Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LjBKPZJJnZ19M4o-oC98U0hCWxc.cer
File:                     LjBKPZJJnZ19M4o-oC98U0hCWxc.cer (raw, json)
Hash identifier:          vUGpe6q8m/wuYTEq+mokEy/oMuwI+T/f3liYjVGNSNg=
Subject key identifier:   2E:30:4A:3D:92:49:9D:9D:7D:33:8A:3E:A0:2F:7C:53:48:42:5B:17
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E671
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91B5486/856A249CA98211EA932DEC54C4F9AE02/LjBKPZJJnZ19M4o-oC98U0hCWxc.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91B5486/856A249CA98211EA932DEC54C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 25 Mar 2024 20:10:45 +0000
Certificate not after:    Wed 28 May 2025 00:00:00 +0000
Subordinate resources:    AS: 140951
                          IP: 45.248.200.0/22
                          IP: 103.6.128.0/22
                          IP: 103.23.168.0/22
                          IP: 103.217.160.0/22
                          IP: 103.242.72.0/22
                          IP: 220.158.132.0/22
                          IP: 2401:47c0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 09:37:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124529 (0x1e671)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar 25 20:10:45 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=A91B5486/serialNumber=2E304A3D92499D9D7D338A3EA02F7C5348425B17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:e9:9a:5f:cc:26:7c:9e:0f:c6:ed:89:d2:a6:
                    37:de:31:f0:26:2c:5c:db:5e:dd:e3:13:31:4d:2c:
                    20:02:a1:56:9f:9d:cb:e1:c4:9b:e5:68:af:61:80:
                    f1:86:eb:50:1c:36:9c:37:94:ea:59:7b:49:72:0d:
                    75:ff:66:28:08:1a:5e:e1:4f:78:15:bf:d0:a1:3e:
                    93:e7:26:29:75:46:ba:a7:62:ea:96:29:70:0e:3e:
                    c9:dd:af:27:68:05:b7:2b:a0:6a:a0:12:96:00:ef:
                    66:0c:42:5a:35:ce:c0:52:d4:6e:ca:fa:22:e2:2d:
                    16:6e:69:e0:ec:a1:87:11:0c:a1:40:92:8d:36:26:
                    da:fc:1e:ab:1f:a8:df:09:5d:d5:32:15:8d:9a:7a:
                    a3:a7:72:00:89:09:2f:cc:e7:b8:8b:14:9f:a2:06:
                    96:88:70:e7:9a:f5:5f:a9:d5:2c:ef:40:ae:5f:09:
                    8a:fa:7a:86:0b:d1:9c:e7:3e:be:5d:40:92:c6:d3:
                    94:db:92:8a:38:96:97:c3:00:e0:1c:be:97:eb:ac:
                    71:75:17:08:2d:f3:e7:78:aa:05:1e:e2:e7:96:42:
                    9a:bc:1c:e0:ba:e8:27:9d:fb:6c:de:9c:6e:91:94:
                    15:03:6a:15:09:6c:79:29:10:d3:72:7d:15:07:75:
                    15:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:30:4A:3D:92:49:9D:9D:7D:33:8A:3E:A0:2F:7C:53:48:42:5B:17
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B5486/856A249CA98211EA932DEC54C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B5486/856A249CA98211EA932DEC54C4F9AE02/LjBKPZJJnZ19M4o-oC98U0hCWxc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  140951

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.248.200.0/22
                  103.6.128.0/22
                  103.23.168.0/22
                  103.217.160.0/22
                  103.242.72.0/22
                  220.158.132.0/22
                IPv6:
                  2401:47c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         50:1c:b7:91:07:49:7d:09:5c:5f:91:f7:0f:83:29:1e:71:50:
         1a:d9:79:5a:d0:f1:69:ba:5c:33:15:9e:61:cc:9c:cf:ad:88:
         09:0d:90:2e:b8:9a:ba:e6:93:ad:40:e5:1c:5a:df:7e:3f:eb:
         a4:1f:4e:53:eb:ad:71:9c:08:5d:7e:39:85:a0:cd:93:c5:1e:
         8a:7c:3d:d4:33:f9:d4:3a:07:b9:c3:45:5b:8c:7c:81:60:04:
         6b:4b:ac:d6:23:bd:a4:51:72:25:ec:86:7c:95:72:de:fe:08:
         40:9a:ef:e1:22:a6:3e:0f:f4:57:0f:5c:e5:80:ea:fd:54:7b:
         02:51:26:f9:17:b9:c6:c4:63:72:70:b3:64:4c:31:38:2c:f9:
         db:b4:11:23:6a:cb:49:19:14:75:15:19:71:b9:12:92:48:c3:
         ad:d0:bf:8b:8d:fa:ac:a1:e0:b5:6c:2d:98:38:99:fa:bf:0b:
         10:20:a1:53:94:01:5b:7d:d7:0d:7f:eb:23:21:7e:01:77:1a:
         79:5e:57:49:6a:88:64:72:a4:87:e7:11:25:4d:f8:a5:67:c8:
         88:6f:75:70:61:76:3f:b0:a8:38:fe:6c:96:0a:71:9a:84:21:
         01:1d:ee:b2:f6:b7:81:5c:59:5a:28:dd:c7:d9:ad:47:ed:34:
         30:c8:dd:d0
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgIDAeZxMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMyNTIwMTA0NVoXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjU0ODYxMTAvBgNVBAUTKDJFMzA0QTNEOTI0OTlEOUQ3RDMzOEEz
RUEwMkY3QzUzNDg0MjVCMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDM6ZpfzCZ8ng/G7YnSpjfeMfAmLFzbXt3jEzFNLCACoVafncvhxJvlaK9hgPGG
61AcNpw3lOpZe0lyDXX/ZigIGl7hT3gVv9ChPpPnJil1RrqnYuqWKXAOPsndrydo
BbcroGqgEpYA72YMQlo1zsBS1G7K+iLiLRZuaeDsoYcRDKFAko02Jtr8HqsfqN8J
XdUyFY2aeqOncgCJCS/M57iLFJ+iBpaIcOea9V+p1SzvQK5fCYr6eoYL0ZznPr5d
QJLG05Tbkoo4lpfDAOAcvpfrrHF1Fwgt8+d4qgUe4ueWQpq8HOC66Ced+2zenG6R
lBUDahUJbHkpENNyfRUHdRV1AgMBAAGjggM8MIIDODAdBgNVHQ4EFgQULjBKPZJJ
nZ19M4o+oC98U0hCWxcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUI1NDg2Lzg1NkEyNDlDQTk4MjExRUE5MzJERUM1NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCNTQ4Ni84NTZBMjQ5Q0E5ODIxMUVBOTMyREVDNTRDNEY5QUUwMi9MakJLUFpK
Sm5aMTlNNG8tb0M5OFUwaENXeGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiaXMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLfjIAwQCZwaA
AwQCZxeoAwQCZ9mgAwQCZ/JIAwQC3J6EMA0EAgACMAcDBQAkAUfAMA0GCSqGSIb3
DQEBCwUAA4IBAQBQHLeRB0l9CVxfkfcPgykecVAa2Xla0PFpulwzFZ5hzJzPrYgJ
DZAuuJq65pOtQOUcWt9+P+ukH05T661xnAhdfjmFoM2TxR6KfD3UM/nUOge5w0Vb
jHyBYARrS6zWI72kUXIl7IZ8lXLe/ghAmu/hIqY+D/RXD1zlgOr9VHsCUSb5F7nG
xGNycLNkTDE4LPnbtBEjastJGRR1FRlxuRKSSMOt0L+LjfqsoeC1bC2YOJn6vwsQ
IKFTlAFbfdcNf+sjIX4Bdxp5XldJaohkcqSH5xElTfilZ8iIb3VwYXY/sKg4/myW
CnGahCEBHe6y9reBXFlaKN3H2a1H7TQwyN3Q
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:22:21 2024 by rpki-client on console-fra.rpki-client.org