Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cFWB1AyVgaJlHlMlI42zvcs6fQU.cer
File:                     cFWB1AyVgaJlHlMlI42zvcs6fQU.cer (raw, json)
Hash identifier:          A2BpsBX69ditd18Npsp2HVe1t/oL/IZX+vFSMyM7ke8=
Subject key identifier:   70:55:81:D4:0C:95:81:A2:65:1E:53:25:23:8D:B3:BD:CB:3A:7D:05
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E150
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91E1D91/5D8C1712A04011EC845AE926C4F9AE02/cFWB1AyVgaJlHlMlI42zvcs6fQU.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91E1D91/5D8C1712A04011EC845AE926C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 28 Feb 2024 21:23:30 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 132104
                          IP: 103.161.236.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123216 (0x1e150)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb 28 21:23:30 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A91E1D91/serialNumber=705581D40C9581A2651E5325238DB3BDCB3A7D05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:37:10:20:59:86:9c:20:36:05:dc:f2:2b:e3:
                    c4:f1:e0:13:14:4e:db:37:7b:7d:31:fd:8a:d5:4e:
                    d4:94:1e:5e:d6:49:b7:cc:01:5b:3e:4a:9f:78:b2:
                    dc:63:74:a9:76:c3:23:e2:ab:2d:e5:14:e3:e7:0f:
                    c7:89:86:9c:2c:81:00:17:16:4e:ac:56:1a:e5:75:
                    57:4c:8d:5d:1a:18:ab:95:69:e7:c2:d0:d1:0b:5b:
                    30:68:43:6e:26:78:dd:f0:74:e1:dc:cd:f9:89:06:
                    12:8b:b3:8a:31:bd:48:da:e6:e4:22:f9:4d:bb:d0:
                    fc:3e:cf:74:ec:61:05:fe:55:50:c2:f1:a2:6c:2a:
                    58:70:54:40:89:92:14:1e:95:72:96:cc:f2:3d:bb:
                    f7:03:62:dc:3e:78:d7:6b:c4:d8:14:c4:7a:06:ed:
                    8b:e5:3d:b9:11:53:a3:e7:89:27:fc:d7:78:bf:cc:
                    bd:fc:d8:9d:66:49:3b:2d:34:57:e5:23:c8:87:22:
                    cf:3c:4e:c8:ad:17:5f:67:3a:00:07:63:4f:48:c3:
                    7d:6f:91:13:5f:e3:f3:2d:92:96:20:69:71:ff:88:
                    ee:5b:7d:d9:8e:64:ea:43:d7:19:d2:1a:5a:9a:67:
                    a0:68:aa:cd:71:26:bd:cf:96:79:a6:ff:e5:69:8b:
                    e2:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:55:81:D4:0C:95:81:A2:65:1E:53:25:23:8D:B3:BD:CB:3A:7D:05
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91E1D91/5D8C1712A04011EC845AE926C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91E1D91/5D8C1712A04011EC845AE926C4F9AE02/cFWB1AyVgaJlHlMlI42zvcs6fQU.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  132104

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.161.236.0/23

    Signature Algorithm: sha256WithRSAEncryption
         55:81:08:14:72:45:74:bf:89:f0:ea:60:7b:6e:56:d2:3f:b5:
         db:ee:60:95:f5:f0:46:08:25:7a:57:ff:4a:25:f3:6a:e9:bd:
         9e:8e:1f:88:f0:43:8a:d3:c5:4e:02:df:67:33:cc:be:94:10:
         91:35:06:a7:6a:64:87:31:e4:73:11:0d:39:31:4f:7e:06:92:
         73:a4:1f:7c:15:3a:d4:22:2f:e6:f7:cf:cc:61:a9:9f:87:cf:
         7e:ee:ae:18:4b:07:51:cc:22:3a:14:b1:93:46:1e:67:52:a2:
         9c:0e:ec:26:87:8c:de:41:df:5d:23:cc:8f:e6:ac:42:df:58:
         df:35:55:f2:22:2a:b8:94:c8:ed:ae:91:0f:38:c6:81:97:ca:
         20:b4:6d:b1:71:72:b2:5b:75:73:a5:cc:98:65:fe:9b:6d:c9:
         7a:cf:bf:20:fb:5f:bd:8a:e1:bf:6e:80:2b:e4:b3:87:00:f3:
         2d:ed:f8:da:8a:12:18:f7:bf:c1:fd:36:70:67:67:4e:bd:69:
         4c:b7:da:93:1f:d9:f5:69:dd:dd:4f:38:b8:69:45:eb:0d:f0:
         bb:7c:66:1a:4c:88:11:01:c2:64:14:0a:15:fa:24:36:27:d6:
         18:11:2c:12:d5:9b:07:a5:fa:a1:1d:90:26:61:19:f0:cf:b4:
         44:14:23:9b
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAeFQMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIyODIxMjMzMFoXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRTFEOTExMTAvBgNVBAUTKDcwNTU4MUQ0MEM5NTgxQTI2NTFFNTMy
NTIzOERCM0JEQ0IzQTdEMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD0NxAgWYacIDYF3PIr48Tx4BMUTts3e30x/YrVTtSUHl7WSbfMAVs+Sp94stxj
dKl2wyPiqy3lFOPnD8eJhpwsgQAXFk6sVhrldVdMjV0aGKuVaefC0NELWzBoQ24m
eN3wdOHczfmJBhKLs4oxvUja5uQi+U270Pw+z3TsYQX+VVDC8aJsKlhwVECJkhQe
lXKWzPI9u/cDYtw+eNdrxNgUxHoG7YvlPbkRU6PniSf813i/zL382J1mSTstNFfl
I8iHIs88TsitF19nOgAHY09Iw31vkRNf4/MtkpYgaXH/iO5bfdmOZOpD1xnSGlqa
Z6Boqs1xJr3Plnmm/+Vpi+K1AgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUcFWB1AyV
gaJlHlMlI42zvcs6fQUwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUUxRDkxLzVEOEMxNzEyQTA0MDExRUM4NDVBRTkyNkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFMUQ5MS81RDhDMTcxMkEwNDAxMUVDODQ1QUU5MjZDNEY5QUUwMi9jRldCMUF5
VmdhSmxIbE1sSTQyenZjczZmUVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgQIMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ6HsMA0GCSqG
SIb3DQEBCwUAA4IBAQBVgQgUckV0v4nw6mB7blbSP7Xb7mCV9fBGCCV6V/9KJfNq
6b2ejh+I8EOK08VOAt9nM8y+lBCRNQanamSHMeRzEQ05MU9+BpJzpB98FTrUIi/m
98/MYamfh89+7q4YSwdRzCI6FLGTRh5nUqKcDuwmh4zeQd9dI8yP5qxC31jfNVXy
Iiq4lMjtrpEPOMaBl8ogtG2xcXKyW3VzpcyYZf6bbcl6z78g+1+9iuG/boAr5LOH
APMt7fjaihIY97/B/TZwZ2dOvWlMt9qTH9n1ad3dTzi4aUXrDfC7fGYaTIgRAcJk
FAoV+iQ2J9YYESwS1ZsHpfqhHZAmYRnwz7REFCOb
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:28 2024 by rpki-client on console-fra.rpki-client.org