Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K8iorLUs8M9_MTaUMA9ThmhiN60.cer
File:                     K8iorLUs8M9_MTaUMA9ThmhiN60.cer (raw, json)
Hash identifier:          s0PJADC5j9ujhJ6L9QAWNMnYqCWV4mzFUT2UnfXU1a8=
Subject key identifier:   2B:C8:A8:AC:B5:2C:F0:CF:7F:31:36:94:30:0F:53:86:68:62:37:AD
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CFFD
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91B0549/1C6F4ADC303111EA886D517CC4F9AE02/K8iorLUs8M9_MTaUMA9ThmhiN60.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91B0549/1C6F4ADC303111EA886D517CC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 05 Dec 2023 19:19:27 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 139804
                          IP: 103.145.120.0/23
                          IP: 2001:df2:b80::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 09:37:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118781 (0x1cffd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec  5 19:19:27 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A91B0549/serialNumber=2BC8A8ACB52CF0CF7F313694300F5386686237AD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:b6:e0:7c:c7:fa:3e:5a:d3:56:39:48:73:ef:
                    a1:42:be:84:20:22:b2:11:28:54:64:7c:bd:b5:12:
                    0c:29:3b:a8:7d:d8:09:8e:fe:c0:c1:40:98:8b:f6:
                    dd:6d:1b:40:b2:82:0b:51:ad:2d:00:38:2b:9c:97:
                    64:4b:07:3c:70:8e:c8:46:04:24:90:20:8b:a0:fd:
                    f8:13:74:2f:6e:25:02:3f:4e:ed:74:91:45:22:19:
                    b0:25:f4:a4:c6:7a:8b:a3:36:70:b3:1e:6a:c1:82:
                    9e:93:02:a6:e2:3e:23:93:ad:c7:98:a4:70:5c:69:
                    18:7d:e5:5d:4c:af:a5:c8:75:24:8e:a7:40:7b:4c:
                    42:82:d7:65:c8:19:87:07:f5:2f:b5:28:97:bb:46:
                    bc:38:48:35:7e:e2:99:7d:bb:0f:f4:11:6c:24:3b:
                    ec:ff:5f:b9:91:d9:6f:b8:f4:63:c8:d1:3f:63:d4:
                    3a:a4:af:38:40:4e:fb:70:ee:d7:35:c7:3f:39:0d:
                    6a:cc:20:f0:7c:d8:73:84:7b:5c:ed:6f:5f:81:16:
                    93:58:1a:a8:bf:cb:64:c7:2b:5c:27:16:33:fd:3a:
                    8f:86:e4:06:f4:89:3d:2d:9d:91:37:b5:8f:98:f5:
                    0d:4c:5e:b8:15:7e:4f:06:b2:9c:8e:8a:75:ac:7e:
                    26:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:C8:A8:AC:B5:2C:F0:CF:7F:31:36:94:30:0F:53:86:68:62:37:AD
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B0549/1C6F4ADC303111EA886D517CC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B0549/1C6F4ADC303111EA886D517CC4F9AE02/K8iorLUs8M9_MTaUMA9ThmhiN60.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  139804

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.145.120.0/23
                IPv6:
                  2001:df2:b80::/48

    Signature Algorithm: sha256WithRSAEncryption
         ba:8f:6a:52:46:12:36:e5:36:e2:93:84:7e:14:04:27:8b:27:
         87:53:48:71:67:6d:fb:14:b7:37:bd:43:cb:6d:c1:b0:82:b7:
         19:10:7b:65:5a:0a:85:95:9b:8d:2e:ab:1a:0c:d8:cd:f7:b6:
         72:44:ca:a3:e2:0f:f4:ac:99:15:54:57:bd:d2:c9:03:70:71:
         67:1e:ed:90:e2:42:0a:ae:bd:14:1f:b5:59:5f:8f:38:53:07:
         c1:db:50:c7:55:5d:62:02:b3:15:7b:0d:f4:65:be:07:aa:ca:
         23:59:b5:03:3b:2d:1d:34:3f:10:7b:99:64:9e:2a:e1:90:ae:
         02:ac:5a:70:00:23:82:54:f2:93:80:f7:81:29:e2:e4:55:8c:
         b1:60:e2:01:4e:86:f0:3d:c4:91:ad:9d:45:c8:90:b3:dd:7e:
         da:4f:7c:b8:db:0d:c0:27:47:c6:31:65:3f:2c:55:2c:82:19:
         50:53:19:3b:df:90:48:bd:09:2f:10:50:90:39:2c:d4:29:4a:
         66:57:d1:1e:fd:a9:ea:d9:0e:c4:dc:66:19:ba:74:c6:16:c9:
         ce:de:b2:fa:23:4e:c2:04:41:01:cc:5e:5b:71:49:2e:5e:fe:
         b5:86:c5:ca:a3:1f:fd:7b:2f:68:cc:83:02:88:b6:34:9e:42:
         6e:d8:1e:ce
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAc/9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIwNTE5MTkyN1oXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjA1NDkxMTAvBgNVBAUTKDJCQzhBOEFDQjUyQ0YwQ0Y3RjMxMzY5
NDMwMEY1Mzg2Njg2MjM3QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCqtuB8x/o+WtNWOUhz76FCvoQgIrIRKFRkfL21EgwpO6h92AmO/sDBQJiL9t1t
G0CyggtRrS0AOCucl2RLBzxwjshGBCSQIIug/fgTdC9uJQI/Tu10kUUiGbAl9KTG
eoujNnCzHmrBgp6TAqbiPiOTrceYpHBcaRh95V1Mr6XIdSSOp0B7TEKC12XIGYcH
9S+1KJe7Rrw4SDV+4pl9uw/0EWwkO+z/X7mR2W+49GPI0T9j1DqkrzhATvtw7tc1
xz85DWrMIPB82HOEe1ztb1+BFpNYGqi/y2THK1wnFjP9Oo+G5Ab0iT0tnZE3tY+Y
9Q1MXrgVfk8GspyOinWsfibNAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUK8iorLUs
8M9/MTaUMA9ThmhiN60wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUIwNTQ5LzFDNkY0QURDMzAzMTExRUE4ODZENTE3Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCMDU0OS8xQzZGNEFEQzMwMzExMUVBODg2RDUxN0NDNEY5QUUwMi9LOGlvckxV
czhNOV9NVGFVTUE5VGhtaGlONjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiIcMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ5F4MA8EAgAC
MAkDBwAgAQ3yC4AwDQYJKoZIhvcNAQELBQADggEBALqPalJGEjblNuKThH4UBCeL
J4dTSHFnbfsUtze9Q8ttwbCCtxkQe2VaCoWVm40uqxoM2M33tnJEyqPiD/SsmRVU
V73SyQNwcWce7ZDiQgquvRQftVlfjzhTB8HbUMdVXWICsxV7DfRlvgeqyiNZtQM7
LR00PxB7mWSeKuGQrgKsWnAAI4JU8pOA94Ep4uRVjLFg4gFOhvA9xJGtnUXIkLPd
ftpPfLjbDcAnR8YxZT8sVSyCGVBTGTvfkEi9CS8QUJA5LNQpSmZX0R79qerZDsTc
Zhm6dMYWyc7esvojTsIEQQHMXltxSS5e/rWGxcqjH/17L2jMgwKItjSeQm7YHs4=
-----END CERTIFICATE-----
Generated at Thu Mar 28 10:51:17 2024 by rpki-client on console-ams.rpki-client.org