Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VCQU--P_Iyqsxi5z3cN-J1KC7Uo.cer
File:                     VCQU--P_Iyqsxi5z3cN-J1KC7Uo.cer (raw, json)
Hash identifier:          2rAe55CjvHSyFbSiQkPZa9kdZCK2C62rDiOWdJwCmrM=
Subject key identifier:   54:24:14:FB:E3:FF:23:2A:AC:C6:2E:73:DD:C3:7E:27:52:82:ED:4A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       02137C
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A917295C/1F2074C8968211EBA399115BC4F9AE02/VCQU--P_Iyqsxi5z3cN-J1KC7Uo.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A917295C/1F2074C8968211EBA399115BC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 10 Oct 2024 16:15:51 +0000
Certificate not after:    Tue 30 Dec 2025 00:00:00 +0000
Subordinate resources:    IP: 103.143.158.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 12:58:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 136060 (0x2137c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct 10 16:15:51 2024 GMT
            Not After : Dec 30 00:00:00 2025 GMT
        Subject: CN=A917295C/serialNumber=542414FBE3FF232AACC62E73DDC37E275282ED4A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:13:9d:51:51:b5:16:30:8c:e3:5b:a8:44:06:
                    ed:92:8c:d8:53:c5:1a:d7:6a:59:e6:aa:dd:0b:f3:
                    09:4b:e9:7e:fd:c7:b4:26:9c:0a:08:e1:2c:a6:d8:
                    44:1f:e3:65:ab:f8:dd:f3:f8:2f:db:7e:09:ea:a2:
                    a6:60:ea:36:0d:8c:04:78:4d:d7:fd:8e:07:73:6c:
                    7c:5b:0a:60:06:a8:be:4b:5a:2c:7e:77:03:79:dc:
                    58:77:20:46:36:fa:50:ae:39:dc:85:7f:14:fc:90:
                    ef:c7:df:3d:f9:c0:f8:c5:bb:c4:ed:d2:ba:5b:6b:
                    63:36:f2:3e:ac:e7:be:b8:99:0a:24:0d:74:58:46:
                    fe:a0:99:26:68:39:ca:5c:67:50:86:9e:f6:72:c4:
                    fb:2d:23:e0:f8:2d:d7:20:d7:17:e3:38:5f:56:5b:
                    d1:cf:8d:25:2d:95:a1:2a:05:b7:5a:52:88:c6:7d:
                    15:b1:ff:71:4a:64:68:12:a6:ed:01:45:ab:16:01:
                    1d:7f:41:9b:be:59:79:69:1e:cf:fa:9b:5e:a8:4a:
                    9d:be:43:93:2c:e2:12:a2:28:59:64:25:93:35:03:
                    69:dc:2e:08:31:e5:e8:b0:27:fb:2b:90:0c:1b:a7:
                    90:cd:ad:ac:3f:3d:cd:dd:bd:2d:53:b8:cf:bc:e7:
                    e1:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:24:14:FB:E3:FF:23:2A:AC:C6:2E:73:DD:C3:7E:27:52:82:ED:4A
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917295C/1F2074C8968211EBA399115BC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917295C/1F2074C8968211EBA399115BC4F9AE02/VCQU--P_Iyqsxi5z3cN-J1KC7Uo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.143.158.0/23

    Signature Algorithm: sha256WithRSAEncryption
         00:fb:37:0c:55:b7:b8:83:2e:59:00:fc:8a:88:ef:3b:37:b9:
         33:6f:87:e2:ad:c2:5d:71:e1:d8:5f:a7:84:b1:07:80:ff:35:
         73:40:fc:69:7f:42:c4:1f:12:4a:69:37:a5:e3:ee:9b:91:85:
         16:a5:84:ba:62:04:3c:4a:76:f3:b7:67:c5:db:3f:a6:ce:03:
         0d:c8:57:97:9f:87:3d:a8:14:5a:a1:a7:6c:82:bf:16:09:55:
         d9:47:6e:cb:c5:95:29:57:d2:c0:10:fc:c5:d7:8d:59:62:75:
         11:46:9d:6b:8b:eb:42:d8:ec:9e:53:b3:68:c5:3e:42:e2:53:
         f8:f7:5b:26:20:78:1a:d2:2e:ee:e0:fe:7c:17:83:1d:b8:ec:
         c2:5a:2d:73:3d:05:c1:f5:49:55:af:00:fb:70:32:0d:47:c8:
         d9:69:2a:99:54:65:47:e4:c2:8f:f2:b8:bc:09:63:87:3f:43:
         07:c7:53:8e:23:9c:21:31:67:23:53:f4:5a:c0:f4:cf:d5:1e:
         72:f8:fd:b1:9c:64:8b:5d:01:fa:a8:8e:03:0c:9c:f8:72:f3:
         6f:5f:67:cc:66:a8:6f:e3:f1:a8:1e:9b:be:83:63:83:64:7a:
         b8:46:e0:e7:97:d3:23:0a:72:79:da:cb:5f:cf:ce:e9:b3:68:
         fa:96:bb:db
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAhN8MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTAxMDE2MTU1MVoXDTI1MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNzI5NUMxMTAvBgNVBAUTKDU0MjQxNEZCRTNGRjIzMkFBQ0M2MkU3
M0REQzM3RTI3NTI4MkVENEEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5E51RUbUWMIzjW6hEBu2SjNhTxRrXalnmqt0L8wlL6X79x7QmnAoI4Sym2EQf
42Wr+N3z+C/bfgnqoqZg6jYNjAR4Tdf9jgdzbHxbCmAGqL5LWix+dwN53Fh3IEY2
+lCuOdyFfxT8kO/H3z35wPjFu8Tt0rpba2M28j6s5764mQokDXRYRv6gmSZoOcpc
Z1CGnvZyxPstI+D4Ldcg1xfjOF9WW9HPjSUtlaEqBbdaUojGfRWx/3FKZGgSpu0B
RasWAR1/QZu+WXlpHs/6m16oSp2+Q5Ms4hKiKFlkJZM1A2ncLggx5eiwJ/srkAwb
p5DNraw/Pc3dvS1TuM+85+FfAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQUVCQU++P/
Iyqsxi5z3cN+J1KC7UowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTcyOTVDLzFGMjA3NEM4OTY4MjExRUJBMzk5MTE1QkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3Mjk1Qy8xRjIwNzRDODk2ODIxMUVCQTM5OTExNUJDNEY5QUUwMi9WQ1FVLS1Q
X0l5cXN4aTV6M2NOLUoxS0M3VW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAFnj54wDQYJKoZIhvcNAQELBQADggEBAAD7NwxVt7iDLlkA/IqI
7zs3uTNvh+Ktwl1x4dhfp4SxB4D/NXNA/Gl/QsQfEkppN6Xj7puRhRalhLpiBDxK
dvO3Z8XbP6bOAw3IV5efhz2oFFqhp2yCvxYJVdlHbsvFlSlX0sAQ/MXXjVlidRFG
nWuL60LY7J5Ts2jFPkLiU/j3WyYgeBrSLu7g/nwXgx247MJaLXM9BcH1SVWvAPtw
Mg1HyNlpKplUZUfkwo/yuLwJY4c/QwfHU44jnCExZyNT9FrA9M/VHnL4/bGcZItd
AfqojgMMnPhy829fZ8xmqG/j8agem76DY4NkerhG4OeX0yMKcnnay1/PzumzaPqW
u9s=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:24:29 2024 by rpki-client on console-ams.rpki-client.org