Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QRfXbD7AS2IRM0hQpc1uowVTUFw.cer
File:                     QRfXbD7AS2IRM0hQpc1uowVTUFw.cer (raw, json)
Hash identifier:          W3Y5naUpQI02/MldtO0UvL7t6SjNSOebGzH2By42/1o=
Subject key identifier:   41:17:D7:6C:3E:C0:4B:62:11:33:48:50:A5:CD:6E:A3:05:53:50:5C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E0C4
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91ED6B5/EF469BFC594411ECAF575A6CC4F9AE02/QRfXbD7AS2IRM0hQpc1uowVTUFw.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91ED6B5/EF469BFC594411ECAF575A6CC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 27 Feb 2024 02:22:03 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 203.24.73.0/24
                          IP: 203.32.71.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 12:46:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123076 (0x1e0c4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb 27 02:22:03 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A91ED6B5/serialNumber=4117D76C3EC04B6211334850A5CD6EA30553505C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:86:99:11:bf:58:0d:b4:6a:2e:cd:be:9d:25:
                    8d:9b:b0:c3:66:42:ed:0c:71:c5:9d:8a:54:ec:8e:
                    de:32:0b:ea:c6:4d:13:a8:c6:26:a2:27:3c:61:ff:
                    0f:13:83:ce:7d:2f:59:95:a7:27:e7:62:b8:6b:33:
                    c7:7d:87:7c:79:d0:c7:11:1c:19:f2:85:51:32:9e:
                    c5:09:c2:07:c9:aa:bc:c3:30:84:51:06:f5:da:e4:
                    1e:29:24:e3:aa:d8:54:23:99:2d:1b:9c:29:c1:ca:
                    31:cf:70:cb:c7:c5:c6:b8:4f:25:9e:bf:a0:a1:07:
                    6d:de:a3:0a:8e:69:60:99:d0:40:6d:44:7b:67:89:
                    e3:14:01:70:94:2d:42:68:6d:01:26:8f:9e:ea:68:
                    85:85:19:c5:4d:77:de:38:11:64:2d:10:9d:30:94:
                    66:e8:c6:a9:95:7b:3c:dd:9d:49:2c:8f:68:8d:8c:
                    63:fc:b4:9a:6f:2c:e2:a3:c5:30:a1:0c:8b:1f:54:
                    c2:2a:23:ad:90:98:25:c3:7a:a7:05:3a:53:9e:7a:
                    00:b1:a2:94:92:b1:9a:3b:42:57:f6:50:24:d5:a4:
                    59:05:3b:72:e8:94:39:88:c5:14:0e:07:2f:70:29:
                    d6:66:ad:85:5d:0b:12:3f:4c:d1:2e:94:bd:2a:65:
                    db:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:17:D7:6C:3E:C0:4B:62:11:33:48:50:A5:CD:6E:A3:05:53:50:5C
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91ED6B5/EF469BFC594411ECAF575A6CC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91ED6B5/EF469BFC594411ECAF575A6CC4F9AE02/QRfXbD7AS2IRM0hQpc1uowVTUFw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.24.73.0/24
                  203.32.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:57:39:85:dc:bb:c7:f6:aa:b3:9d:47:53:ff:f2:ff:50:b2:
         8e:dc:9a:1f:c7:23:84:66:83:64:bf:01:6c:3d:e0:70:ca:6b:
         40:3b:b4:64:d8:98:3d:06:80:8f:1e:c3:d7:20:18:2e:1e:f9:
         89:1e:85:4f:8e:71:20:7b:a2:7d:a4:e6:7b:09:02:aa:37:49:
         d7:df:50:6d:ab:f2:c3:99:60:8f:32:a5:33:f5:ac:2e:ed:f6:
         f3:f2:b9:0c:fc:c4:29:a3:b2:02:5f:22:5e:69:fd:89:0f:56:
         d5:ae:f5:96:01:c5:d7:48:9e:7e:8f:23:01:98:52:4f:71:45:
         c3:eb:af:b1:1b:5a:f9:09:bd:80:03:67:ce:80:16:53:51:ee:
         22:8a:bd:8f:a3:29:5f:68:ec:3e:7a:a7:18:20:dd:e0:fd:3b:
         d7:84:03:6b:e6:67:4d:5c:b2:3d:a4:06:e2:4a:bc:aa:28:e3:
         30:42:d4:ee:33:d1:66:b1:a1:51:1a:84:da:55:a3:22:22:a0:
         78:9c:d3:d2:29:a3:55:07:d4:b5:59:36:12:4c:77:5b:16:6f:
         da:e6:3b:50:6b:2d:de:93:61:2e:a8:da:9f:42:04:1b:71:ef:
         0d:3a:df:46:7a:cb:cd:19:e5:f3:3e:43:c7:00:06:13:74:ee:
         4e:d5:aa:8c
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgIDAeDEMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIyNzAyMjIwM1oXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRUQ2QjUxMTAvBgNVBAUTKDQxMTdENzZDM0VDMDRCNjIxMTMzNDg1
MEE1Q0Q2RUEzMDU1MzUwNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDOhpkRv1gNtGouzb6dJY2bsMNmQu0MccWdilTsjt4yC+rGTROoxiaiJzxh/w8T
g859L1mVpyfnYrhrM8d9h3x50McRHBnyhVEynsUJwgfJqrzDMIRRBvXa5B4pJOOq
2FQjmS0bnCnByjHPcMvHxca4TyWev6ChB23eowqOaWCZ0EBtRHtnieMUAXCULUJo
bQEmj57qaIWFGcVNd944EWQtEJ0wlGboxqmVezzdnUksj2iNjGP8tJpvLOKjxTCh
DIsfVMIqI62QmCXDeqcFOlOeegCxopSSsZo7Qlf2UCTVpFkFO3LolDmIxRQOBy9w
KdZmrYVdCxI/TNEulL0qZdvLAgMBAAGjggL5MIIC9TAdBgNVHQ4EFgQUQRfXbD7A
S2IRM0hQpc1uowVTUFwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVENkI1L0VGNDY5QkZDNTk0NDExRUNBRjU3NUE2Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFRDZCNS9FRjQ2OUJGQzU5NDQxMUVDQUY1NzVBNkNDNEY5QUUwMi9RUmZYYkQ3
QVMySVJNMGhRcGMxdW93VlRVRncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8EFjAU
MBIEAgABMAwDBADLGEkDBADLIEcwDQYJKoZIhvcNAQELBQADggEBAGBXOYXcu8f2
qrOdR1P/8v9Qso7cmh/HI4Rmg2S/AWw94HDKa0A7tGTYmD0GgI8ew9cgGC4e+Yke
hU+OcSB7on2k5nsJAqo3SdffUG2r8sOZYI8ypTP1rC7t9vPyuQz8xCmjsgJfIl5p
/YkPVtWu9ZYBxddInn6PIwGYUk9xRcPrr7EbWvkJvYADZ86AFlNR7iKKvY+jKV9o
7D56pxgg3eD9O9eEA2vmZ01csj2kBuJKvKoo4zBC1O4z0WaxoVEahNpVoyIioHic
09Ipo1UH1LVZNhJMd1sWb9rmO1BrLd6TYS6o2p9CBBtx7w0630Z6y80Z5fM+Q8cA
BhN07k7Vqow=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:35:49 2024 by rpki-client on console-fra.rpki-client.org