Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aZjZtTJ7v4lO1WGXxH7IlvrlnjQ.cer
File:                     aZjZtTJ7v4lO1WGXxH7IlvrlnjQ.cer (raw, json)
Hash identifier:          8A6A2y5brT1/yIRPN8+SRTtyJ/4KDGM0Q1cJQU3vf3I=
Subject key identifier:   69:98:D9:B5:32:7B:BF:89:4E:D5:61:97:C4:7E:C8:96:FA:E5:9E:34
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       02170F
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91FCF44/94110604602C11EF97D73C5FC4F9AE02/aZjZtTJ7v4lO1WGXxH7IlvrlnjQ.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91FCF44/94110604602C11EF97D73C5FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 31 Oct 2024 02:20:59 +0000
Certificate not after:    Wed 28 May 2025 00:00:00 +0000
Subordinate resources:    AS: 138645
                          IP: 103.135.140.0/22
                          IP: 103.140.70.0/23
                          IP: 2404:7f40::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 136975 (0x2170f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct 31 02:20:59 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=A91FCF44/serialNumber=6998D9B5327BBF894ED56197C47EC896FAE59E34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:bb:a7:ba:e2:a9:96:0f:c3:71:90:4f:c0:12:
                    12:1f:dd:17:95:7b:ab:90:6f:19:05:5c:c3:d9:50:
                    05:c6:dd:e4:ad:15:11:97:41:ea:57:34:02:71:cd:
                    5b:d6:d1:04:a1:fd:d8:38:be:bd:f0:ba:c2:76:fc:
                    52:55:c2:1e:b3:40:f2:15:70:08:c6:58:f5:2e:53:
                    63:be:59:34:0f:c2:e6:48:92:8a:33:aa:31:ec:1e:
                    51:e7:e6:a0:fc:74:fd:e9:69:6b:1f:da:45:f7:c6:
                    13:88:8d:c3:8a:ba:28:35:7c:c5:6e:13:7d:b8:0a:
                    9a:c7:6e:fd:65:f4:e9:e0:79:aa:2b:0a:6f:56:b8:
                    86:ca:36:1d:d1:35:fe:83:a6:a1:ea:81:e4:01:d6:
                    37:b3:6c:01:59:8e:8c:e0:56:27:c4:c0:8e:26:d4:
                    84:c2:79:97:02:c1:cc:69:f8:a1:c5:a6:16:6c:96:
                    8b:bf:5b:82:02:cc:9c:cc:93:bf:f2:12:4d:d5:bf:
                    ed:66:c3:76:ac:a7:17:4d:c8:28:eb:71:36:8b:b4:
                    9c:82:e7:6e:1c:64:62:22:9b:d1:f3:b2:2f:bf:62:
                    5b:0b:51:f9:e7:e6:8e:c3:3e:a0:e4:7e:56:59:fc:
                    99:b7:d3:3a:f7:27:a6:d3:5a:c5:31:4d:93:5c:2d:
                    f5:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:98:D9:B5:32:7B:BF:89:4E:D5:61:97:C4:7E:C8:96:FA:E5:9E:34
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91FCF44/94110604602C11EF97D73C5FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91FCF44/94110604602C11EF97D73C5FC4F9AE02/aZjZtTJ7v4lO1WGXxH7IlvrlnjQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  138645

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.135.140.0/22
                  103.140.70.0/23
                IPv6:
                  2404:7f40::/32

    Signature Algorithm: sha256WithRSAEncryption
         73:08:12:6c:2e:86:bf:a6:42:65:98:dd:68:e8:4a:27:00:b6:
         a4:c4:d8:11:40:e2:e3:ba:cb:9f:a2:2e:f5:cb:81:7f:14:cf:
         3d:e2:36:6f:58:a6:79:ae:30:3a:0c:f4:08:8d:62:0c:7c:d9:
         1b:5a:1f:98:3f:42:9f:9d:c1:ac:72:fe:e1:46:2c:b4:45:27:
         7c:ee:95:18:a5:52:42:79:8d:eb:4e:be:1e:1c:29:38:3d:71:
         07:62:23:a9:cc:35:81:77:43:bb:ca:b2:ac:8d:49:43:b3:71:
         ff:c5:12:3a:64:26:da:7e:8c:be:dd:65:1c:40:ed:ef:96:a4:
         91:6f:09:bb:8f:ef:69:51:ef:b8:af:09:d3:bd:35:bd:48:2e:
         05:6e:e9:ed:33:70:3c:69:92:ca:e1:02:0e:97:af:39:ff:a6:
         0f:57:c0:84:d9:a3:62:c0:94:5a:d9:78:74:16:37:5c:53:5b:
         2d:35:11:5c:b8:1f:b9:0c:a2:9e:23:13:15:67:c0:50:4d:75:
         b7:51:74:30:bf:51:ba:05:2f:f7:b9:69:83:7c:5a:2d:ba:23:
         89:71:49:55:81:e8:b0:2c:29:40:6f:df:83:d6:23:67:7a:3e:
         35:27:f3:ae:bf:5b:07:7a:00:77:33:3b:4d:63:d9:91:ed:21:
         4f:9a:9b:dc
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAhcPMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTAzMTAyMjA1OVoXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRkNGNDQxMTAvBgNVBAUTKDY5OThEOUI1MzI3QkJGODk0RUQ1NjE5
N0M0N0VDODk2RkFFNTlFMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBu6e64qmWD8NxkE/AEhIf3ReVe6uQbxkFXMPZUAXG3eStFRGXQepXNAJxzVvW
0QSh/dg4vr3wusJ2/FJVwh6zQPIVcAjGWPUuU2O+WTQPwuZIkoozqjHsHlHn5qD8
dP3paWsf2kX3xhOIjcOKuig1fMVuE324CprHbv1l9OngeaorCm9WuIbKNh3RNf6D
pqHqgeQB1jezbAFZjozgVifEwI4m1ITCeZcCwcxp+KHFphZslou/W4ICzJzMk7/y
Ek3Vv+1mw3aspxdNyCjrcTaLtJyC524cZGIim9Hzsi+/YlsLUfnn5o7DPqDkflZZ
/Jm30zr3J6bTWsUxTZNcLfVFAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUaZjZtTJ7
v4lO1WGXxH7IlvrlnjQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUZDRjQ0Lzk0MTEwNjA0NjAyQzExRUY5N0Q3M0M1RkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGQ0Y0NC85NDExMDYwNDYwMkMxMUVGOTdENzNDNUZDNEY5QUUwMi9hWmpadFRK
N3Y0bE8xV0dYeEg3SWx2cmxualEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAh2VMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCZ4eMAwQBZ4xG
MA0EAgACMAcDBQAkBH9AMA0GCSqGSIb3DQEBCwUAA4IBAQBzCBJsLoa/pkJlmN1o
6EonALakxNgRQOLjusufoi71y4F/FM894jZvWKZ5rjA6DPQIjWIMfNkbWh+YP0Kf
ncGscv7hRiy0RSd87pUYpVJCeY3rTr4eHCk4PXEHYiOpzDWBd0O7yrKsjUlDs3H/
xRI6ZCbafoy+3WUcQO3vlqSRbwm7j+9pUe+4rwnTvTW9SC4FbuntM3A8aZLK4QIO
l685/6YPV8CE2aNiwJRa2Xh0FjdcU1stNRFcuB+5DKKeIxMVZ8BQTXW3UXQwv1G6
BS/3uWmDfFotuiOJcUlVgeiwLClAb9+D1iNnej41J/Ouv1sHegB3MztNY9mR7SFP
mpvc
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:59:49 2024 by rpki-client on console-ams.rpki-client.org