Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y0lzWQThvA1lvVlKB3YrtSmcA4o.cer
File:                     Y0lzWQThvA1lvVlKB3YrtSmcA4o.cer (raw, json)
Hash identifier:          AvchRnb/E/7yvBp+gZwm/mCaDcolXkD1WMmKzwTHN5Q=
Subject key identifier:   63:49:73:59:04:E1:BC:0D:65:BD:59:4A:07:76:2B:B5:29:9C:03:8A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01EC0E
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91AFB4C/C470B22AB29711ED94EF0926C4F9AE02/Y0lzWQThvA1lvVlKB3YrtSmcA4o.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91AFB4C/C470B22AB29711ED94EF0926C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 17 Apr 2024 19:10:22 +0000
Certificate not after:    Wed 28 May 2025 00:00:00 +0000
Subordinate resources:    AS: 150777
                          IP: 103.89.240.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 125966 (0x1ec0e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Apr 17 19:10:22 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=A91AFB4C/serialNumber=6349735904E1BC0D65BD594A07762BB5299C038A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:0e:c3:ae:7c:b8:e0:32:71:df:77:88:8a:3f:
                    12:49:d0:9d:22:c3:3a:70:0f:21:4a:6f:05:34:2e:
                    4e:48:bc:9a:a5:ba:ae:07:36:aa:e8:f7:05:f9:08:
                    27:be:01:30:81:39:60:0c:e1:bc:d1:bf:11:e2:b3:
                    4c:4c:97:11:31:5a:87:08:d0:cd:43:e2:0e:c1:ff:
                    ed:5d:db:c1:40:13:60:70:a9:80:43:c2:52:4d:71:
                    f2:33:7a:29:97:f7:eb:46:af:03:e0:84:80:03:58:
                    7d:18:75:4b:ff:e4:77:8a:4a:72:b6:69:04:61:41:
                    e9:34:f7:c0:5a:a5:88:68:88:d8:57:1c:3f:d4:37:
                    ce:8e:9e:39:07:81:f0:fe:28:83:1c:2a:b8:5e:3a:
                    0b:f5:a5:7a:14:2f:48:49:d4:03:f9:ba:0c:00:92:
                    e7:2a:85:6b:0c:c9:64:93:6a:5a:59:35:f2:bc:55:
                    59:62:4e:22:e6:28:9e:9a:6a:c1:4e:6d:21:a6:5c:
                    38:a9:b7:0e:83:8c:4d:fe:fd:b9:74:81:2f:18:38:
                    2e:27:ca:6f:cb:69:26:e1:e7:1a:73:2c:62:8f:75:
                    30:9a:85:c5:54:ba:1c:e5:7d:06:ea:60:b9:2e:5c:
                    dd:77:2f:99:74:1f:e9:83:f7:8a:c9:fb:fb:e7:25:
                    6e:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:49:73:59:04:E1:BC:0D:65:BD:59:4A:07:76:2B:B5:29:9C:03:8A
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91AFB4C/C470B22AB29711ED94EF0926C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91AFB4C/C470B22AB29711ED94EF0926C4F9AE02/Y0lzWQThvA1lvVlKB3YrtSmcA4o.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  150777

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.89.240.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5d:7e:d2:fa:d0:6b:08:f0:4f:6a:09:8d:04:2c:65:bb:23:97:
         a0:04:b0:fb:b8:9c:95:5c:c2:49:11:42:cd:a4:9b:24:8f:39:
         f6:a0:3c:03:e5:d6:27:54:48:32:12:bd:82:89:53:0e:d7:f0:
         9f:96:dc:a2:33:11:29:ed:8b:62:2f:d1:55:d4:e9:7b:b5:46:
         0c:05:3c:c3:76:49:00:c7:62:e9:ea:4f:ea:29:e9:56:4a:18:
         7c:5c:9a:c5:22:bd:c8:e4:bc:eb:5e:bf:bf:54:f8:36:c3:4f:
         b6:7a:c8:54:b2:40:cf:ee:bb:4a:84:f7:b7:48:68:ed:75:d8:
         99:56:71:07:ee:68:f3:14:d6:44:cb:7c:c7:a3:56:32:09:ad:
         cd:97:6e:01:83:6c:79:db:85:c6:5c:57:ac:4d:e4:9c:33:fc:
         6d:39:d0:98:01:2a:89:cb:0c:47:f0:c9:c9:80:b4:91:47:f8:
         06:43:cf:72:e6:61:f2:d5:6f:b2:97:cd:aa:a8:62:11:3c:73:
         2a:eb:8c:52:b4:3c:42:a7:d0:cf:cd:b5:79:bb:49:c5:58:9d:
         a1:7f:27:49:a2:63:ee:02:90:89:1c:5d:c4:f8:9a:8f:69:9e:
         13:69:9a:0c:cc:09:7a:e0:11:d4:59:53:34:95:c7:7e:ac:8f:
         00:7d:09:9a
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAewOMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDQxNzE5MTAyMloXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQUZCNEMxMTAvBgNVBAUTKDYzNDk3MzU5MDRFMUJDMEQ2NUJENTk0
QTA3NzYyQkI1Mjk5QzAzOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDjDsOufLjgMnHfd4iKPxJJ0J0iwzpwDyFKbwU0Lk5IvJqluq4HNqro9wX5CCe+
ATCBOWAM4bzRvxHis0xMlxExWocI0M1D4g7B/+1d28FAE2BwqYBDwlJNcfIzeimX
9+tGrwPghIADWH0YdUv/5HeKSnK2aQRhQek098BapYhoiNhXHD/UN86OnjkHgfD+
KIMcKrheOgv1pXoUL0hJ1AP5ugwAkucqhWsMyWSTalpZNfK8VVliTiLmKJ6aasFO
bSGmXDiptw6DjE3+/bl0gS8YOC4nym/LaSbh5xpzLGKPdTCahcVUuhzlfQbqYLku
XN13L5l0H+mD94rJ+/vnJW61AgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUY0lzWQTh
vA1lvVlKB3YrtSmcA4owHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUFGQjRDL0M0NzBCMjJBQjI5NzExRUQ5NEVGMDkyNkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBRkI0Qy9DNDcwQjIyQUIyOTcxMUVEOTRFRjA5MjZDNEY5QUUwMi9ZMGx6V1FU
aHZBMWx2VmxLQjNZcnRTbWNBNG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkz5MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ1nwMA0GCSqG
SIb3DQEBCwUAA4IBAQBdftL60GsI8E9qCY0ELGW7I5egBLD7uJyVXMJJEULNpJsk
jzn2oDwD5dYnVEgyEr2CiVMO1/CfltyiMxEp7YtiL9FV1Ol7tUYMBTzDdkkAx2Lp
6k/qKelWShh8XJrFIr3I5LzrXr+/VPg2w0+2eshUskDP7rtKhPe3SGjtddiZVnEH
7mjzFNZEy3zHo1YyCa3Nl24Bg2x524XGXFesTeScM/xtOdCYASqJywxH8MnJgLSR
R/gGQ89y5mHy1W+yl82qqGIRPHMq64xStDxCp9DPzbV5u0nFWJ2hfydJomPuApCJ
HF3E+JqPaZ4TaZoMzAl64BHUWVM0lcd+rI8AfQma
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:59:45 2024 by rpki-client on console-ams.rpki-client.org