Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YmmU0Zdivg-YhPpO8NymbD9TAqg.cer
File:                     YmmU0Zdivg-YhPpO8NymbD9TAqg.cer (raw, json)
Hash identifier:          uHtJkdg339WQIyMI62DRKUsLyPddhMrYzOMkQTJcIf8=
Subject key identifier:   62:69:94:D1:97:62:BE:0F:98:84:FA:4E:F0:DC:A6:6C:3F:53:02:A8
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01EF20
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9157E6E/830C69700DEB11E79771B666C4F9AE02/YmmU0Zdivg-YhPpO8NymbD9TAqg.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9157E6E/830C69700DEB11E79771B666C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 01 May 2024 17:09:19 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 18172
                          IP: 103.87.255.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 126752 (0x1ef20)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May  1 17:09:19 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A9157E6E/serialNumber=626994D19762BE0F9884FA4EF0DCA66C3F5302A8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:1c:2b:c2:9f:bb:7a:53:96:13:0c:61:72:0d:
                    c1:b3:54:26:8b:67:f9:bb:74:6e:bf:52:c2:57:af:
                    f0:e1:03:60:b0:91:b0:2a:d8:25:97:08:59:78:97:
                    5a:da:08:55:aa:7f:0b:e7:2e:84:6b:75:5b:67:16:
                    d0:f9:8c:5b:c7:49:5d:bd:57:00:3d:11:67:1e:43:
                    f2:fc:16:e7:34:b2:fb:6d:d1:3e:08:bf:4f:b5:d7:
                    ab:63:92:ae:ce:37:6b:b2:55:49:47:48:ee:88:09:
                    38:fa:4d:42:3f:a8:cd:8f:23:0d:be:bb:88:5b:7a:
                    c2:de:f4:5b:52:06:c8:5e:e5:61:54:24:1a:d5:43:
                    ea:4f:23:70:ad:83:d2:76:89:52:16:bf:b4:1e:b6:
                    02:74:70:ed:d8:54:3e:dc:32:fc:2e:43:92:b8:81:
                    25:d9:78:ca:d8:80:e5:18:e1:69:c0:fc:33:9d:9c:
                    bd:45:66:cf:0d:cf:dc:a8:d5:c5:99:54:e6:e7:71:
                    4c:bf:d3:b6:0d:70:56:29:dd:18:e2:6d:62:c5:60:
                    a2:eb:b5:0c:55:c7:50:43:89:c3:ae:fb:cd:b9:e4:
                    69:8a:df:8c:dd:1c:01:a6:3c:00:24:3c:0b:e1:86:
                    3c:f1:86:1c:a6:b3:61:20:7a:8f:03:73:a9:a6:6d:
                    93:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:69:94:D1:97:62:BE:0F:98:84:FA:4E:F0:DC:A6:6C:3F:53:02:A8
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9157E6E/830C69700DEB11E79771B666C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9157E6E/830C69700DEB11E79771B666C4F9AE02/YmmU0Zdivg-YhPpO8NymbD9TAqg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  18172

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.87.255.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5a:10:b7:ab:c5:cc:35:db:77:68:0b:e9:52:0f:12:a2:cc:2f:
         e9:41:03:d4:7c:b3:e8:73:86:11:ee:06:9e:a2:52:f3:97:c0:
         7f:59:80:c3:9c:1d:12:b2:d5:e7:ad:fb:39:d7:e4:b9:15:c6:
         5b:e0:9e:0c:84:4c:5e:9c:89:64:23:e9:fe:ff:08:f0:59:fb:
         54:4c:f3:f1:a3:51:21:fd:26:33:3c:4d:61:93:4d:94:c9:33:
         b7:23:ad:85:a6:1d:2a:d1:3e:c7:7b:71:86:08:5a:33:96:b9:
         1d:ac:9d:d2:54:8b:53:88:f4:cd:85:b8:37:9d:92:da:36:67:
         bc:47:57:c4:f5:ae:20:e7:1f:7d:62:04:43:83:9f:15:b3:de:
         96:f1:72:ed:e6:3b:1e:21:65:f6:32:0b:58:d8:31:5d:49:6e:
         18:35:9a:18:10:2f:79:d9:35:ae:65:c9:88:33:d7:2f:0a:60:
         ab:f4:8e:6b:26:2e:db:37:76:d2:83:10:b1:8e:e5:c8:35:78:
         76:0f:ed:8c:f7:cf:2e:63:ad:28:63:42:d1:cc:75:c8:12:b1:
         15:e0:9f:be:cb:8f:3b:ca:79:94:7e:d0:1f:85:1e:1b:60:24:
         32:f7:67:71:21:44:ac:9a:20:72:21:c2:16:ec:06:75:65:6e:
         82:75:ce:e0
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgIDAe8gMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDUwMTE3MDkxOVoXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTdFNkUxMTAvBgNVBAUTKDYyNjk5NEQxOTc2MkJFMEY5ODg0RkE0
RUYwRENBNjZDM0Y1MzAyQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQClHCvCn7t6U5YTDGFyDcGzVCaLZ/m7dG6/UsJXr/DhA2CwkbAq2CWXCFl4l1ra
CFWqfwvnLoRrdVtnFtD5jFvHSV29VwA9EWceQ/L8Fuc0svtt0T4Iv0+116tjkq7O
N2uyVUlHSO6ICTj6TUI/qM2PIw2+u4hbesLe9FtSBshe5WFUJBrVQ+pPI3Ctg9J2
iVIWv7QetgJ0cO3YVD7cMvwuQ5K4gSXZeMrYgOUY4WnA/DOdnL1FZs8Nz9yo1cWZ
VObncUy/07YNcFYp3RjibWLFYKLrtQxVx1BDicOu+8255GmK34zdHAGmPAAkPAvh
hjzxhhyms2Egeo8Dc6mmbZONAgMBAAGjggMOMIIDCjAdBgNVHQ4EFgQUYmmU0Zdi
vg+YhPpO8NymbD9TAqgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTU3RTZFLzgzMEM2OTcwMERFQjExRTc5NzcxQjY2NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1N0U2RS84MzBDNjk3MDBERUIxMUU3OTc3MUI2NjZDNEY5QUUwMi9ZbW1VMFpk
aXZnLVloUHBPOE55bWJEOVRBcWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICRvwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnV/8wDQYJKoZI
hvcNAQELBQADggEBAFoQt6vFzDXbd2gL6VIPEqLML+lBA9R8s+hzhhHuBp6iUvOX
wH9ZgMOcHRKy1eet+znX5LkVxlvgngyETF6ciWQj6f7/CPBZ+1RM8/GjUSH9JjM8
TWGTTZTJM7cjrYWmHSrRPsd7cYYIWjOWuR2sndJUi1OI9M2FuDedkto2Z7xHV8T1
riDnH31iBEODnxWz3pbxcu3mOx4hZfYyC1jYMV1Jbhg1mhgQL3nZNa5lyYgz1y8K
YKv0jmsmLts3dtKDELGO5cg1eHYP7Yz3zy5jrShjQtHMdcgSsRXgn77LjzvKeZR+
0B+FHhtgJDL3Z3EhRKyaIHIhwhbsBnVlboJ1zuA=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:59:46 2024 by rpki-client on console-ams.rpki-client.org