Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer
File:                     TbA103TIQSzmgNnaCtvsBkKdiLg.cer (raw, json)
Hash identifier:          0EuKFGT2Zn7Z5bQuBdFJ4m7Uo6TGAC9EoLfXDai6GsM=
Subject key identifier:   4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01F1F3
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 15 May 2024 00:42:42 +0000
Certificate not after:    Mon 30 Sep 2024 00:00:00 +0000
Subordinate resources:    AS: 131444
                          AS: 136907
                          AS: 141180
                          AS: 149167
                          AS: 151610
                          IP: 1.178.32.0/19
                          IP: 14.137.128.0/18
                          IP: 27.106.0.0/17
                          IP: 27.255.0.0/18
                          IP: 42.201.128.0/17
                          IP: 43.225.140.0/22
                          IP: 43.255.104.0/22
                          IP: 49.0.192.0/18
                          IP: 101.44.0.0/16
                          IP: 101.46.0.0/16
                          IP: 103.69.140.0/22
                          IP: 103.239.72.0/22
                          IP: 103.240.156.0/22
                          IP: 103.255.60.0/22
                          IP: 110.238.64.0/18
                          IP: 110.239.64.0/18
                          IP: 110.239.184.0/21
                          IP: 111.91.0.0/17
                          IP: 111.119.192.0/18
                          IP: 114.119.128.0/18
                          IP: 115.30.32.0/19
                          IP: 115.167.32.0/20
                          IP: 115.167.80.0/20
                          IP: 116.66.184.0/22
                          IP: 119.8.0.0/16
                          IP: 119.12.160.0/20
                          IP: 119.13.32.0/20
                          IP: 119.13.64.0/18
                          IP: 119.13.160.0/20
                          IP: 119.13.248.0/21
                          IP: 121.91.152.0/21
                          IP: 121.91.168.0/21
                          IP: 121.91.200.0/21
                          IP: 122.8.128.0/18
                          IP: 124.81.0.0/16
                          IP: 124.243.128.0/18
                          IP: 150.40.128.0/17
                          IP: 180.87.192.0/18
                          IP: 182.160.0.0/18
                          IP: 183.87.32.0 -- 183.87.159.255
                          IP: 202.76.128.0/18
                          IP: 202.170.88.0/21
                          IP: 203.123.80.0/20
                          IP: 203.167.20.0/22
                          IP: 219.83.0.0/17
                          IP: 2405:f080::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 20 Jun 2024 16:34:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 127475 (0x1f1f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May 15 00:42:42 2024 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=A917E678/serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:84:e4:7e:9e:0c:b0:85:60:49:44:c8:69:94:
                    1c:6d:4f:a1:9e:1b:e8:07:f6:b6:e5:71:07:c5:14:
                    17:68:3c:0e:74:3f:59:2e:41:eb:73:65:85:79:df:
                    5c:be:2c:4c:ce:ae:96:c2:b9:57:1a:ac:36:91:9f:
                    9c:ee:f3:67:af:96:87:d2:cf:e5:42:fd:c7:8d:13:
                    09:6f:fd:d5:bb:2c:d2:91:9f:24:0d:81:7f:05:c5:
                    59:86:30:75:b1:73:d5:61:b4:df:64:80:7a:19:f0:
                    5e:84:6e:c9:0a:d9:75:8b:8b:6c:9f:04:02:19:f0:
                    a9:da:64:76:4d:7c:0d:43:be:f1:3d:bb:06:49:cd:
                    fb:ee:dc:26:44:5d:51:3d:ff:27:2c:cb:d5:5b:fd:
                    c7:5e:4f:48:d7:a2:65:a3:b6:69:0f:a5:2b:75:3c:
                    94:49:1e:d1:d2:7e:ec:85:e3:9b:26:4b:d6:b4:aa:
                    ce:3d:56:f8:4f:3b:44:e4:59:85:c8:93:9e:4a:85:
                    2d:0d:bb:79:34:94:1d:34:3e:d3:08:95:98:1f:f3:
                    02:98:5a:0e:b6:d6:81:b2:80:c0:6b:dd:14:03:23:
                    8a:4f:93:47:d5:08:97:c2:6f:20:2d:f1:ce:6a:66:
                    b7:6a:dd:03:6f:98:56:3d:c7:57:d7:76:dd:41:b9:
                    09:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  131444
                  136907
                  141180
                  149167
                  151610

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.178.32.0/19
                  14.137.128.0/18
                  27.106.0.0/17
                  27.255.0.0/18
                  42.201.128.0/17
                  43.225.140.0/22
                  43.255.104.0/22
                  49.0.192.0/18
                  101.44.0.0/16
                  101.46.0.0/16
                  103.69.140.0/22
                  103.239.72.0/22
                  103.240.156.0/22
                  103.255.60.0/22
                  110.238.64.0/18
                  110.239.64.0/18
                  110.239.184.0/21
                  111.91.0.0/17
                  111.119.192.0/18
                  114.119.128.0/18
                  115.30.32.0/19
                  115.167.32.0/20
                  115.167.80.0/20
                  116.66.184.0/22
                  119.8.0.0/16
                  119.12.160.0/20
                  119.13.32.0/20
                  119.13.64.0/18
                  119.13.160.0/20
                  119.13.248.0/21
                  121.91.152.0/21
                  121.91.168.0/21
                  121.91.200.0/21
                  122.8.128.0/18
                  124.81.0.0/16
                  124.243.128.0/18
                  150.40.128.0/17
                  180.87.192.0/18
                  182.160.0.0/18
                  183.87.32.0-183.87.159.255
                  202.76.128.0/18
                  202.170.88.0/21
                  203.123.80.0/20
                  203.167.20.0/22
                  219.83.0.0/17
                IPv6:
                  2405:f080::/32

    Signature Algorithm: sha256WithRSAEncryption
         1d:bb:d3:8e:e1:d4:03:fe:d3:58:69:ce:95:b2:ad:9d:06:55:
         d6:ea:d6:0a:83:22:3a:cb:4a:af:0e:1c:8d:6e:bb:12:8c:53:
         a9:a7:ec:12:8b:49:3c:90:b5:ca:20:61:b8:c4:ed:14:72:f4:
         1b:8d:c1:b7:2f:5d:10:71:d3:1b:fa:b8:9b:3b:ae:7b:dd:c1:
         96:24:99:cf:aa:38:49:02:2a:f7:88:fa:bc:48:e0:9b:b5:d4:
         db:63:47:ba:d2:46:dd:9f:30:df:71:85:0f:1b:d4:d5:21:8f:
         71:77:76:8a:d4:56:e1:b0:6f:7e:d4:d0:8a:18:3a:be:bf:92:
         8e:0e:26:ce:0b:59:0c:b6:4e:b0:00:ac:18:21:e8:5b:a2:02:
         f5:40:b9:e6:1f:8a:1f:2a:44:5f:be:6b:4d:a8:52:51:1d:1b:
         08:82:d8:92:1d:45:96:80:e0:41:8e:97:b3:1b:7d:05:00:99:
         60:79:54:0e:28:f2:fc:24:ce:e0:d0:d7:50:c1:ab:73:e0:23:
         c1:b3:8f:bc:16:13:22:c8:f9:95:8b:47:02:6d:e3:63:d2:26:
         18:5c:82:b3:e9:33:f8:0b:a6:62:87:08:fd:00:67:9d:7e:57:
         72:3f:14:f7:99:cb:7f:9e:61:31:c1:d0:7b:c9:9c:93:db:f0:
         21:63:6e:35
-----BEGIN CERTIFICATE-----
MIIHUzCCBjugAwIBAgIDAfHzMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDUxNTAwNDI0MloXDTI0MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxN0U2NzgxMTAvBgNVBAUTKDREQjAzNUQzNzRDODQxMkNFNjgwRDlE
QTBBREJFQzA2NDI5RDg4QjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDdhOR+ngywhWBJRMhplBxtT6GeG+gH9rblcQfFFBdoPA50P1kuQetzZYV531y+
LEzOrpbCuVcarDaRn5zu82evlofSz+VC/ceNEwlv/dW7LNKRnyQNgX8FxVmGMHWx
c9VhtN9kgHoZ8F6EbskK2XWLi2yfBAIZ8KnaZHZNfA1DvvE9uwZJzfvu3CZEXVE9
/ycsy9Vb/cdeT0jXomWjtmkPpSt1PJRJHtHSfuyF45smS9a0qs49VvhPO0TkWYXI
k55KhS0Nu3k0lB00PtMIlZgf8wKYWg621oGygMBr3RQDI4pPk0fVCJfCbyAt8c5q
Zrdq3QNvmFY9x1fXdt1BuQmtAgMBAAGjggRIMIIERDAdBgNVHQ4EFgQUTbA103TI
QSzmgNnaCtvsBkKdiLgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdFNjc4LzcyNTgzQUZBNjk1NzExRThBNDJCRTY4MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3RTY3OC83MjU4M0FGQTY5NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNU
SVFTem1nTm5hQ3R2c0JrS2RpTGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQgBAf8EHzAd
oBswGQIDAgF0AgMCFssCAwInfAIDAkavAgMCUDowggFCBggrBgEFBQcBBwEB/wSC
ATEwggEtMIIBGgQCAAEwggESAwQFAbIgAwQGDomAAwQHG2oAAwQGG/8AAwQHKsmA
AwQCK+GMAwQCK/9oAwQGMQDAAwMAZSwDAwBlLgMEAmdFjAMEAmfvSAMEAmfwnAME
Amf/PAMEBm7uQAMEBm7vQAMEA27vuAMEB29bAAMEBm93wAMEBnJ3gAMEBXMeIAME
BHOnIAMEBHOnUAMEAnRCuAMDAHcIAwQEdwygAwQEdw0gAwQGdw1AAwQEdw2gAwQD
dw34AwQDeVuYAwQDeVuoAwQDeVvIAwQGegiAAwMAfFEDBAZ884ADBAeWKIADBAa0
V8ADBAa2oAAwDAMEBbdXIAMEBbdXgAMEBspMgAMEA8qqWAMEBMt7UAMEAsunFAME
B9tTADANBAIAAjAHAwUAJAXwgDANBgkqhkiG9w0BAQsFAAOCAQEAHbvTjuHUA/7T
WGnOlbKtnQZV1urWCoMiOstKrw4cjW67EoxTqafsEotJPJC1yiBhuMTtFHL0G43B
ty9dEHHTG/q4mzuue93BliSZz6o4SQIq94j6vEjgm7XU22NHutJG3Z8w33GFDxvU
1SGPcXd2itRW4bBvftTQihg6vr+Sjg4mzgtZDLZOsACsGCHoW6IC9UC55h+KHypE
X75rTahSUR0bCILYkh1FloDgQY6Xsxt9BQCZYHlUDijy/CTO4NDXUMGrc+AjwbOP
vBYTIsj5lYtHAm3jY9ImGFyCs+kz+AumYocI/QBnnX5Xcj8U95nLf55hMcHQe8mc
k9vwIWNuNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 13 17:54:53 2024 by rpki-client on console-ams.rpki-client.org