Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aFEZgfy52vrY49MDBLtBqW-5p28.cer
File:                     aFEZgfy52vrY49MDBLtBqW-5p28.cer (raw, json)
Hash identifier:          lrFJD7T+BhCX9YDpjcccb6VhmPZVN5FcZ+s5UhnJ/fQ=
Subject key identifier:   68:51:19:81:FC:B9:DA:FA:D8:E3:D3:03:04:BB:41:A9:6F:B9:A7:6F
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D5CC
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A918196D/6202AA3E411011EC9939C00FC4F9AE02/aFEZgfy52vrY49MDBLtBqW-5p28.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A918196D/6202AA3E411011EC9939C00FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 01 Jan 2024 16:41:24 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 137267
                          AS: 147051
                          IP: 103.106.110.0/23
                          IP: 203.27.18.0/24
                          IP: 203.33.188.0/24
                          IP: 2001:df3:a300::/48
                          IP: 2400:1360::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 09:37:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120268 (0x1d5cc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan  1 16:41:24 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A918196D/serialNumber=68511981FCB9DAFAD8E3D30304BB41A96FB9A76F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:19:6c:7b:ec:9c:35:db:36:44:d2:a9:ad:66:
                    a6:52:d0:23:f5:3d:74:00:02:ef:1a:de:bc:eb:49:
                    df:30:61:66:39:a9:f8:fa:41:00:57:48:94:aa:73:
                    0c:fc:d9:ab:2c:1e:9a:21:c3:07:5f:38:f6:ea:18:
                    e4:8f:09:7c:8d:94:c5:73:28:f2:8e:6c:f0:29:69:
                    0e:a3:af:45:28:fc:e4:90:7a:2b:98:71:c1:d9:22:
                    85:ce:e5:d8:75:3a:82:6a:cc:6f:6b:15:dc:d1:30:
                    5c:9d:2c:36:e8:48:2d:82:12:48:c6:64:0b:2f:bb:
                    33:7d:6f:96:24:36:d0:0c:5e:42:b5:b6:da:c4:82:
                    3f:52:b6:36:5f:0d:d1:02:48:2f:11:5b:82:4a:f4:
                    cf:e4:ad:49:ba:30:5a:8c:5d:26:e0:4e:e4:c1:80:
                    f6:cd:ca:d7:75:c5:5d:f1:4d:8e:19:56:2f:cd:2b:
                    a0:9b:c8:7a:19:48:cc:87:20:17:16:1c:de:0e:79:
                    12:70:35:dc:28:f6:d0:ba:0f:17:6b:5e:8b:af:00:
                    86:c9:89:48:3f:61:3a:04:26:00:e8:14:df:12:4a:
                    3a:31:06:aa:c2:44:15:00:fc:a1:76:26:f2:95:82:
                    79:53:6a:ca:7a:81:81:a7:24:91:0c:a9:99:07:46:
                    8b:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:51:19:81:FC:B9:DA:FA:D8:E3:D3:03:04:BB:41:A9:6F:B9:A7:6F
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A918196D/6202AA3E411011EC9939C00FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A918196D/6202AA3E411011EC9939C00FC4F9AE02/aFEZgfy52vrY49MDBLtBqW-5p28.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  137267
                  147051

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.106.110.0/23
                  203.27.18.0/24
                  203.33.188.0/24
                IPv6:
                  2001:df3:a300::/48
                  2400:1360::/32

    Signature Algorithm: sha256WithRSAEncryption
         52:8d:48:a9:71:89:e6:7b:f2:27:88:c4:32:04:ff:89:30:6f:
         f3:39:32:16:12:e8:3c:24:ac:e7:19:d4:47:4e:7d:26:05:77:
         0a:48:ca:d3:c1:c1:78:9e:fb:3d:64:e4:ac:a5:eb:33:ff:9a:
         fe:54:4b:4f:5b:ed:0c:12:c7:ef:33:87:1d:bc:04:4b:67:c8:
         cb:3f:8f:35:af:9f:93:82:8d:aa:92:c6:bf:fd:43:b4:ea:2e:
         fc:24:d3:53:2f:f4:a7:c7:f4:80:f6:9e:f7:6b:58:c2:e0:ad:
         84:9b:92:a6:c9:52:3b:35:41:36:d0:38:39:09:e1:1b:b3:f4:
         1d:8e:be:af:4f:e3:5b:d2:92:3a:e0:7f:36:99:9c:fb:a1:81:
         d1:f2:2a:85:ca:cc:52:a2:0a:58:84:0e:63:7d:97:20:53:b0:
         1d:45:60:b1:9b:fb:be:cf:46:41:ad:aa:ce:34:99:e7:87:5c:
         72:38:4c:c8:e9:9b:2f:f0:3c:63:28:a3:de:de:78:33:5c:7b:
         27:26:67:22:c6:20:74:0e:f2:56:87:ad:32:ae:11:63:c0:c9:
         d2:d5:bc:16:ee:57:ac:67:d3:30:51:b2:a3:57:55:d8:02:ca:
         11:05:5c:78:ad:86:be:d2:4b:b6:9b:13:bb:c8:91:ed:61:01:
         6f:49:6a:8e
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIDAdXMMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEwMTE2NDEyNFoXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxODE5NkQxMTAvBgNVBAUTKDY4NTExOTgxRkNCOURBRkFEOEUzRDMw
MzA0QkI0MUE5NkZCOUE3NkYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGGWx77Jw12zZE0qmtZqZS0CP1PXQAAu8a3rzrSd8wYWY5qfj6QQBXSJSqcwz8
2assHpohwwdfOPbqGOSPCXyNlMVzKPKObPApaQ6jr0Uo/OSQeiuYccHZIoXO5dh1
OoJqzG9rFdzRMFydLDboSC2CEkjGZAsvuzN9b5YkNtAMXkK1ttrEgj9StjZfDdEC
SC8RW4JK9M/krUm6MFqMXSbgTuTBgPbNytd1xV3xTY4ZVi/NK6CbyHoZSMyHIBcW
HN4OeRJwNdwo9tC6DxdrXouvAIbJiUg/YToEJgDoFN8SSjoxBqrCRBUA/KF2JvKV
gnlTasp6gYGnJJEMqZkHRotPAgMBAAGjggM4MIIDNDAdBgNVHQ4EFgQUaFEZgfy5
2vrY49MDBLtBqW+5p28wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTgxOTZELzYyMDJBQTNFNDExMDExRUM5OTM5QzAwRkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE4MTk2RC82MjAyQUEzRTQxMTAxMUVDOTkzOUMwMEZDNEY5QUUwMi9hRkVaZ2Z5
NTJ2clk0OU1EQkx0QnFXLTVwMjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAhgzAgMCPmswQwYIKwYBBQUHAQcBAf8ENDAyMBgEAgABMBIDBAFnam4D
BADLGxIDBADLIbwwFgQCAAIwEAMHACABDfOjAAMFACQAE2AwDQYJKoZIhvcNAQEL
BQADggEBAFKNSKlxieZ78ieIxDIE/4kwb/M5MhYS6DwkrOcZ1EdOfSYFdwpIytPB
wXie+z1k5Kyl6zP/mv5US09b7QwSx+8zhx28BEtnyMs/jzWvn5OCjaqSxr/9Q7Tq
Lvwk01Mv9KfH9ID2nvdrWMLgrYSbkqbJUjs1QTbQODkJ4Ruz9B2Ovq9P41vSkjrg
fzaZnPuhgdHyKoXKzFKiCliEDmN9lyBTsB1FYLGb+77PRkGtqs40meeHXHI4TMjp
my/wPGMoo97eeDNceycmZyLGIHQO8laHrTKuEWPAydLVvBbuV6xn0zBRsqNXVdgC
yhEFXHithr7SS7abE7vIke1hAW9Jao4=
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:22:34 2024 by rpki-client on console-fra.rpki-client.org