Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a_ljfFgcU0tLpjjNyHnAp-p6TwI.cer
File:                     a_ljfFgcU0tLpjjNyHnAp-p6TwI.cer (raw, json)
Hash identifier:          RnDhDrHwx9TlJVCfcc8+z/CQHAYD8WAwgnzVAjxAUtM=
Subject key identifier:   6B:F9:63:7C:58:1C:53:4B:4B:A6:38:CD:C8:79:C0:A7:EA:7A:4F:02
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01B7A7
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91931EA/A2398F20C4B411EAA78B422AC4F9AE02/a_ljfFgcU0tLpjjNyHnAp-p6TwI.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91931EA/A2398F20C4B411EAA78B422AC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 18 Aug 2023 17:17:08 +0000
Certificate not after:    Mon 30 Sep 2024 00:00:00 +0000
Subordinate resources:    AS: 131475
                          IP: 103.4.232.0/24
                          IP: 103.30.215.0/24
                          IP: 103.31.24.0/23
                          IP: 2001:df0:425::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 18:26:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 112551 (0x1b7a7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Aug 18 17:17:08 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=A91931EA/serialNumber=6BF9637C581C534B4BA638CDC879C0A7EA7A4F02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:33:2f:34:e4:cf:d4:15:a2:14:20:72:0f:fd:
                    6a:81:f4:58:4b:b2:d1:1e:1a:63:f2:4c:61:8b:7e:
                    a8:44:a1:73:58:54:22:89:26:9c:da:84:c6:d3:a4:
                    d2:11:3e:fa:94:a6:94:6e:45:33:6c:b4:61:8e:aa:
                    b0:40:cc:d2:73:3e:c6:2f:73:24:4c:d2:e9:97:5f:
                    f9:90:83:99:dc:56:59:76:88:22:46:a9:2e:87:a8:
                    1d:94:c1:91:a2:b4:51:b8:63:9d:50:cd:ef:c0:16:
                    dd:29:61:0e:a8:1b:30:82:ef:eb:32:02:09:86:1f:
                    0c:5b:f7:aa:e8:72:47:e9:ce:a1:cd:75:7b:ef:5b:
                    a6:d1:85:85:5b:e0:e3:9f:8a:bb:da:57:91:43:79:
                    f1:e5:c4:a2:47:68:8e:49:65:29:03:9e:f8:2d:f6:
                    72:00:74:fe:fc:bf:b4:08:fa:47:33:d7:27:87:87:
                    2c:a3:eb:e1:6d:bb:a2:36:c0:68:57:ec:e5:f4:74:
                    5f:b7:17:91:4c:b6:5d:7b:d1:7f:81:34:66:9d:bc:
                    2f:82:cc:0d:29:43:40:a2:2f:cf:5e:fe:1e:34:b9:
                    c2:1c:30:f6:64:5f:7b:f1:8e:91:2a:99:80:6e:54:
                    6e:44:84:3e:44:7d:76:ef:c4:43:4c:1e:3c:87:79:
                    de:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:F9:63:7C:58:1C:53:4B:4B:A6:38:CD:C8:79:C0:A7:EA:7A:4F:02
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91931EA/A2398F20C4B411EAA78B422AC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91931EA/A2398F20C4B411EAA78B422AC4F9AE02/a_ljfFgcU0tLpjjNyHnAp-p6TwI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  131475

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.4.232.0/24
                  103.30.215.0/24
                  103.31.24.0/23
                IPv6:
                  2001:df0:425::/48

    Signature Algorithm: sha256WithRSAEncryption
         a0:37:b9:68:e3:6c:ca:f3:9d:48:06:c1:15:69:4b:08:3d:d1:
         16:5f:b7:6f:03:d9:08:5b:44:c7:80:07:24:72:62:6f:dc:00:
         5a:9b:1f:78:11:bf:85:cc:6d:82:c8:7c:6d:bb:fc:50:db:a6:
         48:e1:c5:67:fe:05:f6:9b:49:7c:3f:20:65:c0:60:0a:a8:ec:
         d5:88:9a:50:9d:e0:72:77:cc:69:0f:cb:70:91:e9:4d:ad:97:
         3c:20:3b:ec:66:c3:ca:a3:e3:29:34:5d:0a:57:93:49:7c:98:
         56:00:b1:ee:c0:ba:ad:9a:71:a9:c9:8b:2b:53:d5:f4:e2:7f:
         d3:07:be:5b:40:df:5d:9f:4f:bc:84:73:6c:21:64:29:6a:94:
         c0:ac:a0:e0:f5:0f:e0:44:bf:0a:64:1f:ab:71:56:86:29:ce:
         2c:65:87:53:a6:f9:10:17:43:d5:ab:14:71:da:95:ca:a0:56:
         37:47:34:39:0c:ab:b9:0d:ca:13:cb:aa:b1:95:7f:ad:47:ab:
         46:e9:c1:e6:9c:76:30:64:a9:08:50:7b:0f:cf:07:a4:64:e1:
         63:78:e8:6c:1f:ac:5d:e1:2e:c2:b5:85:18:39:dd:10:4e:05:
         1f:c9:ef:94:64:e0:fd:05:38:81:b9:fb:3a:9a:3c:dd:89:2c:
         ad:7d:d2:82
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgIDAbenMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDgxODE3MTcwOFoXDTI0MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTMxRUExMTAvBgNVBAUTKDZCRjk2MzdDNTgxQzUzNEI0QkE2MzhD
REM4NzlDMEE3RUE3QTRGMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGMy805M/UFaIUIHIP/WqB9FhLstEeGmPyTGGLfqhEoXNYVCKJJpzahMbTpNIR
PvqUppRuRTNstGGOqrBAzNJzPsYvcyRM0umXX/mQg5ncVll2iCJGqS6HqB2UwZGi
tFG4Y51Qze/AFt0pYQ6oGzCC7+syAgmGHwxb96rockfpzqHNdXvvW6bRhYVb4OOf
irvaV5FDefHlxKJHaI5JZSkDnvgt9nIAdP78v7QI+kcz1yeHhyyj6+Ftu6I2wGhX
7OX0dF+3F5FMtl170X+BNGadvC+CzA0pQ0CiL89e/h40ucIcMPZkX3vxjpEqmYBu
VG5EhD5EfXbvxENMHjyHed6TAgMBAAGjggMsMIIDKDAdBgNVHQ4EFgQUa/ljfFgc
U0tLpjjNyHnAp+p6TwIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTkzMUVBL0EyMzk4RjIwQzRCNDExRUFBNzhCNDIyQUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5MzFFQS9BMjM5OEYyMEM0QjQxMUVBQTc4QjQyMkFDNEY5QUUwMi9hX2xqZkZn
Y1UwdExwampOeUhuQXAtcDZUd0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgGTMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAZwToAwQAZx7X
AwQBZx8YMA8EAgACMAkDBwAgAQ3wBCUwDQYJKoZIhvcNAQELBQADggEBAKA3uWjj
bMrznUgGwRVpSwg90RZft28D2QhbRMeAByRyYm/cAFqbH3gRv4XMbYLIfG27/FDb
pkjhxWf+BfabSXw/IGXAYAqo7NWImlCd4HJ3zGkPy3CR6U2tlzwgO+xmw8qj4yk0
XQpXk0l8mFYAse7Auq2acanJiytT1fTif9MHvltA312fT7yEc2whZClqlMCsoOD1
D+BEvwpkH6txVoYpzixlh1Om+RAXQ9WrFHHalcqgVjdHNDkMq7kNyhPLqrGVf61H
q0bpweacdjBkqQhQew/PB6Rk4WN46GwfrF3hLsK1hRg53RBOBR/J75Rk4P0FOIG5
+zqaPN2JLK190oI=
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:45:00 2024 by rpki-client on console-fra.rpki-client.org