Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aSE1YIaDdV6U2OylfYsLNY7OFxg.cer
File:                     aSE1YIaDdV6U2OylfYsLNY7OFxg.cer (raw, json)
Hash identifier:          qam0NDX1k6+pekEB47WVXifaztPtS7wNkztSbIPTTbc=
Subject key identifier:   69:21:35:60:86:83:75:5E:94:D8:EC:A5:7D:8B:0B:35:8E:CE:17:18
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01A3B4
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/aSE1YIaDdV6U2OylfYsLNY7OFxg.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 17 May 2023 05:48:22 +0000
Certificate not after:    Sat 31 Aug 2024 00:00:00 +0000
Subordinate resources:    AS: 132088
                          AS: 138986
                          IP: 103.115.140.0/22
                          IP: 2402:e940::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 21:38:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 107444 (0x1a3b4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May 17 05:48:22 2023 GMT
            Not After : Aug 31 00:00:00 2024 GMT
        Subject: CN=A9198996/serialNumber=692135608683755E94D8ECA57D8B0B358ECE1718
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:de:ad:dc:c6:98:5c:a5:3b:87:d4:ac:cb:13:
                    df:c6:d3:66:f0:d8:53:5b:78:c6:49:c6:18:e2:54:
                    d5:35:72:73:d6:f5:2a:30:2b:72:98:02:79:4d:52:
                    8e:20:81:04:d6:34:8e:ec:fa:e9:59:04:44:5e:c6:
                    74:58:11:01:6b:4c:26:59:88:bd:76:45:c6:a7:d3:
                    83:cf:39:64:4b:d0:cb:da:45:dc:46:53:c9:2a:df:
                    11:f8:2e:af:31:09:41:10:03:7b:32:95:75:2f:25:
                    ab:e6:ba:38:70:dd:04:1e:17:5e:c7:c3:19:62:cd:
                    22:eb:aa:c5:64:12:9b:a0:8f:0e:57:77:de:ad:ae:
                    9f:3f:13:51:a5:f7:6d:39:b9:f5:8d:dc:a9:ce:14:
                    98:88:6d:d7:22:4e:1d:86:5e:77:e7:44:ae:b9:bf:
                    c5:2b:0c:c9:4e:bc:ca:eb:b5:fb:53:2f:3b:7f:b1:
                    7f:03:96:c8:d1:dd:3f:1d:3c:d9:32:5d:3e:75:e9:
                    bb:ee:33:5f:fe:58:ac:57:8f:7f:eb:50:27:70:86:
                    57:bd:de:86:9a:d6:06:ec:63:c4:84:2a:64:c8:d3:
                    76:42:ad:33:e5:3b:27:30:82:80:cd:fe:ba:cf:31:
                    8a:47:ba:0f:a3:f0:11:7a:7a:d3:62:43:01:e6:c1:
                    1e:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:21:35:60:86:83:75:5E:94:D8:EC:A5:7D:8B:0B:35:8E:CE:17:18
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/aSE1YIaDdV6U2OylfYsLNY7OFxg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  132088
                  138986

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.115.140.0/22
                IPv6:
                  2402:e940::/32

    Signature Algorithm: sha256WithRSAEncryption
         1f:cf:bd:c2:98:fb:78:b9:4c:40:f0:0c:dc:89:c8:9a:fa:b0:
         6f:e1:ea:34:58:9f:ce:b1:6c:1e:a4:55:e9:9d:5f:b2:74:ae:
         38:fc:90:50:5f:32:9e:08:1a:ac:3d:77:fe:07:79:da:a7:60:
         d4:78:cf:92:a5:28:70:32:2d:4e:ef:e1:43:c8:82:24:7e:f9:
         12:80:19:63:27:b2:2f:ef:fc:ac:95:11:32:86:94:21:80:40:
         38:34:5a:2d:77:bd:6f:b7:da:15:78:10:e8:18:12:51:00:be:
         c0:7f:15:b1:98:b1:5a:42:b9:c5:06:c4:e6:11:8c:46:11:4d:
         ab:c4:6e:98:b4:91:ed:ca:3a:91:0b:37:59:80:da:79:f9:03:
         12:bd:a2:55:d4:0a:c6:9e:69:93:0c:c3:fa:1d:76:fb:c5:fd:
         f1:60:cd:30:e8:2a:59:01:f9:7e:7a:90:92:ec:48:7a:ad:2a:
         7f:45:07:73:87:d6:03:d8:21:77:94:6a:53:c3:63:34:93:cb:
         c0:f0:5a:9a:57:51:3f:fd:a0:86:c3:43:15:18:7e:3b:d0:02:
         f4:04:a1:72:51:3f:c5:92:3c:29:d5:a2:ba:11:34:0c:0f:16:
         d6:cd:0c:43:1b:82:78:56:f5:5b:94:e2:b9:d4:29:7d:dd:a2:
         c1:9c:ee:ac
-----BEGIN CERTIFICATE-----
MIIGLjCCBRagAwIBAgIDAaO0MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDUxNzA1NDgyMloXDTI0MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTg5OTYxMTAvBgNVBAUTKDY5MjEzNTYwODY4Mzc1NUU5NEQ4RUNB
NTdEOEIwQjM1OEVDRTE3MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCo3q3cxphcpTuH1KzLE9/G02bw2FNbeMZJxhjiVNU1cnPW9SowK3KYAnlNUo4g
gQTWNI7s+ulZBERexnRYEQFrTCZZiL12Rcan04PPOWRL0MvaRdxGU8kq3xH4Lq8x
CUEQA3sylXUvJavmujhw3QQeF17HwxlizSLrqsVkEpugjw5Xd96trp8/E1Gl9205
ufWN3KnOFJiIbdciTh2GXnfnRK65v8UrDMlOvMrrtftTLzt/sX8DlsjR3T8dPNky
XT516bvuM1/+WKxXj3/rUCdwhle93oaa1gbsY8SEKmTI03ZCrTPlOycwgoDN/rrP
MYpHug+j8BF6etNiQwHmwR5PAgMBAAGjggMjMIIDHzAdBgNVHQ4EFgQUaSE1YIaD
dV6U2OylfYsLNY7OFxgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk4OTk2LzY2MDMwRjVFRDA2MDExRUNCQTQwRkM4M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5ODk5Ni82NjAzMEY1RUQwNjAxMUVDQkE0MEZDODNDNEY5QUUwMi9hU0UxWUlh
RGRWNlUyT3lsZllzTE5ZN09GeGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAgP4AgMCHuowLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAJnc4ww
DQQCAAIwBwMFACQC6UAwDQYJKoZIhvcNAQELBQADggEBAB/PvcKY+3i5TEDwDNyJ
yJr6sG/h6jRYn86xbB6kVemdX7J0rjj8kFBfMp4IGqw9d/4HedqnYNR4z5KlKHAy
LU7v4UPIgiR++RKAGWMnsi/v/KyVETKGlCGAQDg0Wi13vW+32hV4EOgYElEAvsB/
FbGYsVpCucUGxOYRjEYRTavEbpi0ke3KOpELN1mA2nn5AxK9olXUCsaeaZMMw/od
dvvF/fFgzTDoKlkB+X56kJLsSHqtKn9FB3OH1gPYIXeUalPDYzSTy8DwWppXUT/9
oIbDQxUYfjvQAvQEoXJRP8WSPCnVoroRNAwPFtbNDEMbgnhW9VuU4rnUKX3dosGc
7qw=
-----END CERTIFICATE-----
Generated at Fri Mar 29 22:51:25 2024 by rpki-client on console-fra.rpki-client.org