Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TUBtTrGE1mpOLekA_Ux66lyccVk.cer
File:                     TUBtTrGE1mpOLekA_Ux66lyccVk.cer (raw, json)
Hash identifier:          PySXRUlZkecH0fF1uKhIWXuID3ZwiUKPVnoM9fnhOvA=
Subject key identifier:   4D:40:6D:4E:B1:84:D6:6A:4E:2D:E9:00:FD:4C:7A:EA:5C:9C:71:59
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D4F1
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C05E4/78A4D446054611EE95ED7A83C4F9AE02/TUBtTrGE1mpOLekA_Ux66lyccVk.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C05E4/78A4D446054611EE95ED7A83C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 29 Dec 2023 05:41:48 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    AS: 141361
                          IP: 103.157.154.0/23
                          IP: 2001:df5:2280::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120049 (0x1d4f1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec 29 05:41:48 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A91C05E4/serialNumber=4D406D4EB184D66A4E2DE900FD4C7AEA5C9C7159
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:d4:30:7c:35:96:05:e1:2b:de:74:da:0d:d1:
                    eb:a4:0c:98:27:73:9c:c7:ed:00:b0:52:df:b3:01:
                    0b:19:cf:1d:b5:16:93:c6:a0:ff:17:a8:66:ad:c1:
                    e5:59:fc:45:73:b9:c9:50:46:d1:63:69:5a:8f:82:
                    05:d7:7d:bb:c9:b5:19:60:5f:7f:49:b0:29:b5:65:
                    28:0f:1c:ea:c7:cd:b6:13:45:8e:3c:3a:b6:ce:e8:
                    15:93:03:64:cb:d0:c1:6f:26:c6:7e:c5:07:03:59:
                    80:ce:d6:dc:86:f2:cc:e6:70:36:3c:89:c6:60:28:
                    0e:df:a1:7e:ec:f7:28:73:c7:72:73:cc:d4:d9:c6:
                    1b:d3:e3:22:6c:fd:d3:2f:3b:3f:b4:1d:5e:ab:eb:
                    ed:af:87:39:3e:b0:1a:5d:87:97:a0:f5:74:03:cc:
                    92:49:9d:1f:cf:2c:27:94:30:5c:7a:5d:f3:93:69:
                    b7:da:d0:53:03:92:a6:79:bd:b5:04:9e:2c:d7:0b:
                    66:6d:e7:78:20:85:f8:26:44:15:59:da:b7:0c:3a:
                    e4:8f:ac:58:a8:81:dc:56:e9:9b:b0:65:bc:19:d7:
                    eb:f3:a9:0a:34:19:3f:86:ac:d4:c3:8d:92:f1:2f:
                    40:f9:0f:16:c1:64:16:50:a0:d3:31:36:96:9c:70:
                    b3:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:40:6D:4E:B1:84:D6:6A:4E:2D:E9:00:FD:4C:7A:EA:5C:9C:71:59
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C05E4/78A4D446054611EE95ED7A83C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C05E4/78A4D446054611EE95ED7A83C4F9AE02/TUBtTrGE1mpOLekA_Ux66lyccVk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  141361

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.157.154.0/23
                IPv6:
                  2001:df5:2280::/48

    Signature Algorithm: sha256WithRSAEncryption
         6f:df:6b:0b:f1:31:f2:55:36:90:22:ae:7d:6a:35:ef:15:fe:
         33:75:6c:b7:5a:c2:52:34:0e:5a:b5:12:c8:fd:75:0c:d6:ce:
         76:38:9d:fe:06:a2:fa:cd:72:71:c0:70:ce:cf:06:12:49:37:
         f6:80:44:43:c3:7c:58:40:3c:33:68:84:cd:3b:e9:20:fd:2a:
         76:6d:4d:2f:a3:64:1c:f2:d2:6a:9c:ec:eb:fb:0b:b3:47:28:
         45:1e:8b:8f:e5:cf:73:7e:33:76:2c:bb:70:c7:44:a7:60:51:
         58:5d:bd:65:76:59:bf:a6:07:ca:be:f5:b8:1c:22:49:2c:a7:
         d0:a8:91:5e:fe:af:cb:d4:62:69:85:2b:dc:46:4a:33:6e:99:
         19:57:72:8e:83:54:2d:79:52:d0:8b:5f:7f:e2:1a:07:ef:85:
         f0:a9:4b:bd:63:22:45:5a:85:6a:d5:94:31:51:43:e3:fa:65:
         9a:28:58:53:b7:8c:0e:29:b9:04:38:3c:27:61:d0:23:23:79:
         ce:03:a3:0d:30:67:62:0a:05:0c:d3:2b:d1:f1:82:63:6d:e4:
         45:1e:7c:bf:99:c6:4e:8d:9b:31:68:89:e3:1e:75:a2:fa:8b:
         6a:8c:e1:4a:fc:37:44:1b:87:28:fd:98:b2:05:8c:f9:00:c3:
         b1:54:90:5b
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAdTxMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIyOTA1NDE0OFoXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzA1RTQxMTAvBgNVBAUTKDRENDA2RDRFQjE4NEQ2NkE0RTJERTkw
MEZENEM3QUVBNUM5QzcxNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCV1DB8NZYF4SvedNoN0eukDJgnc5zH7QCwUt+zAQsZzx21FpPGoP8XqGatweVZ
/EVzuclQRtFjaVqPggXXfbvJtRlgX39JsCm1ZSgPHOrHzbYTRY48OrbO6BWTA2TL
0MFvJsZ+xQcDWYDO1tyG8szmcDY8icZgKA7foX7s9yhzx3JzzNTZxhvT4yJs/dMv
Oz+0HV6r6+2vhzk+sBpdh5eg9XQDzJJJnR/PLCeUMFx6XfOTabfa0FMDkqZ5vbUE
nizXC2Zt53gghfgmRBVZ2rcMOuSPrFiogdxW6ZuwZbwZ1+vzqQo0GT+GrNTDjZLx
L0D5DxbBZBZQoNMxNpaccLPnAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUTUBtTrGE
1mpOLekA/Ux66lyccVkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUMwNUU0Lzc4QTRENDQ2MDU0NjExRUU5NUVEN0E4M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDMDVFNC83OEE0RDQ0NjA1NDYxMUVFOTVFRDdBODNDNEY5QUUwMi9UVUJ0VHJH
RTFtcE9MZWtBX1V4NjZseWNjVmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAigxMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ52aMA8EAgAC
MAkDBwAgAQ31IoAwDQYJKoZIhvcNAQELBQADggEBAG/fawvxMfJVNpAirn1qNe8V
/jN1bLdawlI0Dlq1Esj9dQzWznY4nf4GovrNcnHAcM7PBhJJN/aAREPDfFhAPDNo
hM076SD9KnZtTS+jZBzy0mqc7Ov7C7NHKEUei4/lz3N+M3Ysu3DHRKdgUVhdvWV2
Wb+mB8q+9bgcIkksp9CokV7+r8vUYmmFK9xGSjNumRlXco6DVC15UtCLX3/iGgfv
hfCpS71jIkVahWrVlDFRQ+P6ZZooWFO3jA4puQQ4PCdh0CMjec4Dow0wZ2IKBQzT
K9HxgmNt5EUefL+Zxk6NmzFoieMedaL6i2qM4Ur8N0Qbhyj9mLIFjPkAw7FUkFs=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:59:42 2024 by rpki-client on console-ams.rpki-client.org