Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lvh2pmTl2LbN4BzwhBDbrZa8SZg.cer
File:                     Lvh2pmTl2LbN4BzwhBDbrZa8SZg.cer (raw, json)
Hash identifier:          Xy5R+jlzAlAhauGfE8Y/LeRF/2/Bf2wVWIfHNC4n53k=
Subject key identifier:   2E:F8:76:A6:64:E5:D8:B6:CD:E0:1C:F0:84:10:DB:AD:96:BC:49:98
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01F2DE
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91CDF83/E2AE3B0AF13011EC86DE7D63C4F9AE02/Lvh2pmTl2LbN4BzwhBDbrZa8SZg.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91CDF83/E2AE3B0AF13011EC86DE7D63C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 20 May 2024 22:33:08 +0000
Certificate not after:    Wed 30 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 149818
                          IP: 103.187.10.0/23
                          IP: 2400:7860::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 06:14:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 127710 (0x1f2de)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May 20 22:33:08 2024 GMT
            Not After : Jul 30 00:00:00 2025 GMT
        Subject: CN=A91CDF83/serialNumber=2EF876A664E5D8B6CDE01CF08410DBAD96BC4998
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:70:27:02:a1:9d:93:2c:9c:34:75:d9:14:68:
                    cf:33:b9:c2:01:c1:98:e3:4d:ba:9b:9f:2e:81:9b:
                    76:84:c3:81:92:07:6c:80:42:6d:1f:25:0f:cf:9b:
                    4e:ff:ea:31:bc:25:74:89:44:86:fb:8c:ef:7c:ea:
                    0a:6d:c2:a1:e1:5f:06:d6:22:fa:cc:ab:68:7b:36:
                    b6:aa:22:13:0e:56:51:2c:38:7a:ac:f8:12:d4:44:
                    cb:8a:88:82:c7:68:34:3c:08:2b:78:c6:01:1b:08:
                    1d:00:4e:51:5e:75:6f:4e:0e:0d:a0:cb:3c:9e:64:
                    8f:9f:b7:8e:3c:33:15:ce:0e:f9:f1:a2:7b:59:6e:
                    fd:c1:04:20:c7:dd:1c:e8:c6:74:70:dc:0f:71:93:
                    1e:f1:bf:3e:88:82:50:f0:6f:87:e4:0b:a0:22:e8:
                    f1:49:a9:4e:b9:a9:96:f5:c7:73:9e:d4:c6:d0:a1:
                    da:3e:c8:98:f6:a4:86:c0:32:9f:61:84:26:45:0f:
                    88:14:16:56:4a:89:d5:c4:09:91:80:af:ef:66:b9:
                    4e:ed:dd:dc:b4:d8:6e:eb:20:1d:60:98:b4:0a:1f:
                    cf:1a:26:30:b8:ef:05:2a:27:88:4d:21:64:c3:cd:
                    17:37:fe:51:33:83:08:fb:d3:08:bf:98:62:41:be:
                    b5:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:F8:76:A6:64:E5:D8:B6:CD:E0:1C:F0:84:10:DB:AD:96:BC:49:98
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CDF83/E2AE3B0AF13011EC86DE7D63C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CDF83/E2AE3B0AF13011EC86DE7D63C4F9AE02/Lvh2pmTl2LbN4BzwhBDbrZa8SZg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  149818

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.187.10.0/23
                IPv6:
                  2400:7860::/32

    Signature Algorithm: sha256WithRSAEncryption
         d1:0b:6c:86:e0:1e:94:c5:b7:92:98:9e:7e:b6:0c:33:63:3f:
         3e:ab:01:67:8f:d1:5e:45:e5:23:bb:5e:78:a1:c0:0e:2d:81:
         c7:50:49:7d:c5:b1:39:28:f7:12:39:82:2d:32:64:5b:c2:d6:
         34:d4:f1:60:13:4c:39:dd:c3:54:ea:d6:61:a9:b2:84:51:2f:
         8f:09:22:7e:9f:26:c7:c2:01:34:62:ed:b7:18:5f:97:e2:09:
         9a:a4:24:0b:68:2e:56:b0:7f:6d:7c:7f:6f:45:82:ea:6f:4a:
         57:1c:de:db:35:ee:74:7f:d6:d5:66:12:eb:ba:cb:80:40:bd:
         79:4c:cf:04:9b:a4:ff:f7:6a:d8:7f:2e:bb:24:61:d2:e0:91:
         c1:64:3b:e9:52:ec:29:31:fc:f3:6f:63:02:ff:43:02:10:71:
         73:e7:89:f5:90:8a:34:79:ce:18:8c:10:aa:74:fa:0b:50:56:
         41:a7:45:f3:60:fe:5b:0c:72:ef:b6:9a:19:2a:73:93:b6:5d:
         e5:44:26:62:8c:83:d9:19:a5:d0:ae:eb:2b:04:29:5b:c4:88:
         8f:21:60:de:04:5e:f1:ad:39:e8:c4:1a:a2:52:79:09:d2:cd:
         da:2c:78:70:22:29:a6:aa:5a:6b:52:01:4f:2f:42:e0:5e:70:
         07:ec:20:64
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAfLeMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDUyMDIyMzMwOFoXDTI1MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQ0RGODMxMTAvBgNVBAUTKDJFRjg3NkE2NjRFNUQ4QjZDREUwMUNG
MDg0MTBEQkFEOTZCQzQ5OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDkcCcCoZ2TLJw0ddkUaM8zucIBwZjjTbqbny6Bm3aEw4GSB2yAQm0fJQ/Pm07/
6jG8JXSJRIb7jO986gptwqHhXwbWIvrMq2h7NraqIhMOVlEsOHqs+BLURMuKiILH
aDQ8CCt4xgEbCB0ATlFedW9ODg2gyzyeZI+ft448MxXODvnxontZbv3BBCDH3Rzo
xnRw3A9xkx7xvz6IglDwb4fkC6Ai6PFJqU65qZb1x3Oe1MbQodo+yJj2pIbAMp9h
hCZFD4gUFlZKidXECZGAr+9muU7t3dy02G7rIB1gmLQKH88aJjC47wUqJ4hNIWTD
zRc3/lEzgwj70wi/mGJBvrVbAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQULvh2pmTl
2LbN4BzwhBDbrZa8SZgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNERjgzL0UyQUUzQjBBRjEzMDExRUM4NkRFN0Q2M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDREY4My9FMkFFM0IwQUYxMzAxMUVDODZERTdENjNDNEY5QUUwMi9MdmgycG1U
bDJMYk40Qnp3aEJEYnJaYThTWmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkk6MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ7sKMA0EAgAC
MAcDBQAkAHhgMA0GCSqGSIb3DQEBCwUAA4IBAQDRC2yG4B6UxbeSmJ5+tgwzYz8+
qwFnj9FeReUju154ocAOLYHHUEl9xbE5KPcSOYItMmRbwtY01PFgE0w53cNU6tZh
qbKEUS+PCSJ+nybHwgE0Yu23GF+X4gmapCQLaC5WsH9tfH9vRYLqb0pXHN7bNe50
f9bVZhLrusuAQL15TM8Em6T/92rYfy67JGHS4JHBZDvpUuwpMfzzb2MC/0MCEHFz
54n1kIo0ec4YjBCqdPoLUFZBp0XzYP5bDHLvtpoZKnOTtl3lRCZijIPZGaXQrusr
BClbxIiPIWDeBF7xrTnoxBqiUnkJ0s3aLHhwIimmqlprUgFPL0LgXnAH7CBk
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:02:49 2024 by rpki-client on console-ams.rpki-client.org