Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T9EeLMzVFBlTCsBKFCWPEahXfq0.cer
File:                     T9EeLMzVFBlTCsBKFCWPEahXfq0.cer (raw, json)
Hash identifier:          2Xc/6KtMp/tiY8m2me/1tJxFakspEgyppaf7k7+dsx4=
Subject key identifier:   4F:D1:1E:2C:CC:D5:14:19:53:0A:C0:4A:14:25:8F:11:A8:57:7E:AD
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       020163
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9172B65/09850B8245B711EFA59E1332C4F9AE02/T9EeLMzVFBlTCsBKFCWPEahXfq0.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9172B65/09850B8245B711EFA59E1332C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 19 Jul 2024 10:09:57 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 152316

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 04 Dec 2024 01:13:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 131427 (0x20163)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul 19 10:09:57 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A9172B65/serialNumber=4FD11E2CCCD51419530AC04A14258F11A8577EAD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:08:77:03:39:51:8e:a6:6e:30:6e:d0:2d:60:
                    98:c4:1f:1b:8d:b8:9e:5e:aa:60:6c:b8:12:f3:4c:
                    ef:21:ef:29:27:c4:3b:47:b3:7e:8c:7e:9f:4b:ce:
                    90:e9:f0:e6:73:0f:0b:38:81:99:19:58:a5:95:e8:
                    0b:78:b8:5a:f5:df:04:65:4f:bf:91:75:b1:7c:af:
                    79:47:54:68:e9:6c:eb:da:67:32:9f:2a:0c:aa:31:
                    06:a4:b7:68:7b:f8:c4:a5:a6:86:46:63:48:0e:99:
                    ad:59:0d:9f:f6:dc:ec:67:f3:fb:e8:69:da:34:a1:
                    5a:05:d4:5e:d0:2e:ba:64:cf:8a:72:e0:dd:cb:69:
                    61:f9:65:0f:93:f3:a8:e6:9c:e0:4d:c6:4d:6b:fd:
                    61:79:23:89:c1:71:59:3c:5a:17:ba:67:55:98:a5:
                    3e:ed:28:5c:39:57:47:e1:d0:44:fb:16:86:d4:65:
                    f1:88:d5:4c:65:5c:62:16:cc:73:43:e3:00:b2:c9:
                    19:96:c7:7e:fc:8b:35:84:46:40:1f:61:7f:bc:38:
                    95:17:bc:da:a4:21:a4:08:01:26:28:19:c4:4b:32:
                    a7:3b:97:65:80:80:cb:c0:6d:77:88:4c:d5:0e:9b:
                    a5:4d:5a:70:4f:47:f3:1b:cd:0c:da:ee:7d:2e:50:
                    cb:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:D1:1E:2C:CC:D5:14:19:53:0A:C0:4A:14:25:8F:11:A8:57:7E:AD
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9172B65/09850B8245B711EFA59E1332C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9172B65/09850B8245B711EFA59E1332C4F9AE02/T9EeLMzVFBlTCsBKFCWPEahXfq0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  152316

    Signature Algorithm: sha256WithRSAEncryption
         29:94:5f:83:3c:08:2b:1a:1f:99:75:56:5f:79:06:54:91:6a:
         50:dc:98:e8:e5:05:4d:7a:4e:9c:30:7a:f0:05:1b:11:a7:6a:
         6d:5d:86:b2:ac:c7:40:87:f9:7f:8c:ec:f1:fe:98:75:1b:0d:
         73:84:87:cb:aa:8c:5d:1c:4d:0c:70:d5:f3:9c:95:ba:d8:05:
         77:85:ad:88:39:a8:08:69:a9:6c:4a:1e:6b:9c:f1:5e:27:f9:
         a4:bd:01:5f:c5:52:2d:80:37:52:86:14:bb:67:87:f3:6f:b1:
         e4:c4:3f:a8:f5:37:30:3a:52:00:17:55:01:33:ad:9a:f4:56:
         c8:f8:cc:e4:50:fc:68:0e:8d:bf:f2:f6:02:ca:a3:47:f5:6c:
         db:9b:a1:d7:33:34:3c:2e:4c:b4:fe:7c:fa:dc:b1:11:cd:33:
         53:9d:4c:74:17:d0:93:87:17:73:69:15:34:36:57:ac:51:c2:
         bd:a5:11:75:89:12:ca:45:ce:d6:ae:64:5e:95:8c:67:b7:c9:
         31:eb:f2:3b:10:36:e0:0d:48:80:80:9b:4d:2a:6c:59:eb:0f:
         e2:1f:e7:30:1b:91:5e:a3:79:d9:72:f0:0c:72:36:cb:82:14:
         37:98:15:f3:2b:7a:fd:1e:06:04:2f:40:4f:95:c2:4b:f8:45:
         9c:d9:3d:ac
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIDAgFjMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDcxOTEwMDk1N1oXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNzJCNjUxMTAvBgNVBAUTKDRGRDExRTJDQ0NENTE0MTk1MzBBQzA0
QTE0MjU4RjExQTg1NzdFQUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxCHcDOVGOpm4wbtAtYJjEHxuNuJ5eqmBsuBLzTO8h7yknxDtHs36Mfp9LzpDp
8OZzDws4gZkZWKWV6At4uFr13wRlT7+RdbF8r3lHVGjpbOvaZzKfKgyqMQakt2h7
+MSlpoZGY0gOma1ZDZ/23Oxn8/voado0oVoF1F7QLrpkz4py4N3LaWH5ZQ+T86jm
nOBNxk1r/WF5I4nBcVk8Whe6Z1WYpT7tKFw5V0fh0ET7FobUZfGI1UxlXGIWzHND
4wCyyRmWx378izWERkAfYX+8OJUXvNqkIaQIASYoGcRLMqc7l2WAgMvAbXeITNUO
m6VNWnBPR/MbzQza7n0uUMtNAgMBAAGjggLuMIIC6jAdBgNVHQ4EFgQUT9EeLMzV
FBlTCsBKFCWPEahXfq0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTcyQjY1LzA5ODUwQjgyNDVCNzExRUZBNTlFMTMzMkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3MkI2NS8wOTg1MEI4MjQ1QjcxMUVGQTU5RTEzMzJDNEY5QUUwMi9UOUVlTE16
VkZCbFRDc0JLRkNXUEVhaFhmcTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlL8MA0GCSqGSIb3DQEBCwUAA4IBAQAplF+DPAgrGh+ZdVZfeQZUkWpQ
3Jjo5QVNek6cMHrwBRsRp2ptXYayrMdAh/l/jOzx/ph1Gw1zhIfLqoxdHE0McNXz
nJW62AV3ha2IOagIaalsSh5rnPFeJ/mkvQFfxVItgDdShhS7Z4fzb7HkxD+o9Tcw
OlIAF1UBM62a9FbI+MzkUPxoDo2/8vYCyqNH9Wzbm6HXMzQ8Lky0/nz63LERzTNT
nUx0F9CThxdzaRU0NlesUcK9pRF1iRLKRc7WrmRelYxnt8kx6/I7EDbgDUiAgJtN
KmxZ6w/iH+cwG5Feo3nZcvAMcjbLghQ3mBXzK3r9HgYEL0BPlcJL+EWc2T2s
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:21:49 2024 by rpki-client on console-fra.rpki-client.org