Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IadvO7gWz_58RmVVwrC-vJx7xW4.cer
File:                     IadvO7gWz_58RmVVwrC-vJx7xW4.cer (raw, json)
Hash identifier:          8DnVmS+frIJTpQnBXcHLb9M9gtFPNhl60jtpMaqulIQ=
Subject key identifier:   21:A7:6F:3B:B8:16:CF:FE:7C:46:65:55:C2:B0:BE:BC:9C:7B:C5:6E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E374
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91CA559/AAC34F4630C411EC99F2F66CC4F9AE02/IadvO7gWz_58RmVVwrC-vJx7xW4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91CA559/AAC34F4630C411EC99F2F66CC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 07 Mar 2024 20:50:47 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    AS: 140048
                          IP: 103.147.224.0/23
                          IP: 103.231.172.0/22
                          IP: 2405:c2c0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123764 (0x1e374)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar  7 20:50:47 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A91CA559/serialNumber=21A76F3BB816CFFE7C466555C2B0BEBC9C7BC56E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:53:84:7b:81:0d:d4:a8:cc:e3:9a:bf:7c:3f:
                    ce:9d:67:ba:10:81:7a:6a:2f:af:68:d5:79:63:25:
                    9b:66:2c:10:e1:0e:d0:ef:80:7c:82:e6:5d:7c:bb:
                    58:61:34:65:15:90:d8:fa:02:34:c7:8f:c3:a9:14:
                    03:69:89:0d:9f:f0:21:57:97:1b:df:22:01:a6:8a:
                    47:c0:80:69:b7:da:98:ec:6a:e0:12:a8:bc:0a:7b:
                    34:b7:2e:2f:5c:eb:72:66:74:c0:ad:89:6f:fc:9b:
                    dc:4f:01:0c:cc:76:42:3c:1d:78:49:29:21:a0:c3:
                    f6:7a:1a:7a:45:56:1c:ed:80:c6:ae:4f:3d:34:10:
                    1f:ab:61:b2:f1:9a:67:0a:15:e0:a3:e3:2b:f3:f6:
                    78:c8:60:33:54:89:91:b8:e8:16:7e:87:da:29:55:
                    d5:68:07:85:8b:77:c0:18:07:0c:b1:20:e9:04:82:
                    75:55:f9:49:e3:a5:b7:a7:0d:9e:99:4f:53:f0:f4:
                    f2:01:f2:2a:94:da:aa:3e:d7:7f:f1:f2:e1:d7:15:
                    12:ed:64:f0:44:07:af:dc:cd:c8:3b:be:88:8a:73:
                    3c:38:e2:4f:c4:e1:c9:23:e7:cc:ba:2f:a8:6b:e2:
                    68:bf:ca:46:1e:a2:ff:72:9f:e8:dd:e6:37:a5:90:
                    5b:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:A7:6F:3B:B8:16:CF:FE:7C:46:65:55:C2:B0:BE:BC:9C:7B:C5:6E
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CA559/AAC34F4630C411EC99F2F66CC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CA559/AAC34F4630C411EC99F2F66CC4F9AE02/IadvO7gWz_58RmVVwrC-vJx7xW4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  140048

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.147.224.0/23
                  103.231.172.0/22
                IPv6:
                  2405:c2c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         31:21:09:b0:22:e6:62:34:66:4b:84:b6:8b:f1:8a:eb:c5:d1:
         c2:d0:d9:8a:a6:c7:15:44:8b:98:c8:b7:9c:80:fc:89:2d:af:
         69:c4:77:11:6a:50:ac:93:ca:df:6b:51:10:d2:a3:57:bc:d8:
         20:9a:e3:e8:31:27:d3:6c:98:af:a4:43:af:a2:00:cd:c5:bd:
         7b:8e:b4:9a:51:38:65:ba:14:5a:42:fb:a6:44:45:24:b5:73:
         87:9b:99:21:ba:99:a9:e8:47:bb:6c:85:c6:24:db:86:6a:4c:
         88:81:2f:29:a9:52:5d:1f:a5:fa:68:49:68:6e:6d:c9:d8:fa:
         d2:b9:01:00:56:bd:73:10:22:e7:8f:fd:47:72:24:db:a7:4b:
         b6:e6:51:0d:d9:b8:53:65:ff:ef:bc:67:c7:c6:29:e3:e9:61:
         d1:ae:6c:73:f6:c8:e2:38:17:a4:85:06:cc:08:54:64:b1:94:
         60:d8:14:b6:4c:e7:33:a8:40:b5:75:d8:c1:dd:5a:5a:0e:eb:
         9a:34:48:eb:07:b8:49:3c:56:aa:55:e4:0b:25:f7:da:ce:62:
         94:b3:8b:11:5d:4a:55:d6:ee:80:04:f9:df:55:6c:86:2f:0e:
         df:06:4c:71:93:25:1b:5e:0c:73:46:1e:77:8f:6b:e1:5d:94:
         56:07:0e:a1
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAeN0MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMwNzIwNTA0N1oXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQ0E1NTkxMTAvBgNVBAUTKDIxQTc2RjNCQjgxNkNGRkU3QzQ2NjU1
NUMyQjBCRUJDOUM3QkM1NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5U4R7gQ3UqMzjmr98P86dZ7oQgXpqL69o1XljJZtmLBDhDtDvgHyC5l18u1hh
NGUVkNj6AjTHj8OpFANpiQ2f8CFXlxvfIgGmikfAgGm32pjsauASqLwKezS3Li9c
63JmdMCtiW/8m9xPAQzMdkI8HXhJKSGgw/Z6GnpFVhztgMauTz00EB+rYbLxmmcK
FeCj4yvz9njIYDNUiZG46BZ+h9opVdVoB4WLd8AYBwyxIOkEgnVV+UnjpbenDZ6Z
T1Pw9PIB8iqU2qo+13/x8uHXFRLtZPBEB6/czcg7voiKczw44k/E4ckj58y6L6hr
4mi/ykYeov9yn+jd5jelkFslAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUIadvO7gW
z/58RmVVwrC+vJx7xW4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNBNTU5L0FBQzM0RjQ2MzBDNDExRUM5OUYyRjY2Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDQTU1OS9BQUMzNEY0NjMwQzQxMUVDOTlGMkY2NkNDNEY5QUUwMi9JYWR2Tzdn
V3pfNThSbVZWd3JDLXZKeDd4VzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiMQMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBZ5PgAwQCZ+es
MA0EAgACMAcDBQAkBcLAMA0GCSqGSIb3DQEBCwUAA4IBAQAxIQmwIuZiNGZLhLaL
8YrrxdHC0NmKpscVRIuYyLecgPyJLa9pxHcRalCsk8rfa1EQ0qNXvNggmuPoMSfT
bJivpEOvogDNxb17jrSaUThluhRaQvumREUktXOHm5khupmp6Ee7bIXGJNuGakyI
gS8pqVJdH6X6aElobm3J2PrSuQEAVr1zECLnj/1HciTbp0u25lEN2bhTZf/vvGfH
xinj6WHRrmxz9sjiOBekhQbMCFRksZRg2BS2TOczqEC1ddjB3VpaDuuaNEjrB7hJ
PFaqVeQLJffazmKUs4sRXUpV1u6ABPnfVWyGLw7fBkxxkyUbXgxzRh53j2vhXZRW
Bw6h
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:47:01 2024 by rpki-client on console-ams.rpki-client.org