Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HmeMaiF9cVsw2csi1fiE0XxWmbY.cer
File:                     HmeMaiF9cVsw2csi1fiE0XxWmbY.cer (raw, json)
Hash identifier:          WHJ6q4ZWXG+kDzV6dGWDNzGqBnoICyk4VTEOdgJNgcw=
Subject key identifier:   1E:67:8C:6A:21:7D:71:5B:30:D9:CB:22:D5:F8:84:D1:7C:56:99:B6
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01DE74
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9133953/122D8D28A49611E7A926ED4DC4F9AE02/HmeMaiF9cVsw2csi1fiE0XxWmbY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9133953/122D8D28A49611E7A926ED4DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 12 Feb 2024 13:50:57 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    AS: 136184
                          AS: 138971
                          IP: 103.83.88.0/22
                          IP: 2400:90c0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 12:32:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122484 (0x1de74)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb 12 13:50:57 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A9133953/serialNumber=1E678C6A217D715B30D9CB22D5F884D17C5699B6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:8f:4c:af:e4:11:1f:96:ce:5f:05:68:28:b7:
                    c7:ae:96:14:55:07:a0:8b:2d:c4:ac:43:35:3b:22:
                    c4:64:61:c2:33:5d:7f:86:5c:9b:f3:68:85:ea:90:
                    f3:72:2d:72:fe:9c:a5:09:d3:08:3c:47:8a:41:3a:
                    b2:a8:15:42:b8:0b:5a:28:1e:47:1d:0d:91:e7:26:
                    8d:33:0d:ae:5b:92:dc:a9:75:6b:99:d5:c0:5e:f7:
                    36:c4:2c:af:0b:87:a6:86:d2:75:89:1e:d6:00:1c:
                    dc:bb:e9:13:02:59:09:00:28:31:f8:60:8b:bd:b8:
                    42:a1:f9:a3:52:47:61:f1:60:4c:fa:e4:47:9b:d5:
                    60:f8:a5:86:58:52:bf:2c:00:17:64:6e:45:22:69:
                    40:07:79:4a:b4:4a:c9:ee:b2:86:8d:75:f6:c8:bf:
                    5a:15:b7:ad:e5:6d:d8:f6:5b:93:74:0f:e0:2f:05:
                    9a:7e:d2:8e:a0:17:9f:97:2e:02:da:a2:c5:c9:a2:
                    36:c5:a3:86:7d:51:3f:ed:5a:ca:bd:75:41:22:2e:
                    ea:c9:83:15:d4:f5:99:c3:41:b2:11:3a:fa:f0:bf:
                    86:1b:c2:43:c3:dc:72:00:5d:df:ac:28:f1:32:36:
                    8f:d2:3c:bd:5d:2d:df:4a:c9:df:dd:c9:f4:a8:f2:
                    09:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:67:8C:6A:21:7D:71:5B:30:D9:CB:22:D5:F8:84:D1:7C:56:99:B6
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9133953/122D8D28A49611E7A926ED4DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9133953/122D8D28A49611E7A926ED4DC4F9AE02/HmeMaiF9cVsw2csi1fiE0XxWmbY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  136184
                  138971

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.83.88.0/22
                IPv6:
                  2400:90c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         d6:a7:31:4d:e9:9e:0a:c9:c5:19:42:5b:91:dc:0b:85:fd:6a:
         e3:b4:80:39:03:8c:54:dd:d5:9c:95:47:2e:60:bf:74:eb:c3:
         96:44:10:9c:07:ef:b4:ee:5d:e2:7c:4e:0a:15:3a:b8:e6:90:
         4c:2d:12:a2:82:82:04:eb:44:96:12:cb:81:60:d4:13:03:10:
         b9:88:1a:6a:de:fe:42:23:64:ad:d8:c1:d5:0c:a2:50:19:6e:
         9f:96:b7:ba:6c:3d:c7:15:88:2c:26:f6:aa:38:0f:9e:97:a4:
         36:34:7f:e0:1e:03:c0:8e:41:42:ca:53:08:92:65:d6:ec:28:
         05:81:a2:69:84:fe:ce:3c:66:b2:dc:80:c4:d0:ec:f3:2b:2d:
         e4:97:7c:b7:8a:6f:2c:19:d5:63:e6:84:96:90:23:a8:55:28:
         cc:c9:19:a3:7b:81:52:d0:ec:6f:09:29:37:9d:ae:67:8e:67:
         bf:79:95:04:56:45:2d:a6:94:cf:26:96:15:97:94:02:d8:7a:
         36:5c:70:aa:bf:be:73:09:ba:4e:6a:91:f2:75:d5:d7:da:b7:
         16:c7:80:e8:57:27:d9:a8:60:9d:d5:50:1d:60:d0:1e:9e:06:
         9e:fe:4f:df:70:0d:bf:5e:eb:3b:5b:14:28:69:19:62:0a:44:
         b7:51:9a:be
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgIDAd50MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIxMjEzNTA1N1oXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzM5NTMxMTAvBgNVBAUTKDFFNjc4QzZBMjE3RDcxNUIzMEQ5Q0Iy
MkQ1Rjg4NEQxN0M1Njk5QjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/j0yv5BEfls5fBWgot8eulhRVB6CLLcSsQzU7IsRkYcIzXX+GXJvzaIXqkPNy
LXL+nKUJ0wg8R4pBOrKoFUK4C1ooHkcdDZHnJo0zDa5bktypdWuZ1cBe9zbELK8L
h6aG0nWJHtYAHNy76RMCWQkAKDH4YIu9uEKh+aNSR2HxYEz65Eeb1WD4pYZYUr8s
ABdkbkUiaUAHeUq0SsnusoaNdfbIv1oVt63lbdj2W5N0D+AvBZp+0o6gF5+XLgLa
osXJojbFo4Z9UT/tWsq9dUEiLurJgxXU9ZnDQbIROvrwv4YbwkPD3HIAXd+sKPEy
No/SPL1dLd9Kyd/dyfSo8gkFAgMBAAGjggMjMIIDHzAdBgNVHQ4EFgQUHmeMaiF9
cVsw2csi1fiE0XxWmbYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTMzOTUzLzEyMkQ4RDI4QTQ5NjExRTdBOTI2RUQ0REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzMzk1My8xMjJEOEQyOEE0OTYxMUU3QTkyNkVENERDNEY5QUUwMi9IbWVNYWlG
OWNWc3cyY3NpMWZpRTBYeFdtYlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAhP4AgMCHtswLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJnU1gw
DQQCAAIwBwMFACQAkMAwDQYJKoZIhvcNAQELBQADggEBANanMU3pngrJxRlCW5Hc
C4X9auO0gDkDjFTd1ZyVRy5gv3Trw5ZEEJwH77TuXeJ8TgoVOrjmkEwtEqKCggTr
RJYSy4Fg1BMDELmIGmre/kIjZK3YwdUMolAZbp+Wt7psPccViCwm9qo4D56XpDY0
f+AeA8COQULKUwiSZdbsKAWBommE/s48ZrLcgMTQ7PMrLeSXfLeKbywZ1WPmhJaQ
I6hVKMzJGaN7gVLQ7G8JKTedrmeOZ795lQRWRS2mlM8mlhWXlALYejZccKq/vnMJ
uk5qkfJ11dfatxbHgOhXJ9moYJ3VUB1g0B6eBp7+T99wDb9e6ztbFChpGWIKRLdR
mr4=
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:33:53 2024 by rpki-client on console-ams.rpki-client.org