Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aEWjVwdX5r8sBIWsIXib_1AFHpo.cer
File:                     aEWjVwdX5r8sBIWsIXib_1AFHpo.cer (raw, json)
Hash identifier:          GcsT95zb2igGzy2Pzd053Z1Kon+8qstI0jQT1MNcWYc=
Subject key identifier:   68:45:A3:57:07:57:E6:BF:2C:04:85:AC:21:78:9B:FF:50:05:1E:9A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D9C8
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A913500A/CCA3EA92473F11EE87F40A7EC4F9AE02/aEWjVwdX5r8sBIWsIXib_1AFHpo.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A913500A/CCA3EA92473F11EE87F40A7EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 22 Jan 2024 13:52:10 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 150729
                          IP: 103.73.184.0/23
                          IP: 2001:df1:dac0::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121288 (0x1d9c8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan 22 13:52:10 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A913500A/serialNumber=6845A3570757E6BF2C0485AC21789BFF50051E9A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:47:45:41:10:ce:02:a7:ab:10:67:e3:7f:aa:
                    58:50:43:18:5f:65:2b:15:75:29:61:52:fe:1a:39:
                    60:fa:44:fb:4d:38:bb:4f:4f:11:5c:67:9b:76:98:
                    95:40:e5:fb:48:98:3d:df:89:f7:7e:60:ae:a9:d0:
                    ad:0c:33:28:01:b6:6f:d0:90:64:ce:1c:29:0d:5e:
                    dc:e0:e0:9f:79:b1:37:57:ef:5b:ea:3c:f5:d0:4e:
                    1d:99:ac:93:09:93:2d:9b:fe:af:01:65:60:86:f0:
                    9e:ff:6e:5e:53:b1:05:65:b8:41:43:c9:79:24:37:
                    cd:c8:b8:a1:a8:a2:9b:4b:18:98:2e:41:83:f7:48:
                    8a:10:f9:de:7d:5f:6b:04:21:98:6c:c9:ff:86:a5:
                    84:e5:5b:30:0d:0d:f4:2d:b3:15:3b:b3:60:a2:f5:
                    14:38:1a:91:63:a8:7e:9e:1c:98:a3:1c:d7:30:cc:
                    c8:61:22:cf:8f:66:ad:ea:af:b8:d8:81:f1:b0:56:
                    8f:94:cc:4f:34:11:0c:06:c7:c3:64:3d:4d:bf:64:
                    b0:53:a6:09:62:06:51:ab:60:7a:18:3c:f8:7b:b0:
                    ad:c2:c6:b0:14:ac:0e:60:de:2a:ce:68:49:4e:2b:
                    a2:d4:e0:0a:91:97:02:f8:8b:f4:6f:32:04:aa:c1:
                    09:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:45:A3:57:07:57:E6:BF:2C:04:85:AC:21:78:9B:FF:50:05:1E:9A
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913500A/CCA3EA92473F11EE87F40A7EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913500A/CCA3EA92473F11EE87F40A7EC4F9AE02/aEWjVwdX5r8sBIWsIXib_1AFHpo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  150729

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.73.184.0/23
                IPv6:
                  2001:df1:dac0::/48

    Signature Algorithm: sha256WithRSAEncryption
         51:cf:53:1c:84:8e:fc:97:46:3d:8e:cd:fe:eb:d6:df:9e:bf:
         15:c2:f6:b2:1a:2a:eb:64:5d:5d:51:31:d0:74:ad:18:3b:5d:
         1c:82:00:4f:f9:22:18:f0:54:8f:0a:40:44:9c:33:13:99:7d:
         2c:c5:68:47:8f:aa:70:07:b2:30:87:07:ef:fa:63:13:73:40:
         1e:15:30:e6:53:2e:19:e5:37:f1:2f:cb:84:54:5b:99:4c:98:
         78:03:ce:a9:c7:81:df:94:17:22:a5:e2:20:b2:28:4f:d1:8d:
         36:46:c7:5a:67:5c:f4:d8:4a:66:33:6e:23:2b:b2:e8:44:69:
         a6:5e:15:13:f5:fb:2e:b8:70:69:b3:7d:b5:54:4d:6c:d2:fb:
         98:f4:18:a2:59:7f:b5:28:90:9d:af:03:c2:2d:ae:c4:a9:11:
         6e:2f:07:69:1f:78:89:cb:31:68:3a:90:e1:81:73:ef:7d:2c:
         cd:be:1b:9b:ca:1a:7c:5c:9a:60:3b:75:87:c2:ea:a9:9c:23:
         63:fc:df:35:73:01:c0:e2:73:3c:8e:92:95:6a:cc:35:b3:05:
         42:ac:3a:e0:6b:33:d6:26:6b:78:5c:55:65:3c:2b:97:08:f5:
         a2:52:a5:ac:d1:58:b6:f1:58:bc:e0:9c:a3:6c:eb:02:8d:e6:
         9a:66:cb:0d
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAdnIMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEyMjEzNTIxMFoXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzUwMEExMTAvBgNVBAUTKDY4NDVBMzU3MDc1N0U2QkYyQzA0ODVB
QzIxNzg5QkZGNTAwNTFFOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3R0VBEM4Cp6sQZ+N/qlhQQxhfZSsVdSlhUv4aOWD6RPtNOLtPTxFcZ5t2mJVA
5ftImD3fifd+YK6p0K0MMygBtm/QkGTOHCkNXtzg4J95sTdX71vqPPXQTh2ZrJMJ
ky2b/q8BZWCG8J7/bl5TsQVluEFDyXkkN83IuKGooptLGJguQYP3SIoQ+d59X2sE
IZhsyf+GpYTlWzANDfQtsxU7s2Ci9RQ4GpFjqH6eHJijHNcwzMhhIs+PZq3qr7jY
gfGwVo+UzE80EQwGx8NkPU2/ZLBTpgliBlGrYHoYPPh7sK3CxrAUrA5g3irOaElO
K6LU4AqRlwL4i/RvMgSqwQl9AgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUaEWjVwdX
5r8sBIWsIXib/1AFHpowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTM1MDBBL0NDQTNFQTkyNDczRjExRUU4N0Y0MEE3RUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzNTAwQS9DQ0EzRUE5MjQ3M0YxMUVFODdGNDBBN0VDNEY5QUUwMi9hRVdqVndk
WDVyOHNCSVdzSVhpYl8xQUZIcG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkzJMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ0m4MA8EAgAC
MAkDBwAgAQ3x2sAwDQYJKoZIhvcNAQELBQADggEBAFHPUxyEjvyXRj2Ozf7r1t+e
vxXC9rIaKutkXV1RMdB0rRg7XRyCAE/5IhjwVI8KQEScMxOZfSzFaEePqnAHsjCH
B+/6YxNzQB4VMOZTLhnlN/Evy4RUW5lMmHgDzqnHgd+UFyKl4iCyKE/RjTZGx1pn
XPTYSmYzbiMrsuhEaaZeFRP1+y64cGmzfbVUTWzS+5j0GKJZf7UokJ2vA8ItrsSp
EW4vB2kfeInLMWg6kOGBc+99LM2+G5vKGnxcmmA7dYfC6qmcI2P83zVzAcDiczyO
kpVqzDWzBUKsOuBrM9Yma3hcVWU8K5cI9aJSpazRWLbxWLzgnKNs6wKN5ppmyw0=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:37 2024 by rpki-client on console-fra.rpki-client.org