Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NUCGnt82N-2YjCC9q68feDKpJ5s.cer
File:                     NUCGnt82N-2YjCC9q68feDKpJ5s.cer (raw, json)
Hash identifier:          FBgbge3Xq8CyRIEvIgFgbQ8DTfEF68bulaqzSqmo46M=
Subject key identifier:   35:40:86:9E:DF:36:37:ED:98:8C:20:BD:AB:AF:1F:78:32:A9:27:9B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E93F
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A913E847/ED8F1C2E73DE11EEA79AE851C4F9AE02/NUCGnt82N-2YjCC9q68feDKpJ5s.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A913E847/ED8F1C2E73DE11EEA79AE851C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 03 Apr 2024 07:58:38 +0000
Certificate not after:    Wed 28 May 2025 00:00:00 +0000
Subordinate resources:    AS: 132193
                          IP: 103.6.181.0/24
                          IP: 103.245.156.0/24
                          IP: 2001:df0:8300::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 125247 (0x1e93f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Apr  3 07:58:38 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=A913E847/serialNumber=3540869EDF3637ED988C20BDABAF1F7832A9279B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:11:bc:a5:84:14:79:27:d5:db:f9:e7:a8:b4:
                    e4:08:8e:9d:cb:02:a2:e6:ec:83:eb:92:3c:8b:fc:
                    bf:a1:75:2a:18:c4:ed:25:40:0f:5b:64:0c:85:b5:
                    d2:bb:45:98:99:fe:d2:6b:3d:c5:47:30:06:f3:ad:
                    81:01:5c:30:34:de:e3:90:20:88:6b:07:94:84:96:
                    f8:f7:83:53:f3:df:c9:7c:9c:28:fa:eb:f9:7e:d0:
                    aa:5c:8c:b5:c3:9e:ad:fa:6d:c5:6a:27:ba:75:e2:
                    6b:5e:b4:43:95:b1:c5:a4:01:b0:76:46:20:ca:97:
                    5e:f3:81:9b:c3:38:30:73:47:eb:e5:7d:6e:48:33:
                    9b:b1:58:d7:60:c9:8d:95:09:a9:fb:f9:d6:1f:df:
                    27:84:dd:df:e9:ff:f7:8e:a9:16:9e:54:00:10:97:
                    55:1b:98:8b:65:6e:0e:9e:cc:7c:04:ca:b8:ce:25:
                    6c:3e:70:57:c8:94:cb:cb:47:77:ac:27:62:bc:33:
                    66:ae:51:e2:11:bd:bd:5a:05:8a:fe:58:db:16:5f:
                    df:55:2f:bb:b0:33:0b:85:7f:a4:d9:53:40:78:8c:
                    03:32:c8:b2:3b:6d:db:79:fc:77:c3:b7:11:d4:16:
                    a3:f3:c6:88:5f:60:47:b7:38:94:4f:8f:1c:f9:2d:
                    7f:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:40:86:9E:DF:36:37:ED:98:8C:20:BD:AB:AF:1F:78:32:A9:27:9B
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913E847/ED8F1C2E73DE11EEA79AE851C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913E847/ED8F1C2E73DE11EEA79AE851C4F9AE02/NUCGnt82N-2YjCC9q68feDKpJ5s.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  132193

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.6.181.0/24
                  103.245.156.0/24
                IPv6:
                  2001:df0:8300::/48

    Signature Algorithm: sha256WithRSAEncryption
         2c:a9:a6:58:dd:02:49:64:1b:ce:88:e4:1b:6a:8d:74:39:e6:
         ab:99:e4:9f:c2:30:26:5e:c3:5a:db:b5:89:99:64:6f:04:f5:
         7d:11:35:7b:ee:ed:31:9a:7d:8f:35:2b:fb:89:b3:55:91:c7:
         f0:4c:b4:a2:21:89:47:b2:a2:98:e7:e4:6e:a5:8f:8e:b1:3e:
         7e:83:1d:05:40:3b:e9:6e:bb:f9:55:5b:07:28:2f:75:a9:10:
         36:2f:93:a6:42:9c:64:d5:06:18:a4:ef:e5:6a:2f:62:dc:2f:
         6b:92:75:88:e2:ac:c5:96:c4:92:0a:10:f5:2c:43:fb:fa:0b:
         55:59:80:8c:90:67:9d:a0:b7:37:49:53:54:5e:42:16:2e:0e:
         43:62:8f:d9:0d:65:87:80:34:97:fe:33:c9:7b:a6:09:08:fa:
         7c:f6:94:f2:9b:18:af:9d:f1:25:22:c2:20:05:9a:07:bd:7a:
         25:41:a0:0d:56:51:da:6c:a3:cb:ff:58:b4:d8:79:e4:0e:66:
         a5:8c:17:f6:6f:a4:02:3d:6c:36:8a:b2:46:f2:1f:a8:3f:a9:
         98:c4:4a:6f:fb:2f:7f:67:90:d0:7c:ba:0e:43:0a:5d:82:de:
         2c:c8:d5:93:21:88:f6:12:c2:87:66:f3:10:85:41:6c:2f:0a:
         e1:c4:ef:a2
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIDAek/MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQwMzA3NTgzOFoXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0U4NDcxMTAvBgNVBAUTKDM1NDA4NjlFREYzNjM3RUQ5ODhDMjBC
REFCQUYxRjc4MzJBOTI3OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDcEbylhBR5J9Xb+eeotOQIjp3LAqLm7IPrkjyL/L+hdSoYxO0lQA9bZAyFtdK7
RZiZ/tJrPcVHMAbzrYEBXDA03uOQIIhrB5SElvj3g1Pz38l8nCj66/l+0KpcjLXD
nq36bcVqJ7p14mtetEOVscWkAbB2RiDKl17zgZvDODBzR+vlfW5IM5uxWNdgyY2V
Can7+dYf3yeE3d/p//eOqRaeVAAQl1UbmItlbg6ezHwEyrjOJWw+cFfIlMvLR3es
J2K8M2auUeIRvb1aBYr+WNsWX99VL7uwMwuFf6TZU0B4jAMyyLI7bdt5/HfDtxHU
FqPzxohfYEe3OJRPjxz5LX8dAgMBAAGjggMmMIIDIjAdBgNVHQ4EFgQUNUCGnt82
N+2YjCC9q68feDKpJ5swHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNFODQ3L0VEOEYxQzJFNzNERTExRUVBNzlBRTg1MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzRTg0Ny9FRDhGMUMyRTczREUxMUVFQTc5QUU4NTFDNEY5QUUwMi9OVUNHbnQ4
Mk4tMllqQ0M5cTY4ZmVES3BKNXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgRhMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAZwa1AwQAZ/Wc
MA8EAgACMAkDBwAgAQ3wgwAwDQYJKoZIhvcNAQELBQADggEBACyppljdAklkG86I
5BtqjXQ55quZ5J/CMCZew1rbtYmZZG8E9X0RNXvu7TGafY81K/uJs1WRx/BMtKIh
iUeyopjn5G6lj46xPn6DHQVAO+luu/lVWwcoL3WpEDYvk6ZCnGTVBhik7+VqL2Lc
L2uSdYjirMWWxJIKEPUsQ/v6C1VZgIyQZ52gtzdJU1ReQhYuDkNij9kNZYeANJf+
M8l7pgkI+nz2lPKbGK+d8SUiwiAFmge9eiVBoA1WUdpso8v/WLTYeeQOZqWMF/Zv
pAI9bDaKskbyH6g/qZjESm/7L39nkNB8ug5DCl2C3izI1ZMhiPYSwodm8xCFQWwv
CuHE76I=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:27 2024 by rpki-client on console-fra.rpki-client.org