Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LE5bBUJzo8HuQWpC354jYiY3OWE.cer
File:                     LE5bBUJzo8HuQWpC354jYiY3OWE.cer (raw, json)
Hash identifier:          MLhwJNrI5MuK5RiGm4nmki5IIUrTJakmx504OTO+mpw=
Subject key identifier:   2C:4E:5B:05:42:73:A3:C1:EE:41:6A:42:DF:9E:23:62:26:37:39:61
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01A3FD
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9134CDB/BDAF60E4DAE511EA8A255A4DC4F9AE02/LE5bBUJzo8HuQWpC354jYiY3OWE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9134CDB/BDAF60E4DAE511EA8A255A4DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 18 May 2023 13:33:47 +0000
Certificate not after:    Tue 30 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 132426
                          AS: 133444
                          IP: 43.239.252.0/22
                          IP: 45.120.128.0/22
                          IP: 103.20.224.0/22
                          IP: 103.229.112.0/22
                          IP: 2400:df80::/32
                          IP: 2405:4700::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 107517 (0x1a3fd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May 18 13:33:47 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=A9134CDB/serialNumber=2C4E5B054273A3C1EE416A42DF9E236226373961
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:5d:ec:d4:f7:b0:7c:e7:66:2c:f4:9f:eb:03:
                    59:7c:77:14:54:1a:41:3e:7e:aa:74:1f:fa:4c:85:
                    ab:ea:b3:d3:b9:58:05:e2:95:08:8f:0c:bb:83:4e:
                    fa:37:e4:18:98:ad:27:f6:8d:c5:d0:e1:7a:dc:17:
                    e8:c6:2c:0a:4b:d5:94:c4:23:e4:9a:e0:02:dd:95:
                    c4:82:58:20:88:6a:7c:96:99:1b:01:c3:a6:06:24:
                    7d:80:57:82:ff:49:de:1b:7a:57:ec:af:9d:2c:a2:
                    3a:c8:1e:96:94:e1:f7:a3:6c:6b:ae:a9:e2:92:b5:
                    76:43:33:59:87:23:ec:5f:4a:75:09:35:92:32:62:
                    28:57:8d:eb:2c:e4:32:3c:56:3d:68:a8:2c:6b:60:
                    74:4e:a5:a5:1a:60:f4:e0:a2:43:41:cd:c6:a1:73:
                    66:bf:87:63:d8:31:a3:44:92:33:57:57:eb:a0:c5:
                    74:06:41:bf:04:26:db:c2:5b:92:ed:48:e0:b3:cf:
                    2a:86:f8:89:16:a5:a5:15:73:86:2a:32:a2:cb:e1:
                    36:1e:9f:87:eb:f5:3b:0c:09:70:1f:cc:f0:e3:ba:
                    94:68:11:97:27:4e:cd:ed:27:ce:7e:bd:80:00:50:
                    a3:07:a3:e3:8b:7b:09:fb:4d:63:d6:06:98:45:2b:
                    f0:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:4E:5B:05:42:73:A3:C1:EE:41:6A:42:DF:9E:23:62:26:37:39:61
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9134CDB/BDAF60E4DAE511EA8A255A4DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9134CDB/BDAF60E4DAE511EA8A255A4DC4F9AE02/LE5bBUJzo8HuQWpC354jYiY3OWE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  132426
                  133444

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.239.252.0/22
                  45.120.128.0/22
                  103.20.224.0/22
                  103.229.112.0/22
                IPv6:
                  2400:df80::/32
                  2405:4700::/32

    Signature Algorithm: sha256WithRSAEncryption
         aa:b3:53:43:70:8a:84:2b:2f:07:1d:f6:6f:c5:47:a6:e6:0e:
         de:1f:9d:2b:9b:c5:73:1d:b6:80:9f:6d:69:5a:d7:c3:5a:57:
         33:80:b7:a4:9b:74:30:fe:d6:39:e6:91:89:07:b4:6b:c0:89:
         45:88:e9:c4:a8:e8:4f:7a:2c:eb:62:02:48:3a:fd:b5:3d:c2:
         fa:15:76:f8:d9:18:38:1c:4d:e1:de:f3:16:13:32:73:11:d9:
         5e:be:40:56:00:99:9d:a1:04:42:bd:c9:4f:53:34:b1:9c:b8:
         27:63:90:90:fc:cb:e1:2c:13:ab:cc:8c:82:8d:86:e1:21:0d:
         2a:cb:bf:77:fc:42:ff:70:2f:85:90:05:b6:4f:d7:d9:c8:7c:
         01:d4:86:4c:35:37:e0:18:10:cd:e9:dd:1a:f0:04:8a:ed:9a:
         aa:2e:90:b4:20:e1:9f:02:ee:37:6c:cf:3b:2d:a0:86:af:2a:
         14:aa:8b:2b:e0:f7:62:bd:20:d1:2e:a1:f0:0a:b3:aa:1c:3a:
         56:b6:1d:6b:b0:47:8e:a2:40:73:e6:0b:b0:1e:bd:b7:96:d5:
         7e:31:bf:85:3b:46:df:64:8e:e1:33:5b:73:59:35:7d:24:12:
         3a:97:b4:4f:a4:fb:c9:eb:2b:a1:ba:f0:37:51:eb:70:64:c0:
         b1:8e:b1:85
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgIDAaP9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDUxODEzMzM0N1oXDTI0MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzRDREIxMTAvBgNVBAUTKDJDNEU1QjA1NDI3M0EzQzFFRTQxNkE0
MkRGOUUyMzYyMjYzNzM5NjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDUXezU97B852Ys9J/rA1l8dxRUGkE+fqp0H/pMhavqs9O5WAXilQiPDLuDTvo3
5BiYrSf2jcXQ4XrcF+jGLApL1ZTEI+Sa4ALdlcSCWCCIanyWmRsBw6YGJH2AV4L/
Sd4belfsr50sojrIHpaU4fejbGuuqeKStXZDM1mHI+xfSnUJNZIyYihXjess5DI8
Vj1oqCxrYHROpaUaYPTgokNBzcahc2a/h2PYMaNEkjNXV+ugxXQGQb8EJtvCW5Lt
SOCzzyqG+IkWpaUVc4YqMqLL4TYen4fr9TsMCXAfzPDjupRoEZcnTs3tJ85+vYAA
UKMHo+OLewn7TWPWBphFK/DtAgMBAAGjggM8MIIDODAdBgNVHQ4EFgQULE5bBUJz
o8HuQWpC354jYiY3OWEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM0Q0RCL0JEQUY2MEU0REFFNTExRUE4QTI1NUE0REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzNENEQi9CREFGNjBFNERBRTUxMUVBOEEyNTVBNERDNEY5QUUwMi9MRTViQlVK
em84SHVRV3BDMzU0allpWTNPV0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAgVKAgMCCUQwRwYIKwYBBQUHAQcBAf8EODA2MB4EAgABMBgDBAIr7/wD
BAIteIADBAJnFOADBAJn5XAwFAQCAAIwDgMFACQA34ADBQAkBUcAMA0GCSqGSIb3
DQEBCwUAA4IBAQCqs1NDcIqEKy8HHfZvxUem5g7eH50rm8VzHbaAn21pWtfDWlcz
gLekm3Qw/tY55pGJB7RrwIlFiOnEqOhPeizrYgJIOv21PcL6FXb42Rg4HE3h3vMW
EzJzEdlevkBWAJmdoQRCvclPUzSxnLgnY5CQ/MvhLBOrzIyCjYbhIQ0qy793/EL/
cC+FkAW2T9fZyHwB1IZMNTfgGBDN6d0a8ASK7ZqqLpC0IOGfAu43bM87LaCGryoU
qosr4PdivSDRLqHwCrOqHDpWth1rsEeOokBz5guwHr23ltV+Mb+FO0bfZI7hM1tz
WTV9JBI6l7RPpPvJ6yuhuvA3UetwZMCxjrGF
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:14 2024 by rpki-client on console-fra.rpki-client.org