Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Iu3562YIf9DpgXrnNsADnRiAiNU.cer
File:                     Iu3562YIf9DpgXrnNsADnRiAiNU.cer (raw, json)
Hash identifier:          8IqX6KeGMP57H77Oad1ufmQNfcvAYojmzcjZUiWHMNE=
Subject key identifier:   22:ED:F9:EB:66:08:7F:D0:E9:81:7A:E7:36:C0:03:9D:18:80:88:D5
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01EA94
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9112DB1/3FA6920083C011ECB54B397FC4F9AE02/Iu3562YIf9DpgXrnNsADnRiAiNU.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9112DB1/3FA6920083C011ECB54B397FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 09 Apr 2024 05:23:36 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    AS: 134972
                          AS: 136011
                          AS: 138415
                          AS: 147293
                          AS: 149502
                          AS: 149767
                          AS: 151338
                          AS: 151487
                          AS: 151655
                          IP: 103.181.12.0/23
                          IP: 2001:df0:64c0::/48
                          IP: 2400:8a20::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 14:41:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 125588 (0x1ea94)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Apr  9 05:23:36 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A9112DB1/serialNumber=22EDF9EB66087FD0E9817AE736C0039D188088D5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:88:cf:ad:66:d2:47:6b:43:0b:1a:5b:2f:ce:
                    60:c7:5e:d9:ab:00:51:c1:30:b8:27:7e:9d:23:37:
                    d9:9d:5a:6a:3e:c8:e0:7a:d7:04:db:72:96:33:40:
                    c7:d0:4d:d9:e0:77:d8:73:b3:a9:bc:dd:df:98:36:
                    58:69:d5:08:3e:ff:83:47:2e:02:ea:b5:07:e8:41:
                    92:a8:36:65:af:1c:82:aa:0c:4f:b9:f4:30:03:6b:
                    ef:33:20:44:be:cf:6a:e2:86:fe:22:ba:98:72:cc:
                    12:57:ae:c2:8b:02:95:0b:0b:79:e5:de:f3:64:50:
                    60:5a:6e:32:fb:8a:56:75:b3:12:f8:a1:3a:48:be:
                    96:af:f9:46:d2:8f:0e:56:31:82:e4:e5:e8:ea:7d:
                    d1:61:85:95:3a:4f:a5:7b:8c:2e:42:d0:36:9e:83:
                    1d:cc:17:11:ef:06:9d:9e:d3:4d:a9:cb:17:5a:57:
                    7f:a5:2b:17:ff:c9:17:62:0e:51:e2:20:4e:b9:2e:
                    df:88:e8:9b:44:59:3e:be:81:42:98:0d:75:16:84:
                    02:d1:27:e8:db:b7:89:0c:e4:f7:8b:be:88:ce:b3:
                    d7:c0:1c:2e:94:c7:8c:0e:84:63:a6:02:25:ae:24:
                    07:82:7a:5b:7d:38:aa:8b:9f:99:f5:f7:8a:cb:95:
                    7c:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:ED:F9:EB:66:08:7F:D0:E9:81:7A:E7:36:C0:03:9D:18:80:88:D5
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9112DB1/3FA6920083C011ECB54B397FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9112DB1/3FA6920083C011ECB54B397FC4F9AE02/Iu3562YIf9DpgXrnNsADnRiAiNU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  134972
                  136011
                  138415
                  147293
                  149502
                  149767
                  151338
                  151487
                  151655

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.181.12.0/23
                IPv6:
                  2001:df0:64c0::/48
                  2400:8a20::/32

    Signature Algorithm: sha256WithRSAEncryption
         56:67:34:96:9d:b0:6e:79:99:a5:05:56:3f:2b:49:e7:69:c1:
         98:6b:5e:17:47:a3:8f:85:45:bf:c9:27:2e:1c:96:82:7b:69:
         02:32:40:eb:87:e0:2a:cd:ea:41:19:37:71:6d:f9:af:36:5d:
         94:57:7c:a1:ef:84:d1:f1:20:5c:96:f8:41:9d:b5:b3:11:91:
         39:8c:bd:4b:c6:9b:3b:d6:6b:9c:64:dc:92:2b:f4:36:57:93:
         a0:ce:5f:58:1c:50:a0:80:1b:36:2e:1f:dc:e7:69:53:1f:32:
         3c:55:b0:d7:6c:97:6e:37:7f:d8:9f:a1:7d:f7:16:af:99:a6:
         e5:ce:f2:63:0e:72:db:08:7b:59:69:8d:64:4f:aa:f9:23:96:
         9c:81:c6:9d:2d:b6:86:3d:ae:5c:bd:df:a6:bb:ce:0f:6c:2d:
         65:db:8b:31:b7:75:9f:79:c3:3b:e3:65:b1:f9:19:12:d2:2c:
         6c:0e:86:33:c7:76:8c:1e:c5:81:3d:b9:b2:49:8d:e7:7c:89:
         7c:f5:51:5f:bc:c3:f5:52:0c:62:40:0c:08:0f:bd:3c:8c:68:
         94:48:55:85:2f:b9:c9:0e:08:09:e2:19:51:59:4f:67:af:f6:
         8d:1c:a2:56:af:17:a8:81:f9:98:a4:d9:15:f2:cc:3e:af:a8:
         5a:b1:aa:c6
-----BEGIN CERTIFICATE-----
MIIGWjCCBUKgAwIBAgIDAeqUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQwOTA1MjMzNloXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTJEQjExMTAvBgNVBAUTKDIyRURGOUVCNjYwODdGRDBFOTgxN0FF
NzM2QzAwMzlEMTg4MDg4RDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCjiM+tZtJHa0MLGlsvzmDHXtmrAFHBMLgnfp0jN9mdWmo+yOB61wTbcpYzQMfQ
Tdngd9hzs6m83d+YNlhp1Qg+/4NHLgLqtQfoQZKoNmWvHIKqDE+59DADa+8zIES+
z2rihv4iuphyzBJXrsKLApULC3nl3vNkUGBabjL7ilZ1sxL4oTpIvpav+UbSjw5W
MYLk5ejqfdFhhZU6T6V7jC5C0Daegx3MFxHvBp2e002pyxdaV3+lKxf/yRdiDlHi
IE65Lt+I6JtEWT6+gUKYDXUWhALRJ+jbt4kM5PeLvojOs9fAHC6Ux4wOhGOmAiWu
JAeCelt9OKqLn5n194rLlXzFAgMBAAGjggNPMIIDSzAdBgNVHQ4EFgQUIu3562YI
f9DpgXrnNsADnRiAiNUwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTEyREIxLzNGQTY5MjAwODNDMDExRUNCNTRCMzk3RkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExMkRCMS8zRkE2OTIwMDgzQzAxMUVDQjU0QjM5N0ZDNEY5QUUwMi9JdTM1NjJZ
SWY5RHBnWHJuTnNBRG5SaUFpTlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQgBAf8EMzAx
oC8wLQIDAg88AgMCE0sCAwIcrwIDAj9dAgMCR/4CAwJJBwIDAk8qAgMCT78CAwJQ
ZzA3BggrBgEFBQcBBwEB/wQoMCYwDAQCAAEwBgMEAWe1DDAWBAIAAjAQAwcAIAEN
8GTAAwUAJACKIDANBgkqhkiG9w0BAQsFAAOCAQEAVmc0lp2wbnmZpQVWPytJ52nB
mGteF0ejj4VFv8knLhyWgntpAjJA64fgKs3qQRk3cW35rzZdlFd8oe+E0fEgXJb4
QZ21sxGROYy9S8abO9ZrnGTckiv0NleToM5fWBxQoIAbNi4f3OdpUx8yPFWw12yX
bjd/2J+hffcWr5mm5c7yYw5y2wh7WWmNZE+q+SOWnIHGnS22hj2uXL3fprvOD2wt
ZduLMbd1n3nDO+NlsfkZEtIsbA6GM8d2jB7FgT25skmN53yJfPVRX7zD9VIMYkAM
CA+9PIxolEhVhS+5yQ4ICeIZUVlPZ6/2jRyiVq8XqIH5mKTZFfLMPq+oWrGqxg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:26:14 2024 by rpki-client on console-fra.rpki-client.org