Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cHDFVlzC_kVsMWBAi25_toDAjBk.cer
File:                     cHDFVlzC_kVsMWBAi25_toDAjBk.cer (raw, json)
Hash identifier:          LDSKlyFpv/GuYLpfPjnwdfL1XiN1Hj7F1LAn7tEG92o=
Subject key identifier:   70:70:C5:56:5C:C2:FE:45:6C:31:60:40:8B:6E:7F:B6:80:C0:8C:19
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01B1C6
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A915B77C/2814F77A69B511EABA601752C4F9AE02/cHDFVlzC_kVsMWBAi25_toDAjBk.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A915B77C/2814F77A69B511EABA601752C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 24 Jul 2023 14:23:05 +0000
Certificate not after:    Mon 30 Sep 2024 00:00:00 +0000
Subordinate resources:    AS: 134447
                          IP: 103.104.87.0/24
                          IP: 103.104.96.0/23
                          IP: 103.193.18.0/24
                          IP: 203.109.40.0/22
                          IP: 2401:f8c0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 23:00:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 111046 (0x1b1c6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jul 24 14:23:05 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=A915B77C/serialNumber=7070C5565CC2FE456C3160408B6E7FB680C08C19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:08:6b:2a:8a:89:62:35:81:d1:ab:0b:ad:49:
                    0a:9a:ab:0f:0b:41:c9:94:45:6d:3d:11:14:8d:d5:
                    21:4d:f8:54:68:a9:51:11:83:05:13:fb:08:bb:58:
                    21:06:51:72:35:b8:44:89:00:83:10:2b:94:4c:20:
                    31:1d:f5:f4:59:4e:bd:e1:a4:bb:00:4c:31:79:22:
                    b2:7a:c0:04:b0:fe:64:33:8c:e9:ce:47:93:d5:46:
                    5a:97:5c:cd:0b:37:82:04:48:a4:1a:69:86:cb:85:
                    f4:48:01:ed:a2:c1:2f:59:80:73:d3:48:f8:8a:6a:
                    82:af:8d:61:fe:97:37:53:c1:75:ac:c4:e1:36:29:
                    cc:04:46:a0:15:54:8a:eb:8f:a7:ad:a2:40:76:7a:
                    9e:c9:62:9d:1b:a2:f0:80:da:9c:08:4a:1e:89:75:
                    49:2b:aa:51:ab:69:60:82:d8:0e:7b:b7:a3:19:b9:
                    c1:8d:07:51:8c:e5:74:97:e8:8b:32:17:c8:f9:d2:
                    4f:93:2c:e1:93:c5:95:c3:0b:af:4a:36:6b:7f:9a:
                    b9:64:6b:81:8a:21:01:78:89:22:49:77:e5:f8:53:
                    c2:be:b1:2c:2d:0a:5c:cd:ba:8e:11:bd:34:ce:ed:
                    69:9a:00:28:f2:62:b5:b5:16:f3:d4:64:2e:02:ec:
                    07:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:70:C5:56:5C:C2:FE:45:6C:31:60:40:8B:6E:7F:B6:80:C0:8C:19
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A915B77C/2814F77A69B511EABA601752C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A915B77C/2814F77A69B511EABA601752C4F9AE02/cHDFVlzC_kVsMWBAi25_toDAjBk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  134447

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.104.87.0/24
                  103.104.96.0/23
                  103.193.18.0/24
                  203.109.40.0/22
                IPv6:
                  2401:f8c0::/32

    Signature Algorithm: sha256WithRSAEncryption
         75:ce:f9:00:50:d0:91:f7:28:39:b5:1c:77:18:fc:e4:1c:93:
         f9:5a:1c:b9:6e:6e:28:7a:3b:17:91:71:43:3c:19:1d:7b:25:
         44:83:97:6a:80:47:8d:f9:b7:0a:31:0c:31:bb:42:c9:43:25:
         4e:69:41:4c:a9:f1:e6:51:e8:6c:ab:bd:ff:30:08:a3:80:02:
         f9:37:14:4e:87:10:60:82:13:54:6e:55:ae:a6:33:90:73:68:
         98:64:56:b3:82:8f:40:34:bf:b4:8c:d4:8f:13:48:f5:2a:78:
         19:ec:fd:20:db:a7:f7:57:f3:31:0c:85:35:bd:47:36:df:45:
         36:5f:f0:de:8f:cf:be:d8:4d:06:70:b2:59:20:5d:4b:ca:a2:
         07:bb:3c:90:52:bb:db:67:f3:87:22:13:5e:1d:6b:e8:5c:69:
         cd:05:64:ae:95:4c:71:51:81:9f:cf:06:f7:a5:a6:19:8a:cf:
         d7:6c:d4:fc:ae:2f:55:47:b3:c8:d6:07:24:90:c0:75:c3:cb:
         f4:95:5d:f6:7a:1d:22:ff:03:bf:b4:b1:98:08:e0:94:75:51:
         ea:f8:db:c4:7a:6d:21:d2:92:72:13:b2:50:8c:02:94:62:1d:
         fd:c5:18:89:6f:3b:5e:d5:29:44:7c:cc:62:6e:75:eb:e2:c8:
         0b:e4:9a:cd
-----BEGIN CERTIFICATE-----
MIIGOzCCBSOgAwIBAgIDAbHGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDcyNDE0MjMwNVoXDTI0MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNUI3N0MxMTAvBgNVBAUTKDcwNzBDNTU2NUNDMkZFNDU2QzMxNjA0
MDhCNkU3RkI2ODBDMDhDMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCfCGsqioliNYHRqwutSQqaqw8LQcmURW09ERSN1SFN+FRoqVERgwUT+wi7WCEG
UXI1uESJAIMQK5RMIDEd9fRZTr3hpLsATDF5IrJ6wASw/mQzjOnOR5PVRlqXXM0L
N4IESKQaaYbLhfRIAe2iwS9ZgHPTSPiKaoKvjWH+lzdTwXWsxOE2KcwERqAVVIrr
j6etokB2ep7JYp0bovCA2pwISh6JdUkrqlGraWCC2A57t6MZucGNB1GM5XSX6Isy
F8j50k+TLOGTxZXDC69KNmt/mrlka4GKIQF4iSJJd+X4U8K+sSwtClzNuo4RvTTO
7WmaACjyYrW1FvPUZC4C7AcFAgMBAAGjggMwMIIDLDAdBgNVHQ4EFgQUcHDFVlzC
/kVsMWBAi25/toDAjBkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTVCNzdDLzI4MTRGNzdBNjlCNTExRUFCQTYwMTc1MkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1Qjc3Qy8yODE0Rjc3QTY5QjUxMUVBQkE2MDE3NTJDNEY5QUUwMi9jSERGVmx6
Q19rVnNNV0JBaTI1X3RvREFqQmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAg0vMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAZ2hXAwQBZ2hg
AwQAZ8ESAwQCy20oMA0EAgACMAcDBQAkAfjAMA0GCSqGSIb3DQEBCwUAA4IBAQB1
zvkAUNCR9yg5tRx3GPzkHJP5Why5bm4oejsXkXFDPBkdeyVEg5dqgEeN+bcKMQwx
u0LJQyVOaUFMqfHmUehsq73/MAijgAL5NxROhxBgghNUblWupjOQc2iYZFazgo9A
NL+0jNSPE0j1KngZ7P0g26f3V/MxDIU1vUc230U2X/Dej8++2E0GcLJZIF1LyqIH
uzyQUrvbZ/OHIhNeHWvoXGnNBWSulUxxUYGfzwb3paYZis/XbNT8ri9VR7PI1gck
kMB1w8v0lV32eh0i/wO/tLGYCOCUdVHq+NvEem0h0pJyE7JQjAKUYh39xRiJbzte
1SlEfMxibnXr4sgL5JrN
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:50:44 2024 by rpki-client on console-ams.rpki-client.org