Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer
File:                     JQmQRutZ1kXUGaQo_HAaVzU_vyw.cer (raw, json)
Hash identifier:          8WwTXMXcwjsEqiKmuiFEir6lCwCauvprgqVTI+GWISg=
Subject key identifier:   25:09:90:46:EB:59:D6:45:D4:19:A4:28:FC:70:1A:57:35:3F:BF:2C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01DDC3
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 06 Feb 2024 18:31:07 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 133385
                          IP: 45.120.84.0/22
                          IP: 103.255.172.0/22
                          IP: 2400:8480::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 04 Dec 2024 01:13:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122307 (0x1ddc3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb  6 18:31:07 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A919EAAD/serialNumber=25099046EB59D645D419A428FC701A57353FBF2C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:33:67:85:0b:6c:46:38:ce:fd:da:04:2d:5c:
                    0b:6a:e9:21:13:52:bd:6e:44:ef:df:17:0d:5c:a0:
                    a4:50:16:75:65:bc:be:a4:d8:18:e5:48:75:97:1e:
                    e3:81:61:f0:5f:96:68:b3:3d:0d:be:90:3c:11:99:
                    71:d1:6e:20:91:b6:33:93:a2:07:f6:aa:d4:af:4c:
                    7c:9d:f3:1b:78:32:2a:e3:d4:b1:e7:08:ed:15:e9:
                    0f:61:12:dc:44:36:e5:c1:f5:da:27:98:a9:38:cb:
                    81:78:e9:2d:69:83:bb:db:81:55:89:6e:dc:20:83:
                    2a:07:ac:ba:5e:a1:99:5f:30:74:4e:95:fc:f9:46:
                    76:70:e8:d5:f6:e2:ad:cf:29:9c:95:77:3b:d6:fa:
                    d3:3b:bf:34:20:96:02:94:20:0f:84:a6:26:8a:22:
                    96:72:a8:32:9d:19:9f:cd:eb:00:c3:e1:d4:2e:4f:
                    03:e7:fb:5c:eb:57:ed:ff:a7:1c:1a:69:d5:59:96:
                    1c:74:8f:d0:17:9b:e9:6b:c0:01:79:7d:cc:2e:a0:
                    7e:28:5b:64:bc:e6:c4:4d:2e:14:87:2b:d0:0e:3a:
                    c0:b4:e6:cf:fd:7f:8e:19:a3:8b:eb:e5:4a:51:f8:
                    c2:d7:b0:41:21:a9:d8:84:85:eb:b4:6a:73:de:c0:
                    58:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:09:90:46:EB:59:D6:45:D4:19:A4:28:FC:70:1A:57:35:3F:BF:2C
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919EAAD/77D950F209D511EAB76C7317C4F9AE02/JQmQRutZ1kXUGaQo_HAaVzU_vyw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  133385

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.120.84.0/22
                  103.255.172.0/22
                IPv6:
                  2400:8480::/32

    Signature Algorithm: sha256WithRSAEncryption
         7e:9d:9e:62:57:74:94:09:62:a4:fe:d6:b7:be:01:d5:92:5f:
         eb:21:a6:23:73:af:e1:b9:4e:57:9b:24:36:4a:85:d5:f3:5e:
         ef:b9:fc:2a:ee:2f:65:af:4c:57:0a:c4:90:52:04:50:9f:dc:
         40:89:15:73:65:b9:7c:ba:f4:e8:3d:54:c5:d0:fc:c8:59:ce:
         19:1f:df:67:05:08:23:f8:27:ba:69:b8:75:36:cb:e6:61:9a:
         f5:8f:50:19:64:08:64:72:7f:f9:3a:bc:54:43:dc:0c:42:4f:
         cc:05:ad:a3:72:8b:4c:4f:a5:03:0a:79:34:cc:bc:8e:f8:28:
         61:e9:66:d4:1a:52:e4:7a:1d:e0:f2:e3:f8:40:e6:5e:60:2e:
         41:59:2b:ab:aa:40:46:63:f1:69:0d:51:57:0e:92:7d:89:0f:
         76:51:0a:a5:84:21:0b:56:0d:fd:dc:01:e8:2c:6b:a0:f0:f9:
         1a:48:0d:ba:93:0e:74:e8:70:0b:f1:aa:8a:b1:39:d1:96:c5:
         05:b3:84:d3:23:47:65:af:94:b1:d3:d6:6a:58:35:d8:b9:f7:
         78:80:ea:29:38:a5:31:dc:bc:34:07:29:8c:3b:ac:8d:76:ff:
         9a:f8:c3:ab:74:b2:ad:69:93:a2:76:b3:b6:6d:75:10:85:85:
         3c:38:d7:12
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAd3DMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIwNjE4MzEwN1oXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOUVBQUQxMTAvBgNVBAUTKDI1MDk5MDQ2RUI1OUQ2NDVENDE5QTQy
OEZDNzAxQTU3MzUzRkJGMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDaM2eFC2xGOM792gQtXAtq6SETUr1uRO/fFw1coKRQFnVlvL6k2BjlSHWXHuOB
YfBflmizPQ2+kDwRmXHRbiCRtjOTogf2qtSvTHyd8xt4Mirj1LHnCO0V6Q9hEtxE
NuXB9donmKk4y4F46S1pg7vbgVWJbtwggyoHrLpeoZlfMHROlfz5RnZw6NX24q3P
KZyVdzvW+tM7vzQglgKUIA+EpiaKIpZyqDKdGZ/N6wDD4dQuTwPn+1zrV+3/pxwa
adVZlhx0j9AXm+lrwAF5fcwuoH4oW2S85sRNLhSHK9AOOsC05s/9f44Zo4vr5UpR
+MLXsEEhqdiEheu0anPewFgXAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUJQmQRutZ
1kXUGaQo/HAaVzU/vywwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlFQUFELzc3RDk1MEYyMDlENTExRUFCNzZDNzMxN0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5RUFBRC83N0Q5NTBGMjA5RDUxMUVBQjc2QzczMTdDNEY5QUUwMi9KUW1RUnV0
WjFrWFVHYVFvX0hBYVZ6VV92eXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgkJMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLXhUAwQCZ/+s
MA0EAgACMAcDBQAkAISAMA0GCSqGSIb3DQEBCwUAA4IBAQB+nZ5iV3SUCWKk/ta3
vgHVkl/rIaYjc6/huU5XmyQ2SoXV817vufwq7i9lr0xXCsSQUgRQn9xAiRVzZbl8
uvToPVTF0PzIWc4ZH99nBQgj+Ce6abh1NsvmYZr1j1AZZAhkcn/5OrxUQ9wMQk/M
Ba2jcotMT6UDCnk0zLyO+Chh6WbUGlLkeh3g8uP4QOZeYC5BWSurqkBGY/FpDVFX
DpJ9iQ92UQqlhCELVg393AHoLGug8PkaSA26kw506HAL8aqKsTnRlsUFs4TTI0dl
r5Sx09ZqWDXYufd4gOopOKUx3Lw0BymMO6yNdv+a+MOrdLKtaZOidrO2bXUQhYU8
ONcS
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:04:56 2024 by rpki-client on console-ams.rpki-client.org