Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cHDFVlzC_kVsMWBAi25_toDAjBk.cer
File:                     cHDFVlzC_kVsMWBAi25_toDAjBk.cer (download)
Hash identifier:          JMp+ZELJYHuyHEu0VLRPyVtI18D+yQTVSadPmD0c19c=
Subject key identifier:   70:70:C5:56:5C:C2:FE:45:6C:31:60:40:8B:6E:7F:B6:80:C0:8C:19
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01684D
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A915B77C/2814F77A69B511EABA601752C4F9AE02/cHDFVlzC_kVsMWBAi25_toDAjBk.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A915B77C/2814F77A69B511EABA601752C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate valid until:  Sat 30 Sep 2023 00:00:00 +0000
Subordinate resources:
    1: AS: 134447
    2: IP: 103.104.87.0/24
    3: IP: 103.104.96.0/23
    4: IP: 103.193.18.0/24
    5: IP: 203.109.40.0/22
    6: IP: 2401:f8c0::/32

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 92237 (0x1684d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Aug 15 09:35:34 2022 GMT
            Not After : Sep 30 00:00:00 2023 GMT
        Subject: CN=A915B77C/serialNumber=7070C5565CC2FE456C3160408B6E7FB680C08C19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:08:6b:2a:8a:89:62:35:81:d1:ab:0b:ad:49:
                    0a:9a:ab:0f:0b:41:c9:94:45:6d:3d:11:14:8d:d5:
                    21:4d:f8:54:68:a9:51:11:83:05:13:fb:08:bb:58:
                    21:06:51:72:35:b8:44:89:00:83:10:2b:94:4c:20:
                    31:1d:f5:f4:59:4e:bd:e1:a4:bb:00:4c:31:79:22:
                    b2:7a:c0:04:b0:fe:64:33:8c:e9:ce:47:93:d5:46:
                    5a:97:5c:cd:0b:37:82:04:48:a4:1a:69:86:cb:85:
                    f4:48:01:ed:a2:c1:2f:59:80:73:d3:48:f8:8a:6a:
                    82:af:8d:61:fe:97:37:53:c1:75:ac:c4:e1:36:29:
                    cc:04:46:a0:15:54:8a:eb:8f:a7:ad:a2:40:76:7a:
                    9e:c9:62:9d:1b:a2:f0:80:da:9c:08:4a:1e:89:75:
                    49:2b:aa:51:ab:69:60:82:d8:0e:7b:b7:a3:19:b9:
                    c1:8d:07:51:8c:e5:74:97:e8:8b:32:17:c8:f9:d2:
                    4f:93:2c:e1:93:c5:95:c3:0b:af:4a:36:6b:7f:9a:
                    b9:64:6b:81:8a:21:01:78:89:22:49:77:e5:f8:53:
                    c2:be:b1:2c:2d:0a:5c:cd:ba:8e:11:bd:34:ce:ed:
                    69:9a:00:28:f2:62:b5:b5:16:f3:d4:64:2e:02:ec:
                    07:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                70:70:C5:56:5C:C2:FE:45:6C:31:60:40:8B:6E:7F:B6:80:C0:8C:19
            X509v3 Authority Key Identifier: 
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A915B77C/2814F77A69B511EABA601752C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A915B77C/2814F77A69B511EABA601752C4F9AE02/cHDFVlzC_kVsMWBAi25_toDAjBk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  134447

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.104.87.0/24
                  103.104.96.0/23
                  103.193.18.0/24
                  203.109.40.0/22
                IPv6:
                  2401:f8c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         4c:cf:59:54:b7:92:3e:69:99:9b:66:e1:7e:4a:36:0b:8a:f7:
         e5:66:05:42:6d:c6:fc:b8:a5:a7:7f:7e:26:92:ac:48:35:70:
         26:51:d7:64:02:df:c2:28:6b:46:13:07:09:cc:29:74:da:e1:
         cb:45:48:d6:8d:1c:d5:5a:32:b4:10:c9:f7:1c:df:84:7e:84:
         2d:f2:a8:b9:fb:cd:a5:80:ea:ab:54:ff:85:4d:fc:ba:3b:01:
         c9:87:2c:d2:c2:8e:3e:46:c6:0f:4e:b2:4f:69:6f:86:7b:54:
         7d:55:95:aa:3e:07:cd:42:0f:6b:a0:fc:4e:6d:2e:da:55:a5:
         d7:9b:03:22:8e:ce:84:78:e7:2d:d8:b8:9e:58:ef:d5:97:eb:
         01:0e:74:a3:6c:98:7b:57:72:da:15:35:16:f5:75:ca:30:e0:
         83:b5:72:21:fd:4e:9e:e1:02:fd:f9:eb:59:d4:53:77:31:c6:
         c8:40:44:56:ae:6b:c4:fc:15:e9:50:c9:92:ae:1b:6a:93:08:
         d2:c9:5f:1e:39:28:f4:f3:9b:83:38:3e:bb:e4:e9:cc:70:75:
         9a:85:17:d3:74:90:8f:a3:77:59:ab:dc:2e:4b:dd:57:d9:19:
         24:b8:bb:7a:f3:4d:42:c0:2d:cf:20:d8:0e:d0:c5:77:69:87:
         36:18:32:64
-----BEGIN CERTIFICATE-----
MIIGOzCCBSOgAwIBAgIDAWhNMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIyMDgxNTA5MzUzNFoXDTIzMDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNUI3N0MxMTAvBgNVBAUTKDcwNzBDNTU2NUNDMkZFNDU2QzMxNjA0
MDhCNkU3RkI2ODBDMDhDMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCfCGsqioliNYHRqwutSQqaqw8LQcmURW09ERSN1SFN+FRoqVERgwUT+wi7WCEG
UXI1uESJAIMQK5RMIDEd9fRZTr3hpLsATDF5IrJ6wASw/mQzjOnOR5PVRlqXXM0L
N4IESKQaaYbLhfRIAe2iwS9ZgHPTSPiKaoKvjWH+lzdTwXWsxOE2KcwERqAVVIrr
j6etokB2ep7JYp0bovCA2pwISh6JdUkrqlGraWCC2A57t6MZucGNB1GM5XSX6Isy
F8j50k+TLOGTxZXDC69KNmt/mrlka4GKIQF4iSJJd+X4U8K+sSwtClzNuo4RvTTO
7WmaACjyYrW1FvPUZC4C7AcFAgMBAAGjggMwMIIDLDAdBgNVHQ4EFgQUcHDFVlzC
/kVsMWBAi25/toDAjBkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTVCNzdDLzI4MTRGNzdBNjlCNTExRUFCQTYwMTc1MkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1Qjc3Qy8yODE0Rjc3QTY5QjUxMUVBQkE2MDE3NTJDNEY5QUUwMi9jSERGVmx6
Q19rVnNNV0JBaTI1X3RvREFqQmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg0vMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAZ2hXAwQBZ2hg
AwQAZ8ESAwQCy20oMA0EAgACMAcDBQAkAfjAMA0GCSqGSIb3DQEBCwUAA4IBAQBM
z1lUt5I+aZmbZuF+SjYLivflZgVCbcb8uKWnf34mkqxINXAmUddkAt/CKGtGEwcJ
zCl02uHLRUjWjRzVWjK0EMn3HN+EfoQt8qi5+82lgOqrVP+FTfy6OwHJhyzSwo4+
RsYPTrJPaW+Ge1R9VZWqPgfNQg9roPxObS7aVaXXmwMijs6EeOct2LieWO/Vl+sB
DnSjbJh7V3LaFTUW9XXKMOCDtXIh/U6e4QL9+etZ1FN3McbIQERWrmvE/BXpUMmS
rhtqkwjSyV8eOSj085uDOD675OnMcHWahRfTdJCPo3dZq9wuS91X2RkkuLt6801C
wC3PINgO0MV3aYc2GDJk
-----END CERTIFICATE-----
Generated at Sun Jan 29 18:11:40 2023 by rpki-client.