Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RIptgpdqVdxXC6WAN3Csat272IY.cer
File:                     RIptgpdqVdxXC6WAN3Csat272IY.cer (raw, json)
Hash identifier:          IuhtSweUgNhpkxSy6wkzcQCZeQBUL/BVG2117TYqgPk=
Subject key identifier:   44:8A:6D:82:97:6A:55:DC:57:0B:A5:80:37:70:AC:6A:DD:BB:D8:86
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CA13
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9194590/36355952919F11EDB48E534DC4F9AE02/RIptgpdqVdxXC6WAN3Csat272IY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9194590/36355952919F11EDB48E534DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 09 Nov 2023 18:48:59 +0000
Certificate not after:    Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources:    IP: 103.174.202.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 02 Dec 2024 17:05:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117267 (0x1ca13)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov  9 18:48:59 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=A9194590/serialNumber=448A6D82976A55DC570BA5803770AC6ADDBBD886
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:21:79:a0:0d:76:69:b8:1d:c7:ce:82:c9:23:
                    f5:c9:bd:b0:e9:ed:06:32:73:6b:65:ef:66:36:b7:
                    6a:96:c4:4c:68:f8:f4:3f:fb:27:b4:6c:7c:63:09:
                    8d:7a:e4:5f:0b:37:5b:0a:c7:41:14:89:77:53:bf:
                    b6:f0:6a:bb:c3:78:21:c0:d3:d8:80:66:56:ea:20:
                    44:42:6f:24:47:32:c0:e5:c6:17:92:1f:ea:d7:0c:
                    a3:02:ef:2d:76:f2:84:a8:5a:4a:9b:a3:cb:b1:bc:
                    36:5b:12:55:a7:63:66:cb:68:c3:f7:9d:9a:52:d3:
                    97:3d:0e:a8:68:8d:cc:1a:27:5c:08:a6:05:7d:79:
                    5e:b4:86:6b:51:83:4f:64:4d:6c:5b:b5:c5:c9:be:
                    6d:8f:d2:95:e9:68:c3:58:23:37:47:21:7a:c8:de:
                    e3:b0:1b:f4:dc:ed:0a:55:6d:9d:df:92:36:62:83:
                    b9:95:c4:49:37:1d:e8:57:79:9f:96:29:11:0c:95:
                    f7:09:f1:74:f6:5b:43:e3:70:c4:30:7b:f4:8f:3a:
                    e9:8e:43:29:dc:49:f2:26:61:ba:3c:0a:f7:d2:83:
                    da:4b:ad:3e:38:c2:d9:65:13:83:1f:db:c9:8c:65:
                    33:a7:fc:26:d1:1a:11:f3:49:c7:82:bc:13:d5:e5:
                    b7:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:8A:6D:82:97:6A:55:DC:57:0B:A5:80:37:70:AC:6A:DD:BB:D8:86
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9194590/36355952919F11EDB48E534DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9194590/36355952919F11EDB48E534DC4F9AE02/RIptgpdqVdxXC6WAN3Csat272IY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.174.202.0/23

    Signature Algorithm: sha256WithRSAEncryption
         61:dc:c1:ea:b4:fb:80:56:99:6c:80:72:4b:b5:73:7c:9a:ea:
         8f:dc:89:86:8f:70:52:a5:bc:61:a9:18:58:5d:73:87:bc:c9:
         b5:58:67:a4:0e:f0:e3:42:bb:14:89:50:56:f9:b4:a3:6e:db:
         d5:13:49:20:9a:ea:ef:8d:0a:22:33:13:14:5d:d5:75:ef:d4:
         44:24:0f:56:d9:af:b5:70:bb:1e:0f:d1:60:4f:09:f5:7d:93:
         49:f9:1f:b2:35:3c:cd:1f:86:aa:2f:4c:6a:97:06:e5:b0:5e:
         0a:e8:1a:67:d7:37:4a:64:6a:95:5d:9f:85:4f:66:44:ab:b9:
         c9:1d:6a:a0:0c:1b:4f:3a:dc:4b:b6:4f:d5:99:0c:3e:4a:5d:
         f8:36:3d:9b:47:c9:85:03:16:0b:be:9d:ff:25:96:c5:84:db:
         c8:df:46:a2:91:dc:fb:40:5f:ac:44:9d:e1:6b:dc:c3:98:5d:
         66:e5:00:40:23:ed:e1:14:40:a8:c4:29:de:6e:3e:02:48:63:
         93:ac:a9:ae:b5:41:38:60:d4:7f:48:49:6c:b6:f2:f1:b4:dd:
         2f:1e:85:10:cd:fe:72:9c:4d:bb:d7:37:b1:da:10:ec:ae:f8:
         53:0b:fb:23:d8:a6:28:9e:b8:a0:9d:33:e6:3c:97:d6:c3:2c:
         43:e5:aa:87
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAcoTMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEwOTE4NDg1OVoXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTQ1OTAxMTAvBgNVBAUTKDQ0OEE2RDgyOTc2QTU1REM1NzBCQTU4
MDM3NzBBQzZBRERCQkQ4ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD1IXmgDXZpuB3HzoLJI/XJvbDp7QYyc2tl72Y2t2qWxExo+PQ/+ye0bHxjCY16
5F8LN1sKx0EUiXdTv7bwarvDeCHA09iAZlbqIERCbyRHMsDlxheSH+rXDKMC7y12
8oSoWkqbo8uxvDZbElWnY2bLaMP3nZpS05c9DqhojcwaJ1wIpgV9eV60hmtRg09k
TWxbtcXJvm2P0pXpaMNYIzdHIXrI3uOwG/Tc7QpVbZ3fkjZig7mVxEk3HehXeZ+W
KREMlfcJ8XT2W0PjcMQwe/SPOumOQyncSfImYbo8CvfSg9pLrT44wtllE4Mf28mM
ZTOn/CbRGhHzSceCvBPV5bcbAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQURIptgpdq
VdxXC6WAN3Csat272IYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk0NTkwLzM2MzU1OTUyOTE5RjExRURCNDhFNTM0REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5NDU5MC8zNjM1NTk1MjkxOUYxMUVEQjQ4RTUzNERDNEY5QUUwMi9SSXB0Z3Bk
cVZkeFhDNldBTjNDc2F0MjcySVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAFnrsowDQYJKoZIhvcNAQELBQADggEBAGHcweq0+4BWmWyAcku1
c3ya6o/ciYaPcFKlvGGpGFhdc4e8ybVYZ6QO8ONCuxSJUFb5tKNu29UTSSCa6u+N
CiIzExRd1XXv1EQkD1bZr7Vwux4P0WBPCfV9k0n5H7I1PM0fhqovTGqXBuWwXgro
GmfXN0pkapVdn4VPZkSruckdaqAMG0863Eu2T9WZDD5KXfg2PZtHyYUDFgu+nf8l
lsWE28jfRqKR3PtAX6xEneFr3MOYXWblAEAj7eEUQKjEKd5uPgJIY5Osqa61QThg
1H9ISWy28vG03S8ehRDN/nKcTbvXN7HaEOyu+FML+yPYpiieuKCdM+Y8l9bDLEPl
qoc=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:49:28 2024 by rpki-client on console-ams.rpki-client.org