Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WLTfjkdXyv3lRi9KGvhw_iFE3Fs.cer
File:                     WLTfjkdXyv3lRi9KGvhw_iFE3Fs.cer (raw, json)
Hash identifier:          rMMMGJ8otCPphQQi+HlOHrzt/8/FOLVVwTH7ECfOxQM=
Subject key identifier:   58:B4:DF:8E:47:57:CA:FD:E5:46:2F:4A:1A:F8:70:FE:21:44:DC:5B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01F351
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A912C72C/8EC6140EC3AA11EB870EA91CC4F9AE02/WLTfjkdXyv3lRi9KGvhw_iFE3Fs.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A912C72C/8EC6140EC3AA11EB870EA91CC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 23 May 2024 02:35:15 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    AS: 59210
                          AS: 136899
                          AS: 152879
                          IP: 103.243.172.0/22
                          IP: 2401:bc40::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 15:22:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 127825 (0x1f351)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May 23 02:35:15 2024 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A912C72C/serialNumber=58B4DF8E4757CAFDE5462F4A1AF870FE2144DC5B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:86:0b:65:26:e0:8c:70:5e:61:f6:71:ce:a1:
                    aa:50:5b:ca:76:af:f6:46:9b:e1:03:4d:92:97:b1:
                    2d:a0:a9:0c:4f:6c:cd:1f:7f:d7:bf:ea:4b:2c:b3:
                    fb:1d:45:fc:61:72:47:67:42:75:2f:53:b6:d4:d7:
                    b2:6e:cd:1a:fe:fa:11:50:13:35:5e:6c:d0:b0:ff:
                    40:10:c6:22:10:f2:f8:a2:bc:bf:f9:2d:90:09:aa:
                    12:72:5d:b2:df:19:e1:7b:9a:d0:07:42:b2:1b:1a:
                    8c:7c:02:ec:39:51:32:67:a1:d4:cd:f1:fc:95:5e:
                    de:4f:04:34:ff:44:99:c1:be:19:61:03:9c:67:4f:
                    6d:cf:df:45:b0:35:e4:2a:8f:26:3d:34:84:6c:4d:
                    e9:68:48:7a:2d:f6:e7:47:15:97:34:80:42:77:da:
                    49:cc:f0:4f:a9:7b:1e:4d:06:5f:e2:ee:b0:7d:f1:
                    c8:d8:a2:a1:2a:b5:a7:97:8b:80:01:4e:b3:d8:21:
                    18:ca:60:cf:c9:01:e8:ee:ec:32:99:79:ac:fb:7f:
                    2d:d2:42:6e:e8:ee:2f:47:7e:ac:83:0b:f4:7f:1e:
                    69:f3:b1:8a:ca:a1:fd:71:c0:9f:64:23:33:99:49:
                    8c:20:06:98:0b:ae:95:e7:90:29:6e:8d:c3:58:45:
                    27:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:B4:DF:8E:47:57:CA:FD:E5:46:2F:4A:1A:F8:70:FE:21:44:DC:5B
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912C72C/8EC6140EC3AA11EB870EA91CC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912C72C/8EC6140EC3AA11EB870EA91CC4F9AE02/WLTfjkdXyv3lRi9KGvhw_iFE3Fs.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  59210
                  136899
                  152879

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.243.172.0/22
                IPv6:
                  2401:bc40::/32

    Signature Algorithm: sha256WithRSAEncryption
         5e:31:99:36:9e:70:c6:ce:e9:14:d2:71:c7:e9:13:01:13:97:
         fa:9e:0a:c6:b0:93:4b:35:23:4f:98:48:5a:d9:30:2b:0f:45:
         6a:b7:90:85:62:16:95:b9:70:64:9c:3d:bc:3f:d3:33:c7:ef:
         67:6c:f2:73:d2:7f:a6:02:33:08:03:05:5c:9c:53:a0:68:94:
         e7:bf:ea:e8:41:db:df:43:00:f9:4e:5d:e2:18:4c:4d:2c:cf:
         81:e4:c4:8b:2b:1b:a2:7a:c1:1f:57:6b:8a:d5:e0:36:d2:c7:
         af:8f:22:e5:b9:d2:c3:b3:c9:8c:49:4b:9d:f4:65:5c:d2:ef:
         11:b4:fb:03:1c:d3:d2:f6:3a:26:d3:17:73:68:a4:f9:22:5c:
         6f:19:84:cf:ba:72:7b:f9:02:92:fd:78:09:10:53:8a:72:6e:
         ee:80:b2:3c:31:74:e3:d2:b5:c1:72:21:65:f4:50:bd:44:8d:
         7d:fd:4b:cc:b9:7e:d0:98:da:fd:c1:89:c8:63:77:9a:11:81:
         89:96:e4:2c:ef:40:df:56:6c:dc:b3:24:38:96:e8:bb:32:10:
         e7:2d:07:64:c9:71:e9:ea:94:d9:19:78:81:26:3b:c4:c2:cb:
         88:15:11:fb:db:2f:66:56:f5:5b:77:2a:b4:4a:37:54:94:b9:
         df:78:cc:6c
-----BEGIN CERTIFICATE-----
MIIGMzCCBRugAwIBAgIDAfNRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDUyMzAyMzUxNVoXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMkM3MkMxMTAvBgNVBAUTKDU4QjRERjhFNDc1N0NBRkRFNTQ2MkY0
QTFBRjg3MEZFMjE0NERDNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCyhgtlJuCMcF5h9nHOoapQW8p2r/ZGm+EDTZKXsS2gqQxPbM0ff9e/6ksss/sd
RfxhckdnQnUvU7bU17JuzRr++hFQEzVebNCw/0AQxiIQ8viivL/5LZAJqhJyXbLf
GeF7mtAHQrIbGox8Auw5UTJnodTN8fyVXt5PBDT/RJnBvhlhA5xnT23P30WwNeQq
jyY9NIRsTeloSHot9udHFZc0gEJ32knM8E+pex5NBl/i7rB98cjYoqEqtaeXi4AB
TrPYIRjKYM/JAeju7DKZeaz7fy3SQm7o7i9HfqyDC/R/HmnzsYrKof1xwJ9kIzOZ
SYwgBpgLrpXnkClujcNYRSfFAgMBAAGjggMoMIIDJDAdBgNVHQ4EFgQUWLTfjkdX
yv3lRi9KGvhw/iFE3FswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJDNzJDLzhFQzYxNDBFQzNBQTExRUI4NzBFQTkxQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyQzcyQy84RUM2MTQwRUMzQUExMUVCODcwRUE5MUNDNEY5QUUwMi9XTFRmamtk
WHl2M2xSaTlLR3Zod19pRkUzRnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQgBAf8EFTAT
oBEwDwIDAOdKAgMCFsMCAwJVLzAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgME
AmfzrDANBAIAAjAHAwUAJAG8QDANBgkqhkiG9w0BAQsFAAOCAQEAXjGZNp5wxs7p
FNJxx+kTAROX+p4KxrCTSzUjT5hIWtkwKw9FareQhWIWlblwZJw9vD/TM8fvZ2zy
c9J/pgIzCAMFXJxToGiU57/q6EHb30MA+U5d4hhMTSzPgeTEiysbonrBH1dritXg
NtLHr48i5bnSw7PJjElLnfRlXNLvEbT7AxzT0vY6JtMXc2ik+SJcbxmEz7pye/kC
kv14CRBTinJu7oCyPDF049K1wXIhZfRQvUSNff1LzLl+0Jja/cGJyGN3mhGBiZbk
LO9A31Zs3LMkOJbouzIQ5y0HZMlx6eqU2Rl4gSY7xMLLiBUR+9svZlb1W3cqtEo3
VJS533jMbA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:50:43 2024 by rpki-client on console-ams.rpki-client.org