Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QgBM9ryh-lZCT17qJPYqkrJc3s8.cer
File:                     QgBM9ryh-lZCT17qJPYqkrJc3s8.cer (raw, json)
Hash identifier:          H5Fw87lTkfzM931AtfLAR8DItZxEYA24e9kFhbZm8AU=
Subject key identifier:   42:00:4C:F6:BC:A1:FA:56:42:4F:5E:EA:24:F6:2A:92:B2:5C:DE:CF
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E3F2
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 12 Mar 2024 04:44:35 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    AS: 141342
                          AS: 152638
                          IP: 103.157.40.0/23
                          IP: 2400:8220::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123890 (0x1e3f2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar 12 04:44:35 2024 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A919960D/serialNumber=42004CF6BCA1FA56424F5EEA24F62A92B25CDECF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:98:b2:6e:f0:ca:b1:cb:79:11:6b:7f:21:db:
                    5c:27:5f:65:22:d0:37:89:61:fe:40:8f:ab:66:b3:
                    69:64:f6:00:f1:d1:37:e4:f5:b1:cc:5e:13:d6:91:
                    77:ea:0f:de:c6:fb:55:c2:83:78:e8:90:c3:89:d1:
                    ee:00:ba:8c:f6:25:0f:bc:e0:ac:fd:41:c5:34:0c:
                    f3:13:08:5a:4a:9e:55:13:e2:5d:e3:6e:c9:ad:44:
                    10:5a:4c:2c:59:78:e7:74:85:20:9b:e2:24:bb:50:
                    32:c7:f5:de:25:fa:05:83:bd:1a:01:bd:9f:a2:23:
                    aa:4f:ba:aa:9f:73:55:05:8a:5a:61:b8:55:dc:ba:
                    04:6a:5a:4a:87:87:9d:e5:4d:b1:33:aa:75:3a:65:
                    68:c8:b6:d9:96:52:8e:81:75:ec:92:af:a3:4c:86:
                    11:84:d1:23:d9:0e:52:6e:69:27:b9:7f:3f:99:82:
                    85:d6:5d:39:d3:f7:e1:8a:e7:8f:e8:0d:0f:27:4f:
                    5a:96:0f:f6:b7:ca:94:24:07:3e:4e:96:69:2a:4f:
                    ed:5a:11:e4:f3:66:42:07:d5:d0:6b:d1:1b:ef:b9:
                    8a:ea:91:53:62:53:7e:54:bc:fc:f1:7c:1c:00:17:
                    e8:97:9a:29:3a:fd:77:12:70:9f:ca:84:23:5c:1d:
                    60:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:00:4C:F6:BC:A1:FA:56:42:4F:5E:EA:24:F6:2A:92:B2:5C:DE:CF
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919960D/BD0B64C68DDA11ED873A7487C4F9AE02/QgBM9ryh-lZCT17qJPYqkrJc3s8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  141342
                  152638

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.157.40.0/23
                IPv6:
                  2400:8220::/32

    Signature Algorithm: sha256WithRSAEncryption
         62:ea:2a:da:b4:bf:b4:4d:5e:4c:7f:be:63:dc:11:00:1a:98:
         f4:79:49:93:ed:00:b6:ad:cc:75:8f:b6:ba:be:04:4f:cb:82:
         f3:7f:0e:56:df:55:2b:d0:36:73:85:6a:e2:8a:6e:6e:27:75:
         b5:3b:71:95:c4:a2:d7:a9:ac:3a:a9:6a:e8:f8:c3:ed:c2:f2:
         da:5f:45:cf:5e:f6:7f:37:1c:b2:23:67:32:c1:f1:5e:c5:d8:
         4d:b8:33:fe:9a:6c:bb:d2:8e:c0:9c:cc:db:c2:ae:2b:ed:79:
         ca:08:58:b3:7d:f0:0b:07:2d:0b:bf:ec:aa:6d:07:dc:47:95:
         01:af:8a:ef:e9:f1:26:d2:6c:35:a4:da:41:e1:90:4c:62:8a:
         83:94:35:4e:51:1b:06:56:0d:10:ef:a1:00:a7:6f:2f:b5:ac:
         1a:da:97:e2:ea:57:d7:ed:dd:d0:5c:1a:9a:8f:c6:ef:05:5b:
         d6:5d:53:8d:88:77:29:3d:c0:6c:34:01:b7:1d:87:cb:79:4e:
         71:c4:eb:4e:b9:19:5d:c3:2c:a2:55:3b:58:3c:21:d0:dd:d2:
         fe:89:d0:ad:74:a5:b8:77:6d:a7:23:b3:4d:97:26:e4:e8:27:
         43:6f:b6:ca:85:22:88:b5:b4:60:c1:4c:cc:66:da:b0:27:da:
         1c:27:7f:35
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgIDAePyMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMxMjA0NDQzNVoXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTk2MEQxMTAvBgNVBAUTKDQyMDA0Q0Y2QkNBMUZBNTY0MjRGNUVF
QTI0RjYyQTkyQjI1Q0RFQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC9mLJu8Mqxy3kRa38h21wnX2Ui0DeJYf5Aj6tms2lk9gDx0Tfk9bHMXhPWkXfq
D97G+1XCg3jokMOJ0e4Auoz2JQ+84Kz9QcU0DPMTCFpKnlUT4l3jbsmtRBBaTCxZ
eOd0hSCb4iS7UDLH9d4l+gWDvRoBvZ+iI6pPuqqfc1UFilphuFXcugRqWkqHh53l
TbEzqnU6ZWjIttmWUo6BdeySr6NMhhGE0SPZDlJuaSe5fz+ZgoXWXTnT9+GK54/o
DQ8nT1qWD/a3ypQkBz5OlmkqT+1aEeTzZkIH1dBr0RvvuYrqkVNiU35UvPzxfBwA
F+iXmik6/XcScJ/KhCNcHWCtAgMBAAGjggMjMIIDHzAdBgNVHQ4EFgQUQgBM9ryh
+lZCT17qJPYqkrJc3s8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk5NjBEL0JEMEI2NEM2OEREQTExRUQ4NzNBNzQ4N0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5OTYwRC9CRDBCNjRDNjhEREExMUVEODczQTc0ODdDNEY5QUUwMi9RZ0JNOXJ5
aC1sWkNUMTdxSlBZcWtySmMzczgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAigeAgMCVD4wLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAFnnSgw
DQQCAAIwBwMFACQAgiAwDQYJKoZIhvcNAQELBQADggEBAGLqKtq0v7RNXkx/vmPc
EQAamPR5SZPtALatzHWPtrq+BE/LgvN/DlbfVSvQNnOFauKKbm4ndbU7cZXEotep
rDqpauj4w+3C8tpfRc9e9n83HLIjZzLB8V7F2E24M/6abLvSjsCczNvCrivtecoI
WLN98AsHLQu/7KptB9xHlQGviu/p8SbSbDWk2kHhkExiioOUNU5RGwZWDRDvoQCn
by+1rBral+LqV9ft3dBcGpqPxu8FW9ZdU42Idyk9wGw0Abcdh8t5TnHE6065GV3D
LKJVO1g8IdDd0v6J0K10pbh3bacjs02XJuToJ0NvtsqFIoi1tGDBTMxm2rAn2hwn
fzU=
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:19 2024 by rpki-client on console-fra.rpki-client.org