Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MjnArILZQnKmoJ37KpCmZzCbOHM.cer
File:                     MjnArILZQnKmoJ37KpCmZzCbOHM.cer (raw, json)
Hash identifier:          6jzbeibRDrYo8CgdomXwOVyQFD7WW9E7Rgt8yOOo2VY=
Subject key identifier:   32:39:C0:AC:82:D9:42:72:A6:A0:9D:FB:2A:90:A6:67:30:9B:38:73
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C3B3
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9152643/738052AE574811ECB4252B86C4F9AE02/MjnArILZQnKmoJ37KpCmZzCbOHM.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9152643/738052AE574811ECB4252B86C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 12 Oct 2023 14:48:34 +0000
Certificate not after:    Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 64058
                          IP: 103.195.54.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 13:06:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 115635 (0x1c3b3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct 12 14:48:34 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=A9152643/serialNumber=3239C0AC82D94272A6A09DFB2A90A667309B3873
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:8a:4b:4a:ad:62:13:c9:43:58:53:d8:b2:0b:
                    73:57:f0:20:f8:ec:3b:69:5c:b3:2a:e4:c6:f0:d0:
                    07:83:79:7f:6f:02:d9:d2:5a:21:ca:52:b1:d4:f7:
                    50:b6:52:3a:9b:02:87:c7:4c:53:1e:4a:4a:c8:8c:
                    ca:6c:a8:17:1d:0e:35:4a:1e:65:a2:55:d2:d0:03:
                    4a:2c:29:07:bd:ff:51:1e:05:35:43:21:ef:77:6c:
                    2b:94:33:1a:21:03:29:23:57:a6:bd:3e:9e:9f:23:
                    fd:8a:80:b1:b4:d4:1e:59:1a:b6:bc:9f:bb:1f:ae:
                    77:fa:7f:89:c2:79:42:01:f4:c2:84:b4:8f:d0:36:
                    c3:70:d3:8b:39:57:05:d2:de:d5:62:7d:71:0b:0f:
                    3c:9f:57:45:84:70:46:e4:6b:9c:0c:62:ae:e6:69:
                    bc:b3:38:1b:cf:2b:91:8e:38:ca:00:69:d5:61:b5:
                    bf:74:3c:f2:e2:18:7c:55:ca:d8:12:c3:c0:76:76:
                    fa:6f:ee:07:6d:f9:08:61:ee:ab:46:bc:14:b5:63:
                    20:4a:2f:c6:fb:8e:96:58:c4:ca:96:c2:01:93:b6:
                    c6:3e:cc:97:c9:10:43:b4:f9:6a:25:c0:f9:1b:55:
                    b2:9d:49:2f:53:90:c9:8a:5f:39:fa:b0:ba:6c:bd:
                    8d:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:39:C0:AC:82:D9:42:72:A6:A0:9D:FB:2A:90:A6:67:30:9B:38:73
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9152643/738052AE574811ECB4252B86C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9152643/738052AE574811ECB4252B86C4F9AE02/MjnArILZQnKmoJ37KpCmZzCbOHM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  64058

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.195.54.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ac:61:c0:4d:df:10:00:42:dd:c3:a6:7c:47:c7:33:68:a3:74:
         bf:e9:45:7f:ae:0c:8b:99:c3:36:f0:77:84:67:e1:e0:97:d0:
         83:49:8e:77:d0:90:9f:ce:7a:3f:5c:5c:da:3e:8a:6c:f7:e3:
         d4:c5:82:83:bc:f8:32:00:80:37:4a:49:22:39:2b:4c:d5:9b:
         b2:a6:2b:04:40:50:a2:2e:3c:35:de:36:bc:aa:20:31:e7:f0:
         71:8f:85:91:d5:05:94:21:43:fd:a6:9c:ab:7e:32:6f:28:32:
         13:41:2a:7b:66:1f:fe:79:c9:e9:64:9e:6a:af:1e:6c:06:83:
         95:77:71:3d:c3:65:4b:1e:f2:1c:0f:85:15:02:e8:76:f5:6f:
         46:70:ea:5a:8f:80:20:43:d2:31:c1:fe:0b:26:ad:5c:36:6e:
         53:dd:9c:29:df:f1:54:85:72:b2:00:b3:1e:d8:27:c9:99:cd:
         c8:d0:be:c0:cb:9f:35:35:84:55:46:ab:c5:5b:2f:27:31:1f:
         4e:46:2d:b5:57:e6:f3:fa:2b:8a:6b:fe:08:8e:53:fc:da:3d:
         62:ca:71:cd:b9:2a:b4:62:75:fc:7b:82:0c:90:41:32:ac:4f:
         08:d0:7c:f5:59:2f:08:92:93:55:14:31:d0:f3:89:b1:07:f7:
         45:06:51:17
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAcOzMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAxMjE0NDgzNFoXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTI2NDMxMTAvBgNVBAUTKDMyMzlDMEFDODJEOTQyNzJBNkEwOURG
QjJBOTBBNjY3MzA5QjM4NzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxiktKrWITyUNYU9iyC3NX8CD47DtpXLMq5Mbw0AeDeX9vAtnSWiHKUrHU91C2
UjqbAofHTFMeSkrIjMpsqBcdDjVKHmWiVdLQA0osKQe9/1EeBTVDIe93bCuUMxoh
AykjV6a9Pp6fI/2KgLG01B5ZGra8n7sfrnf6f4nCeUIB9MKEtI/QNsNw04s5VwXS
3tVifXELDzyfV0WEcEbka5wMYq7mabyzOBvPK5GOOMoAadVhtb90PPLiGHxVytgS
w8B2dvpv7gdt+Qhh7qtGvBS1YyBKL8b7jpZYxMqWwgGTtsY+zJfJEEO0+WolwPkb
VbKdSS9TkMmKXzn6sLpsvY1pAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUMjnArILZ
QnKmoJ37KpCmZzCbOHMwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTUyNjQzLzczODA1MkFFNTc0ODExRUNCNDI1MkI4NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1MjY0My83MzgwNTJBRTU3NDgxMUVDQjQyNTJCODZDNEY5QUUwMi9Nam5BcklM
WlFuS21vSjM3S3BDbVp6Q2JPSE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAPo6MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ8M2MA0GCSqG
SIb3DQEBCwUAA4IBAQCsYcBN3xAAQt3DpnxHxzNoo3S/6UV/rgyLmcM28HeEZ+Hg
l9CDSY530JCfzno/XFzaPops9+PUxYKDvPgyAIA3SkkiOStM1ZuypisEQFCiLjw1
3ja8qiAx5/Bxj4WR1QWUIUP9ppyrfjJvKDITQSp7Zh/+ecnpZJ5qrx5sBoOVd3E9
w2VLHvIcD4UVAuh29W9GcOpaj4AgQ9Ixwf4LJq1cNm5T3Zwp3/FUhXKyALMe2CfJ
mc3I0L7Ay581NYRVRqvFWy8nMR9ORi21V+bz+iuKa/4IjlP82j1iynHNuSq0YnX8
e4IMkEEyrE8I0Hz1WS8IkpNVFDHQ84mxB/dFBlEX
-----END CERTIFICATE-----
Generated at Thu Mar 28 14:07:48 2024 by rpki-client on console-fra.rpki-client.org