Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TjxBSRoYtEm7EK5gcQF04-4-sWE.cer
File:                     TjxBSRoYtEm7EK5gcQF04-4-sWE.cer (raw, json)
Hash identifier:          z+RB6q0ZPlaDCNPlT+dAI4hhacLl6TfvHNt2p/ao3KI=
Subject key identifier:   4E:3C:41:49:1A:18:B4:49:BB:10:AE:60:71:01:74:E3:EE:3E:B1:61
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E9CB
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/TjxBSRoYtEm7EK5gcQF04-4-sWE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 04 Apr 2024 14:35:33 +0000
Certificate not after:    Wed 28 May 2025 00:00:00 +0000
Subordinate resources:    AS: 17645
                          AS: 45794
                          AS: 55332
                          IP: 58.65.0.0/19
                          IP: 116.51.0.0/16
                          IP: 175.28.8.0/22
                          IP: 202.136.160.0/19
                          IP: 2402:2c00::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 125387 (0x1e9cb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Apr  4 14:35:33 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=A91E6D5D/serialNumber=4E3C41491A18B449BB10AE60710174E3EE3EB161
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ab:08:aa:19:68:67:aa:aa:61:22:90:6e:38:
                    8f:c2:4a:ff:67:f1:6e:51:4e:56:c1:89:4d:47:97:
                    8e:e3:74:b0:db:1d:5e:58:d3:d9:fd:97:b7:fc:06:
                    2b:80:00:7e:d1:13:5a:93:d5:e7:e8:11:00:92:4e:
                    7b:cf:91:58:a5:7f:ac:46:1f:fa:98:02:25:49:de:
                    97:56:28:82:22:ac:15:8c:b6:c0:6c:c1:a4:ed:c2:
                    43:e8:7e:f9:05:89:1b:cf:56:fa:fc:6e:64:44:9f:
                    fc:59:a5:bf:f8:cb:bb:47:22:1b:46:a1:e4:f8:92:
                    fc:3a:11:0f:24:78:0a:d7:19:5b:4f:b5:b1:9c:be:
                    2d:d9:85:c8:b2:8e:fa:ea:33:62:54:26:f8:44:0c:
                    c4:81:10:f1:d6:9d:5f:a7:01:d6:e0:d2:f1:af:47:
                    e9:00:3d:be:f6:a6:10:d1:99:fb:9f:d8:06:d6:ea:
                    85:0c:83:db:b7:47:6a:c6:31:95:d3:f6:46:99:dc:
                    db:53:ab:25:fd:fb:60:c0:03:f3:87:68:48:09:48:
                    be:e4:06:fb:36:48:38:3c:4a:ec:41:87:8d:35:31:
                    8a:e8:a6:be:ea:1d:6d:f3:e1:dd:eb:b8:74:d3:ce:
                    0c:83:51:11:bc:d4:d3:f0:b1:c8:1d:0b:a3:f9:54:
                    07:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:3C:41:49:1A:18:B4:49:BB:10:AE:60:71:01:74:E3:EE:3E:B1:61
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/TjxBSRoYtEm7EK5gcQF04-4-sWE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  17645
                  45794
                  55332

            sbgp-ipAddrBlock: critical
                IPv4:
                  58.65.0.0/19
                  116.51.0.0/16
                  175.28.8.0/22
                  202.136.160.0/19
                IPv6:
                  2402:2c00::/32

    Signature Algorithm: sha256WithRSAEncryption
         bf:26:dd:1f:64:de:8a:02:b7:4f:a1:40:b0:78:f3:29:0a:73:
         80:10:12:5a:2f:10:ab:10:48:70:75:0d:fc:12:19:70:ae:0c:
         f9:a9:7a:81:02:2e:ec:43:c7:5a:5c:9d:41:9e:d3:c7:46:df:
         e3:c8:83:8b:a3:d3:cd:ff:96:75:d3:44:ba:ea:2f:70:d2:3a:
         b4:36:c5:e2:25:05:d8:46:00:8b:52:cf:1c:a4:bc:4f:ed:48:
         2f:71:c4:ee:2d:08:77:c7:6c:9e:80:0a:6d:dc:ef:ed:99:8d:
         a2:3b:96:bd:2e:9e:3e:aa:61:d8:0b:9f:4a:20:ca:49:7c:e1:
         7d:f6:97:05:f9:fb:f3:92:b3:8f:db:5e:27:bd:9e:2d:d1:8c:
         38:46:4e:d3:7a:0c:3f:11:ce:6d:8f:96:8a:ea:d6:8f:d1:1c:
         a1:cd:26:93:b2:21:f2:6f:4c:13:5f:cd:80:53:fd:d3:60:30:
         8c:a3:65:ed:cf:87:b3:78:e2:19:22:d4:e3:1a:d2:70:0a:d4:
         aa:53:5e:30:2c:c5:07:93:93:b9:2a:3a:9e:ff:95:43:58:54:
         b3:c4:45:0c:78:5f:80:fd:bd:75:de:b4:60:6f:52:5d:10:1f:
         6e:40:a0:90:25:43:a7:2a:b9:99:18:bd:21:ce:e7:fe:87:91:
         e6:d6:42:e7
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIDAenLMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQwNDE0MzUzM1oXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTZENUQxMTAvBgNVBAUTKDRFM0M0MTQ5MUExOEI0NDlCQjEwQUU2
MDcxMDE3NEUzRUUzRUIxNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCqwiqGWhnqqphIpBuOI/CSv9n8W5RTlbBiU1Hl47jdLDbHV5Y09n9l7f8BiuA
AH7RE1qT1efoEQCSTnvPkVilf6xGH/qYAiVJ3pdWKIIirBWMtsBswaTtwkPofvkF
iRvPVvr8bmREn/xZpb/4y7tHIhtGoeT4kvw6EQ8keArXGVtPtbGcvi3Zhciyjvrq
M2JUJvhEDMSBEPHWnV+nAdbg0vGvR+kAPb72phDRmfuf2AbW6oUMg9u3R2rGMZXT
9kaZ3NtTqyX9+2DAA/OHaEgJSL7kBvs2SDg8SuxBh401MYropr7qHW3z4d3ruHTT
zgyDURG81NPwscgdC6P5VAd3AgMBAAGjggM4MIIDNDAdBgNVHQ4EFgQUTjxBSRoY
tEm7EK5gcQF04+4+sWEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUU2RDVELzlEQ0I2OEUwMUQ4ODExRTI5NEI5NTVFMTA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFNkQ1RC85RENCNjhFMDFEODgxMUUyOTRCOTU1RTEwOEIwMkNEMi9UanhCU1Jv
WXRFbTdFSzVnY1FGMDQtNC1zV0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIwYIKwYBBQUHAQgBAf8EFDAS
oBAwDgICRO0CAwCy4gIDANgkMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQF
OkEAAwMAdDMDBAKvHAgDBAXKiKAwDQQCAAIwBwMFACQCLAAwDQYJKoZIhvcNAQEL
BQADggEBAL8m3R9k3ooCt0+hQLB48ykKc4AQElovEKsQSHB1DfwSGXCuDPmpeoEC
LuxDx1pcnUGe08dG3+PIg4uj083/lnXTRLrqL3DSOrQ2xeIlBdhGAItSzxykvE/t
SC9xxO4tCHfHbJ6ACm3c7+2ZjaI7lr0unj6qYdgLn0ogykl84X32lwX5+/OSs4/b
Xie9ni3RjDhGTtN6DD8Rzm2Plorq1o/RHKHNJpOyIfJvTBNfzYBT/dNgMIyjZe3P
h7N44hki1OMa0nAK1KpTXjAsxQeTk7kqOp7/lUNYVLPERQx4X4D9vXXetGBvUl0Q
H25AoJAlQ6cquZkYvSHO5/6HkebWQuc=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:59:42 2024 by rpki-client on console-ams.rpki-client.org