Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZgXWapgEftsGpJSzdC9eyCuB3LA.cer
File:                     ZgXWapgEftsGpJSzdC9eyCuB3LA.cer (raw, json)
Hash identifier:          DATddzkuTMHWF+xAyR3wIeQo3OzXbgAgsC2e16Ulj2c=
Subject key identifier:   66:05:D6:6A:98:04:7E:DB:06:A4:94:B3:74:2F:5E:C8:2B:81:DC:B0
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01F2E8
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91E22E3/84B0A85E170C11EF94F17C14C4F9AE02/ZgXWapgEftsGpJSzdC9eyCuB3LA.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91E22E3/84B0A85E170C11EF94F17C14C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 21 May 2024 00:53:27 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 38495

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 127720 (0x1f2e8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May 21 00:53:27 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A91E22E3/serialNumber=6605D66A98047EDB06A494B3742F5EC82B81DCB0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:19:a9:21:47:21:fa:76:00:9e:78:61:b5:8c:
                    5e:d5:19:bc:a8:27:3f:b4:f0:51:ff:4b:97:70:07:
                    16:13:d5:c4:5f:43:5b:8c:d1:c6:84:14:0d:e9:29:
                    6d:df:4d:3c:2c:7b:79:ce:d2:7d:8e:ff:bf:2b:28:
                    ec:09:ec:ed:05:2b:b2:55:07:87:04:34:64:ba:48:
                    eb:10:80:e4:db:ac:b6:13:17:95:a6:ee:83:06:7c:
                    36:db:ca:64:f0:db:44:9d:0b:cb:c8:dd:fb:0a:87:
                    c9:b4:74:8c:59:78:d2:d0:d4:1c:1b:b8:7e:ee:7b:
                    c0:9f:3c:6f:ec:da:7c:cd:96:9a:2e:cb:ad:4f:2d:
                    12:f0:be:6c:60:7a:bf:ef:87:6c:66:21:0c:d3:dd:
                    8d:bf:00:d9:a3:cf:36:d2:19:3b:d3:72:77:fd:20:
                    5b:0c:83:94:26:50:09:8a:de:a7:44:54:e4:7f:b8:
                    0b:0d:08:55:9e:35:87:0b:66:0a:4b:8c:a0:62:46:
                    d3:41:76:75:2d:03:34:ad:16:16:82:e6:f1:c9:03:
                    4d:6a:9e:ea:34:fd:aa:36:ef:4b:af:19:f2:09:7e:
                    94:c5:3c:bd:13:75:6e:64:a9:e9:bb:3c:3d:ad:0a:
                    8c:1c:e4:43:5b:4a:2d:b5:18:cf:95:65:b7:81:84:
                    f7:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:05:D6:6A:98:04:7E:DB:06:A4:94:B3:74:2F:5E:C8:2B:81:DC:B0
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E22E3/84B0A85E170C11EF94F17C14C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E22E3/84B0A85E170C11EF94F17C14C4F9AE02/ZgXWapgEftsGpJSzdC9eyCuB3LA.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  38495

    Signature Algorithm: sha256WithRSAEncryption
         b0:51:ae:db:97:4d:75:3b:56:4d:67:bd:0b:0a:99:92:e3:64:
         7c:46:73:5e:b2:04:76:5f:4b:d0:dc:a5:c1:4f:bd:c9:01:f0:
         66:49:62:d1:29:63:cc:94:74:70:af:0d:93:84:02:bf:d2:a0:
         5d:b7:a9:e9:c0:7f:15:bd:0e:c3:ba:af:91:4d:c0:c0:2a:c7:
         65:72:e4:58:4f:48:47:59:d1:8d:21:36:f6:5f:15:cb:78:c0:
         a1:57:78:22:29:4f:87:9e:94:00:ca:c8:6f:50:9f:5b:fa:f4:
         51:9b:5e:e3:43:6b:30:88:b3:ca:c4:d4:a0:c8:0c:dc:39:48:
         99:01:de:43:6a:15:15:f5:a2:8d:bc:0f:fa:29:40:f5:dc:9a:
         3a:e6:d6:2a:52:57:e1:30:fe:f0:f7:5f:4f:c7:89:73:8f:c3:
         ae:52:4a:4a:b8:3a:39:a6:82:e6:fe:2f:89:67:28:02:5c:a1:
         07:82:39:27:8b:9e:75:7d:7e:02:29:82:f4:64:43:27:d9:40:
         6f:34:e7:b0:dc:03:19:b9:49:92:70:a9:91:43:0d:57:7e:39:
         ef:ce:39:1e:6b:9f:f5:0b:91:8e:bf:9e:1f:92:68:64:38:ba:
         5d:4d:c0:3c:07:4f:c0:45:fe:d9:22:7d:42:58:59:91:ae:74:
         a0:78:78:d2
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIDAfLoMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDUyMTAwNTMyN1oXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTIyRTMxMTAvBgNVBAUTKDY2MDVENjZBOTgwNDdFREIwNkE0OTRC
Mzc0MkY1RUM4MkI4MURDQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDWGakhRyH6dgCeeGG1jF7VGbyoJz+08FH/S5dwBxYT1cRfQ1uM0caEFA3pKW3f
TTwse3nO0n2O/78rKOwJ7O0FK7JVB4cENGS6SOsQgOTbrLYTF5Wm7oMGfDbbymTw
20SdC8vI3fsKh8m0dIxZeNLQ1BwbuH7ue8CfPG/s2nzNlpouy61PLRLwvmxger/v
h2xmIQzT3Y2/ANmjzzbSGTvTcnf9IFsMg5QmUAmK3qdEVOR/uAsNCFWeNYcLZgpL
jKBiRtNBdnUtAzStFhaC5vHJA01qnuo0/ao270uvGfIJfpTFPL0TdW5kqem7PD2t
Cowc5ENbSi21GM+VZbeBhPffAgMBAAGjggLuMIIC6jAdBgNVHQ4EFgQUZgXWapgE
ftsGpJSzdC9eyCuB3LAwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUUyMkUzLzg0QjBBODVFMTcwQzExRUY5NEYxN0MxNEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFMjJFMy84NEIwQTg1RTE3MEMxMUVGOTRGMTdDMTRDNEY5QUUwMi9aZ1hXYXBn
RWZ0c0dwSlN6ZEM5ZXlDdUIzTEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAJZfMA0GCSqGSIb3DQEBCwUAA4IBAQCwUa7bl011O1ZNZ70LCpmS42R8
RnNesgR2X0vQ3KXBT73JAfBmSWLRKWPMlHRwrw2ThAK/0qBdt6npwH8VvQ7Duq+R
TcDAKsdlcuRYT0hHWdGNITb2XxXLeMChV3giKU+HnpQAyshvUJ9b+vRRm17jQ2sw
iLPKxNSgyAzcOUiZAd5DahUV9aKNvA/6KUD13Jo65tYqUlfhMP7w919Px4lzj8Ou
UkpKuDo5poLm/i+JZygCXKEHgjkni551fX4CKYL0ZEMn2UBvNOew3AMZuUmScKmR
Qw1Xfjnvzjkea5/1C5GOv54fkmhkOLpdTcA8B0/ARf7ZIn1CWFmRrnSgeHjS
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:36 2024 by rpki-client on console-fra.rpki-client.org