Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bPYEPvYahE8I4lOhk9XZRlSWJ50.cer
File:                     bPYEPvYahE8I4lOhk9XZRlSWJ50.cer (raw, json)
Hash identifier:          WE8azkS5Bhvxny/4O6AwNvUgv2J+e11UEKQo3lTga0I=
Subject key identifier:   6C:F6:04:3E:F6:1A:84:4F:08:E2:53:A1:93:D5:D9:46:54:96:27:9D
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       020E5D
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91F3D37/5EE9782ADCEE11ED8C38D031C4F9AE02/bPYEPvYahE8I4lOhk9XZRlSWJ50.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91F3D37/5EE9782ADCEE11ED8C38D031C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 19 Sep 2024 03:25:33 +0000
Certificate not after:    Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources:    AS: 146960
                          IP: 103.172.74.0/23
                          IP: 2001:df7:6580::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 134749 (0x20e5d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Sep 19 03:25:33 2024 GMT
            Not After : Dec  1 00:00:00 2025 GMT
        Subject: CN=A91F3D37/serialNumber=6CF6043EF61A844F08E253A193D5D9465496279D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:7f:ab:b6:61:1a:03:66:31:ce:3a:e8:71:f6:
                    b6:ac:fb:50:48:a1:1e:3e:d5:50:d7:0f:54:05:c3:
                    99:35:60:99:a1:1f:56:83:15:01:33:7f:e9:7f:f5:
                    44:cf:54:83:11:58:18:1e:52:f2:ac:d3:b3:27:9f:
                    05:e4:cf:4d:f4:b3:97:13:e0:66:2e:2e:21:b0:de:
                    ef:e5:f5:c4:9a:4a:ef:fb:51:7e:19:10:54:c7:68:
                    71:e1:1c:3d:a3:1e:a9:77:d6:59:76:b8:43:89:ff:
                    8e:43:aa:8c:c7:2f:17:05:a3:82:63:e7:cf:16:25:
                    31:ae:d4:d9:12:40:80:94:9c:4d:5f:af:fc:fa:8b:
                    c9:45:2d:e4:fd:73:e2:74:00:23:a4:a2:11:81:25:
                    f1:c3:94:b2:e0:e1:6d:2d:fa:72:c5:7b:d3:af:3d:
                    4d:32:5d:cc:05:c2:74:e6:5c:f8:cc:fd:8b:20:77:
                    7b:ee:5e:66:97:c9:95:a8:30:2f:e6:be:4e:55:4b:
                    17:3e:4f:1d:0e:a2:4c:fb:a6:b7:5f:0e:69:3f:e1:
                    76:10:b4:78:0a:55:16:fd:32:48:11:fe:3d:11:ab:
                    33:09:aa:6d:59:e8:a2:28:75:83:9b:b1:86:4a:68:
                    0c:01:d0:3d:bd:6b:a8:16:38:28:5e:68:3b:ad:9e:
                    3e:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:F6:04:3E:F6:1A:84:4F:08:E2:53:A1:93:D5:D9:46:54:96:27:9D
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F3D37/5EE9782ADCEE11ED8C38D031C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F3D37/5EE9782ADCEE11ED8C38D031C4F9AE02/bPYEPvYahE8I4lOhk9XZRlSWJ50.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  146960

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.172.74.0/23
                IPv6:
                  2001:df7:6580::/48

    Signature Algorithm: sha256WithRSAEncryption
         0b:cf:a9:4c:77:1d:73:af:af:dc:b9:45:80:12:e5:1c:f3:00:
         bc:77:69:ce:46:6b:e6:b3:ba:fc:d2:7d:6c:28:7f:6b:1a:40:
         b9:94:0e:7c:4d:92:7b:55:d9:5e:74:40:23:db:8d:83:11:bf:
         37:59:4c:3d:f1:33:b5:a5:44:6b:a0:3d:23:84:8b:f0:cd:56:
         82:76:12:74:f8:b4:ac:ac:f8:27:af:c5:00:45:92:c6:d0:37:
         37:48:84:f7:24:02:11:99:c2:9a:c3:e6:06:04:54:73:66:e7:
         90:1c:39:31:8f:ce:1b:80:e9:36:3f:20:d5:9f:4f:07:55:d1:
         01:04:0a:5f:07:cd:44:73:47:18:10:d9:1f:06:ea:14:53:36:
         68:92:fa:41:1b:73:da:f7:18:d0:c0:cd:08:72:f2:4b:a0:5d:
         12:8b:d0:21:55:eb:f3:09:f3:58:60:89:0e:ff:8b:c3:41:bc:
         18:58:0a:6d:fd:48:09:f9:24:0d:11:26:5c:e6:b3:c7:f9:97:
         3f:97:06:7e:f9:13:b7:56:58:d3:ab:85:77:e0:76:48:f5:54:
         80:4c:66:63:e5:af:6a:ed:0f:f2:ee:ec:a3:a9:9e:94:2e:7d:
         ec:ce:15:a5:5a:fd:a9:e5:da:fe:b8:72:3a:c6:82:9c:99:83:
         f1:c0:3a:bb
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAg5dMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDkxOTAzMjUzM1oXDTI1MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRjNEMzcxMTAvBgNVBAUTKDZDRjYwNDNFRjYxQTg0NEYwOEUyNTNB
MTkzRDVEOTQ2NTQ5NjI3OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDYf6u2YRoDZjHOOuhx9ras+1BIoR4+1VDXD1QFw5k1YJmhH1aDFQEzf+l/9UTP
VIMRWBgeUvKs07MnnwXkz030s5cT4GYuLiGw3u/l9cSaSu/7UX4ZEFTHaHHhHD2j
Hql31ll2uEOJ/45DqozHLxcFo4Jj588WJTGu1NkSQICUnE1fr/z6i8lFLeT9c+J0
ACOkohGBJfHDlLLg4W0t+nLFe9OvPU0yXcwFwnTmXPjM/Ysgd3vuXmaXyZWoMC/m
vk5VSxc+Tx0Ookz7prdfDmk/4XYQtHgKVRb9MkgR/j0RqzMJqm1Z6KIodYObsYZK
aAwB0D29a6gWOCheaDutnj7HAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUbPYEPvYa
hE8I4lOhk9XZRlSWJ50wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUYzRDM3LzVFRTk3ODJBRENFRTExRUQ4QzM4RDAzMUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGM0QzNy81RUU5NzgyQURDRUUxMUVEOEMzOEQwMzFDNEY5QUUwMi9iUFlFUHZZ
YWhFOEk0bE9oazlYWlJsU1dKNTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAj4QMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ6xKMA8EAgAC
MAkDBwAgAQ33ZYAwDQYJKoZIhvcNAQELBQADggEBAAvPqUx3HXOvr9y5RYAS5Rzz
ALx3ac5Ga+azuvzSfWwof2saQLmUDnxNkntV2V50QCPbjYMRvzdZTD3xM7WlRGug
PSOEi/DNVoJ2EnT4tKys+CevxQBFksbQNzdIhPckAhGZwprD5gYEVHNm55AcOTGP
zhuA6TY/INWfTwdV0QEECl8HzURzRxgQ2R8G6hRTNmiS+kEbc9r3GNDAzQhy8kug
XRKL0CFV6/MJ81hgiQ7/i8NBvBhYCm39SAn5JA0RJlzms8f5lz+XBn75E7dWWNOr
hXfgdkj1VIBMZmPlr2rtD/Lu7KOpnpQufezOFaVa/anl2v64cjrGgpyZg/HAOrs=
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:38 2024 by rpki-client on console-fra.rpki-client.org