Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PB_di6MB3OPbPwvMJchpTOG83H0.cer
File:                     PB_di6MB3OPbPwvMJchpTOG83H0.cer (raw, json)
Hash identifier:          mMuNm2LlrlFS+344YI8iQZPPA0XavtJXFyM1/V5etKs=
Subject key identifier:   3C:1F:DD:8B:A3:01:DC:E3:DB:3F:0B:CC:25:C8:69:4C:E1:BC:DC:7D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C8DE
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 03 Nov 2023 17:25:16 +0000
Certificate not after:    Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 135589
                          IP: 103.129.76.0/22
                          IP: 2403:79c0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 12:49:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 116958 (0x1c8de)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov  3 17:25:16 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=A91A08FD/serialNumber=3C1FDD8BA301DCE3DB3F0BCC25C8694CE1BCDC7D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:52:96:4c:60:16:70:f8:ed:27:3d:c4:ef:64:
                    ab:d8:89:b3:c2:f2:b6:b4:57:7e:3a:6a:95:ca:4d:
                    47:98:3f:c1:2c:39:1c:11:ef:bd:ff:70:1f:b3:69:
                    d9:fe:83:a7:cc:4d:a2:fd:c8:b1:02:86:b0:51:0f:
                    50:c8:71:c0:65:54:d5:bf:87:86:1c:92:3b:75:c9:
                    ed:06:86:4c:f4:f6:ae:83:e7:f1:87:b0:20:28:c4:
                    9c:7e:82:fc:44:a2:8a:f3:cb:4f:dc:b2:a2:f5:0f:
                    32:ea:79:4b:77:35:a5:53:9e:74:f1:c5:a0:8d:16:
                    b7:53:02:b4:3e:5a:80:c4:1b:43:94:be:52:a6:6f:
                    8e:e0:45:4a:77:aa:d6:bb:21:b4:db:a4:ff:6c:58:
                    32:a4:f9:ed:b6:02:3c:6e:30:87:5c:f2:dd:d2:56:
                    90:32:03:3c:31:9c:19:d2:38:be:2b:34:d1:01:72:
                    2c:92:a6:99:20:1f:d3:43:6b:09:74:ca:9a:93:e2:
                    9e:44:3b:79:67:02:60:9f:16:1f:d1:6b:4b:5d:f3:
                    02:22:ed:10:60:3a:9f:ad:26:77:11:b1:89:f4:ed:
                    75:f8:5c:a4:b8:1b:9f:3a:77:fe:2e:f4:8e:d4:6d:
                    bf:74:e6:9c:cd:73:c7:53:c2:d7:4a:d1:5d:1e:fa:
                    83:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:1F:DD:8B:A3:01:DC:E3:DB:3F:0B:CC:25:C8:69:4C:E1:BC:DC:7D
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  135589

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.129.76.0/22
                IPv6:
                  2403:79c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         25:06:74:45:93:8e:82:20:51:e7:fd:6c:8b:95:24:1d:e0:84:
         36:47:d8:84:3e:6f:4a:d4:68:b8:d1:cb:03:15:90:1b:b3:a7:
         bf:6a:8b:0b:2f:9a:3e:b9:8f:66:a4:6d:08:ad:a1:09:0c:19:
         5a:93:21:37:62:25:21:0c:20:6b:ce:7d:cf:92:73:2a:75:41:
         35:a3:2d:d6:af:5a:f3:71:c6:57:98:ca:48:60:76:56:e0:6c:
         c1:a8:6f:df:12:11:10:74:24:c5:60:55:68:c8:6a:75:b4:59:
         02:83:1d:77:37:0e:14:f3:e3:d2:f5:b8:77:50:25:25:02:35:
         87:ff:d1:0f:46:64:61:1c:56:48:a6:af:75:4c:74:3c:26:8a:
         c7:7a:3c:f3:7c:18:4a:47:33:81:9c:0a:09:96:e0:a0:16:2f:
         24:3c:a8:d6:ff:64:db:42:2b:4d:7e:8c:fe:ec:6c:16:11:ef:
         80:1b:01:c0:dc:16:8b:13:9e:b4:67:f1:2d:04:25:ad:99:55:
         b0:7d:e1:af:2a:94:56:b3:48:94:34:95:e9:cc:1d:36:5e:8c:
         dc:88:0d:29:12:24:0b:01:0e:61:2d:c7:62:c4:db:a6:86:b1:
         d0:25:92:4a:07:1f:42:96:b9:76:4b:42:78:e4:2f:f8:ca:32:
         3e:67:a8:ad
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAcjeMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEwMzE3MjUxNloXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTA4RkQxMTAvBgNVBAUTKDNDMUZERDhCQTMwMURDRTNEQjNGMEJD
QzI1Qzg2OTRDRTFCQ0RDN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5UpZMYBZw+O0nPcTvZKvYibPC8ra0V346apXKTUeYP8EsORwR773/cB+zadn+
g6fMTaL9yLEChrBRD1DIccBlVNW/h4Yckjt1ye0Ghkz09q6D5/GHsCAoxJx+gvxE
oorzy0/csqL1DzLqeUt3NaVTnnTxxaCNFrdTArQ+WoDEG0OUvlKmb47gRUp3qta7
IbTbpP9sWDKk+e22AjxuMIdc8t3SVpAyAzwxnBnSOL4rNNEBciySppkgH9NDawl0
ypqT4p5EO3lnAmCfFh/Ra0td8wIi7RBgOp+tJncRsYn07XX4XKS4G586d/4u9I7U
bb905pzNc8dTwtdK0V0e+oNHAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUPB/di6MB
3OPbPwvMJchpTOG83H0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUEwOEZELzlGNDJFQUQ4QzhBQjExRTk4MjlEMjgyRkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBMDhGRC85RjQyRUFEOEM4QUIxMUU5ODI5RDI4MkZDNEY5QUUwMi9QQl9kaTZN
QjNPUGJQd3ZNSmNocFRPRzgzSDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhGlMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ4FMMA0EAgAC
MAcDBQAkA3nAMA0GCSqGSIb3DQEBCwUAA4IBAQAlBnRFk46CIFHn/WyLlSQd4IQ2
R9iEPm9K1Gi40csDFZAbs6e/aosLL5o+uY9mpG0IraEJDBlakyE3YiUhDCBrzn3P
knMqdUE1oy3Wr1rzccZXmMpIYHZW4GzBqG/fEhEQdCTFYFVoyGp1tFkCgx13Nw4U
8+PS9bh3UCUlAjWH/9EPRmRhHFZIpq91THQ8JorHejzzfBhKRzOBnAoJluCgFi8k
PKjW/2TbQitNfoz+7GwWEe+AGwHA3BaLE560Z/EtBCWtmVWwfeGvKpRWs0iUNJXp
zB02XozciA0pEiQLAQ5hLcdixNumhrHQJZJKBx9Clrl2S0J45C/4yjI+Z6it
-----END CERTIFICATE-----
Generated at Fri Mar 29 13:45:05 2024 by rpki-client on console-ams.rpki-client.org