Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Vy52Dbzm1lVTCYsBfvwy7LHOyuE.cer
File:                     Vy52Dbzm1lVTCYsBfvwy7LHOyuE.cer (raw, json)
Hash identifier:          7v6kA+QDKlLBfpBcRk6ULUlWL6Z/GKDhCVOw0WZEeVY=
Subject key identifier:   57:2E:76:0D:BC:E6:D6:55:53:09:8B:01:7E:FC:32:EC:B1:CE:CA:E1
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D695
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91E331D/E7610CCE5F0C11ECA9144426C4F9AE02/Vy52Dbzm1lVTCYsBfvwy7LHOyuE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91E331D/E7610CCE5F0C11ECA9144426C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 03 Jan 2024 22:03:32 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 149168
                          IP: 103.177.186.0/23
                          IP: 2001:df0:28c0::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120469 (0x1d695)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan  3 22:03:32 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A91E331D/serialNumber=572E760DBCE6D65553098B017EFC32ECB1CECAE1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:df:31:2b:ba:f4:e3:e6:06:1a:da:5f:8d:07:
                    18:01:3c:41:ca:d6:aa:68:4b:c1:74:94:0d:ca:40:
                    35:38:85:bc:98:19:8b:5c:cb:d0:5b:b1:40:5a:91:
                    43:e6:3f:9b:5b:a0:e1:0c:39:f6:0b:fc:ae:11:1e:
                    b7:37:7c:3b:c1:f7:9a:e1:75:6c:65:50:d0:07:a4:
                    e9:e9:5e:e3:8f:be:d0:b6:02:99:05:10:a2:66:41:
                    02:de:ad:0b:8d:79:f5:ce:cf:50:a7:c2:f7:ba:54:
                    1f:a1:d8:4d:c5:b3:ac:ec:07:a8:c8:c2:5a:94:3c:
                    79:58:e8:2b:8f:de:4b:0b:ed:02:71:55:13:6a:d7:
                    80:42:65:2f:30:ce:e9:c6:20:94:a2:32:5d:27:60:
                    74:5c:78:09:c8:d3:f8:19:e3:90:82:7e:ae:b0:62:
                    d1:13:f2:d4:ed:5c:cf:4b:41:be:3b:54:24:ba:4a:
                    58:1c:0a:39:37:c7:12:9c:23:59:58:4c:c4:c5:38:
                    0e:7f:5b:95:55:1f:3e:69:40:41:0e:ae:09:8c:4e:
                    6a:6e:e4:1d:e5:32:91:fa:83:d1:4c:4b:24:2e:a9:
                    59:f1:a9:ef:e9:b4:d0:98:fa:11:b1:87:07:f2:11:
                    d8:f6:70:b7:86:bd:dc:ba:e5:41:b5:9d:44:90:13:
                    2c:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:2E:76:0D:BC:E6:D6:55:53:09:8B:01:7E:FC:32:EC:B1:CE:CA:E1
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E331D/E7610CCE5F0C11ECA9144426C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E331D/E7610CCE5F0C11ECA9144426C4F9AE02/Vy52Dbzm1lVTCYsBfvwy7LHOyuE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  149168

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.177.186.0/23
                IPv6:
                  2001:df0:28c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         15:cf:cc:1a:3d:42:98:81:0d:d2:e4:54:9a:77:79:b3:3b:b2:
         07:a7:d5:54:38:b7:7e:94:31:38:cd:b3:e2:4b:ca:f5:d6:45:
         6d:23:8f:80:73:2b:4c:c3:55:d2:86:34:8b:0b:f4:6e:80:a5:
         f9:1c:ca:ba:fa:7a:6b:79:c8:b1:fa:53:ba:1c:9b:97:7d:bc:
         6b:29:a1:6f:a6:98:98:18:d4:48:e4:df:a9:11:d0:65:36:a8:
         d3:ce:1e:a7:45:0d:e5:b0:cd:d8:ab:4f:d8:32:b5:17:c5:03:
         c6:04:72:ef:0c:67:6e:8c:de:9d:f2:af:ca:e0:af:dc:0f:77:
         8c:96:b9:bb:ad:6d:58:1f:b8:8c:52:76:7d:5f:4c:f5:39:c4:
         c1:d0:ab:3c:2e:f1:07:27:fa:f9:18:af:53:ec:fe:3f:b5:1d:
         32:de:50:75:b4:b8:90:89:18:e3:46:76:1d:59:ae:6e:89:56:
         e9:bd:95:11:5b:02:c5:25:6a:18:b1:4a:f1:fe:41:ce:42:1b:
         8f:f8:05:96:2f:fd:7d:51:0a:ac:93:ec:db:ab:cd:ad:66:95:
         b4:b3:10:b8:58:1a:11:f8:de:a7:6c:da:20:07:37:b4:52:2a:
         5c:d3:d0:0c:1d:9f:8a:3c:f4:a2:4d:a0:6c:e0:c7:13:43:8f:
         f2:df:ab:9a
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAdaVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEwMzIyMDMzMloXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTMzMUQxMTAvBgNVBAUTKDU3MkU3NjBEQkNFNkQ2NTU1MzA5OEIw
MTdFRkMzMkVDQjFDRUNBRTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDc3zEruvTj5gYa2l+NBxgBPEHK1qpoS8F0lA3KQDU4hbyYGYtcy9BbsUBakUPm
P5tboOEMOfYL/K4RHrc3fDvB95rhdWxlUNAHpOnpXuOPvtC2ApkFEKJmQQLerQuN
efXOz1Cnwve6VB+h2E3Fs6zsB6jIwlqUPHlY6CuP3ksL7QJxVRNq14BCZS8wzunG
IJSiMl0nYHRceAnI0/gZ45CCfq6wYtET8tTtXM9LQb47VCS6SlgcCjk3xxKcI1lY
TMTFOA5/W5VVHz5pQEEOrgmMTmpu5B3lMpH6g9FMSyQuqVnxqe/ptNCY+hGxhwfy
Edj2cLeGvdy65UG1nUSQEyyhAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUVy52Dbzm
1lVTCYsBfvwy7LHOyuEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUUzMzFEL0U3NjEwQ0NFNUYwQzExRUNBOTE0NDQyNkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFMzMxRC9FNzYxMENDRTVGMEMxMUVDQTkxNDQ0MjZDNEY5QUUwMi9WeTUyRGJ6
bTFsVlRDWXNCZnZ3eTdMSE95dUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkawMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ7G6MA8EAgAC
MAkDBwAgAQ3wKMAwDQYJKoZIhvcNAQELBQADggEBABXPzBo9QpiBDdLkVJp3ebM7
sgen1VQ4t36UMTjNs+JLyvXWRW0jj4BzK0zDVdKGNIsL9G6Apfkcyrr6emt5yLH6
U7ocm5d9vGspoW+mmJgY1Ejk36kR0GU2qNPOHqdFDeWwzdirT9gytRfFA8YEcu8M
Z26M3p3yr8rgr9wPd4yWubutbVgfuIxSdn1fTPU5xMHQqzwu8Qcn+vkYr1Ps/j+1
HTLeUHW0uJCJGONGdh1Zrm6JVum9lRFbAsUlahixSvH+Qc5CG4/4BZYv/X1RCqyT
7Nurza1mlbSzELhYGhH43qds2iAHN7RSKlzT0Awdn4o89KJNoGzgxxNDj/Lfq5o=
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:47:11 2024 by rpki-client on console-ams.rpki-client.org