Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TeFRsMiiGEElxljjJzHNoaojRwA.cer
File:                     TeFRsMiiGEElxljjJzHNoaojRwA.cer (raw, json)
Hash identifier:          YBfegIK57Ms0IOShjBreHAW2Ho+MjbcmjgwcdsEAkGU=
Subject key identifier:   4D:E1:51:B0:C8:A2:18:41:25:C6:58:E3:27:31:CD:A1:AA:23:47:00
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01A07C
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91AE9FF/D3A544D2945B11EC8295DB45C4F9AE02/TeFRsMiiGEElxljjJzHNoaojRwA.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91AE9FF/D3A544D2945B11EC8295DB45C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 01 May 2023 23:32:57 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 138153
                          IP: 103.181.240.0/24
                          IP: 103.183.220.0/24
                          IP: 2001:df0:72c0::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 14:50:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 106620 (0x1a07c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May  1 23:32:57 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=A91AE9FF/serialNumber=4DE151B0C8A2184125C658E32731CDA1AA234700
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:44:61:81:8d:bc:d2:d0:8f:d4:65:f9:d1:6a:
                    cf:61:f1:80:0a:01:35:4f:d7:c3:2f:04:93:2b:68:
                    e6:40:fc:96:20:63:43:6d:0c:0f:82:95:e5:e6:d1:
                    d8:cd:89:d4:62:67:1d:37:4a:f2:2c:8d:c7:8a:6f:
                    bc:2c:78:53:d6:17:ac:14:cd:a7:e4:7d:33:d6:12:
                    98:50:a1:48:20:5c:89:5b:a4:01:ec:99:2d:85:eb:
                    c6:95:b3:3d:07:73:f4:48:73:54:6b:65:fe:ef:18:
                    e8:c6:d0:fe:cf:96:e7:90:1e:2f:07:f7:15:cd:e6:
                    02:01:f6:df:ce:53:1b:68:4d:59:44:7c:2d:ef:0a:
                    2e:6f:d1:25:5c:5a:49:63:b6:93:5f:9c:23:3f:ca:
                    df:15:24:fd:04:6a:ab:f2:45:8c:88:77:ba:89:f8:
                    19:d9:4f:9d:cd:6d:04:ec:89:d1:a4:3b:43:59:a0:
                    17:6a:1d:f4:7a:1c:85:ef:ce:72:0b:09:12:5e:09:
                    94:9c:cd:a4:1c:6a:26:00:34:e8:e4:20:f4:f0:7c:
                    6b:01:ee:9c:34:40:62:49:0f:ab:ec:70:5f:96:30:
                    05:ce:67:d5:db:62:39:fa:3c:11:ef:06:19:61:1f:
                    ab:14:fa:cc:fc:e7:af:ee:40:db:8a:01:b9:a3:a4:
                    df:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:E1:51:B0:C8:A2:18:41:25:C6:58:E3:27:31:CD:A1:AA:23:47:00
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91AE9FF/D3A544D2945B11EC8295DB45C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91AE9FF/D3A544D2945B11EC8295DB45C4F9AE02/TeFRsMiiGEElxljjJzHNoaojRwA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  138153

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.181.240.0/24
                  103.183.220.0/24
                IPv6:
                  2001:df0:72c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         0b:cf:37:dd:18:80:48:44:59:02:7b:05:74:78:36:98:b0:e0:
         c3:4e:9e:b6:4f:a7:9a:ee:74:16:96:94:b5:6b:b7:5c:91:e0:
         f3:a2:f0:00:fe:0f:16:9f:34:98:1f:8b:45:f8:ad:89:b0:a7:
         ef:3b:e5:6b:bd:bb:19:8f:bd:5b:c0:3b:7d:b1:2c:e5:e4:03:
         ba:97:5c:ee:bb:66:7f:c9:07:97:42:21:e9:14:af:10:64:b7:
         e1:91:75:0b:81:a4:e8:92:b0:9d:4e:09:3a:6d:65:5b:8f:7f:
         20:3f:14:f2:92:76:cf:12:97:7c:5b:9a:34:af:19:0a:b7:b6:
         43:c4:63:c1:e7:13:37:c7:6d:8b:f3:0b:8e:9e:42:d9:5e:45:
         01:02:9a:5e:ce:9d:fc:aa:22:fa:1d:4f:26:aa:2b:34:f7:be:
         85:a3:5a:0d:49:52:33:0b:68:4b:a2:23:45:91:a8:bc:96:2d:
         41:7a:e3:6d:a2:87:2b:1c:15:c1:b9:da:7e:f5:af:62:dc:54:
         c3:44:c0:a6:4a:6d:0e:96:ac:95:c3:d8:1c:1a:6b:3a:a8:6c:
         a5:2f:fd:13:82:45:94:6f:5a:8c:84:45:e8:9d:d3:62:4c:9d:
         be:5a:b6:4a:5a:29:76:b4:fe:82:42:58:66:f8:eb:07:5d:a3:
         53:98:8a:7d
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIDAaB8MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDUwMTIzMzI1N1oXDTI0MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQUU5RkYxMTAvBgNVBAUTKDRERTE1MUIwQzhBMjE4NDEyNUM2NThF
MzI3MzFDREExQUEyMzQ3MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYRGGBjbzS0I/UZfnRas9h8YAKATVP18MvBJMraOZA/JYgY0NtDA+CleXm0djN
idRiZx03SvIsjceKb7wseFPWF6wUzafkfTPWEphQoUggXIlbpAHsmS2F68aVsz0H
c/RIc1RrZf7vGOjG0P7PlueQHi8H9xXN5gIB9t/OUxtoTVlEfC3vCi5v0SVcWklj
tpNfnCM/yt8VJP0EaqvyRYyId7qJ+BnZT53NbQTsidGkO0NZoBdqHfR6HIXvznIL
CRJeCZSczaQcaiYANOjkIPTwfGsB7pw0QGJJD6vscF+WMAXOZ9XbYjn6PBHvBhlh
H6sU+sz856/uQNuKAbmjpN9vAgMBAAGjggMmMIIDIjAdBgNVHQ4EFgQUTeFRsMii
GEElxljjJzHNoaojRwAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUFFOUZGL0QzQTU0NEQyOTQ1QjExRUM4Mjk1REI0NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBRTlGRi9EM0E1NDREMjk0NUIxMUVDODI5NURCNDVDNEY5QUUwMi9UZUZSc01p
aUdFRWx4bGpqSnpITm9hb2pSd0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhupMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAZ7XwAwQAZ7fc
MA8EAgACMAkDBwAgAQ3wcsAwDQYJKoZIhvcNAQELBQADggEBAAvPN90YgEhEWQJ7
BXR4Npiw4MNOnrZPp5rudBaWlLVrt1yR4POi8AD+DxafNJgfi0X4rYmwp+875Wu9
uxmPvVvAO32xLOXkA7qXXO67Zn/JB5dCIekUrxBkt+GRdQuBpOiSsJ1OCTptZVuP
fyA/FPKSds8Sl3xbmjSvGQq3tkPEY8HnEzfHbYvzC46eQtleRQECml7OnfyqIvod
TyaqKzT3voWjWg1JUjMLaEuiI0WRqLyWLUF6422ihyscFcG52n71r2LcVMNEwKZK
bQ6WrJXD2BwaazqobKUv/ROCRZRvWoyEReid02JMnb5atkpaKXa0/oJCWGb46wdd
o1OYin0=
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:08:11 2024 by rpki-client on console-ams.rpki-client.org