Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LE5bBUJzo8HuQWpC354jYiY3OWE.cer
File:                     LE5bBUJzo8HuQWpC354jYiY3OWE.cer (raw, json)
Hash identifier:          u3Z5hLsdI8celf2V2eSIn4He3RwztLZqeqw6nhBRhMA=
Subject key identifier:   2C:4E:5B:05:42:73:A3:C1:EE:41:6A:42:DF:9E:23:62:26:37:39:61
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01EF11
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9134CDB/BDAF60E4DAE511EA8A255A4DC4F9AE02/LE5bBUJzo8HuQWpC354jYiY3OWE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9134CDB/BDAF60E4DAE511EA8A255A4DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 01 May 2024 14:31:42 +0000
Certificate not after:    Wed 30 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 132426
                          AS: 133444
                          IP: 43.239.252.0/22
                          IP: 45.120.128.0/22
                          IP: 103.20.224.0/22
                          IP: 103.229.112.0/22
                          IP: 2400:df80::/32
                          IP: 2405:4700::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 04 Dec 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 126737 (0x1ef11)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May  1 14:31:42 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=A9134CDB/serialNumber=2C4E5B054273A3C1EE416A42DF9E236226373961
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:5d:ec:d4:f7:b0:7c:e7:66:2c:f4:9f:eb:03:
                    59:7c:77:14:54:1a:41:3e:7e:aa:74:1f:fa:4c:85:
                    ab:ea:b3:d3:b9:58:05:e2:95:08:8f:0c:bb:83:4e:
                    fa:37:e4:18:98:ad:27:f6:8d:c5:d0:e1:7a:dc:17:
                    e8:c6:2c:0a:4b:d5:94:c4:23:e4:9a:e0:02:dd:95:
                    c4:82:58:20:88:6a:7c:96:99:1b:01:c3:a6:06:24:
                    7d:80:57:82:ff:49:de:1b:7a:57:ec:af:9d:2c:a2:
                    3a:c8:1e:96:94:e1:f7:a3:6c:6b:ae:a9:e2:92:b5:
                    76:43:33:59:87:23:ec:5f:4a:75:09:35:92:32:62:
                    28:57:8d:eb:2c:e4:32:3c:56:3d:68:a8:2c:6b:60:
                    74:4e:a5:a5:1a:60:f4:e0:a2:43:41:cd:c6:a1:73:
                    66:bf:87:63:d8:31:a3:44:92:33:57:57:eb:a0:c5:
                    74:06:41:bf:04:26:db:c2:5b:92:ed:48:e0:b3:cf:
                    2a:86:f8:89:16:a5:a5:15:73:86:2a:32:a2:cb:e1:
                    36:1e:9f:87:eb:f5:3b:0c:09:70:1f:cc:f0:e3:ba:
                    94:68:11:97:27:4e:cd:ed:27:ce:7e:bd:80:00:50:
                    a3:07:a3:e3:8b:7b:09:fb:4d:63:d6:06:98:45:2b:
                    f0:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:4E:5B:05:42:73:A3:C1:EE:41:6A:42:DF:9E:23:62:26:37:39:61
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9134CDB/BDAF60E4DAE511EA8A255A4DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9134CDB/BDAF60E4DAE511EA8A255A4DC4F9AE02/LE5bBUJzo8HuQWpC354jYiY3OWE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  132426
                  133444

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.239.252.0/22
                  45.120.128.0/22
                  103.20.224.0/22
                  103.229.112.0/22
                IPv6:
                  2400:df80::/32
                  2405:4700::/32

    Signature Algorithm: sha256WithRSAEncryption
         40:a5:65:de:3b:68:83:cd:f3:f6:a6:2a:70:3f:37:98:91:bf:
         72:e1:d1:fa:24:c6:7a:eb:53:92:8c:b3:b2:c4:2a:a4:a4:e7:
         d5:8a:12:63:c5:8c:ac:a0:2b:ea:f6:54:52:ee:f6:2b:d5:54:
         41:fa:c8:5f:38:4f:23:d1:aa:d8:e6:a4:71:1d:3b:e1:af:8e:
         f0:82:4c:c8:e4:6f:85:b5:08:77:29:7d:08:47:50:96:85:fe:
         15:ca:a2:2d:30:c4:58:b4:b3:d6:8c:7b:92:75:b5:7d:8f:48:
         4e:bc:3a:8a:e6:db:85:95:ea:b2:0e:47:ef:62:33:c2:55:c0:
         5a:4f:27:31:79:e5:57:08:b7:9f:76:2e:b1:c0:91:82:2a:51:
         26:ba:d4:1e:50:67:8f:1f:1f:4c:af:1f:ae:1c:85:68:36:60:
         80:fa:18:9c:bd:72:6e:c4:9e:68:e8:62:fa:05:45:29:aa:d4:
         c5:79:98:bd:66:0c:ce:14:3d:70:83:3d:8a:69:40:63:20:4a:
         28:43:67:58:63:ce:06:1b:84:81:7b:15:1d:50:b0:64:81:28:
         37:5c:e8:1a:a1:a9:bb:e0:28:80:53:8e:c5:6a:e8:20:92:35:
         16:64:b7:e1:1c:8d:5f:10:79:f0:77:ff:93:12:7c:ce:fa:69:
         b8:cc:68:f5
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgIDAe8RMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDUwMTE0MzE0MloXDTI1MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzRDREIxMTAvBgNVBAUTKDJDNEU1QjA1NDI3M0EzQzFFRTQxNkE0
MkRGOUUyMzYyMjYzNzM5NjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDUXezU97B852Ys9J/rA1l8dxRUGkE+fqp0H/pMhavqs9O5WAXilQiPDLuDTvo3
5BiYrSf2jcXQ4XrcF+jGLApL1ZTEI+Sa4ALdlcSCWCCIanyWmRsBw6YGJH2AV4L/
Sd4belfsr50sojrIHpaU4fejbGuuqeKStXZDM1mHI+xfSnUJNZIyYihXjess5DI8
Vj1oqCxrYHROpaUaYPTgokNBzcahc2a/h2PYMaNEkjNXV+ugxXQGQb8EJtvCW5Lt
SOCzzyqG+IkWpaUVc4YqMqLL4TYen4fr9TsMCXAfzPDjupRoEZcnTs3tJ85+vYAA
UKMHo+OLewn7TWPWBphFK/DtAgMBAAGjggM8MIIDODAdBgNVHQ4EFgQULE5bBUJz
o8HuQWpC354jYiY3OWEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM0Q0RCL0JEQUY2MEU0REFFNTExRUE4QTI1NUE0REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzNENEQi9CREFGNjBFNERBRTUxMUVBOEEyNTVBNERDNEY5QUUwMi9MRTViQlVK
em84SHVRV3BDMzU0allpWTNPV0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAgVKAgMCCUQwRwYIKwYBBQUHAQcBAf8EODA2MB4EAgABMBgDBAIr7/wD
BAIteIADBAJnFOADBAJn5XAwFAQCAAIwDgMFACQA34ADBQAkBUcAMA0GCSqGSIb3
DQEBCwUAA4IBAQBApWXeO2iDzfP2pipwPzeYkb9y4dH6JMZ661OSjLOyxCqkpOfV
ihJjxYysoCvq9lRS7vYr1VRB+shfOE8j0arY5qRxHTvhr47wgkzI5G+FtQh3KX0I
R1CWhf4VyqItMMRYtLPWjHuSdbV9j0hOvDqK5tuFleqyDkfvYjPCVcBaTycxeeVX
CLefdi6xwJGCKlEmutQeUGePHx9Mrx+uHIVoNmCA+hicvXJuxJ5o6GL6BUUpqtTF
eZi9ZgzOFD1wgz2KaUBjIEooQ2dYY84GG4SBexUdULBkgSg3XOgaoam74CiAU47F
auggkjUWZLfhHI1fEHnwd/+TEnzO+mm4zGj1
-----END CERTIFICATE-----
Generated at Wed Nov 27 04:03:30 2024 by rpki-client on console-fra.rpki-client.org