Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vg3ED_OlCfnv21Jg7huzhi222N8.cer
File:                     Vg3ED_OlCfnv21Jg7huzhi222N8.cer (raw, json)
Hash identifier:          jlUe2XyXZYjoF/nDWVUThp89f8tdINCOSUiu5/jsro0=
Subject key identifier:   56:0D:C4:0F:F3:A5:09:F9:EF:DB:52:60:EE:1B:B3:86:2D:B6:D8:DF
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01A4E2
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A912E926/86676DA0FA0111EDBAD75D28C4F9AE02/Vg3ED_OlCfnv21Jg7huzhi222N8.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A912E926/86676DA0FA0111EDBAD75D28C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 24 May 2023 07:06:45 +0000
Certificate not after:    Mon 01 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 151045
                          IP: 103.119.174.0/23
                          IP: 2001:df2:2a40::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 18:26:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 107746 (0x1a4e2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May 24 07:06:45 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=A912E926/serialNumber=560DC40FF3A509F9EFDB5260EE1BB3862DB6D8DF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:f8:25:b5:06:fc:7f:2c:6a:c1:38:ae:61:1e:
                    18:b6:1a:c3:f4:b3:3b:41:8e:45:53:3f:c0:fc:79:
                    2a:49:bc:87:81:eb:28:da:d0:35:45:19:9a:d1:69:
                    da:36:02:1f:33:77:b0:37:4d:ce:76:da:13:93:5e:
                    63:3d:51:e3:4f:6b:9f:b9:b7:86:97:ec:7e:9a:8f:
                    70:a5:c6:5e:cc:d6:4e:2c:47:1a:31:4c:0a:0d:36:
                    3d:0f:b7:cb:e6:d6:e0:f3:93:59:53:75:f6:1c:54:
                    93:3b:c3:c2:83:e7:bf:a2:96:c0:fe:c2:0f:a7:de:
                    c4:46:84:45:99:f2:c0:d9:63:3b:84:02:25:29:72:
                    85:1d:38:dd:39:e0:8e:02:ad:dc:ee:f4:6c:d9:ab:
                    80:1c:a7:15:e7:cc:a9:e7:01:e2:c8:28:35:e7:4c:
                    7b:62:d2:09:7a:81:b9:6e:48:64:06:90:7a:42:d6:
                    88:ea:ce:b5:3c:28:d4:ef:7d:8a:b9:27:79:dc:f0:
                    ec:c4:cd:3c:19:62:55:3c:85:9e:f0:f6:f8:d5:b3:
                    db:c7:81:ee:29:44:eb:f6:1f:4a:78:a9:a6:1a:4c:
                    f5:50:7c:86:18:50:91:77:a5:1d:31:a5:f6:1f:8b:
                    01:ae:b4:fd:0a:97:b5:8d:57:01:e8:85:d6:e0:b7:
                    70:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:0D:C4:0F:F3:A5:09:F9:EF:DB:52:60:EE:1B:B3:86:2D:B6:D8:DF
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912E926/86676DA0FA0111EDBAD75D28C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912E926/86676DA0FA0111EDBAD75D28C4F9AE02/Vg3ED_OlCfnv21Jg7huzhi222N8.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  151045

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.119.174.0/23
                IPv6:
                  2001:df2:2a40::/48

    Signature Algorithm: sha256WithRSAEncryption
         9c:a6:43:5a:aa:32:c5:a0:8c:53:6e:7e:48:26:4b:4c:9e:cd:
         b3:2b:dc:42:cd:c2:b1:c9:f0:d2:00:b2:37:69:a9:a5:25:79:
         bf:9f:f7:03:c6:db:ba:c0:a2:01:17:b2:b2:9f:64:f2:c5:9f:
         2c:12:d9:07:42:8f:db:88:49:9e:91:9b:45:6c:cc:13:11:aa:
         80:5d:62:47:51:52:72:d9:e7:14:31:20:cd:e1:08:ae:bd:d0:
         9a:7a:71:b3:93:ac:63:dd:d4:08:30:2f:32:72:fb:ee:e1:41:
         fb:22:6e:17:fc:3c:b6:d0:aa:9a:b3:79:86:17:8e:57:de:4c:
         5d:36:80:dc:b3:45:5c:b5:5e:f1:1c:5f:47:c1:1a:15:0f:d9:
         fc:cf:4c:e7:18:d7:12:b7:0b:4d:a8:6a:ca:a1:32:eb:10:38:
         4d:6b:8b:70:11:79:da:1c:0b:16:35:66:87:89:30:a6:8b:f6:
         e1:1c:d9:b9:22:c8:d7:b6:58:4e:36:d0:d4:d5:d9:1b:ce:75:
         61:02:5b:e0:5a:22:fc:80:4e:57:2f:f3:16:c3:02:42:50:79:
         cc:dc:48:b1:af:17:86:dc:9b:b4:34:b1:c6:cb:6c:d6:b8:a2:
         53:af:76:89:d8:eb:9c:14:f7:ab:05:0c:ab:37:00:09:d6:fb:
         48:02:e9:8a
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAaTiMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDUyNDA3MDY0NVoXDTI0MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMkU5MjYxMTAvBgNVBAUTKDU2MERDNDBGRjNBNTA5RjlFRkRCNTI2
MEVFMUJCMzg2MkRCNkQ4REYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCr+CW1Bvx/LGrBOK5hHhi2GsP0sztBjkVTP8D8eSpJvIeB6yja0DVFGZrRado2
Ah8zd7A3Tc522hOTXmM9UeNPa5+5t4aX7H6aj3Clxl7M1k4sRxoxTAoNNj0Pt8vm
1uDzk1lTdfYcVJM7w8KD57+ilsD+wg+n3sRGhEWZ8sDZYzuEAiUpcoUdON054I4C
rdzu9GzZq4AcpxXnzKnnAeLIKDXnTHti0gl6gbluSGQGkHpC1ojqzrU8KNTvfYq5
J3nc8OzEzTwZYlU8hZ7w9vjVs9vHge4pROv2H0p4qaYaTPVQfIYYUJF3pR0xpfYf
iwGutP0Kl7WNVwHohdbgt3ABAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUVg3ED/Ol
Cfnv21Jg7huzhi222N8wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJFOTI2Lzg2Njc2REEwRkEwMTExRURCQUQ3NUQyOEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyRTkyNi84NjY3NkRBMEZBMDExMUVEQkFENzVEMjhDNEY5QUUwMi9WZzNFRF9P
bENmbnYyMUpnN2h1emhpMjIyTjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAk4FMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ3euMA8EAgAC
MAkDBwAgAQ3yKkAwDQYJKoZIhvcNAQELBQADggEBAJymQ1qqMsWgjFNufkgmS0ye
zbMr3ELNwrHJ8NIAsjdpqaUleb+f9wPG27rAogEXsrKfZPLFnywS2QdCj9uISZ6R
m0VszBMRqoBdYkdRUnLZ5xQxIM3hCK690Jp6cbOTrGPd1AgwLzJy++7hQfsibhf8
PLbQqpqzeYYXjlfeTF02gNyzRVy1XvEcX0fBGhUP2fzPTOcY1xK3C02oasqhMusQ
OE1ri3ARedocCxY1ZoeJMKaL9uEc2bkiyNe2WE420NTV2RvOdWECW+BaIvyATlcv
8xbDAkJQeczcSLGvF4bcm7Q0scbLbNa4olOvdonY65wU96sFDKs3AAnW+0gC6Yo=
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:44:55 2024 by rpki-client on console-fra.rpki-client.org