Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aS69PQPyWHRuaEO2Eo3SCcUSIuY.cer
File:                     aS69PQPyWHRuaEO2Eo3SCcUSIuY.cer (raw, json)
Hash identifier:          NCN+2qtuc+5mRvx9MFyz6t33kH0CVzX4RhVFmXDviok=
Subject key identifier:   69:2E:BD:3D:03:F2:58:74:6E:68:43:B6:12:8D:D2:09:C5:12:22:E6
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01DC15
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A917BED0/DDB589A0801911EDBBBE306EC4F9AE02/aS69PQPyWHRuaEO2Eo3SCcUSIuY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A917BED0/DDB589A0801911EDBBBE306EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 31 Jan 2024 17:15:20 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 203.5.13.0/24
                          IP: 203.25.134.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 14:50:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121877 (0x1dc15)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan 31 17:15:20 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A917BED0/serialNumber=692EBD3D03F258746E6843B6128DD209C51222E6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:5f:54:6c:17:ff:8f:8a:7e:f3:92:ae:cd:dc:
                    82:bb:50:7d:a8:84:05:e3:31:32:2a:7f:0a:8d:f3:
                    35:b5:b2:2c:8e:29:e7:ca:1d:a9:d7:f9:82:0e:4f:
                    b0:0b:b3:76:a5:5b:a0:c4:d7:53:6b:7b:60:57:2a:
                    5e:54:bd:ae:62:95:85:36:3c:1b:36:f3:cd:68:50:
                    d3:35:df:3b:91:b3:40:f9:b2:c7:28:d0:1e:ad:82:
                    9d:d5:d4:2a:38:85:8e:d5:9c:87:23:f8:49:fe:1e:
                    90:36:d1:02:e3:d8:90:93:3e:99:51:d2:e5:fb:0f:
                    94:6a:9e:e6:46:72:22:ee:01:63:65:b9:fe:0f:59:
                    cc:0e:00:3e:f1:69:3e:fa:68:7e:15:88:90:9d:9d:
                    c3:89:c5:bf:6c:14:65:90:86:72:4f:4f:2a:73:6c:
                    e0:53:a1:15:f7:4e:1a:61:4f:bd:6a:e1:86:6f:b2:
                    62:f8:5f:ac:ce:3c:3e:2d:dc:1c:12:06:6e:f0:97:
                    8d:cc:be:1d:8c:57:11:34:b7:61:e1:a2:dd:c6:35:
                    8e:f4:2d:bb:94:75:51:95:7c:79:b1:29:c7:2d:29:
                    15:2f:33:e2:40:8f:ea:c2:c4:3a:aa:86:fc:8c:06:
                    84:3a:d2:66:fa:25:71:87:f5:06:1b:57:96:58:c6:
                    62:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:2E:BD:3D:03:F2:58:74:6E:68:43:B6:12:8D:D2:09:C5:12:22:E6
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917BED0/DDB589A0801911EDBBBE306EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917BED0/DDB589A0801911EDBBBE306EC4F9AE02/aS69PQPyWHRuaEO2Eo3SCcUSIuY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.5.13.0/24
                  203.25.134.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:c4:e8:b0:d9:cc:b9:48:1e:66:31:4a:6a:39:a4:72:58:db:
         92:56:4e:56:c9:e0:e7:a1:45:84:fb:15:7a:b1:e5:6b:80:a6:
         ed:83:b7:d2:60:c4:52:37:93:87:82:2b:c8:c4:b2:a0:e5:62:
         0b:87:05:6a:c2:68:4c:71:3b:ed:75:46:16:1d:e2:fe:ac:95:
         b0:42:26:60:48:0e:6a:f6:42:da:4d:79:61:51:c4:e5:74:05:
         3c:ea:ca:46:58:d3:d8:84:15:8e:f1:52:0f:23:e4:81:fc:2a:
         30:37:35:34:f7:be:df:b1:db:c4:74:f5:b1:7b:44:61:8b:67:
         f1:29:df:6f:37:7c:61:83:95:00:c9:f5:a5:63:9a:80:81:9a:
         e9:01:42:80:c8:aa:11:0b:27:66:a7:57:89:59:28:1f:02:57:
         6f:88:59:d2:6f:17:12:27:6b:be:03:ed:d2:d6:6f:ac:5d:cc:
         0a:7f:57:3e:cc:d8:9b:6f:ff:33:2e:33:45:78:7b:80:fc:a4:
         9e:36:2e:48:71:aa:2c:ea:29:89:44:b7:01:5b:da:23:70:1b:
         f3:21:a8:ea:85:b7:a9:9f:e8:b3:e4:38:93:1a:8a:d0:de:32:
         97:69:7d:29:ac:8b:37:2b:87:97:52:26:fe:6e:d7:85:a6:e2:
         e4:e2:e3:6e
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgIDAdwVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEzMTE3MTUyMFoXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxN0JFRDAxMTAvBgNVBAUTKDY5MkVCRDNEMDNGMjU4NzQ2RTY4NDNC
NjEyOEREMjA5QzUxMjIyRTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD0X1RsF/+Pin7zkq7N3IK7UH2ohAXjMTIqfwqN8zW1siyOKefKHanX+YIOT7AL
s3alW6DE11Nre2BXKl5Uva5ilYU2PBs2881oUNM13zuRs0D5ssco0B6tgp3V1Co4
hY7VnIcj+En+HpA20QLj2JCTPplR0uX7D5RqnuZGciLuAWNluf4PWcwOAD7xaT76
aH4ViJCdncOJxb9sFGWQhnJPTypzbOBToRX3ThphT71q4YZvsmL4X6zOPD4t3BwS
Bm7wl43Mvh2MVxE0t2Hhot3GNY70LbuUdVGVfHmxKcctKRUvM+JAj+rCxDqqhvyM
BoQ60mb6JXGH9QYbV5ZYxmIxAgMBAAGjggL5MIIC9TAdBgNVHQ4EFgQUaS69PQPy
WHRuaEO2Eo3SCcUSIuYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdCRUQwL0REQjU4OUEwODAxOTExRURCQkJFMzA2RUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3QkVEMC9EREI1ODlBMDgwMTkxMUVEQkJCRTMwNkVDNEY5QUUwMi9hUzY5UFFQ
eVdIUnVhRU8yRW8zU0NjVVNJdVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8EFjAU
MBIEAgABMAwDBADLBQ0DBADLGYYwDQYJKoZIhvcNAQELBQADggEBAEHE6LDZzLlI
HmYxSmo5pHJY25JWTlbJ4OehRYT7FXqx5WuApu2Dt9JgxFI3k4eCK8jEsqDlYguH
BWrCaExxO+11RhYd4v6slbBCJmBIDmr2QtpNeWFRxOV0BTzqykZY09iEFY7xUg8j
5IH8KjA3NTT3vt+x28R09bF7RGGLZ/Ep3283fGGDlQDJ9aVjmoCBmukBQoDIqhEL
J2anV4lZKB8CV2+IWdJvFxIna74D7dLWb6xdzAp/Vz7M2Jtv/zMuM0V4e4D8pJ42
LkhxqizqKYlEtwFb2iNwG/MhqOqFt6mf6LPkOJMaitDeMpdpfSmsizcrh5dSJv5u
14Wm4uTi424=
-----END CERTIFICATE-----
Generated at Fri Mar 29 15:35:52 2024 by rpki-client on console-fra.rpki-client.org