Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c8DgGJD_MGdgEGKhLlS9VDeQkbY.cer
File:                     c8DgGJD_MGdgEGKhLlS9VDeQkbY.cer (raw, json)
Hash identifier:          oT+WlRPUrjVIP5cDNgluTWOQPBwqzUKnRM0p75Hn3P8=
Subject key identifier:   73:C0:E0:18:90:FF:30:67:60:10:62:A1:2E:54:BD:54:37:90:91:B6
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CB4E
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91FAEE4/9C26E6C82FDE11ECAD747F68C4F9AE02/c8DgGJD_MGdgEGKhLlS9VDeQkbY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91FAEE4/9C26E6C82FDE11ECAD747F68C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 16 Nov 2023 03:59:48 +0000
Certificate not after:    Thu 31 Oct 2024 00:00:00 +0000
Subordinate resources:    AS: 9336
                          AS: 38790
                          AS: 55573
                          AS: 135513
                          AS: 137558
                          IP: 27.113.240.0/21
                          IP: 43.252.124.0/22
                          IP: 45.64.56.0/22
                          IP: 45.113.244.0/22
                          IP: 103.9.52.0/22
                          IP: 103.18.124.0/22
                          IP: 103.53.200.0/22
                          IP: 103.233.224.0/22
                          IP: 118.127.96.0/19
                          IP: 121.200.208.0/21
                          IP: 202.90.48.0/21
                          IP: 203.153.192.0/20
                          IP: 218.185.232.0/21
                          IP: 2403:3600::/32
                          IP: 2405:7d80::/32
                          IP: 2406:c000::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117582 (0x1cb4e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov 16 03:59:48 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=A91FAEE4/serialNumber=73C0E01890FF3067601062A12E54BD54379091B6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:ea:14:f5:bb:1d:21:5c:11:79:7e:7b:21:06:
                    89:d5:28:09:5b:e5:e9:2c:b8:10:7e:db:a4:d3:b4:
                    79:08:57:20:91:2e:55:70:bd:1b:32:3d:0d:ec:f7:
                    53:79:eb:42:27:bd:27:5d:df:02:d2:7d:67:e3:2c:
                    e6:87:58:03:dc:14:c4:8b:f8:ef:37:37:f5:fb:47:
                    c6:e7:11:d5:95:20:71:cf:0c:c7:20:0c:a2:e0:d0:
                    62:b6:6c:b0:f3:f6:b8:83:56:00:3f:2b:d5:89:9a:
                    6a:a9:ae:60:24:42:43:bc:38:cd:0b:9e:a7:fb:6a:
                    86:4d:3e:22:24:88:87:ef:7a:20:a5:3c:42:d8:a1:
                    f2:b7:7d:ef:75:9d:37:0c:a7:6e:c7:7c:fb:97:df:
                    23:95:ff:ca:ba:5d:88:50:28:20:1e:77:e4:77:f9:
                    e9:e4:35:4b:09:2f:75:87:30:00:97:ea:ee:d9:00:
                    7c:12:de:90:e0:44:a1:fe:04:bd:27:20:6f:e3:00:
                    da:ed:db:ef:95:4b:00:cf:0f:0f:f2:39:3b:80:48:
                    9b:7e:5d:1e:f1:24:ed:24:f3:61:9f:a3:6e:4a:80:
                    01:76:33:3f:7a:ac:df:72:f0:13:b2:1d:86:80:c1:
                    e8:a9:38:c3:84:95:6c:9f:b3:50:96:ec:8f:59:dd:
                    7a:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:C0:E0:18:90:FF:30:67:60:10:62:A1:2E:54:BD:54:37:90:91:B6
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91FAEE4/9C26E6C82FDE11ECAD747F68C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91FAEE4/9C26E6C82FDE11ECAD747F68C4F9AE02/c8DgGJD_MGdgEGKhLlS9VDeQkbY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  9336
                  38790
                  55573
                  135513
                  137558

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.113.240.0/21
                  43.252.124.0/22
                  45.64.56.0/22
                  45.113.244.0/22
                  103.9.52.0/22
                  103.18.124.0/22
                  103.53.200.0/22
                  103.233.224.0/22
                  118.127.96.0/19
                  121.200.208.0/21
                  202.90.48.0/21
                  203.153.192.0/20
                  218.185.232.0/21
                IPv6:
                  2403:3600::/32
                  2405:7d80::/32
                  2406:c000::/32

    Signature Algorithm: sha256WithRSAEncryption
         a1:98:9f:12:59:2a:93:cf:06:7f:c4:34:d5:ae:35:90:1f:c8:
         0d:39:f2:48:bf:b3:d6:30:d1:11:f7:3a:07:f8:b8:b0:02:ee:
         fd:05:68:f5:d5:62:05:21:2e:ba:3d:a1:1e:56:3b:a1:c5:ba:
         68:12:49:3e:5e:42:2f:98:bb:6a:08:87:63:b0:75:41:ba:bd:
         b4:ed:4d:b7:64:d1:f2:5f:67:66:cf:7f:57:df:48:47:fe:9d:
         97:a3:42:1b:30:25:92:89:44:27:bc:48:0c:04:2e:f5:08:98:
         b0:f1:de:42:22:7a:3c:5c:9a:10:ea:92:52:9a:51:ad:7a:05:
         b7:fb:07:ae:c7:57:1f:b3:02:c8:6f:9e:86:d9:d6:7e:07:9c:
         c0:4b:e5:4b:55:63:76:43:b9:c6:d8:a3:b2:60:2e:44:93:53:
         88:cd:cc:b0:38:fc:b9:08:b2:3a:07:23:10:63:b9:dc:67:8e:
         ad:d6:f9:e3:1c:70:25:8d:ed:9f:81:27:ce:3a:8d:5b:7a:27:
         76:9d:be:89:8f:72:62:f8:08:25:99:a3:4e:7b:16:17:6b:68:
         3d:0b:de:85:62:ac:46:3b:7f:58:22:eb:b1:2b:ca:fa:bf:31:
         fd:00:b1:b4:6d:da:e2:2e:7e:58:18:43:56:6a:4f:80:b8:ae:
         79:b3:f4:b7
-----BEGIN CERTIFICATE-----
MIIGkzCCBXugAwIBAgIDActOMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTExNjAzNTk0OFoXDTI0MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRkFFRTQxMTAvBgNVBAUTKDczQzBFMDE4OTBGRjMwNjc2MDEwNjJB
MTJFNTRCRDU0Mzc5MDkxQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQ6hT1ux0hXBF5fnshBonVKAlb5eksuBB+26TTtHkIVyCRLlVwvRsyPQ3s91N5
60InvSdd3wLSfWfjLOaHWAPcFMSL+O83N/X7R8bnEdWVIHHPDMcgDKLg0GK2bLDz
9riDVgA/K9WJmmqprmAkQkO8OM0Lnqf7aoZNPiIkiIfveiClPELYofK3fe91nTcM
p27HfPuX3yOV/8q6XYhQKCAed+R3+enkNUsJL3WHMACX6u7ZAHwS3pDgRKH+BL0n
IG/jANrt2++VSwDPDw/yOTuASJt+XR7xJO0k82Gfo25KgAF2Mz96rN9y8BOyHYaA
weipOMOElWyfs1CW7I9Z3Xq9AgMBAAGjggOIMIIDhDAdBgNVHQ4EFgQUc8DgGJD/
MGdgEGKhLlS9VDeQkbYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUZBRUU0LzlDMjZFNkM4MkZERTExRUNBRDc0N0Y2OEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGQUVFNC85QzI2RTZDODJGREUxMUVDQUQ3NDdGNjhDNEY5QUUwMi9jOERnR0pE
X01HZGdFR0toTGxTOVZEZVFrYlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQgBAf8EHjAc
oBowGAICJHgCAwCXhgIDANkVAgMCEVkCAwIZVjCBhAYIKwYBBQUHAQcBAf8EdTBz
MFQEAgABME4DBAMbcfADBAIr/HwDBAItQDgDBAItcfQDBAJnCTQDBAJnEnwDBAJn
NcgDBAJn6eADBAV2f2ADBAN5yNADBAPKWjADBATLmcADBAPauegwGwQCAAIwFQMF
ACQDNgADBQAkBX2AAwUAJAbAADANBgkqhkiG9w0BAQsFAAOCAQEAoZifElkqk88G
f8Q01a41kB/IDTnySL+z1jDREfc6B/i4sALu/QVo9dViBSEuuj2hHlY7ocW6aBJJ
Pl5CL5i7agiHY7B1Qbq9tO1Nt2TR8l9nZs9/V99IR/6dl6NCGzAlkolEJ7xIDAQu
9QiYsPHeQiJ6PFyaEOqSUppRrXoFt/sHrsdXH7MCyG+ehtnWfgecwEvlS1VjdkO5
xtijsmAuRJNTiM3MsDj8uQiyOgcjEGO53GeOrdb54xxwJY3tn4EnzjqNW3ondp2+
iY9yYvgIJZmjTnsWF2toPQvehWKsRjt/WCLrsSvK+r8x/QCxtG3a4i5+WBhDVmpP
gLiuebP0tw==
-----END CERTIFICATE-----
Generated at Fri Mar 29 05:47:16 2024 by rpki-client on console-ams.rpki-client.org