Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OG9viqHmbFJU6h5HiIwQP0U2Iio.cer
File:                     OG9viqHmbFJU6h5HiIwQP0U2Iio.cer (raw, json)
Hash identifier:          luNK6+KQIj3J+K4EbMoAcfyXLAQKZ0FcCtjuUCTJUFU=
Subject key identifier:   38:6F:6F:8A:A1:E6:6C:52:54:EA:1E:47:88:8C:10:3F:45:36:22:2A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01B595
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91EB077/DB7B7006482411E794041D2DC4F9AE02/OG9viqHmbFJU6h5HiIwQP0U2Iio.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91EB077/DB7B7006482411E794041D2DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 07 Aug 2023 22:09:16 +0000
Certificate not after:    Mon 30 Sep 2024 00:00:00 +0000
Subordinate resources:    AS: 133530
                          IP: 103.233.242.0/24
                          IP: 2401:1d80::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 23:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 112021 (0x1b595)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Aug  7 22:09:16 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=A91EB077/serialNumber=386F6F8AA1E66C5254EA1E47888C103F4536222A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:50:ed:ce:13:c1:73:7f:e4:bb:31:42:bd:8f:
                    1a:5c:21:a0:70:e5:9c:09:53:93:62:28:a5:d3:18:
                    b1:da:5e:88:ac:cb:c8:c1:cf:dd:83:58:c6:fe:1a:
                    76:e8:db:fe:2a:8c:69:f3:f9:97:11:82:67:8c:9d:
                    26:fc:b2:9b:62:06:88:76:f4:be:05:01:f0:e8:27:
                    01:2e:08:68:85:b4:37:1f:9c:55:ce:58:28:46:92:
                    b7:39:4f:0e:c8:13:0e:4d:a2:72:0e:8a:30:f2:54:
                    e1:cb:e5:25:ef:90:f0:d2:23:42:63:f1:b9:45:1a:
                    5e:9b:2a:ea:24:da:12:19:0c:16:71:17:6b:2b:77:
                    15:55:c1:40:e9:04:6a:5b:63:9f:8d:f1:1d:d4:b0:
                    8d:3c:c4:98:bd:09:76:8d:b1:41:2a:16:57:1a:2e:
                    5f:c0:ca:50:49:67:fa:ed:17:ca:e9:cf:a5:c3:39:
                    1f:fb:fd:77:38:f8:ca:68:93:99:f5:17:14:1d:50:
                    0b:20:00:0a:80:ec:ef:32:db:51:8f:8a:a2:c6:0b:
                    8e:49:86:b5:1e:b4:51:e4:01:9d:4b:5f:23:9c:40:
                    5b:ee:d2:cd:b8:8c:b3:14:c6:ac:17:2b:e0:eb:83:
                    80:19:d7:54:99:4f:8f:18:c7:f5:12:20:be:1a:5a:
                    18:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:6F:6F:8A:A1:E6:6C:52:54:EA:1E:47:88:8C:10:3F:45:36:22:2A
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91EB077/DB7B7006482411E794041D2DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91EB077/DB7B7006482411E794041D2DC4F9AE02/OG9viqHmbFJU6h5HiIwQP0U2Iio.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  133530

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.233.242.0/24
                IPv6:
                  2401:1d80::/32

    Signature Algorithm: sha256WithRSAEncryption
         51:a1:52:27:6b:58:6f:81:f5:2a:06:f5:a9:46:2a:7e:0f:de:
         07:4b:46:ef:13:c1:00:ff:f3:13:37:99:c0:df:ff:37:94:c3:
         fa:a7:05:26:a5:05:4e:cc:ac:05:14:a4:b7:ba:f1:cd:12:f4:
         ea:eb:85:b1:d1:48:d9:75:49:7f:51:94:1b:68:be:af:14:3e:
         8d:eb:7d:36:c8:f0:bb:e7:79:db:2c:c6:81:01:7c:67:dc:4e:
         76:c2:78:64:8d:6f:10:f5:56:f6:43:00:8b:c0:1a:36:29:b9:
         04:c3:3e:83:a1:56:b4:23:4b:96:5a:9e:c5:08:05:4b:86:bf:
         b4:82:07:b9:18:12:b5:a3:0c:af:cf:f7:fa:15:3b:6f:55:45:
         f2:52:5e:6a:3c:ab:05:e6:6e:10:a5:49:60:17:f5:6c:1e:01:
         bc:f3:3c:d0:af:44:cb:80:25:34:17:23:7b:c0:24:2a:4d:af:
         f2:ff:01:96:16:75:3d:49:fb:53:42:33:f3:12:9a:45:91:f7:
         c5:68:6e:1b:51:12:df:00:db:76:d1:b1:b1:b1:85:38:7a:52:
         60:a2:63:a1:6e:a5:29:47:05:6a:3f:65:40:a4:b5:fe:68:43:
         39:ef:b5:14:d7:31:4a:1d:9a:e8:d2:6e:73:06:50:5d:25:d6:
         23:0e:35:5c
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAbWVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDgwNzIyMDkxNloXDTI0MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRUIwNzcxMTAvBgNVBAUTKDM4NkY2RjhBQTFFNjZDNTI1NEVBMUU0
Nzg4OEMxMDNGNDUzNjIyMkEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDRUO3OE8Fzf+S7MUK9jxpcIaBw5ZwJU5NiKKXTGLHaXoisy8jBz92DWMb+Gnbo
2/4qjGnz+ZcRgmeMnSb8sptiBoh29L4FAfDoJwEuCGiFtDcfnFXOWChGkrc5Tw7I
Ew5NonIOijDyVOHL5SXvkPDSI0Jj8blFGl6bKuok2hIZDBZxF2srdxVVwUDpBGpb
Y5+N8R3UsI08xJi9CXaNsUEqFlcaLl/AylBJZ/rtF8rpz6XDOR/7/Xc4+Mpok5n1
FxQdUAsgAAqA7O8y21GPiqLGC45JhrUetFHkAZ1LXyOcQFvu0s24jLMUxqwXK+Dr
g4AZ11SZT48Yx/USIL4aWhjpAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUOG9viqHm
bFJU6h5HiIwQP0U2IiowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVCMDc3L0RCN0I3MDA2NDgyNDExRTc5NDA0MUQyREM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFQjA3Ny9EQjdCNzAwNjQ4MjQxMUU3OTQwNDFEMkRDNEY5QUUwMi9PRzl2aXFI
bWJGSlU2aDVIaUl3UVAwVTJJaW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgmaMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAZ+nyMA0EAgAC
MAcDBQAkAR2AMA0GCSqGSIb3DQEBCwUAA4IBAQBRoVIna1hvgfUqBvWpRip+D94H
S0bvE8EA//MTN5nA3/83lMP6pwUmpQVOzKwFFKS3uvHNEvTq64Wx0UjZdUl/UZQb
aL6vFD6N6302yPC753nbLMaBAXxn3E52wnhkjW8Q9Vb2QwCLwBo2KbkEwz6DoVa0
I0uWWp7FCAVLhr+0gge5GBK1owyvz/f6FTtvVUXyUl5qPKsF5m4QpUlgF/VsHgG8
8zzQr0TLgCU0FyN7wCQqTa/y/wGWFnU9SftTQjPzEppFkffFaG4bURLfANt20bGx
sYU4elJgomOhbqUpRwVqP2VApLX+aEM577UU1zFKHZro0m5zBlBdJdYjDjVc
-----END CERTIFICATE-----
Generated at Fri Mar 29 00:00:30 2024 by rpki-client on console-fra.rpki-client.org