Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JcpEwQ6lkuQrE25Z0I9nUdGBj6s.cer
File:                     JcpEwQ6lkuQrE25Z0I9nUdGBj6s.cer (raw, json)
Hash identifier:          l+VRbyOEvfLMwYa3Umn6YiBrQdbYmUw0/rT+4pa5PSE=
Subject key identifier:   25:CA:44:C1:0E:A5:92:E4:2B:13:6E:59:D0:8F:67:51:D1:81:8F:AB
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D51A
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91E9004/5B82EA9098C411ED9871E431C4F9AE02/JcpEwQ6lkuQrE25Z0I9nUdGBj6s.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91E9004/5B82EA9098C411ED9871E431C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 29 Dec 2023 22:04:55 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 150702
                          IP: 103.61.224.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120090 (0x1d51a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec 29 22:04:55 2023 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A91E9004/serialNumber=25CA44C10EA592E42B136E59D08F6751D1818FAB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:d8:ba:28:76:d1:8f:3d:cd:5d:63:ed:a7:f1:
                    43:37:ee:eb:8a:73:66:5f:22:d0:c8:c6:de:6f:a1:
                    39:07:71:e5:f5:ea:63:a4:ac:ee:ad:3e:39:8a:43:
                    26:bf:b3:d0:43:b2:42:e3:4f:94:e9:00:ea:2c:8c:
                    04:2b:29:70:a6:fd:30:97:eb:fd:f7:c4:3c:11:ee:
                    49:97:e5:70:a9:46:bd:11:61:b6:8f:f4:6c:01:cc:
                    8e:c5:23:61:4e:b4:21:bc:2f:eb:01:88:86:22:25:
                    71:8d:69:1e:c3:60:5a:b4:3b:5c:2f:9c:73:e6:03:
                    7a:69:2b:93:a2:da:70:e7:bb:9e:f2:65:f5:46:c3:
                    41:26:74:77:ff:3a:9b:88:41:b7:5e:ec:0c:64:c0:
                    1b:d4:ed:57:57:77:d9:b5:5c:5b:78:36:2c:d4:3c:
                    3f:8e:80:bd:d8:95:11:5b:ed:27:15:f4:9b:32:05:
                    00:b3:3f:57:a6:3b:a1:d6:5b:ee:9f:08:0b:0e:11:
                    dd:15:c5:b8:b7:e7:33:1f:3d:b7:c3:7f:23:ba:69:
                    02:fb:c1:6a:c9:e9:31:9d:89:6e:f4:2a:d7:66:10:
                    fb:c7:0d:0f:da:81:51:78:c9:6a:09:4f:b0:0a:1e:
                    fe:10:f2:d8:e6:c9:72:3e:04:73:98:6a:52:67:3d:
                    51:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:CA:44:C1:0E:A5:92:E4:2B:13:6E:59:D0:8F:67:51:D1:81:8F:AB
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E9004/5B82EA9098C411ED9871E431C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E9004/5B82EA9098C411ED9871E431C4F9AE02/JcpEwQ6lkuQrE25Z0I9nUdGBj6s.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  150702

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.61.224.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c3:b8:e5:de:16:08:dc:9c:7f:ea:70:b1:9b:25:df:87:c5:63:
         32:1b:36:44:4e:5d:2c:e0:7c:ab:2f:63:3d:fc:34:a3:db:df:
         3e:85:23:93:d4:45:02:a6:53:1f:fb:b1:c0:bd:55:f0:c4:28:
         5d:6e:24:d9:ff:66:2e:1b:dc:18:16:9a:d6:5c:d9:54:1d:71:
         d7:44:10:90:2a:f2:4f:a3:34:01:20:fd:fc:bb:27:73:a1:9b:
         f0:0a:7a:cb:9a:4d:35:d5:89:52:3d:a6:40:85:49:49:72:4c:
         de:fd:0e:d4:02:03:03:73:44:d6:98:0e:0e:da:d0:87:6f:49:
         93:22:b5:37:8b:af:70:b1:7a:40:8e:34:90:60:a8:c7:d5:0c:
         6d:66:4a:3c:bd:ba:42:18:c3:62:e2:44:ae:74:66:45:77:27:
         d4:9d:64:c3:68:45:c3:70:75:b6:54:79:7e:3a:6f:c1:e4:9e:
         63:37:3e:08:2d:28:0a:2a:a9:17:dd:33:bf:86:7d:7a:11:a4:
         fd:d6:55:9e:89:be:6a:9c:1c:3a:96:ea:7a:fc:42:5d:1a:50:
         af:d5:7e:e2:c6:6e:9d:af:e0:b1:99:6a:1f:e9:94:80:6d:a4:
         0c:81:10:9a:4d:4f:3c:d5:02:ab:e9:c9:f9:4e:fa:ec:77:d0:
         ed:8b:b7:c1
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAdUaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIyOTIyMDQ1NVoXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTkwMDQxMTAvBgNVBAUTKDI1Q0E0NEMxMEVBNTkyRTQyQjEzNkU1
OUQwOEY2NzUxRDE4MThGQUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDU2LoodtGPPc1dY+2n8UM37uuKc2ZfItDIxt5voTkHceX16mOkrO6tPjmKQya/
s9BDskLjT5TpAOosjAQrKXCm/TCX6/33xDwR7kmX5XCpRr0RYbaP9GwBzI7FI2FO
tCG8L+sBiIYiJXGNaR7DYFq0O1wvnHPmA3ppK5Oi2nDnu57yZfVGw0EmdHf/OpuI
Qbde7AxkwBvU7VdXd9m1XFt4NizUPD+OgL3YlRFb7ScV9JsyBQCzP1emO6HWW+6f
CAsOEd0Vxbi35zMfPbfDfyO6aQL7wWrJ6TGdiW70KtdmEPvHDQ/agVF4yWoJT7AK
Hv4Q8tjmyXI+BHOYalJnPVE7AgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUJcpEwQ6l
kuQrE25Z0I9nUdGBj6swHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU5MDA0LzVCODJFQTkwOThDNDExRUQ5ODcxRTQzMUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFOTAwNC81QjgyRUE5MDk4QzQxMUVEOTg3MUU0MzFDNEY5QUUwMi9KY3BFd1E2
bGt1UXJFMjVaMEk5blVkR0JqNnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkyuMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZz3gMA0GCSqG
SIb3DQEBCwUAA4IBAQDDuOXeFgjcnH/qcLGbJd+HxWMyGzZETl0s4HyrL2M9/DSj
298+hSOT1EUCplMf+7HAvVXwxChdbiTZ/2YuG9wYFprWXNlUHXHXRBCQKvJPozQB
IP38uydzoZvwCnrLmk011YlSPaZAhUlJckze/Q7UAgMDc0TWmA4O2tCHb0mTIrU3
i69wsXpAjjSQYKjH1QxtZko8vbpCGMNi4kSudGZFdyfUnWTDaEXDcHW2VHl+Om/B
5J5jNz4ILSgKKqkX3TO/hn16EaT91lWeib5qnBw6lup6/EJdGlCv1X7ixm6dr+Cx
mWof6ZSAbaQMgRCaTU881QKr6cn5Tvrsd9Dti7fB
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:15:15 2024 by rpki-client on console-ams.rpki-client.org