Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Oq_7t-pKYNd7tEKErL8lw5i6mm0.cer
File:                     Oq_7t-pKYNd7tEKErL8lw5i6mm0.cer (raw, json)
Hash identifier:          b30DuM86QmWFdokJN4YsGMbRKcFrWDz1+P4eoqSwK3I=
Subject key identifier:   3A:AF:FB:B7:EA:4A:60:D7:7B:B4:42:84:AC:BF:25:C3:98:BA:9A:6D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D63E
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/Oq_7t-pKYNd7tEKErL8lw5i6mm0.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 03 Jan 2024 00:19:49 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 149056
                          IP: 103.177.136.0/23
                          IP: 2400:3f60::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120382 (0x1d63e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan  3 00:19:49 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A91F8E3D/serialNumber=3AAFFBB7EA4A60D77BB44284ACBF25C398BA9A6D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:88:c3:77:79:d4:7a:db:24:6f:f9:3e:37:46:
                    57:4c:08:05:e9:9b:a7:f3:cd:1b:b5:56:82:e2:55:
                    50:4a:37:69:b0:2a:9f:7f:00:d4:22:02:e4:40:94:
                    91:dc:30:46:d7:12:fd:13:44:98:95:d3:1b:7c:e7:
                    18:63:4e:10:bc:64:55:43:d8:2d:3d:84:cb:73:36:
                    05:40:17:a5:e4:6e:d0:0e:62:38:79:22:fa:05:c6:
                    de:be:e8:fa:ef:99:7a:4e:8f:bb:e2:f5:4a:ad:39:
                    0b:2b:ff:90:28:b1:12:ee:6e:f2:d5:de:01:2a:14:
                    77:7c:34:57:9c:24:57:08:2c:7a:b6:8c:38:40:bc:
                    50:3c:67:66:6f:0e:d2:36:12:67:91:d6:0d:0e:54:
                    2c:c7:b9:51:1b:5c:7d:72:a8:fc:e9:18:5f:2b:98:
                    0a:ce:3a:d2:b8:8b:2c:14:41:56:aa:f0:50:92:43:
                    ab:cf:a8:25:66:6a:4e:96:3f:a3:c2:e9:79:ce:7b:
                    79:26:ab:2e:6b:29:8b:18:df:66:cc:a1:a7:86:c7:
                    86:e4:41:0b:25:08:19:4b:cd:ea:53:db:18:cc:6b:
                    1a:83:93:dd:b3:fb:61:d9:6f:20:fc:79:f4:85:f4:
                    4e:26:89:e5:e8:8e:c2:e2:52:b6:02:0d:fb:56:77:
                    14:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:AF:FB:B7:EA:4A:60:D7:7B:B4:42:84:AC:BF:25:C3:98:BA:9A:6D
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F8E3D/0AB4386A584E11EC9FCF1779C4F9AE02/Oq_7t-pKYNd7tEKErL8lw5i6mm0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  149056

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.177.136.0/23
                IPv6:
                  2400:3f60::/32

    Signature Algorithm: sha256WithRSAEncryption
         b3:7c:44:f4:df:e5:88:bb:70:be:8c:c3:14:c6:31:f4:db:b3:
         b0:9d:bb:15:1c:bb:00:63:1b:1c:a8:a7:23:8f:c0:2a:fd:fc:
         01:8d:bc:a2:8c:46:d7:8b:63:09:7e:d2:88:e5:a4:25:9e:92:
         42:01:8b:ef:da:6b:8b:7a:50:82:5c:3c:5c:db:77:7c:c3:db:
         79:53:bc:8e:9c:c7:5c:91:7e:b8:56:52:bf:e1:3e:6c:11:5a:
         4c:ad:12:a4:75:12:a0:bb:3c:51:13:14:32:20:c8:a1:35:43:
         2b:bc:39:ea:a9:5e:e7:74:a2:aa:2a:a8:96:ca:39:b4:4d:8e:
         59:79:52:5d:15:bb:b0:13:97:68:9f:f7:ba:2a:a5:26:15:81:
         23:d3:aa:2c:63:0d:04:a0:17:a7:75:f8:5c:c3:44:f2:5c:f8:
         2c:3e:b0:6e:7e:d3:cc:47:6c:39:d0:f1:bd:41:08:30:5c:cf:
         8e:1f:28:a8:02:87:84:aa:78:47:4e:63:c2:54:8c:80:5f:d1:
         47:81:81:13:0a:b9:b1:0f:ea:ee:a8:0b:58:86:9e:42:c5:25:
         c3:24:66:dd:39:a9:bb:bb:ae:84:3d:5f:a9:63:4e:7e:b0:d6:
         84:56:7e:0e:ca:d7:90:a4:41:1f:d8:5d:80:23:21:b1:ee:ea:
         70:8e:9b:4e
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAdY+MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEwMzAwMTk0OVoXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRjhFM0QxMTAvBgNVBAUTKDNBQUZGQkI3RUE0QTYwRDc3QkI0NDI4
NEFDQkYyNUMzOThCQTlBNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCniMN3edR62yRv+T43RldMCAXpm6fzzRu1VoLiVVBKN2mwKp9/ANQiAuRAlJHc
MEbXEv0TRJiV0xt85xhjThC8ZFVD2C09hMtzNgVAF6XkbtAOYjh5IvoFxt6+6Prv
mXpOj7vi9UqtOQsr/5AosRLubvLV3gEqFHd8NFecJFcILHq2jDhAvFA8Z2ZvDtI2
EmeR1g0OVCzHuVEbXH1yqPzpGF8rmArOOtK4iywUQVaq8FCSQ6vPqCVmak6WP6PC
6XnOe3kmqy5rKYsY32bMoaeGx4bkQQslCBlLzepT2xjMaxqDk92z+2HZbyD8efSF
9E4mieXojsLiUrYCDftWdxRXAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUOq/7t+pK
YNd7tEKErL8lw5i6mm0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUY4RTNELzBBQjQzODZBNTg0RTExRUM5RkNGMTc3OUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGOEUzRC8wQUI0Mzg2QTU4NEUxMUVDOUZDRjE3NzlDNEY5QUUwMi9PcV83dC1w
S1lOZDd0RUtFckw4bHc1aTZtbTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkZAMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ7GIMA0EAgAC
MAcDBQAkAD9gMA0GCSqGSIb3DQEBCwUAA4IBAQCzfET03+WIu3C+jMMUxjH027Ow
nbsVHLsAYxscqKcjj8Aq/fwBjbyijEbXi2MJftKI5aQlnpJCAYvv2muLelCCXDxc
23d8w9t5U7yOnMdckX64VlK/4T5sEVpMrRKkdRKguzxRExQyIMihNUMrvDnqqV7n
dKKqKqiWyjm0TY5ZeVJdFbuwE5don/e6KqUmFYEj06osYw0EoBendfhcw0TyXPgs
PrBuftPMR2w50PG9QQgwXM+OHyioAoeEqnhHTmPCVIyAX9FHgYETCrmxD+ruqAtY
hp5CxSXDJGbdOam7u66EPV+pY05+sNaEVn4OyteQpEEf2F2AIyGx7upwjptO
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:47:06 2024 by rpki-client on console-ams.rpki-client.org