Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cC-hrpaCsrIuzdmlMBLw5vG6G5w.cer
File:                     cC-hrpaCsrIuzdmlMBLw5vG6G5w.cer (raw, json)
Hash identifier:          EA3PfhfmZuwbLVfZPA+TfDvOXml5WgRTs47P19j+kYY=
Subject key identifier:   70:2F:A1:AE:96:82:B2:B2:2E:CD:D9:A5:30:12:F0:E6:F1:BA:1B:9C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01FCF1
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A917B540/D97A95BCF88011EDB9ABFC56C4F9AE02/cC-hrpaCsrIuzdmlMBLw5vG6G5w.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A917B540/D97A95BCF88011EDB9ABFC56C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 01 Jul 2024 19:59:09 +0000
Certificate not after:    Tue 30 Sep 2025 00:00:00 +0000
Subordinate resources:    AS: 56309
                          IP: 43.229.76.0/22
                          IP: 103.22.180.0/22
                          IP: 2403:2300::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 20:43:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 130289 (0x1fcf1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul  1 19:59:09 2024 GMT
            Not After : Sep 30 00:00:00 2025 GMT
        Subject: CN=A917B540/serialNumber=702FA1AE9682B2B22ECDD9A53012F0E6F1BA1B9C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:7c:99:d5:3c:e3:c0:fa:04:35:76:8b:bd:66:
                    1a:0f:52:b1:d3:ff:70:68:40:d8:10:17:f0:4a:81:
                    f4:b0:eb:b9:72:ed:a9:11:82:c3:d7:01:88:29:9b:
                    aa:fc:4a:0f:0c:24:51:ec:b0:82:70:05:c5:13:8d:
                    cb:b6:2f:3f:d9:ed:bb:8c:bb:55:81:5e:21:b8:56:
                    e6:20:44:02:cd:c0:7e:db:1f:39:b2:14:55:f1:58:
                    5d:92:b8:13:14:c4:d1:27:80:da:da:38:b8:5c:a5:
                    23:c2:5d:3b:19:5a:e4:e0:dc:be:5f:df:39:fe:f4:
                    66:3d:4c:6b:97:3c:87:5b:bc:03:ac:43:b5:9a:76:
                    2c:87:b0:91:3a:53:e7:d7:20:00:9f:99:16:7b:a8:
                    db:59:32:34:da:79:f1:82:1e:89:38:b8:f5:d5:af:
                    43:3f:c7:11:1a:a4:c3:a4:e7:c4:f4:4e:e0:e2:e1:
                    d5:58:0e:06:94:21:73:06:4c:e4:f6:19:58:7d:47:
                    7c:04:13:87:83:d6:b3:3e:5a:ee:34:0d:db:74:fc:
                    a9:4a:1f:0b:19:80:f2:3d:55:e8:45:d9:57:06:5e:
                    ee:77:6e:1c:24:32:f7:35:49:6e:58:b7:f9:65:c2:
                    92:0e:b9:67:e0:04:db:51:0a:7e:6e:bc:c4:0e:cb:
                    13:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:2F:A1:AE:96:82:B2:B2:2E:CD:D9:A5:30:12:F0:E6:F1:BA:1B:9C
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A917B540/D97A95BCF88011EDB9ABFC56C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A917B540/D97A95BCF88011EDB9ABFC56C4F9AE02/cC-hrpaCsrIuzdmlMBLw5vG6G5w.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  56309

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.229.76.0/22
                  103.22.180.0/22
                IPv6:
                  2403:2300::/32

    Signature Algorithm: sha256WithRSAEncryption
         3c:84:51:21:9b:6e:f0:e9:57:bc:81:fb:8e:77:67:98:15:31:
         b4:8b:aa:a3:c0:31:1e:ec:02:d2:af:32:f5:bd:96:f8:25:2a:
         ea:72:33:bf:29:68:23:46:46:d2:01:7f:44:f1:9a:ac:c7:df:
         d1:07:4f:17:fd:72:8b:1f:a7:cf:f1:60:34:78:68:4e:3d:01:
         0b:5e:fd:c5:16:cc:09:16:24:4d:8c:7d:3d:7c:4c:03:fa:5f:
         04:62:42:4b:e6:26:90:32:a2:c9:4f:62:2e:3a:ba:a7:8d:12:
         ff:f4:d6:6e:13:0d:5c:a6:db:f1:72:39:a5:a5:96:48:75:17:
         ab:c1:b3:17:e2:f8:ad:9a:53:9e:67:d4:f9:0d:f2:32:5e:fe:
         38:46:c5:2a:69:1f:12:e7:88:2f:3c:8c:c5:7e:cd:ad:14:9a:
         19:e6:f4:e9:b3:f8:b7:b8:6c:a2:28:de:1a:ac:1f:d5:d9:16:
         8b:d1:39:64:f6:f7:23:bb:62:85:4f:82:47:02:4c:99:d1:2e:
         65:65:a7:e9:6a:43:16:de:f6:30:66:0a:60:b5:5b:87:a2:02:
         a9:90:69:8e:5e:23:59:bf:e3:8f:04:07:09:eb:ba:3b:df:22:
         8f:d1:c1:6c:3b:d2:33:b7:3d:64:24:ff:13:38:db:24:b7:f4:
         2f:c6:ed:43
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAfzxMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDcwMTE5NTkwOVoXDTI1MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxN0I1NDAxMTAvBgNVBAUTKDcwMkZBMUFFOTY4MkIyQjIyRUNERDlB
NTMwMTJGMEU2RjFCQTFCOUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDafJnVPOPA+gQ1dou9ZhoPUrHT/3BoQNgQF/BKgfSw67ly7akRgsPXAYgpm6r8
Sg8MJFHssIJwBcUTjcu2Lz/Z7buMu1WBXiG4VuYgRALNwH7bHzmyFFXxWF2SuBMU
xNEngNraOLhcpSPCXTsZWuTg3L5f3zn+9GY9TGuXPIdbvAOsQ7WadiyHsJE6U+fX
IACfmRZ7qNtZMjTaefGCHok4uPXVr0M/xxEapMOk58T0TuDi4dVYDgaUIXMGTOT2
GVh9R3wEE4eD1rM+Wu40Ddt0/KlKHwsZgPI9VehF2VcGXu53bhwkMvc1SW5Yt/ll
wpIOuWfgBNtRCn5uvMQOyxN7AgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUcC+hrpaC
srIuzdmlMBLw5vG6G5wwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTdCNTQwL0Q5N0E5NUJDRjg4MDExRURCOUFCRkM1NkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3QjU0MC9EOTdBOTVCQ0Y4ODAxMUVEQjlBQkZDNTZDNEY5QUUwMi9jQy1ocnBh
Q3NySXV6ZG1sTUJMdzV2RzZHNXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDANv1MDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCK+VMAwQCZxa0
MA0EAgACMAcDBQAkAyMAMA0GCSqGSIb3DQEBCwUAA4IBAQA8hFEhm27w6Ve8gfuO
d2eYFTG0i6qjwDEe7ALSrzL1vZb4JSrqcjO/KWgjRkbSAX9E8Zqsx9/RB08X/XKL
H6fP8WA0eGhOPQELXv3FFswJFiRNjH09fEwD+l8EYkJL5iaQMqLJT2IuOrqnjRL/
9NZuEw1cptvxcjmlpZZIdRerwbMX4vitmlOeZ9T5DfIyXv44RsUqaR8S54gvPIzF
fs2tFJoZ5vTps/i3uGyiKN4arB/V2RaL0Tlk9vcju2KFT4JHAkyZ0S5lZafpakMW
3vYwZgpgtVuHogKpkGmOXiNZv+OPBAcJ67o73yKP0cFsO9Iztz1kJP8TONskt/Qv
xu1D
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:24:51 2024 by rpki-client on console-fra.rpki-client.org