Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QrdJ4ezb4DB0f4y1dH8tc6XkJFQ.cer
File:                     QrdJ4ezb4DB0f4y1dH8tc6XkJFQ.cer (raw, json)
Hash identifier:          YwCJdnZrkLRz0Dom1VCyAq0UXs37J0wLFBwgDxLVI3I=
Subject key identifier:   42:B7:49:E1:EC:DB:E0:30:74:7F:8C:B5:74:7F:2D:73:A5:E4:24:54
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D779
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A915D6C2/F9C46FAC53A211EC9D5E615DC4F9AE02/QrdJ4ezb4DB0f4y1dH8tc6XkJFQ.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A915D6C2/F9C46FAC53A211EC9D5E615DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 09 Jan 2024 14:36:44 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 149053
                          IP: 103.177.124.0/23
                          IP: 2001:df0:2240::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120697 (0x1d779)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan  9 14:36:44 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A915D6C2/serialNumber=42B749E1ECDBE030747F8CB5747F2D73A5E42454
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:f1:fa:81:2f:ed:bc:5c:fb:f3:aa:3e:eb:7d:
                    65:22:89:12:9b:7b:62:24:59:18:42:d8:0e:13:5c:
                    93:37:28:93:30:2d:25:80:be:7d:dd:c1:c4:7f:cb:
                    9f:25:7e:ed:8b:f9:80:ad:ed:0d:9a:b0:6a:3c:bb:
                    e7:fa:b1:2e:8f:40:f1:59:ab:63:21:bf:2c:d0:2e:
                    9e:19:93:50:a7:27:68:d2:27:57:12:1d:a8:49:ac:
                    80:de:33:96:20:ca:70:a5:9d:4c:e8:cc:64:a0:b8:
                    d6:89:23:92:d7:3b:db:41:82:bb:ea:55:c0:b9:06:
                    7a:08:1b:1a:c4:71:da:ee:1c:5f:76:14:c6:f7:45:
                    03:ea:c8:25:93:85:6f:b8:21:46:c5:e5:5f:b8:7d:
                    43:ff:61:e5:24:ce:9d:ab:1d:85:5c:5c:03:28:27:
                    7b:20:98:37:df:83:6e:b8:93:d8:ee:8e:65:77:08:
                    36:24:d1:c7:27:12:86:7a:b8:d8:5a:6d:60:cc:a2:
                    3a:10:99:70:04:f2:a0:bc:51:a7:ce:5c:64:f2:58:
                    8a:f6:d7:b7:7c:b2:70:55:f1:49:ff:fb:47:f5:03:
                    ed:28:00:9d:6c:45:33:27:fb:c1:66:6b:81:52:8c:
                    b3:c5:69:18:40:40:40:ba:71:b8:61:c2:a3:22:33:
                    6b:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:B7:49:E1:EC:DB:E0:30:74:7F:8C:B5:74:7F:2D:73:A5:E4:24:54
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A915D6C2/F9C46FAC53A211EC9D5E615DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A915D6C2/F9C46FAC53A211EC9D5E615DC4F9AE02/QrdJ4ezb4DB0f4y1dH8tc6XkJFQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  149053

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.177.124.0/23
                IPv6:
                  2001:df0:2240::/48

    Signature Algorithm: sha256WithRSAEncryption
         1b:5b:59:39:89:79:50:e8:c9:02:89:a7:f4:53:35:f1:e3:9a:
         25:84:ee:18:ef:06:2e:0a:c4:7d:38:77:fa:82:4e:88:b3:fd:
         21:10:9f:9e:a0:ce:e4:65:3f:8f:9e:a8:58:d7:bd:f2:cd:d6:
         77:0d:ca:94:fb:a0:c8:94:5e:ba:1f:d6:2b:07:c5:ea:75:8f:
         8c:79:c6:88:bd:d7:99:b2:ff:a6:df:86:e9:06:72:1e:44:1f:
         00:14:da:56:c3:9d:c8:81:8e:de:a2:98:bd:b2:d8:d4:7b:41:
         b0:cc:ce:31:20:4f:3f:57:a9:cb:92:1f:c1:83:c1:3b:02:65:
         a4:66:48:cd:28:39:5c:81:9f:bc:c6:cd:55:cd:2d:1b:5f:e7:
         11:8f:a7:7a:71:78:a0:8b:c7:31:20:1c:45:77:6c:1b:73:8f:
         62:fa:e3:90:c2:ac:71:d0:7d:97:07:80:88:b8:8e:84:80:f9:
         db:6d:97:01:6b:3a:76:31:77:33:15:0f:55:cd:37:87:9b:9b:
         7d:a8:42:04:85:28:3d:26:7c:fc:9c:71:5b:4f:da:a2:e7:43:
         2f:a0:58:7d:e7:6c:5b:da:41:c4:f7:a1:8c:22:33:9e:fa:af:
         50:05:07:ce:3f:35:e9:02:4b:23:50:9b:bc:47:d3:e6:ca:79:
         36:c9:21:4b
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAdd5MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEwOTE0MzY0NFoXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNUQ2QzIxMTAvBgNVBAUTKDQyQjc0OUUxRUNEQkUwMzA3NDdGOENC
NTc0N0YyRDczQTVFNDI0NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC28fqBL+28XPvzqj7rfWUiiRKbe2IkWRhC2A4TXJM3KJMwLSWAvn3dwcR/y58l
fu2L+YCt7Q2asGo8u+f6sS6PQPFZq2MhvyzQLp4Zk1CnJ2jSJ1cSHahJrIDeM5Yg
ynClnUzozGSguNaJI5LXO9tBgrvqVcC5BnoIGxrEcdruHF92FMb3RQPqyCWThW+4
IUbF5V+4fUP/YeUkzp2rHYVcXAMoJ3sgmDffg264k9jujmV3CDYk0ccnEoZ6uNha
bWDMojoQmXAE8qC8UafOXGTyWIr217d8snBV8Un/+0f1A+0oAJ1sRTMn+8Fma4FS
jLPFaRhAQEC6cbhhwqMiM2tNAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUQrdJ4ezb
4DB0f4y1dH8tc6XkJFQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTVENkMyL0Y5QzQ2RkFDNTNBMjExRUM5RDVFNjE1REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1RDZDMi9GOUM0NkZBQzUzQTIxMUVDOUQ1RTYxNURDNEY5QUUwMi9RcmRKNGV6
YjREQjBmNHkxZEg4dGM2WGtKRlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkY9MDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ7F8MA8EAgAC
MAkDBwAgAQ3wIkAwDQYJKoZIhvcNAQELBQADggEBABtbWTmJeVDoyQKJp/RTNfHj
miWE7hjvBi4KxH04d/qCToiz/SEQn56gzuRlP4+eqFjXvfLN1ncNypT7oMiUXrof
1isHxep1j4x5xoi915my/6bfhukGch5EHwAU2lbDnciBjt6imL2y2NR7QbDMzjEg
Tz9XqcuSH8GDwTsCZaRmSM0oOVyBn7zGzVXNLRtf5xGPp3pxeKCLxzEgHEV3bBtz
j2L645DCrHHQfZcHgIi4joSA+dttlwFrOnYxdzMVD1XNN4ebm32oQgSFKD0mfPyc
cVtP2qLnQy+gWH3nbFvaQcT3oYwiM576r1AFB84/NekCSyNQm7xH0+bKeTbJIUs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:24:41 2024 by rpki-client on console-fra.rpki-client.org