Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HtdycKSBilV07-7Kyvt0g812iCE.cer
File:                     HtdycKSBilV07-7Kyvt0g812iCE.cer (raw, json)
Hash identifier:          GCpHy5YmkIKEZdTWyFxaSyOGqfAWuSbAg5ICJH9ieV4=
Subject key identifier:   1E:D7:72:70:A4:81:8A:55:74:EF:EE:CA:CA:FB:74:83:CD:76:88:21
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E569
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91CFE58/6033CF6A669911EABF13C94DC4F9AE02/HtdycKSBilV07-7Kyvt0g812iCE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91CFE58/6033CF6A669911EABF13C94DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 19 Mar 2024 21:52:20 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    AS: 137033
                          IP: 103.149.72.0/23
                          IP: 2001:df5:c780::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124265 (0x1e569)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar 19 21:52:20 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A91CFE58/serialNumber=1ED77270A4818A5574EFEECACAFB7483CD768821
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:27:15:d2:17:cd:f0:ae:b8:d9:64:43:75:36:
                    d3:84:e8:6b:a2:05:86:3f:ec:f5:5d:d1:78:32:bc:
                    bb:32:b4:f7:02:6b:8e:e0:12:37:b0:e2:3d:73:9f:
                    56:75:1f:03:df:58:8b:71:de:a1:14:bd:35:39:23:
                    c7:85:ba:1d:da:a8:32:bd:79:1a:63:47:ad:01:77:
                    85:1b:3b:60:ec:33:e2:19:89:ca:23:94:4d:0c:a4:
                    be:42:2d:87:29:e7:23:e3:e6:fb:d4:e8:ba:15:39:
                    82:3d:c6:2b:29:5e:4a:e3:d0:42:4d:c1:49:e3:19:
                    39:0c:e1:49:5e:84:ca:11:6c:eb:c3:e7:08:55:6d:
                    f0:9b:bb:1e:75:5e:d9:1c:ed:84:99:fc:6e:3a:d7:
                    84:e4:ed:ca:36:79:73:18:c0:d9:4c:ba:96:fb:4c:
                    e6:f6:1e:00:d2:fb:a3:f7:fb:56:5f:87:ed:c4:c7:
                    20:93:05:20:0f:e1:e4:bd:ef:9a:75:71:17:54:d8:
                    71:9f:a2:51:e1:51:e7:ba:b1:aa:7f:ab:5d:74:31:
                    c8:b8:5f:ed:a8:bb:65:3b:80:fc:67:4b:53:5a:6b:
                    30:9b:2d:62:76:a1:9a:53:b8:ac:8a:e8:78:61:a8:
                    91:41:9a:5e:70:e0:7e:5b:07:99:07:5c:c7:f8:2b:
                    d8:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:D7:72:70:A4:81:8A:55:74:EF:EE:CA:CA:FB:74:83:CD:76:88:21
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CFE58/6033CF6A669911EABF13C94DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CFE58/6033CF6A669911EABF13C94DC4F9AE02/HtdycKSBilV07-7Kyvt0g812iCE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  137033

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.149.72.0/23
                IPv6:
                  2001:df5:c780::/48

    Signature Algorithm: sha256WithRSAEncryption
         af:cf:47:34:21:73:1b:f8:6a:cc:36:c4:d8:30:10:42:37:c2:
         84:80:73:b8:cf:51:4c:22:b1:7a:79:c9:b6:56:90:d0:54:6c:
         6a:17:bf:28:58:7c:e6:f0:44:aa:e7:e9:9d:a7:ca:ed:bb:c1:
         97:69:e7:cd:b4:40:a6:6c:10:69:79:e5:5b:10:46:be:48:1f:
         0a:99:e0:e3:f8:40:4f:d9:3b:b0:b7:d9:32:5c:fc:08:a1:26:
         d7:03:9d:f0:24:cc:81:05:dc:52:52:00:9b:c8:2d:83:79:0c:
         de:85:3e:90:b6:e1:d7:dc:ee:d5:53:92:57:84:53:d4:ba:de:
         ea:0b:93:fe:0d:21:17:2e:03:f6:05:d6:51:b9:08:64:8c:eb:
         de:64:18:f2:88:7d:e9:4f:36:c7:11:60:6c:25:ae:d8:fd:94:
         14:4a:e5:de:90:b3:1a:66:fd:19:a1:21:e8:ba:de:a7:78:8c:
         24:26:33:2c:6c:f1:3d:a6:78:99:94:ab:25:45:be:b3:b1:f3:
         96:f0:30:4d:2f:68:bc:7f:8b:da:f0:fc:22:5d:7e:28:27:29:
         df:22:c0:32:f4:1c:9e:2c:e0:5d:f9:84:c4:ae:f4:90:23:4c:
         15:29:5a:2b:75:7e:95:47:01:e3:f4:04:60:2e:22:32:75:ad:
         c1:4d:60:92
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAeVpMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMxOTIxNTIyMFoXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQ0ZFNTgxMTAvBgNVBAUTKDFFRDc3MjcwQTQ4MThBNTU3NEVGRUVD
QUNBRkI3NDgzQ0Q3Njg4MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/JxXSF83wrrjZZEN1NtOE6GuiBYY/7PVd0XgyvLsytPcCa47gEjew4j1zn1Z1
HwPfWItx3qEUvTU5I8eFuh3aqDK9eRpjR60Bd4UbO2DsM+IZicojlE0MpL5CLYcp
5yPj5vvU6LoVOYI9xispXkrj0EJNwUnjGTkM4UlehMoRbOvD5whVbfCbux51Xtkc
7YSZ/G4614Tk7co2eXMYwNlMupb7TOb2HgDS+6P3+1Zfh+3ExyCTBSAP4eS975p1
cRdU2HGfolHhUee6sap/q110Mci4X+2ou2U7gPxnS1NaazCbLWJ2oZpTuKyK6Hhh
qJFBml5w4H5bB5kHXMf4K9gvAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUHtdycKSB
ilV07+7Kyvt0g812iCEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNGRTU4LzYwMzNDRjZBNjY5OTExRUFCRjEzQzk0REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDRkU1OC82MDMzQ0Y2QTY2OTkxMUVBQkYxM0M5NERDNEY5QUUwMi9IdGR5Y0tT
QmlsVjA3LTdLeXZ0MGc4MTJpQ0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhdJMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ5VIMA8EAgAC
MAkDBwAgAQ31x4AwDQYJKoZIhvcNAQELBQADggEBAK/PRzQhcxv4asw2xNgwEEI3
woSAc7jPUUwisXp5ybZWkNBUbGoXvyhYfObwRKrn6Z2nyu27wZdp5820QKZsEGl5
5VsQRr5IHwqZ4OP4QE/ZO7C32TJc/AihJtcDnfAkzIEF3FJSAJvILYN5DN6FPpC2
4dfc7tVTkleEU9S63uoLk/4NIRcuA/YF1lG5CGSM695kGPKIfelPNscRYGwlrtj9
lBRK5d6Qsxpm/RmhIei63qd4jCQmMyxs8T2meJmUqyVFvrOx85bwME0vaLx/i9rw
/CJdfignKd8iwDL0HJ4s4F35hMSu9JAjTBUpWit1fpVHAeP0BGAuIjJ1rcFNYJI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:59:33 2024 by rpki-client on console-ams.rpki-client.org