Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.cer
File:                     Hz6LAdhBy-YiDQLSzRETVPGcR7I.cer (raw, json)
Hash identifier:          /btCDXGlryU70mNmal5tEldyYRVBr/XMb3D/u/qBdgo=
Subject key identifier:   1F:3E:8B:01:D8:41:CB:E6:22:0D:02:D2:CD:11:13:54:F1:9C:47:B2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E130
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 28 Feb 2024 13:15:20 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    AS: 10102
                          AS: 131208
                          IP: 27.0.8.0/22
                          IP: 103.4.108.0/22
                          IP: 114.141.208.0/21
                          IP: 182.16.140.0/22
                          IP: 2404:a100::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 21:07:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123184 (0x1e130)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb 28 13:15:20 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A912F17E/serialNumber=1F3E8B01D841CBE6220D02D2CD111354F19C47B2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:9f:47:a1:9c:2c:7b:08:6e:a6:85:79:97:72:
                    30:f3:ea:26:c5:ca:74:53:b3:dc:e1:56:81:e4:28:
                    59:0b:26:02:d9:aa:0e:75:a7:dc:23:ab:94:5c:cb:
                    50:d1:00:6b:06:a1:c9:e3:7e:51:59:02:03:09:c4:
                    fa:e3:1f:71:5e:12:7c:e7:95:45:b1:99:c9:c1:7d:
                    12:80:ab:88:86:6e:92:62:bc:d7:e6:d8:33:c5:e5:
                    d2:88:65:6e:37:26:7e:65:66:38:cf:80:4a:af:76:
                    f2:7d:1d:65:77:13:5e:ba:77:67:cc:0c:c4:85:ae:
                    83:6d:b1:79:e2:35:29:16:35:8d:13:14:2a:08:ea:
                    6c:92:1c:74:40:e3:00:57:94:5c:a5:29:5d:27:4b:
                    dd:18:ef:04:75:68:c3:97:ac:eb:76:66:b3:48:c6:
                    77:17:ee:59:38:8e:7e:d9:79:ec:c9:fb:a0:b3:a2:
                    57:2f:6d:ef:48:1b:7e:c7:80:74:b6:fe:21:67:e9:
                    ad:36:3b:ab:69:23:41:10:95:56:5f:ae:c9:48:cd:
                    90:83:25:0a:a6:64:39:87:0e:d3:b2:0a:22:0f:f0:
                    a3:e3:69:f6:05:bd:7a:65:ab:9d:b2:83:4e:e1:f0:
                    56:cf:09:ef:dc:03:ea:5e:ae:de:1d:61:20:e6:cf:
                    84:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:3E:8B:01:D8:41:CB:E6:22:0D:02:D2:CD:11:13:54:F1:9C:47:B2
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912F17E/FCFF84661DA311E281EAAF9908B02CD2/Hz6LAdhBy-YiDQLSzRETVPGcR7I.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  10102
                  131208

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.0.8.0/22
                  103.4.108.0/22
                  114.141.208.0/21
                  182.16.140.0/22
                IPv6:
                  2404:a100::/32

    Signature Algorithm: sha256WithRSAEncryption
         00:51:00:c3:3f:e4:03:11:2d:46:d5:54:99:d1:19:6c:d0:a8:
         4a:d7:ab:db:ed:25:bc:95:f7:27:95:31:1d:12:4f:7d:2d:c0:
         42:91:c7:75:10:2a:96:9f:fe:1b:4a:48:8c:17:c5:a3:42:45:
         92:0c:53:0b:7c:8c:f7:ac:b3:19:92:89:5f:5c:12:41:df:3c:
         83:bc:d9:7c:e7:51:e8:fb:23:16:b7:3f:78:9d:38:5b:21:89:
         f3:2f:c7:14:7c:af:b7:56:d1:58:4d:81:77:e3:f8:1c:a1:ae:
         92:26:04:7f:6e:1b:0c:de:a3:ed:97:c3:31:8b:b9:f1:df:c8:
         99:cb:dd:fc:1a:30:14:f7:a3:a9:d0:7a:ef:fd:37:ad:f6:4c:
         fe:60:d4:a4:da:d4:8a:dc:e9:7e:07:de:0b:7b:d0:b3:02:8f:
         0c:f2:2b:57:d6:03:85:9a:ba:59:fd:f2:0f:ff:d7:a9:d8:65:
         1a:14:9f:94:66:57:81:57:a1:6f:a4:35:cd:97:c2:16:83:d5:
         6e:06:fd:b1:1a:d9:40:3f:a6:d4:d7:fa:d5:3a:6c:71:14:47:
         5a:ce:ae:6a:8f:f0:d3:6a:d7:4c:13:6f:73:b1:7d:73:3b:34:
         25:1b:21:7f:95:ff:2e:72:77:c8:68:47:f1:c8:e2:c8:d5:b5:
         4c:73:2e:02
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgIDAeEwMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIyODEzMTUyMFoXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMkYxN0UxMTAvBgNVBAUTKDFGM0U4QjAxRDg0MUNCRTYyMjBEMDJE
MkNEMTExMzU0RjE5QzQ3QjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDWn0ehnCx7CG6mhXmXcjDz6ibFynRTs9zhVoHkKFkLJgLZqg51p9wjq5Rcy1DR
AGsGocnjflFZAgMJxPrjH3FeEnznlUWxmcnBfRKAq4iGbpJivNfm2DPF5dKIZW43
Jn5lZjjPgEqvdvJ9HWV3E166d2fMDMSFroNtsXniNSkWNY0TFCoI6mySHHRA4wBX
lFylKV0nS90Y7wR1aMOXrOt2ZrNIxncX7lk4jn7ZeezJ+6Czolcvbe9IG37HgHS2
/iFn6a02O6tpI0EQlVZfrslIzZCDJQqmZDmHDtOyCiIP8KPjafYFvXplq52yg07h
8FbPCe/cA+pert4dYSDmz4SbAgMBAAGjggM0MIIDMDAdBgNVHQ4EFgQUHz6LAdhB
y+YiDQLSzRETVPGcR7IwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJGMTdFL0ZDRkY4NDY2MURBMzExRTI4MUVBQUY5OTA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyRjE3RS9GQ0ZGODQ2NjFEQTMxMUUyODFFQUFGOTkwOEIwMkNEMi9IejZMQWRo
QnktWWlEUUxTelJFVFZQR2NSN0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQgBAf8EDzAN
oAswCQICJ3YCAwIAiDBABggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAhsACAME
AmcEbAMEA3KN0AMEArYQjDANBAIAAjAHAwUAJAShADANBgkqhkiG9w0BAQsFAAOC
AQEAAFEAwz/kAxEtRtVUmdEZbNCoSter2+0lvJX3J5UxHRJPfS3AQpHHdRAqlp/+
G0pIjBfFo0JFkgxTC3yM96yzGZKJX1wSQd88g7zZfOdR6PsjFrc/eJ04WyGJ8y/H
FHyvt1bRWE2Bd+P4HKGukiYEf24bDN6j7ZfDMYu58d/Imcvd/BowFPejqdB67/03
rfZM/mDUpNrUitzpfgfeC3vQswKPDPIrV9YDhZq6Wf3yD//XqdhlGhSflGZXgVeh
b6Q1zZfCFoPVbgb9sRrZQD+m1Nf61TpscRRHWs6uao/w02rXTBNvc7F9czs0JRsh
f5X/LnJ3yGhH8cjiyNW1THMuAg==
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:24:31 2024 by rpki-client on console-fra.rpki-client.org