Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.cer
File:                     NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.cer (raw, json)
Hash identifier:          kI4HfBmdj4q6PAqyOk2ik3goBtmiRaJ/Bdvito4Qhfg=
Subject key identifier:   34:9C:09:E9:9C:A8:06:E3:35:91:57:35:CF:97:2A:1B:F8:64:A6:C3
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01A3C0
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 17 May 2023 13:24:23 +0000
Certificate not after:    Tue 30 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 10226
                          AS: 24566
                          IP: 43.252.244.0/22
                          IP: 101.78.8.0/21
                          IP: 103.13.88.0/22
                          IP: 114.129.24.0/21
                          IP: 202.62.96.0/20
                          IP: 2404:2e00::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 12:32:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 107456 (0x1a3c0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May 17 13:24:23 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=A912FAB9/serialNumber=349C09E99CA806E335915735CF972A1BF864A6C3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:b4:8e:8d:b8:f5:5a:3e:d8:08:e2:d5:5d:f4:
                    2d:77:88:2c:4e:9a:20:24:ec:12:aa:e6:78:c7:13:
                    ae:16:a7:19:d8:ea:c1:c1:4e:2d:92:62:96:a9:2f:
                    9b:0f:a5:28:24:ab:83:86:ef:a5:72:e8:50:38:5b:
                    46:91:c5:4d:05:f2:2b:6e:32:c0:d2:14:29:61:aa:
                    64:85:1f:66:93:b8:2c:a0:d0:d6:48:e0:97:1c:0d:
                    03:3d:dc:22:d6:a5:8c:6e:83:4a:28:41:ea:51:14:
                    4d:e0:5c:7e:23:29:69:52:b8:45:e6:54:1b:9d:a4:
                    c0:d1:74:4d:c0:f7:c6:72:16:fe:4b:aa:c5:95:22:
                    8c:12:8d:a7:93:e2:65:30:58:6b:48:3f:17:8d:9f:
                    35:08:d7:97:22:9a:5b:99:6d:83:8d:59:e1:92:ef:
                    7d:c5:47:48:17:b1:bd:0d:3e:78:be:07:43:a8:f1:
                    a7:cc:28:27:1c:9d:b2:0f:f8:00:cd:c5:d2:cc:06:
                    00:3f:53:dc:fb:af:69:8f:ad:d2:74:2e:ea:f2:30:
                    30:e3:86:b3:af:54:23:20:56:8f:b3:62:f5:be:d6:
                    3f:b6:fe:86:8a:b2:af:f5:b0:6a:d6:b5:84:8c:bd:
                    36:07:ec:e8:98:79:16:84:62:7b:71:2c:8e:83:df:
                    19:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:9C:09:E9:9C:A8:06:E3:35:91:57:35:CF:97:2A:1B:F8:64:A6:C3
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912FAB9/938A70E495CD11E6BF4A8232C4F9AE02/NJwJ6ZyoBuM1kVc1z5cqG_hkpsM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  10226
                  24566

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.252.244.0/22
                  101.78.8.0/21
                  103.13.88.0/22
                  114.129.24.0/21
                  202.62.96.0/20
                IPv6:
                  2404:2e00::/32

    Signature Algorithm: sha256WithRSAEncryption
         4e:e3:44:1c:42:dd:bf:88:c0:58:d0:47:d2:c5:11:6c:8f:8c:
         77:15:3a:88:81:99:cd:aa:13:33:f6:14:ea:82:9c:df:dc:67:
         26:8e:5e:dc:5c:94:12:6f:bf:8a:cf:f3:4b:52:e5:4e:c4:e6:
         25:98:33:fe:c6:06:b5:e8:94:22:ce:dc:5b:50:92:3c:0f:75:
         35:29:cb:a7:26:cc:c5:05:de:70:5f:e7:e1:c5:70:38:1f:f9:
         9b:86:1a:43:ad:1f:2a:4e:78:24:67:c1:d1:f9:c1:ff:31:09:
         99:e0:82:e1:78:de:13:b3:22:51:f4:35:86:02:c8:eb:f2:6a:
         a1:51:b4:e6:76:4e:1b:14:05:55:12:31:f5:68:6d:0b:1d:8e:
         6d:68:c5:4d:60:40:9b:5f:6a:b2:2a:72:65:a2:ee:ac:69:90:
         2e:36:c0:db:a3:b8:4f:24:5a:62:c4:19:af:e5:e1:40:88:dd:
         e3:63:e0:db:9c:c4:45:4d:36:4f:e2:8e:da:c6:ab:2c:51:59:
         92:f1:a9:2b:e7:35:9a:c6:f7:f5:42:04:e5:03:70:a7:08:bd:
         8d:5e:b8:8e:4b:e8:0a:fb:ff:87:03:06:20:29:40:0a:5f:86:
         71:9e:34:2e:05:9c:51:d3:1e:86:3b:67:5e:26:46:43:52:49:
         69:42:5f:cc
-----BEGIN CERTIFICATE-----
MIIGRDCCBSygAwIBAgIDAaPAMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDUxNzEzMjQyM1oXDTI0MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMkZBQjkxMTAvBgNVBAUTKDM0OUMwOUU5OUNBODA2RTMzNTkxNTcz
NUNGOTcyQTFCRjg2NEE2QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLtI6NuPVaPtgI4tVd9C13iCxOmiAk7BKq5njHE64WpxnY6sHBTi2SYpapL5sP
pSgkq4OG76Vy6FA4W0aRxU0F8ituMsDSFClhqmSFH2aTuCyg0NZI4JccDQM93CLW
pYxug0ooQepRFE3gXH4jKWlSuEXmVBudpMDRdE3A98ZyFv5LqsWVIowSjaeT4mUw
WGtIPxeNnzUI15cimluZbYONWeGS733FR0gXsb0NPni+B0Oo8afMKCccnbIP+ADN
xdLMBgA/U9z7r2mPrdJ0LuryMDDjhrOvVCMgVo+zYvW+1j+2/oaKsq/1sGrWtYSM
vTYH7OiYeRaEYntxLI6D3xldAgMBAAGjggM5MIIDNTAdBgNVHQ4EFgQUNJwJ6Zyo
BuM1kVc1z5cqG/hkpsMwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJGQUI5LzkzOEE3MEU0OTVDRDExRTZCRjRBODIzMkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyRkFCOS85MzhBNzBFNDk1Q0QxMUU2QkY0QTgyMzJDNEY5QUUwMi9OSndKNlp5
b0J1TTFrVmMxejVjcUdfaGtwc00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHQYIKwYBBQUHAQgBAf8EDjAM
oAowCAICJ/ICAl/2MEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCK/z0AwQD
ZU4IAwQCZw1YAwQDcoEYAwQEyj5gMA0EAgACMAcDBQAkBC4AMA0GCSqGSIb3DQEB
CwUAA4IBAQBO40QcQt2/iMBY0EfSxRFsj4x3FTqIgZnNqhMz9hTqgpzf3Gcmjl7c
XJQSb7+Kz/NLUuVOxOYlmDP+xga16JQiztxbUJI8D3U1KcunJszFBd5wX+fhxXA4
H/mbhhpDrR8qTngkZ8HR+cH/MQmZ4ILheN4TsyJR9DWGAsjr8mqhUbTmdk4bFAVV
EjH1aG0LHY5taMVNYECbX2qyKnJlou6saZAuNsDbo7hPJFpixBmv5eFAiN3jY+Db
nMRFTTZP4o7axqssUVmS8akr5zWaxvf1QgTlA3CnCL2NXriOS+gK+/+HAwYgKUAK
X4ZxnjQuBZxR0x6GO2deJkZDUklpQl/M
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:33:58 2024 by rpki-client on console-ams.rpki-client.org