Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a6pcUguOS_VkxLv0bh8xa9RfoDc.cer
File:                     a6pcUguOS_VkxLv0bh8xa9RfoDc.cer (raw, json)
Hash identifier:          uFqRoc1s3QpNGiP25yqueChrfVclL4dvWADGMyUdB1s=
Subject key identifier:   6B:AA:5C:52:0B:8E:4B:F5:64:C4:BB:F4:6E:1F:31:6B:D4:5F:A0:37
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01A119
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9144463/8BF5A5D4113611ED8F0AB712C4F9AE02/a6pcUguOS_VkxLv0bh8xa9RfoDc.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9144463/8BF5A5D4113611ED8F0AB712C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 03 May 2023 06:38:13 +0000
Certificate not after:    Tue 30 Jul 2024 00:00:00 +0000
Subordinate resources:    AS: 56294
                          IP: 43.243.0.0/22
                          IP: 103.4.60.0/22
                          IP: 2401:2280::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 106777 (0x1a119)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May  3 06:38:13 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=A9144463/serialNumber=6BAA5C520B8E4BF564C4BBF46E1F316BD45FA037
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:e6:68:cb:6f:7b:c7:e8:d9:30:b0:99:30:56:
                    1b:2c:5f:f7:8b:72:8c:c9:cf:c8:74:70:be:40:ac:
                    8c:73:c8:57:3b:e9:82:37:c0:a9:05:06:86:de:fe:
                    82:a8:b5:0b:8b:d9:aa:19:9d:9e:7b:b3:dc:14:97:
                    85:1f:0a:4f:8d:a4:2d:8b:9f:25:86:86:49:05:66:
                    53:48:58:a5:96:f1:fe:61:43:8e:74:23:a5:2a:77:
                    7c:61:ed:23:b0:a5:6f:e9:5e:a4:ff:f8:64:65:7c:
                    79:ee:0d:02:48:62:79:3e:1a:72:78:4c:84:5e:de:
                    50:40:d5:bb:12:2b:dc:b7:dd:5d:9b:82:89:c2:0a:
                    0f:dc:80:e3:9e:82:ea:be:b3:e5:b0:36:06:31:4f:
                    9b:a9:a1:c4:72:18:22:cc:36:31:90:52:74:a6:e3:
                    fd:3b:56:d7:39:5f:4b:a8:0f:34:22:e6:42:d0:f2:
                    32:c6:b5:09:54:4d:98:4e:18:b9:c2:f4:73:9c:50:
                    db:b5:9e:42:94:8a:4f:08:f9:10:21:10:b6:0c:1f:
                    e1:24:8d:3b:4b:3d:16:a4:b3:7b:47:da:a9:fb:ea:
                    6b:34:97:48:0c:ce:9e:65:0c:ac:55:a8:76:00:66:
                    f1:69:2a:da:66:bb:b8:57:5e:6d:b1:8e:81:d8:84:
                    42:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:AA:5C:52:0B:8E:4B:F5:64:C4:BB:F4:6E:1F:31:6B:D4:5F:A0:37
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9144463/8BF5A5D4113611ED8F0AB712C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9144463/8BF5A5D4113611ED8F0AB712C4F9AE02/a6pcUguOS_VkxLv0bh8xa9RfoDc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  56294

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.243.0.0/22
                  103.4.60.0/22
                IPv6:
                  2401:2280::/32

    Signature Algorithm: sha256WithRSAEncryption
         38:89:91:be:f7:3e:c9:35:5e:85:0a:9f:c4:f3:d5:5d:4b:fa:
         49:13:08:32:8b:80:ad:2a:fa:d7:88:bb:e7:9b:46:8c:89:61:
         9d:93:aa:cb:12:b9:b3:70:b6:01:67:1c:5d:11:32:7b:c8:8f:
         7c:8d:db:6b:8e:87:5c:f0:05:64:6e:fe:c5:e2:7d:7c:08:68:
         48:7e:7f:c5:8c:10:a0:ea:33:fa:3c:dc:39:62:fa:44:6d:df:
         a8:2c:80:01:ef:e6:4d:22:06:11:bf:b6:94:59:ee:e0:25:c6:
         79:28:a2:3a:a6:7f:67:6d:da:bd:81:60:93:98:79:4a:bc:60:
         86:80:8b:93:2a:d4:20:8b:71:d5:29:87:ec:89:7b:56:28:69:
         57:bc:c5:b3:05:bf:93:42:68:5e:5e:e7:7f:63:dc:d7:d8:a6:
         27:5d:f8:83:d5:fd:74:80:1f:d6:90:e2:3c:3f:a5:9e:d3:c3:
         e7:c2:af:5e:8c:7a:fe:ed:95:45:9c:17:dc:f0:6d:e3:b1:8e:
         0f:7c:35:7d:69:c4:1f:13:ae:2a:70:83:da:1d:d8:36:50:07:
         b1:64:34:a1:31:b7:b4:2c:51:73:e5:da:96:4b:45:db:41:a7:
         13:66:69:92:52:a9:aa:7c:96:3e:de:a1:ed:e5:0b:5e:3c:5e:
         1a:2d:f3:a6
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAaEZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDUwMzA2MzgxM1oXDTI0MDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNDQ0NjMxMTAvBgNVBAUTKDZCQUE1QzUyMEI4RTRCRjU2NEM0QkJG
NDZFMUYzMTZCRDQ1RkEwMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC15mjLb3vH6NkwsJkwVhssX/eLcozJz8h0cL5ArIxzyFc76YI3wKkFBobe/oKo
tQuL2aoZnZ57s9wUl4UfCk+NpC2LnyWGhkkFZlNIWKWW8f5hQ450I6Uqd3xh7SOw
pW/pXqT/+GRlfHnuDQJIYnk+GnJ4TIRe3lBA1bsSK9y33V2bgonCCg/cgOOeguq+
s+WwNgYxT5upocRyGCLMNjGQUnSm4/07Vtc5X0uoDzQi5kLQ8jLGtQlUTZhOGLnC
9HOcUNu1nkKUik8I+RAhELYMH+EkjTtLPRaks3tH2qn76ms0l0gMzp5lDKxVqHYA
ZvFpKtpmu7hXXm2xjoHYhEKvAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUa6pcUguO
S/VkxLv0bh8xa9RfoDcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTQ0NDYzLzhCRjVBNUQ0MTEzNjExRUQ4RjBBQjcxMkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0NDQ2My84QkY1QTVENDExMzYxMUVEOEYwQUI3MTJDNEY5QUUwMi9hNnBjVWd1
T1NfVmt4THYwYmg4eGE5UmZvRGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDANvmMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCK/MAAwQCZwQ8
MA0EAgACMAcDBQAkASKAMA0GCSqGSIb3DQEBCwUAA4IBAQA4iZG+9z7JNV6FCp/E
89VdS/pJEwgyi4CtKvrXiLvnm0aMiWGdk6rLErmzcLYBZxxdETJ7yI98jdtrjodc
8AVkbv7F4n18CGhIfn/FjBCg6jP6PNw5YvpEbd+oLIAB7+ZNIgYRv7aUWe7gJcZ5
KKI6pn9nbdq9gWCTmHlKvGCGgIuTKtQgi3HVKYfsiXtWKGlXvMWzBb+TQmheXud/
Y9zX2KYnXfiD1f10gB/WkOI8P6We08Pnwq9ejHr+7ZVFnBfc8G3jsY4PfDV9acQf
E64qcIPaHdg2UAexZDShMbe0LFFz5dqWS0XbQacTZmmSUqmqfJY+3qHt5QtePF4a
LfOm
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:47:15 2024 by rpki-client on console-ams.rpki-client.org