Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer
File:                     LaJRwRrGiBT1J_IuVd6ayMV_1mw.cer (raw, json)
Hash identifier:          ODiXa0SwKeR3HrFTdQI1x3JW4GvbpuJudatpin2FfIo=
Subject key identifier:   2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E861
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/LaJRwRrGiBT1J_IuVd6ayMV_1mw.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 01 Apr 2024 21:30:31 +0000
Certificate not after:    Wed 28 May 2025 00:00:00 +0000
Subordinate resources:    AS: 9902
                          AS: 133200
                          AS: 137966
                          AS: 138930
                          IP: 103.23.136.0/22
                          IP: 103.25.92.0/22
                          IP: 103.244.248.0/22
                          IP: 110.235.220.0/22
                          IP: 123.108.248.0/21
                          IP: 124.199.112.0/20
                          IP: 163.53.196.0/22
                          IP: 202.124.32.0/20
                          IP: 203.80.160.0/21
                          IP: 203.167.16.0/22
                          IP: 2402:5100::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 125025 (0x1e861)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Apr  1 21:30:31 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=A9191436/serialNumber=2DA251C11AC68814F527F22E55DE9AC8C57FD66C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:d6:a1:03:48:6a:6f:e6:43:53:71:81:a9:5d:
                    02:10:2e:2f:23:99:cd:45:bb:ef:79:e0:08:2e:54:
                    53:4b:e2:49:1c:c6:23:ac:ab:a7:a8:a9:7a:8b:ef:
                    c1:ef:5e:77:23:52:a7:6d:ad:46:c4:03:b3:99:9c:
                    5b:ef:c9:37:a2:ff:19:74:cd:e4:64:d1:0b:b8:00:
                    22:62:5a:9e:6c:ac:95:66:67:57:bc:30:46:79:11:
                    f6:4f:41:68:6f:70:58:f0:79:40:ee:a5:72:32:69:
                    50:f8:36:9a:29:a7:e7:a5:3b:d2:5c:9b:eb:f6:a5:
                    38:29:01:f0:eb:b4:8d:94:a5:98:e5:18:d2:23:d1:
                    74:66:84:6a:75:20:90:1f:80:aa:47:3d:64:0f:9a:
                    0e:a8:8f:c9:68:39:79:dc:ff:d4:4a:89:41:84:41:
                    94:f4:61:c4:fc:36:e8:78:8b:89:83:7f:a0:ae:3a:
                    61:6f:7f:d0:d8:1b:52:61:f5:25:7f:32:d9:73:f6:
                    bb:dc:7f:45:84:06:65:2a:00:0b:45:9a:94:b4:b0:
                    2d:66:e3:12:28:c3:f8:58:74:ae:a5:5b:95:36:e7:
                    c4:9c:40:aa:a6:c3:e6:0c:02:fc:dd:f8:21:0a:f5:
                    ed:d5:c3:3f:6d:8e:4b:b0:41:d5:6d:40:26:4f:4b:
                    be:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:A2:51:C1:1A:C6:88:14:F5:27:F2:2E:55:DE:9A:C8:C5:7F:D6:6C
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9191436/AAB802E8C78C11E8A76CD914C4F9AE02/LaJRwRrGiBT1J_IuVd6ayMV_1mw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  9902
                  133200
                  137966
                  138930

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.23.136.0/22
                  103.25.92.0/22
                  103.244.248.0/22
                  110.235.220.0/22
                  123.108.248.0/21
                  124.199.112.0/20
                  163.53.196.0/22
                  202.124.32.0/20
                  203.80.160.0/21
                  203.167.16.0/22
                IPv6:
                  2402:5100::/32

    Signature Algorithm: sha256WithRSAEncryption
         70:5d:d9:17:2a:0e:95:77:f8:d2:39:ce:28:e4:7e:b4:2f:e9:
         22:29:e2:5f:ba:e4:a7:8f:a8:39:92:fb:ba:2d:17:e8:ef:a1:
         1e:24:92:0a:4d:59:50:c2:ea:29:3d:ca:00:66:df:85:09:50:
         d1:7c:fb:51:3e:e3:ee:7e:19:09:8b:23:39:77:c2:f4:d4:68:
         a1:3c:89:6b:d6:71:5c:ed:d1:e4:7c:1c:d2:38:d0:8b:c8:2e:
         de:af:e3:17:b1:50:bb:16:80:03:d2:ec:40:8b:c3:ec:0d:9c:
         ac:fd:d5:93:5a:d1:b3:39:18:6b:fd:5d:be:5b:72:5c:70:b2:
         e9:80:d4:53:58:b5:46:55:50:ae:58:0a:8b:53:8d:00:d3:dd:
         ee:c3:03:ab:8a:07:f9:09:36:29:60:12:12:56:35:2b:25:a5:
         32:ae:b5:b0:f5:d9:50:2e:e6:ef:22:61:a0:bd:9a:15:72:68:
         95:93:f1:f3:ba:6a:49:f0:81:b2:47:61:64:99:15:a1:22:70:
         41:b6:b4:43:e2:86:cf:03:28:1b:f5:c4:b4:38:90:d0:c3:39:
         7a:1e:e5:aa:fd:43:26:c9:0b:7a:92:a0:c3:34:7d:df:d8:f0:
         61:f5:74:ed:26:50:48:bc:d2:0c:77:b2:ae:36:c6:89:69:8f:
         18:9f:14:f4
-----BEGIN CERTIFICATE-----
MIIGbTCCBVWgAwIBAgIDAehhMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQwMTIxMzAzMVoXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTE0MzYxMTAvBgNVBAUTKDJEQTI1MUMxMUFDNjg4MTRGNTI3RjIy
RTU1REU5QUM4QzU3RkQ2NkMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCX1qEDSGpv5kNTcYGpXQIQLi8jmc1Fu+954AguVFNL4kkcxiOsq6eoqXqL78Hv
XncjUqdtrUbEA7OZnFvvyTei/xl0zeRk0Qu4ACJiWp5srJVmZ1e8MEZ5EfZPQWhv
cFjweUDupXIyaVD4Npopp+elO9Jcm+v2pTgpAfDrtI2UpZjlGNIj0XRmhGp1IJAf
gKpHPWQPmg6oj8loOXnc/9RKiUGEQZT0YcT8Nuh4i4mDf6CuOmFvf9DYG1Jh9SV/
Mtlz9rvcf0WEBmUqAAtFmpS0sC1m4xIow/hYdK6lW5U258ScQKqmw+YMAvzd+CEK
9e3Vwz9tjkuwQdVtQCZPS77jAgMBAAGjggNiMIIDXjAdBgNVHQ4EFgQULaJRwRrG
iBT1J/IuVd6ayMV/1mwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTkxNDM2L0FBQjgwMkU4Qzc4QzExRThBNzZDRDkxNEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5MTQzNi9BQUI4MDJFOEM3OEMxMUU4QTc2Q0Q5MTRDNEY5QUUwMi9MYUpSd1Jy
R2lCVDFKX0l1VmQ2YXlNVl8xbXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKAYIKwYBBQUHAQgBAf8EGTAX
oBUwEwICJq4CAwIIUAIDAhruAgMCHrIwZAYIKwYBBQUHAQcBAf8EVTBTMEIEAgAB
MDwDBAJnF4gDBAJnGVwDBAJn9PgDBAJu69wDBAN7bPgDBAR8x3ADBAKjNcQDBATK
fCADBAPLUKADBALLpxAwDQQCAAIwBwMFACQCUQAwDQYJKoZIhvcNAQELBQADggEB
AHBd2RcqDpV3+NI5zijkfrQv6SIp4l+65KePqDmS+7otF+jvoR4kkgpNWVDC6ik9
ygBm34UJUNF8+1E+4+5+GQmLIzl3wvTUaKE8iWvWcVzt0eR8HNI40IvILt6v4xex
ULsWgAPS7ECLw+wNnKz91ZNa0bM5GGv9Xb5bclxwsumA1FNYtUZVUK5YCotTjQDT
3e7DA6uKB/kJNilgEhJWNSslpTKutbD12VAu5u8iYaC9mhVyaJWT8fO6aknwgbJH
YWSZFaEicEG2tEPihs8DKBv1xLQ4kNDDOXoe5ar9QybJC3qSoMM0fd/Y8GH1dO0m
UEi80gx3sq42xolpjxifFPQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:15:17 2024 by rpki-client on console-ams.rpki-client.org