Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NPs4YMs0-seCIJnB-5kfzfY8hs0.cer
File:                     NPs4YMs0-seCIJnB-5kfzfY8hs0.cer (raw, json)
Hash identifier:          X9JmiF3m4CDtiSAwRdqFLZ4DBk6MxEkUXHVIMuy/hVk=
Subject key identifier:   34:FB:38:60:CB:34:FA:C7:82:20:99:C1:FB:99:1F:CD:F6:3C:86:CD
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D52D
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C1710/18229A86826B11ECA11BA52BC4F9AE02/NPs4YMs0-seCIJnB-5kfzfY8hs0.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C1710/18229A86826B11ECA11BA52BC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sat 30 Dec 2023 18:25:45 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 58701
                          IP: 103.20.89.0/24
                          IP: 2406:e9c0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120109 (0x1d52d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec 30 18:25:45 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A91C1710/serialNumber=34FB3860CB34FAC7822099C1FB991FCDF63C86CD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:2f:6b:ee:4f:4b:d3:b6:ae:4e:3d:f4:76:db:
                    06:1a:62:ab:4d:2c:47:88:3b:df:bb:e7:2e:48:9a:
                    e4:4e:fd:27:06:79:10:87:89:da:c1:6c:88:25:2b:
                    27:84:4f:f4:8b:31:ed:c5:96:4b:9b:9e:34:7b:14:
                    3e:70:98:1b:a2:64:f2:c1:c0:da:9f:22:5f:a9:6c:
                    7b:d6:5e:1f:d4:a1:41:55:78:c1:12:cc:13:17:52:
                    2a:d6:b7:cd:c5:a9:5d:72:67:7d:cc:59:ca:02:67:
                    15:3f:eb:a9:69:39:c6:b0:b3:2f:ed:6b:b3:41:ad:
                    b8:cd:00:bb:ae:66:aa:3c:06:9f:c1:93:2a:1c:06:
                    07:00:fa:9d:55:9b:dc:eb:3e:43:d1:d0:03:89:e6:
                    88:52:d7:b4:16:1e:b0:6c:0f:d8:9c:0d:98:57:87:
                    fc:36:cb:b7:89:71:3d:97:a4:ab:e7:d1:31:06:51:
                    48:5a:09:b3:db:2f:43:18:10:35:6e:a5:d1:af:96:
                    2a:7c:69:2d:3e:99:97:65:e9:1c:30:7a:f2:5b:59:
                    ef:cb:52:91:ef:92:c2:a9:8b:4f:f0:24:c9:7c:e3:
                    c7:ab:17:8b:61:0f:6e:af:59:4d:05:71:7a:f2:d6:
                    08:ee:73:a2:da:9d:9c:7c:ad:36:2d:b6:44:da:b0:
                    0a:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:FB:38:60:CB:34:FA:C7:82:20:99:C1:FB:99:1F:CD:F6:3C:86:CD
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C1710/18229A86826B11ECA11BA52BC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C1710/18229A86826B11ECA11BA52BC4F9AE02/NPs4YMs0-seCIJnB-5kfzfY8hs0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  58701

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.20.89.0/24
                IPv6:
                  2406:e9c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         d7:19:e0:88:99:ac:a0:ed:df:6f:5f:6c:e3:ed:05:f8:70:2e:
         51:d3:ed:dd:3f:0c:8d:cc:41:23:7e:f5:21:fa:8d:ce:e7:55:
         f6:e8:ed:8b:3f:0e:de:98:8f:e9:f2:6b:f8:52:bb:8b:b9:81:
         03:39:e1:05:27:33:38:b2:c7:08:e2:66:25:03:47:8e:89:43:
         03:10:3c:c6:38:8f:5e:82:88:ed:7a:fb:84:7e:f4:2b:41:76:
         17:95:f0:6f:9f:99:49:a3:d2:c9:06:1d:3e:6d:4c:3a:2a:72:
         78:70:1a:52:66:2a:a5:58:9b:9c:31:8f:4d:c9:4c:bb:ce:38:
         cc:64:60:73:08:21:7c:f1:28:ae:88:41:00:c8:21:00:d1:71:
         f4:bc:cb:73:7f:19:16:af:a4:a6:6d:85:a0:30:99:4e:2b:ae:
         43:3c:57:31:79:0f:a0:78:9c:d2:73:41:4a:e1:a1:2c:59:73:
         d4:d7:21:ab:1c:8b:2b:e0:88:4b:82:b8:ec:33:c7:b8:c7:de:
         cd:1a:f6:aa:70:a8:8b:bf:3a:37:17:b4:e2:2c:e3:85:0f:df:
         24:62:0a:48:34:bb:ca:d3:3a:09:5d:89:a0:82:0d:2f:a2:50:
         7f:92:09:c4:9a:9b:1b:29:6d:57:3b:e8:69:79:5d:a0:17:d0:
         b8:a6:92:b7
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAdUtMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIzMDE4MjU0NVoXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzE3MTAxMTAvBgNVBAUTKDM0RkIzODYwQ0IzNEZBQzc4MjIwOTlD
MUZCOTkxRkNERjYzQzg2Q0QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCRL2vuT0vTtq5OPfR22wYaYqtNLEeIO9+75y5ImuRO/ScGeRCHidrBbIglKyeE
T/SLMe3FlkubnjR7FD5wmBuiZPLBwNqfIl+pbHvWXh/UoUFVeMESzBMXUirWt83F
qV1yZ33MWcoCZxU/66lpOcawsy/ta7NBrbjNALuuZqo8Bp/BkyocBgcA+p1Vm9zr
PkPR0AOJ5ohS17QWHrBsD9icDZhXh/w2y7eJcT2XpKvn0TEGUUhaCbPbL0MYEDVu
pdGvlip8aS0+mZdl6RwwevJbWe/LUpHvksKpi0/wJMl848erF4thD26vWU0FcXry
1gjuc6LanZx8rTYttkTasArxAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUNPs4YMs0
+seCIJnB+5kfzfY8hs0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMxNzEwLzE4MjI5QTg2ODI2QjExRUNBMTFCQTUyQkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDMTcxMC8xODIyOUE4NjgyNkIxMUVDQTExQkE1MkJDNEY5QUUwMi9OUHM0WU1z
MC1zZUNJSm5CLTVrZnpmWThoczAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAOVNMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAZxRZMA0EAgAC
MAcDBQAkBunAMA0GCSqGSIb3DQEBCwUAA4IBAQDXGeCImayg7d9vX2zj7QX4cC5R
0+3dPwyNzEEjfvUh+o3O51X26O2LPw7emI/p8mv4UruLuYEDOeEFJzM4sscI4mYl
A0eOiUMDEDzGOI9egojtevuEfvQrQXYXlfBvn5lJo9LJBh0+bUw6KnJ4cBpSZiql
WJucMY9NyUy7zjjMZGBzCCF88SiuiEEAyCEA0XH0vMtzfxkWr6SmbYWgMJlOK65D
PFcxeQ+geJzSc0FK4aEsWXPU1yGrHIsr4IhLgrjsM8e4x97NGvaqcKiLvzo3F7Ti
LOOFD98kYgpINLvK0zoJXYmggg0volB/kgnEmpsbKW1XO+hpeV2gF9C4ppK3
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:16 2024 by rpki-client on console-fra.rpki-client.org