Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LzabRI0hcVlrosk82-JY6vMxdZQ.cer
File:                     LzabRI0hcVlrosk82-JY6vMxdZQ.cer (raw, json)
Hash identifier:          aS7y4//TluHxaelxdf1+pUcp6lXIqpYYM40ltVTgUYM=
Subject key identifier:   2F:36:9B:44:8D:21:71:59:6B:A2:C9:3C:DB:E2:58:EA:F3:31:75:94
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D465
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9161A5A/B8BB568E65E511EBA25F920BC4F9AE02/LzabRI0hcVlrosk82-JY6vMxdZQ.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9161A5A/B8BB568E65E511EBA25F920BC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 27 Dec 2023 15:17:46 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    AS: 141416
                          IP: 103.158.204.0/23
                          IP: 2001:df5:6480::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119909 (0x1d465)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec 27 15:17:46 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A9161A5A/serialNumber=2F369B448D2171596BA2C93CDBE258EAF3317594
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:af:82:ba:65:7e:b0:5c:16:d5:b5:66:40:85:
                    28:a5:94:0e:10:72:8b:85:9f:27:67:aa:06:03:26:
                    4b:dc:82:f1:da:f0:82:81:94:5d:40:8d:13:dd:32:
                    b4:b6:e5:ad:81:78:41:91:0b:32:bc:85:2a:21:39:
                    3b:cf:0b:49:de:a4:a7:da:40:73:93:c5:0b:f8:d2:
                    ec:3d:63:6d:f1:e4:a4:e7:d4:4e:11:a4:2e:e8:8a:
                    d7:c9:23:66:16:11:20:e9:f4:0b:33:92:4c:91:77:
                    e7:c8:46:99:8a:d0:24:80:7e:6a:91:6d:d1:22:91:
                    b1:8c:ed:e1:e8:1d:1a:c7:77:83:d7:a7:ec:e8:7f:
                    13:a5:8d:71:3e:05:d6:9d:f9:0e:84:4a:14:06:62:
                    cb:f3:06:8a:0b:68:0e:69:4a:c6:0f:22:e5:14:8e:
                    07:99:be:13:14:48:fe:6a:d5:9a:74:91:85:ae:6e:
                    27:55:17:9b:e4:82:70:88:aa:e6:b0:8c:5f:fb:59:
                    f4:2b:b7:96:69:ec:58:c8:29:84:97:cc:e4:cb:29:
                    b9:ab:14:ec:e4:c8:a2:23:ee:95:e3:74:24:1a:f1:
                    fe:f1:e3:e6:17:69:09:56:aa:e1:ea:d3:57:79:7b:
                    e4:e1:7e:01:68:f2:ad:6c:5e:99:84:2a:23:35:93:
                    69:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:36:9B:44:8D:21:71:59:6B:A2:C9:3C:DB:E2:58:EA:F3:31:75:94
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9161A5A/B8BB568E65E511EBA25F920BC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9161A5A/B8BB568E65E511EBA25F920BC4F9AE02/LzabRI0hcVlrosk82-JY6vMxdZQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  141416

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.158.204.0/23
                IPv6:
                  2001:df5:6480::/48

    Signature Algorithm: sha256WithRSAEncryption
         b5:99:02:86:a4:81:ac:6a:4e:52:53:c4:6a:e5:23:70:eb:f7:
         3f:a6:a1:d6:22:57:19:94:cf:f3:12:7c:c8:4e:f4:4e:05:e3:
         9d:f5:7c:e5:05:f4:5e:01:24:78:12:84:5e:52:bd:ef:b2:fc:
         ab:96:de:4d:e0:d9:38:24:73:8e:9b:2c:8a:58:26:6b:8f:b0:
         90:12:35:ac:e2:41:bf:c4:37:49:54:52:65:25:1f:dc:35:3c:
         91:90:94:57:9e:00:10:a2:95:69:0a:d0:92:54:d3:80:86:2f:
         3c:3c:3e:45:56:7e:4a:9e:ac:18:c5:10:57:35:ac:db:2a:7f:
         a7:96:c5:55:3b:de:40:54:a1:a0:31:ac:90:33:fb:4c:49:ce:
         8b:05:e7:81:2f:4c:31:3d:f7:fe:da:aa:09:fa:ab:65:d2:5a:
         1d:ad:57:d4:8d:ac:01:21:b8:ce:79:2c:00:81:14:5c:ae:5c:
         e9:99:51:98:4e:5c:0b:48:a8:30:44:aa:09:5a:a4:9f:82:13:
         cd:cf:6a:6a:14:d2:5a:a1:d2:80:81:34:92:5e:8b:48:58:61:
         98:ad:75:95:13:3d:a0:90:77:af:84:7e:66:d2:b1:e0:5f:07:
         40:34:70:ff:5e:b8:71:07:6c:92:da:a9:a2:59:e6:a1:fe:6b:
         6c:e8:14:74
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAdRlMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIyNzE1MTc0NloXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjFBNUExMTAvBgNVBAUTKDJGMzY5QjQ0OEQyMTcxNTk2QkEyQzkz
Q0RCRTI1OEVBRjMzMTc1OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCr4K6ZX6wXBbVtWZAhSillA4QcouFnydnqgYDJkvcgvHa8IKBlF1AjRPdMrS2
5a2BeEGRCzK8hSohOTvPC0nepKfaQHOTxQv40uw9Y23x5KTn1E4RpC7oitfJI2YW
ESDp9AszkkyRd+fIRpmK0CSAfmqRbdEikbGM7eHoHRrHd4PXp+zofxOljXE+Bdad
+Q6EShQGYsvzBooLaA5pSsYPIuUUjgeZvhMUSP5q1Zp0kYWubidVF5vkgnCIquaw
jF/7WfQrt5Zp7FjIKYSXzOTLKbmrFOzkyKIj7pXjdCQa8f7x4+YXaQlWquHq01d5
e+ThfgFo8q1sXpmEKiM1k2l1AgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQULzabRI0h
cVlrosk82+JY6vMxdZQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTYxQTVBL0I4QkI1NjhFNjVFNTExRUJBMjVGOTIwQkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2MUE1QS9COEJCNTY4RTY1RTUxMUVCQTI1RjkyMEJDNEY5QUUwMi9MemFiUkkw
aGNWbHJvc2s4Mi1KWTZ2TXhkWlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAihoMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ57MMA8EAgAC
MAkDBwAgAQ31ZIAwDQYJKoZIhvcNAQELBQADggEBALWZAoakgaxqTlJTxGrlI3Dr
9z+modYiVxmUz/MSfMhO9E4F4531fOUF9F4BJHgShF5Sve+y/KuW3k3g2Tgkc46b
LIpYJmuPsJASNaziQb/EN0lUUmUlH9w1PJGQlFeeABCilWkK0JJU04CGLzw8PkVW
fkqerBjFEFc1rNsqf6eWxVU73kBUoaAxrJAz+0xJzosF54EvTDE99/7aqgn6q2XS
Wh2tV9SNrAEhuM55LACBFFyuXOmZUZhOXAtIqDBEqglapJ+CE83PamoU0lqh0oCB
NJJei0hYYZitdZUTPaCQd6+EfmbSseBfB0A0cP9euHEHbJLaqaJZ5qH+a2zoFHQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:15:17 2024 by rpki-client on console-ams.rpki-client.org