Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WYYa7M8NRdskqH6ohHvxmZH--vY.cer
File:                     WYYa7M8NRdskqH6ohHvxmZH--vY.cer (raw, json)
Hash identifier:          lwU0juBgsz3cqop9z+eTd8hp7F/L9Wb8engs2npJs+E=
Subject key identifier:   59:86:1A:EC:CF:0D:45:DB:24:A8:7E:A8:84:7B:F1:99:91:FE:FA:F6
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C66D
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A913A7CB/062482B09D0A11EA801CB243C4F9AE02/WYYa7M8NRdskqH6ohHvxmZH--vY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A913A7CB/062482B09D0A11EA801CB243C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 27 Oct 2023 13:23:39 +0000
Certificate not after:    Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 137056
                          IP: 103.103.66.0/24
                          IP: 2001:df3:300::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 02:50:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 116333 (0x1c66d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct 27 13:23:39 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=A913A7CB/serialNumber=59861AECCF0D45DB24A87EA8847BF19991FEFAF6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:7e:17:9f:92:9d:07:e2:64:bc:7a:9b:ec:82:
                    e3:6d:2e:f4:f7:0e:49:9e:66:ed:fe:63:0b:e2:d0:
                    6f:53:2b:0c:ac:28:01:42:97:52:dc:27:50:70:08:
                    6e:b6:9d:73:75:af:e9:8b:62:c0:f9:4b:e3:d9:33:
                    b8:5d:bd:e7:5f:9b:7d:e0:2f:d9:f1:4e:14:b4:b1:
                    dd:3c:06:35:16:59:0f:69:1f:51:59:d4:f5:d9:e9:
                    c4:f6:c7:89:06:ef:8e:d3:e0:47:cc:24:1c:96:f4:
                    1f:a2:2b:c0:45:6b:60:02:cb:87:8b:e7:32:9e:94:
                    06:d2:fa:c1:4e:9d:13:80:8e:57:1a:8b:8e:74:09:
                    96:b8:e5:a6:67:58:60:03:4d:23:75:71:e0:73:ed:
                    a3:00:62:19:ff:7d:60:eb:5c:5f:ba:ca:fb:93:36:
                    56:83:d0:e2:2a:8f:15:57:0e:3f:f4:58:f1:c3:e9:
                    74:12:ca:a5:ee:f6:22:76:92:7e:89:79:5f:a6:35:
                    50:01:04:27:ad:bb:8c:7d:58:cb:08:1d:94:e6:a0:
                    ff:37:00:b2:b1:26:9d:95:3b:92:d6:ef:18:f5:2d:
                    c4:36:09:5b:cd:b5:b9:aa:dc:d5:94:7e:98:aa:46:
                    00:cf:c1:52:b3:0c:d6:0e:84:49:f2:4e:b7:64:70:
                    7c:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:86:1A:EC:CF:0D:45:DB:24:A8:7E:A8:84:7B:F1:99:91:FE:FA:F6
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913A7CB/062482B09D0A11EA801CB243C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913A7CB/062482B09D0A11EA801CB243C4F9AE02/WYYa7M8NRdskqH6ohHvxmZH--vY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  137056

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.103.66.0/24
                IPv6:
                  2001:df3:300::/48

    Signature Algorithm: sha256WithRSAEncryption
         b6:1c:1d:c7:ce:2f:47:af:6f:af:90:af:d3:1e:c8:68:6c:1a:
         d7:b4:fe:81:1e:df:d5:45:36:36:b4:36:1d:b9:27:93:af:d3:
         a7:55:b6:c6:06:22:91:06:c1:c7:ac:97:ec:f0:61:cc:6d:ab:
         59:a6:65:9a:4c:1e:71:89:65:b8:36:1e:0e:12:09:d9:8a:3a:
         db:a4:21:57:3a:a4:01:88:78:8c:12:b5:a1:ca:05:9e:8f:98:
         13:c7:cb:c2:d9:b4:6b:5a:78:19:c9:28:ed:e9:f7:40:96:33:
         d4:43:a3:dd:1a:f5:e7:5f:7c:bb:ed:af:b4:1a:df:43:21:e8:
         98:47:ba:b4:7b:47:8a:1a:9c:c2:b6:d6:97:7d:df:30:d9:d1:
         ee:c4:7a:0b:d1:93:8b:c8:59:88:5b:b9:20:b5:de:8b:fb:7b:
         9d:56:14:b1:18:d2:13:a7:fd:f2:c6:ff:eb:ab:c0:13:9b:16:
         1c:61:b7:04:f7:20:d4:3b:c0:42:eb:9d:38:aa:22:13:7e:6b:
         4c:44:f5:50:fd:83:ec:c7:b5:7a:68:fe:24:ba:89:6d:ab:e9:
         b8:ed:dd:dc:02:c7:ce:50:98:34:85:82:d3:94:59:b3:51:d8:
         81:aa:4a:a4:22:0d:4c:69:d2:37:46:e7:d8:8a:b1:ca:4f:5f:
         43:73:b4:d3
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAcZtMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAyNzEzMjMzOVoXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0E3Q0IxMTAvBgNVBAUTKDU5ODYxQUVDQ0YwRDQ1REIyNEE4N0VB
ODg0N0JGMTk5OTFGRUZBRjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGfhefkp0H4mS8epvsguNtLvT3DkmeZu3+Ywvi0G9TKwysKAFCl1LcJ1BwCG62
nXN1r+mLYsD5S+PZM7hdvedfm33gL9nxThS0sd08BjUWWQ9pH1FZ1PXZ6cT2x4kG
747T4EfMJByW9B+iK8BFa2ACy4eL5zKelAbS+sFOnROAjlcai450CZa45aZnWGAD
TSN1ceBz7aMAYhn/fWDrXF+6yvuTNlaD0OIqjxVXDj/0WPHD6XQSyqXu9iJ2kn6J
eV+mNVABBCetu4x9WMsIHZTmoP83ALKxJp2VO5LW7xj1LcQ2CVvNtbmq3NWUfpiq
RgDPwVKzDNYOhEnyTrdkcHw9AgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUWYYa7M8N
RdskqH6ohHvxmZH++vYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNBN0NCLzA2MjQ4MkIwOUQwQTExRUE4MDFDQjI0M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzQTdDQi8wNjI0ODJCMDlEMEExMUVBODAxQ0IyNDNDNEY5QUUwMi9XWVlhN004
TlJkc2txSDZvaEh2eG1aSC0tdlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhdgMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAZ2dCMA8EAgAC
MAkDBwAgAQ3zAwAwDQYJKoZIhvcNAQELBQADggEBALYcHcfOL0evb6+Qr9MeyGhs
Gte0/oEe39VFNja0Nh25J5Ov06dVtsYGIpEGwcesl+zwYcxtq1mmZZpMHnGJZbg2
Hg4SCdmKOtukIVc6pAGIeIwStaHKBZ6PmBPHy8LZtGtaeBnJKO3p90CWM9RDo90a
9edffLvtr7Qa30Mh6JhHurR7R4oanMK21pd93zDZ0e7EegvRk4vIWYhbuSC13ov7
e51WFLEY0hOn/fLG/+urwBObFhxhtwT3INQ7wELrnTiqIhN+a0xE9VD9g+zHtXpo
/iS6iW2r6bjt3dwCx85QmDSFgtOUWbNR2IGqSqQiDUxp0jdG59iKscpPX0NztNM=
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:25:36 2024 by rpki-client on console-ams.rpki-client.org