Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YhuBwQnlqnjYKfMKV9o1MwglT2k.cer
File:                     YhuBwQnlqnjYKfMKV9o1MwglT2k.cer (raw, json)
Hash identifier:          0FQmiuzWqku9WzfMjvMhl4234JP5eMBtiTe1qFeRxaI=
Subject key identifier:   62:1B:81:C1:09:E5:AA:78:D8:29:F3:0A:57:DA:35:33:08:25:4F:69
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C05E
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9138D62/BCB40A585FCF11EC8CF1E07BC4F9AE02/YhuBwQnlqnjYKfMKV9o1MwglT2k.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9138D62/BCB40A585FCF11EC8CF1E07BC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 28 Sep 2023 14:14:21 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 58697
                          IP: 45.116.128.0/23
                          IP: 103.15.238.0/23
                          IP: 103.242.50.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 114782 (0x1c05e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Sep 28 14:14:21 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A9138D62/serialNumber=621B81C109E5AA78D829F30A57DA353308254F69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:9f:b2:b5:1b:1c:80:7b:ac:9f:e1:d0:dd:40:
                    f5:8d:4f:51:8b:b3:7f:41:63:b6:61:1b:ab:ac:6f:
                    e9:c3:e6:a3:14:b1:c6:bd:f6:ea:3c:b9:a7:00:64:
                    ac:62:08:13:57:17:36:83:8d:5b:f9:95:b4:1c:e4:
                    99:5d:14:b6:e6:82:98:2a:8f:8e:5d:09:8c:97:8e:
                    5b:0d:d3:df:b0:00:06:d2:ef:35:95:84:c8:21:e5:
                    8b:ac:7f:88:1a:4a:df:a1:cf:ed:0b:ec:06:d7:f4:
                    dc:ed:4b:6a:7b:69:c2:a0:b3:1c:c8:60:21:88:91:
                    b4:cb:aa:95:69:f0:a5:e6:fc:d7:b0:89:bb:a0:0c:
                    f1:6c:11:53:0c:1a:4b:0c:e7:fc:a2:5d:8e:21:1d:
                    0f:d1:56:68:b0:91:90:8a:48:c1:1a:e8:29:a3:a1:
                    ca:3f:10:ae:37:d8:11:a8:a5:dd:02:ff:5f:0e:f6:
                    c5:52:f8:cc:6f:5d:2b:ab:45:80:f3:dd:6c:b1:83:
                    4b:e8:ed:1d:c6:e0:81:0b:3b:bc:35:26:b0:65:9f:
                    97:2f:cd:6c:51:21:6e:9a:48:8e:a8:eb:e3:74:ae:
                    f2:cb:04:da:80:6c:db:64:c8:c7:98:89:d7:35:9c:
                    65:1b:d0:c7:48:a4:42:a4:4a:9e:47:4f:0d:a9:cd:
                    89:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:1B:81:C1:09:E5:AA:78:D8:29:F3:0A:57:DA:35:33:08:25:4F:69
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9138D62/BCB40A585FCF11EC8CF1E07BC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9138D62/BCB40A585FCF11EC8CF1E07BC4F9AE02/YhuBwQnlqnjYKfMKV9o1MwglT2k.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  58697

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.116.128.0/23
                  103.15.238.0/23
                  103.242.50.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b8:54:57:74:bb:44:fe:28:85:df:6c:b7:94:d8:6b:ee:93:6a:
         63:62:05:8c:7e:4e:ba:64:47:5c:6a:3e:33:ef:10:71:aa:00:
         e5:d3:0a:b3:35:19:e4:f0:a5:c4:9e:2c:67:04:77:12:cd:33:
         52:79:e3:b9:5e:e0:16:bd:fb:e6:1b:a9:57:63:4e:96:e6:d0:
         e1:0b:e1:bc:10:ed:64:19:e8:8a:3b:94:48:12:81:e9:ca:06:
         33:57:b1:b4:21:3a:c9:0c:99:cf:fe:97:b2:f8:9f:ac:2e:02:
         bb:65:5b:66:04:17:35:55:35:35:23:b7:91:1b:5b:fc:47:53:
         2b:e8:f6:e8:0b:12:70:a0:8c:76:47:72:57:e7:98:19:9a:c0:
         e3:8f:57:97:b0:cd:dd:4c:62:c0:fd:a0:22:29:43:02:b8:19:
         84:ce:1a:34:22:a3:b7:81:cd:af:79:64:ee:51:83:c4:4f:a6:
         01:b4:6f:55:2d:56:c7:8b:46:ba:9b:26:c8:02:ea:09:df:b4:
         23:1a:37:68:59:90:f0:9a:09:d1:ea:b6:73:1e:80:77:c2:57:
         27:0d:f7:d3:f0:a0:0e:8f:9a:21:77:15:2b:db:6a:1c:12:d2:
         30:cd:18:e0:0d:e1:5d:76:39:1f:ea:b4:82:be:ba:73:fc:23:
         66:42:44:d5
-----BEGIN CERTIFICATE-----
MIIGJjCCBQ6gAwIBAgIDAcBeMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDkyODE0MTQyMVoXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzhENjIxMTAvBgNVBAUTKDYyMUI4MUMxMDlFNUFBNzhEODI5RjMw
QTU3REEzNTMzMDgyNTRGNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDSn7K1GxyAe6yf4dDdQPWNT1GLs39BY7ZhG6usb+nD5qMUsca99uo8uacAZKxi
CBNXFzaDjVv5lbQc5JldFLbmgpgqj45dCYyXjlsN09+wAAbS7zWVhMgh5Yusf4ga
St+hz+0L7AbX9NztS2p7acKgsxzIYCGIkbTLqpVp8KXm/NewibugDPFsEVMMGksM
5/yiXY4hHQ/RVmiwkZCKSMEa6Cmjoco/EK432BGopd0C/18O9sVS+MxvXSurRYDz
3Wyxg0vo7R3G4IELO7w1JrBln5cvzWxRIW6aSI6o6+N0rvLLBNqAbNtkyMeYidc1
nGUb0MdIpEKkSp5HTw2pzYkfAgMBAAGjggMbMIIDFzAdBgNVHQ4EFgQUYhuBwQnl
qnjYKfMKV9o1MwglT2kwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM4RDYyL0JDQjQwQTU4NUZDRjExRUM4Q0YxRTA3QkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzOEQ2Mi9CQ0I0MEE1ODVGQ0YxMUVDOENGMUUwN0JDNEY5QUUwMi9ZaHVCd1Fu
bHFuallLZk1LVjlvMU13Z2xUMmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAOVJMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLXSAAwQBZw/u
AwQBZ/IyMA0GCSqGSIb3DQEBCwUAA4IBAQC4VFd0u0T+KIXfbLeU2Gvuk2pjYgWM
fk66ZEdcaj4z7xBxqgDl0wqzNRnk8KXEnixnBHcSzTNSeeO5XuAWvfvmG6lXY06W
5tDhC+G8EO1kGeiKO5RIEoHpygYzV7G0ITrJDJnP/pey+J+sLgK7ZVtmBBc1VTU1
I7eRG1v8R1Mr6PboCxJwoIx2R3JX55gZmsDjj1eXsM3dTGLA/aAiKUMCuBmEzho0
IqO3gc2veWTuUYPET6YBtG9VLVbHi0a6mybIAuoJ37QjGjdoWZDwmgnR6rZzHoB3
wlcnDffT8KAOj5ohdxUr22ocEtIwzRjgDeFddjkf6rSCvrpz/CNmQkTV
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:25 2024 by rpki-client on console-fra.rpki-client.org