Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZT-tpTip40Eufv3Y-2OfIn9aPuI.cer
File:                     ZT-tpTip40Eufv3Y-2OfIn9aPuI.cer (raw, json)
Hash identifier:          mrrLUsm8pUAWYLkejsCqJNnk6P6qvOxhDM/mjXhQ11I=
Subject key identifier:   65:3F:AD:A5:38:A9:E3:41:2E:7E:FD:D8:FB:63:9F:22:7F:5A:3E:E2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E6CC
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A915FE77/7B909554FBAA11E989AD8140C4F9AE02/ZT-tpTip40Eufv3Y-2OfIn9aPuI.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A915FE77/7B909554FBAA11E989AD8140C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 27 Mar 2024 14:50:38 +0000
Certificate not after:    Wed 28 May 2025 00:00:00 +0000
Subordinate resources:    IP: 103.135.240.0/22
                          IP: 2404:8740::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 14:41:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124620 (0x1e6cc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar 27 14:50:38 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=A915FE77/serialNumber=653FADA538A9E3412E7EFDD8FB639F227F5A3EE2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:e0:c6:3b:c2:ef:ff:b3:23:c8:55:6c:f2:2f:
                    2b:2a:7a:b8:2f:2d:9f:41:99:c2:9a:fb:36:1f:05:
                    94:45:fe:3d:fd:b6:31:89:6f:bf:a4:53:45:a6:3e:
                    cf:f6:d1:99:3c:b1:cb:35:9a:2c:67:56:5a:93:22:
                    44:8d:6b:35:fa:09:03:06:74:fd:65:d1:e8:af:75:
                    e7:b7:0d:28:88:43:0a:ad:08:ae:1a:db:f8:a0:1f:
                    34:a5:fe:cf:d4:c2:33:68:af:05:6e:b3:39:b4:a2:
                    9b:a6:91:c3:6b:4d:be:bd:60:7f:0f:7f:c1:45:2b:
                    d9:49:e2:28:c0:8c:ce:7f:9a:7f:5d:ac:ad:ed:c7:
                    8c:00:95:16:c0:47:0a:86:28:22:fa:3d:18:9a:76:
                    69:fd:15:64:1d:df:bb:7a:6c:aa:bd:7a:bc:64:26:
                    90:20:fe:b0:bd:3c:f1:b0:aa:35:08:41:aa:b7:dc:
                    0a:1f:5f:2d:cc:61:8a:a7:28:eb:a3:a1:ed:c0:4c:
                    2a:c3:fa:02:98:d0:96:95:9a:e8:68:36:2b:7a:c1:
                    11:96:6c:b2:5f:4b:42:ac:e7:03:29:fe:e3:2b:20:
                    6b:06:f2:21:1c:eb:94:17:68:50:17:6f:30:70:02:
                    54:c6:30:5d:ed:c6:82:c3:c0:6a:68:d2:65:e2:8c:
                    78:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:3F:AD:A5:38:A9:E3:41:2E:7E:FD:D8:FB:63:9F:22:7F:5A:3E:E2
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A915FE77/7B909554FBAA11E989AD8140C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A915FE77/7B909554FBAA11E989AD8140C4F9AE02/ZT-tpTip40Eufv3Y-2OfIn9aPuI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.135.240.0/22
                IPv6:
                  2404:8740::/32

    Signature Algorithm: sha256WithRSAEncryption
         70:04:38:4e:3d:36:7e:83:04:b7:58:b7:ff:0e:1a:85:49:ae:
         b4:9b:07:ee:e5:6d:6d:8a:9d:b7:eb:31:29:1f:f5:4b:d2:bf:
         f7:fc:09:f3:05:dd:d3:08:3a:50:21:62:28:d0:77:33:d5:06:
         dd:db:ec:92:86:db:67:16:39:ae:3a:66:78:21:56:95:f4:d3:
         2c:64:ef:7d:1f:85:44:a3:58:61:37:70:35:b9:60:c5:d4:74:
         09:24:be:d2:cd:e5:d7:99:33:11:0a:3c:ec:d4:56:f5:91:72:
         c6:0a:b8:df:2f:c4:44:23:53:88:f2:3b:fa:82:32:1d:c3:54:
         a9:2c:95:7b:eb:7b:b8:3e:d3:c7:8d:ef:1a:07:d7:09:77:a1:
         1a:01:61:ba:d3:70:79:5f:3a:f6:db:77:46:12:28:b5:67:a9:
         9d:bd:df:a0:95:4e:59:5d:ce:39:47:13:17:10:88:85:65:c5:
         83:4b:02:b4:ab:0e:a0:c5:50:75:b8:f2:46:0b:b6:e1:78:a0:
         21:62:3a:2d:06:ad:a4:8f:1d:5d:f9:8b:01:5d:c4:2b:9a:0f:
         3f:95:86:1d:d3:da:90:f1:f4:9f:eb:a6:6b:55:c3:6e:0b:b1:
         da:77:5c:ce:02:6d:ab:3c:e4:01:d5:d6:54:52:c9:1c:c5:e5:
         96:72:67:85
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgIDAebMMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMyNzE0NTAzOFoXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNUZFNzcxMTAvBgNVBAUTKDY1M0ZBREE1MzhBOUUzNDEyRTdFRkRE
OEZCNjM5RjIyN0Y1QTNFRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDA4MY7wu//syPIVWzyLysqergvLZ9BmcKa+zYfBZRF/j39tjGJb7+kU0WmPs/2
0Zk8scs1mixnVlqTIkSNazX6CQMGdP1l0eivdee3DSiIQwqtCK4a2/igHzSl/s/U
wjNorwVuszm0opumkcNrTb69YH8Pf8FFK9lJ4ijAjM5/mn9drK3tx4wAlRbARwqG
KCL6PRiadmn9FWQd37t6bKq9erxkJpAg/rC9PPGwqjUIQaq33AofXy3MYYqnKOuj
oe3ATCrD+gKY0JaVmuhoNit6wRGWbLJfS0Ks5wMp/uMrIGsG8iEc65QXaFAXbzBw
AlTGMF3txoLDwGpo0mXijHizAgMBAAGjggMCMIIC/jAdBgNVHQ4EFgQUZT+tpTip
40Eufv3Y+2OfIn9aPuIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTVGRTc3LzdCOTA5NTU0RkJBQTExRTk4OUFEODE0MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1RkU3Ny83QjkwOTU1NEZCQUExMUU5ODlBRDgxNDBDNEY5QUUwMi9aVC10cFRp
cDQwRXVmdjNZLTJPZkluOWFQdUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8EHzAd
MAwEAgABMAYDBAJnh/AwDQQCAAIwBwMFACQEh0AwDQYJKoZIhvcNAQELBQADggEB
AHAEOE49Nn6DBLdYt/8OGoVJrrSbB+7lbW2KnbfrMSkf9UvSv/f8CfMF3dMIOlAh
YijQdzPVBt3b7JKG22cWOa46ZnghVpX00yxk730fhUSjWGE3cDW5YMXUdAkkvtLN
5deZMxEKPOzUVvWRcsYKuN8vxEQjU4jyO/qCMh3DVKkslXvre7g+08eN7xoH1wl3
oRoBYbrTcHlfOvbbd0YSKLVnqZ2936CVTlldzjlHExcQiIVlxYNLArSrDqDFUHW4
8kYLtuF4oCFiOi0GraSPHV35iwFdxCuaDz+Vhh3T2pDx9J/rpmtVw24Lsdp3XM4C
bas85AHV1lRSyRzF5ZZyZ4U=
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:26:27 2024 by rpki-client on console-fra.rpki-client.org