Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cKRczAWTxHEjY1BaCmTdO3NXboo.cer
File:                     cKRczAWTxHEjY1BaCmTdO3NXboo.cer (raw, json)
Hash identifier:          a8SSS5eUr/NK3pTkg95RlKLsObgioDQ5/0P2qjsu+Bc=
Subject key identifier:   70:A4:5C:CC:05:93:C4:71:23:63:50:5A:0A:64:DD:3B:73:57:6E:8A
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CD39
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A911807E/C4B4E2C6179211EB90BFA084C4F9AE02/cKRczAWTxHEjY1BaCmTdO3NXboo.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A911807E/C4B4E2C6179211EB90BFA084C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 28 Nov 2023 12:35:16 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    AS: 141234
                          IP: 103.156.244.0/23
                          IP: 2001:df5:280::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 20:48:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118073 (0x1cd39)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov 28 12:35:16 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A911807E/serialNumber=70A45CCC0593C4712363505A0A64DD3B73576E8A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:e6:23:2c:d8:62:7c:30:19:59:1d:64:ce:5b:
                    63:7b:c2:b7:22:45:e3:ba:f6:bf:19:fa:ca:97:59:
                    f6:54:37:12:0d:f4:5d:62:81:ee:19:91:70:ef:4f:
                    48:43:35:26:29:f0:43:e5:da:5f:31:af:bf:77:27:
                    7b:32:1e:cd:11:55:2c:f6:9f:17:b6:bd:30:4e:a3:
                    5c:69:85:00:15:48:a4:d5:55:4e:8e:b9:9e:f1:2f:
                    09:3b:d1:a1:20:37:4c:a7:72:fc:fb:33:65:89:8f:
                    ae:5f:63:d7:e1:0e:36:d7:7a:3e:54:86:cf:09:f7:
                    6a:47:81:5a:a7:e1:49:59:4a:81:8c:99:e0:5f:70:
                    2a:a5:55:a8:f4:71:c1:8d:c7:b1:29:72:8f:d0:b6:
                    5e:c9:dd:09:8f:ab:43:cc:6b:3a:b4:33:82:f6:5c:
                    f1:2d:1e:85:29:06:f6:ce:30:1e:40:7e:78:bd:0e:
                    29:f8:7a:09:e4:7b:7b:a9:de:10:6d:b9:c3:03:db:
                    b1:b7:b2:d6:1f:44:13:3e:b2:f1:df:82:a2:46:9b:
                    4c:ed:ae:b7:00:d7:62:7d:e8:02:4c:73:cc:3e:51:
                    e5:65:93:f0:76:9f:72:01:30:7e:06:13:82:0e:bf:
                    80:e0:b1:82:dc:5f:85:28:20:19:d9:79:10:fc:9a:
                    27:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:A4:5C:CC:05:93:C4:71:23:63:50:5A:0A:64:DD:3B:73:57:6E:8A
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A911807E/C4B4E2C6179211EB90BFA084C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A911807E/C4B4E2C6179211EB90BFA084C4F9AE02/cKRczAWTxHEjY1BaCmTdO3NXboo.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  141234

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.156.244.0/23
                IPv6:
                  2001:df5:280::/48

    Signature Algorithm: sha256WithRSAEncryption
         c9:5b:d5:3e:7d:f2:b9:ec:ce:f8:51:63:80:ff:b7:d9:bf:dc:
         d6:c3:95:85:30:3e:d2:ba:76:35:84:40:f5:60:dd:a9:5c:e1:
         3d:2f:6f:b5:7a:0f:e8:29:af:e3:86:ac:c5:3d:76:93:a7:9e:
         2e:f3:c1:63:11:9e:f0:cf:01:da:09:38:d2:ac:8c:65:57:ca:
         3b:30:ed:86:62:29:05:72:84:f9:14:06:39:7d:90:0f:3d:22:
         17:db:e7:8d:73:d9:6f:4b:51:78:91:d8:6b:45:2c:67:09:65:
         63:24:97:a8:21:7e:94:2c:42:a2:9d:25:5c:9d:9e:da:12:c8:
         2c:79:ba:19:64:5c:ab:8e:8c:36:cb:fe:04:fa:9b:29:67:68:
         0a:42:66:46:d2:0f:50:26:3e:89:23:65:d9:14:ff:69:02:da:
         67:29:94:9e:de:67:50:d9:92:23:d7:cb:e9:0b:07:ef:4f:65:
         b3:82:92:cf:80:7d:6a:c7:6f:6e:cc:d5:ea:52:39:3b:25:00:
         12:9b:2f:dc:c1:2e:dd:d0:22:7a:fc:af:95:e9:60:27:a9:2d:
         a7:55:c0:fb:73:1f:e7:5a:c5:12:b9:ac:5e:89:80:74:3d:1c:
         08:00:06:ea:b4:36:1e:b5:6e:76:17:ae:d8:2e:43:fb:8b:7a:
         83:23:e5:48
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAc05MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEyODEyMzUxNloXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMTgwN0UxMTAvBgNVBAUTKDcwQTQ1Q0NDMDU5M0M0NzEyMzYzNTA1
QTBBNjRERDNCNzM1NzZFOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCu5iMs2GJ8MBlZHWTOW2N7wrciReO69r8Z+sqXWfZUNxIN9F1ige4ZkXDvT0hD
NSYp8EPl2l8xr793J3syHs0RVSz2nxe2vTBOo1xphQAVSKTVVU6OuZ7xLwk70aEg
N0yncvz7M2WJj65fY9fhDjbXej5Uhs8J92pHgVqn4UlZSoGMmeBfcCqlVaj0ccGN
x7Epco/Qtl7J3QmPq0PMazq0M4L2XPEtHoUpBvbOMB5Afni9Din4egnke3up3hBt
ucMD27G3stYfRBM+svHfgqJGm0ztrrcA12J96AJMc8w+UeVlk/B2n3IBMH4GE4IO
v4DgsYLcX4UoIBnZeRD8mieLAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUcKRczAWT
xHEjY1BaCmTdO3NXboowHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTE4MDdFL0M0QjRFMkM2MTc5MjExRUI5MEJGQTA4NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTExODA3RS9DNEI0RTJDNjE3OTIxMUVCOTBCRkEwODRDNEY5QUUwMi9jS1JjekFX
VHhIRWpZMUJhQ21UZE8zTlhib28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAieyMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ5z0MA8EAgAC
MAkDBwAgAQ31AoAwDQYJKoZIhvcNAQELBQADggEBAMlb1T598rnszvhRY4D/t9m/
3NbDlYUwPtK6djWEQPVg3alc4T0vb7V6D+gpr+OGrMU9dpOnni7zwWMRnvDPAdoJ
ONKsjGVXyjsw7YZiKQVyhPkUBjl9kA89Ihfb541z2W9LUXiR2GtFLGcJZWMkl6gh
fpQsQqKdJVydntoSyCx5uhlkXKuOjDbL/gT6mylnaApCZkbSD1AmPokjZdkU/2kC
2mcplJ7eZ1DZkiPXy+kLB+9PZbOCks+AfWrHb27M1epSOTslABKbL9zBLt3QInr8
r5XpYCepLadVwPtzH+daxRK5rF6JgHQ9HAgABuq0Nh61bnYXrtguQ/uLeoMj5Ug=
-----END CERTIFICATE-----
Generated at Thu Mar 28 21:37:26 2024 by rpki-client on console-ams.rpki-client.org