c:cb:3a:c5:
                    b9:2b:ec:35:f3:13:98:15:fb:23:90:f8:6a:8f:c6:
                    9d:57:c6:f8:e6:63:7a:e5:a7:6e:22:55:6b:ef:a0:
                    df:69:80:8e:87:37:18:fc:73:2b:a9:4d:60:24:6c:
                    db:5d:7e:60:f0:c5:ae:bc:4e:82:f2:0d:fe:28:c9:
                    d6:90:5a:19:d3:c3:7e:57:3b:51:db:0d:91:6b:56:
                    97:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:F9:C0:CE:F9:A7:7D:CD:15:BB:51:F9:3F:D3:42:99:9B:E1:16:58
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  10104

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df3:6c40::/48

    Signature Algorithm: sha256WithRSAEncryption
         31:6e:8a:20:c9:65:61:95:e7:85:28:37:66:0b:d2:43:aa:29:
         ac:9f:2c:85:e1:16:bc:95:3e:db:b4:f3:29:6f:04:e7:e9:05:
         e3:67:a0:b5:cb:23:00:cc:44:53:26:79:1c:97:a0:cd:02:14:
         c0:aa:f7:b3:47:52:04:8c:21:d4:9b:6c:7e:a5:ed:2e:b5:81:
         a4:9b:cb:5d:f0:d1:74:bc:93:0d:8a:80:e1:20:ef:d1:06:ea:
         de:c5:d6:3d:76:63:31:ef:bc:33:53:85:19:b1:09:e2:04:85:
         53:6e:51:e3:ba:5c:f2:d6:7d:94:b0:93:db:7d:7e:e4:21:60:
         33:3d:bc:b5:ba:4e:b1:e2:59:0f:ea:66:b9:39:36:08:6e:be:
         f0:68:7b:cc:fd:8c:f2:ca:62:7c:bf:a2:5a:0b:4c:25:3a:0e:
         8d:a2:c8:4d:ec:66:79:b5:90:99:28:42:b0:54:eb:54:f4:85:
         91:3f:60:fa:97:1e:d1:cd:96:c6:f2:0e:b2:d3:3e:2e:05:45:
         d3:8f:6d:98:41:e1:3d:bd:f1:ce:04:fc:4a:75:45:0d:82:30:
         ad:51:22:c5:16:14:b3:fd:67:a4:10:57:a9:6d:96:0f:f9:11:
         6e:86:9c:8b:4e:8c:4b:53:1b:d2:5e:a5:f0:5f:57:25:be:36:
         30:65:7f:95
-----BEGIN CERTIFICATE-----
MIIGHDCCBQSgAwIBAgIDAd4fMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIwOTAxMzIzNVoXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNzhDMUUxMTAvBgNVBAUTKDFERjlDMENFRjlBNzdEQ0QxNUJCNTFG
OTNGRDM0Mjk5OUJFMTE2NTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCf1PiK0HcL0f1oO3ERDb9QjJI6Sq3yU77Tjq34FZKHwVJz+Z/REfRnk88KmXKa
AuTE7JMwR7166z7z+eiTtzSKHSyGf528TdCF0LtsIZisMtMQGguMaEs+Cvmk2CxO
N5FAM6GQzFZLdkqmdIhWu8OGiD9BTT9VroJBNDZCQu/R2GxS7FpJwbI2stWwwssa
IoJoCTEBJ/PyfDNiyAqO3r2P7Aq/CckS0OmbqrpNph9/TMs6xbkr7DXzE5gV+yOQ
+GqPxp1XxvjmY3rlp24iVWvvoN9pgI6HNxj8cyupTWAkbNtdfmDwxa68ToLyDf4o
ydaQWhnTw35XO1HbDZFrVpfFAgMBAAGjggMRMIIDDTAdBgNVHQ4EFgQUHfnAzvmn
fc0Vu1H5P9NCmZvhFlgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTc4QzFFL0MyODYwMzJFQzY0NzExRUU5RDY4RUI3RkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3OEMxRS9DMjg2MDMyRUM2NDcxMUVFOUQ2OEVCN0ZDNEY5QUUwMi9IZm5BenZt
bmZjMFZ1MUg1UDlOQ21admhGbGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICJ3gwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQ3zbEAwDQYJ
KoZIhvcNAQELBQADggEBADFuiiDJZWGV54UoN2YL0kOqKayfLIXhFryVPtu08ylv
BOfpBeNnoLXLIwDMRFMmeRyXoM0CFMCq97NHUgSMIdSbbH6l7S61gaSby13w0XS8
kw2KgOEg79EG6t7F1j12YzHvvDNThRmxCeIEhVNuUeO6XPLWfZSwk9t9fuQhYDM9
vLW6TrHiWQ/qZrk5NghuvvBoe8z9jPLKYny/oloLTCU6Do2iyE3sZnm1kJkoQrBU
61T0hZE/YPqXHtHNlsbyDrLTPi4FRdOPbZhB4T298c4E/Ep1RQ2CMK1RIsUWFLP9
Z6QQV6ltlg/5EW6GnItOjEtTG9JepfBfVyW+NjBlf5U=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:15:14 2024 by rpki-client on console-ams.rpki-client.org