Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TYR1I-W92eO4lpgooEv-2isMAxs.cer
File:                     TYR1I-W92eO4lpgooEv-2isMAxs.cer (raw, json)
Hash identifier:          1hg7zuUsWTs2tlG2QHRylHaghCGhR6qGTZDgfK7aGYo=
Subject key identifier:   4D:84:75:23:E5:BD:D9:E3:B8:96:98:28:A0:4B:FE:DA:2B:0C:03:1B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E010
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91AC726/9C4F530A38AF11EB8913DE41C4F9AE02/TYR1I-W92eO4lpgooEv-2isMAxs.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91AC726/9C4F530A38AF11EB8913DE41C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 21 Feb 2024 18:30:05 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 141472
                          IP: 103.159.192.0/23
                          IP: 2001:df5:8680::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 04 Dec 2024 01:13:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122896 (0x1e010)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb 21 18:30:05 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A91AC726/serialNumber=4D847523E5BDD9E3B8969828A04BFEDA2B0C031B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:c6:49:db:de:50:a8:a3:7b:98:7e:3b:c9:50:
                    bf:fd:f2:3c:67:c1:3d:66:5f:c2:0a:75:29:64:1f:
                    ee:54:75:d7:18:ac:9b:07:c6:a1:55:0f:21:74:8e:
                    47:ba:0b:a8:59:a9:fe:eb:ce:48:e1:6a:0f:60:d4:
                    9b:49:c3:3f:ca:2c:21:42:b0:1a:7a:51:1e:2b:3b:
                    36:79:78:57:35:95:19:fd:89:d6:5c:58:53:bd:fb:
                    b2:dd:a1:a9:9f:9a:aa:11:e4:95:94:80:6a:44:94:
                    e4:3c:2e:7a:35:de:12:8b:a7:0f:e4:1d:06:ff:04:
                    b0:1e:45:e8:82:b7:01:d9:66:47:56:ef:fc:79:32:
                    81:b2:a8:a0:3d:ff:0e:a8:57:36:fc:7d:6c:e3:7b:
                    b0:ac:31:60:c0:9f:a0:af:86:eb:4e:ed:a6:9d:5d:
                    6d:09:1f:44:d2:96:15:ba:6d:01:f3:15:94:a4:0c:
                    7b:54:70:1a:83:1a:fc:dd:30:c1:30:01:49:13:6a:
                    2d:44:3e:d3:73:0e:c1:23:6d:65:4f:15:a0:f1:23:
                    6c:88:4d:41:81:14:f4:54:87:0f:ef:3c:07:59:00:
                    d9:4f:7c:93:20:a6:6a:c9:06:f9:37:b5:6b:46:02:
                    1d:8d:ff:3c:45:8a:47:34:c7:d7:0a:b5:7d:da:2f:
                    d4:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:84:75:23:E5:BD:D9:E3:B8:96:98:28:A0:4B:FE:DA:2B:0C:03:1B
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91AC726/9C4F530A38AF11EB8913DE41C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91AC726/9C4F530A38AF11EB8913DE41C4F9AE02/TYR1I-W92eO4lpgooEv-2isMAxs.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  141472

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.159.192.0/23
                IPv6:
                  2001:df5:8680::/48

    Signature Algorithm: sha256WithRSAEncryption
         be:b7:10:83:35:e0:5b:94:c8:6a:27:67:81:3b:8d:23:0e:e4:
         4d:81:1f:16:78:bb:c8:6b:7c:b7:48:13:29:35:50:3c:e6:e5:
         5f:b5:39:91:fc:86:c5:35:96:ed:2a:0d:10:bd:51:ba:80:9d:
         85:a1:03:29:63:a7:8e:a5:42:b7:ff:ff:18:61:8e:06:9e:59:
         9a:21:3d:df:89:d7:09:a7:d1:05:d9:7c:51:64:76:99:11:fe:
         2d:32:2c:40:7e:96:da:c8:4e:33:f3:3a:0c:e8:24:55:e1:80:
         7e:8f:1d:17:10:84:d5:34:c9:f3:8f:16:d3:12:21:7d:6a:0c:
         a1:2e:e5:9a:4d:dc:ee:cf:86:3f:3c:7b:71:7b:08:79:65:f2:
         cb:6a:4a:dd:a9:06:f9:8e:81:10:36:18:81:9c:00:36:19:a9:
         13:96:cc:b8:6c:7c:94:49:2a:23:4a:08:f7:ae:ed:2a:75:7d:
         f5:a8:25:f5:82:fc:0e:0f:9c:9a:f0:ac:3b:c5:6b:1f:e5:50:
         0d:47:38:16:a4:c8:63:a7:84:97:2b:e3:cb:f9:bd:dd:e5:f0:
         ac:6b:e7:d2:29:4d:23:e4:76:00:17:d2:4e:e2:b5:1f:93:51:
         51:78:81:10:3b:ba:6f:80:ab:ca:7c:ec:63:c9:8e:c7:4f:08:
         2f:34:ce:52
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAeAQMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIyMTE4MzAwNVoXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQUM3MjYxMTAvBgNVBAUTKDREODQ3NTIzRTVCREQ5RTNCODk2OTgy
OEEwNEJGRURBMkIwQzAzMUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDFxknb3lCoo3uYfjvJUL/98jxnwT1mX8IKdSlkH+5UddcYrJsHxqFVDyF0jke6
C6hZqf7rzkjhag9g1JtJwz/KLCFCsBp6UR4rOzZ5eFc1lRn9idZcWFO9+7Ldoamf
mqoR5JWUgGpElOQ8Lno13hKLpw/kHQb/BLAeReiCtwHZZkdW7/x5MoGyqKA9/w6o
Vzb8fWzje7CsMWDAn6CvhutO7aadXW0JH0TSlhW6bQHzFZSkDHtUcBqDGvzdMMEw
AUkTai1EPtNzDsEjbWVPFaDxI2yITUGBFPRUhw/vPAdZANlPfJMgpmrJBvk3tWtG
Ah2N/zxFikc0x9cKtX3aL9QdAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUTYR1I+W9
2eO4lpgooEv+2isMAxswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUFDNzI2LzlDNEY1MzBBMzhBRjExRUI4OTEzREU0MUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBQzcyNi85QzRGNTMwQTM4QUYxMUVCODkxM0RFNDFDNEY5QUUwMi9UWVIxSS1X
OTJlTzRscGdvb0V2LTJpc01BeHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiigMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ5/AMA8EAgAC
MAkDBwAgAQ31hoAwDQYJKoZIhvcNAQELBQADggEBAL63EIM14FuUyGonZ4E7jSMO
5E2BHxZ4u8hrfLdIEyk1UDzm5V+1OZH8hsU1lu0qDRC9UbqAnYWhAyljp46lQrf/
/xhhjgaeWZohPd+J1wmn0QXZfFFkdpkR/i0yLEB+ltrITjPzOgzoJFXhgH6PHRcQ
hNU0yfOPFtMSIX1qDKEu5ZpN3O7Phj88e3F7CHll8stqSt2pBvmOgRA2GIGcADYZ
qROWzLhsfJRJKiNKCPeu7Sp1ffWoJfWC/A4PnJrwrDvFax/lUA1HOBakyGOnhJcr
48v5vd3l8Kxr59IpTSPkdgAX0k7itR+TUVF4gRA7um+Aq8p87GPJjsdPCC80zlI=
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:21:49 2024 by rpki-client on console-fra.rpki-client.org