Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dUx6CJILdd5uGzejtUuNUyXY33M.cer
File:                     dUx6CJILdd5uGzejtUuNUyXY33M.cer (raw, json)
Hash identifier:          S57RIjnoa2Cyd6lgrGJev9azaYBk7Utiu4wgMCP1FHw=
Subject key identifier:   75:4C:7A:08:92:0B:75:DE:6E:1B:37:A3:B5:4B:8D:53:25:D8:DF:73
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01BA88
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9160C86/83CC49E099F311ECB58EC70EC4F9AE02/dUx6CJILdd5uGzejtUuNUyXY33M.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9160C86/83CC49E099F311ECB58EC70EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 31 Aug 2023 17:03:35 +0000
Certificate not after:    Thu 31 Oct 2024 00:00:00 +0000
Subordinate resources:    IP: 103.129.52.0/22
                          IP: 2403:7840::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 113288 (0x1ba88)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Aug 31 17:03:35 2023 GMT
            Not After : Oct 31 00:00:00 2024 GMT
        Subject: CN=A9160C86/serialNumber=754C7A08920B75DE6E1B37A3B54B8D5325D8DF73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:74:2f:9f:a0:ce:2d:c2:0a:aa:7b:10:29:eb:
                    a4:c2:8f:35:80:8e:31:aa:ba:74:6d:f7:18:a6:4d:
                    88:b3:a4:db:05:7d:b3:1a:71:ab:6d:b0:5c:f8:ed:
                    2f:fe:b3:53:93:a2:67:c3:ae:c3:de:dc:7a:7a:51:
                    d5:2e:bf:75:fc:0a:fc:6b:0a:5a:50:e8:66:ea:90:
                    96:55:cf:ce:77:8f:d0:0a:4d:c0:0e:ea:09:9c:cc:
                    82:11:ec:24:a3:23:e9:54:c5:d4:ee:0d:43:1e:2e:
                    e9:c5:3e:37:c1:54:ff:ae:bc:ed:88:1c:27:51:e5:
                    09:a7:68:10:7c:dc:2f:81:32:8f:99:44:87:ad:b5:
                    d7:a1:b3:33:ca:5c:d4:dd:6a:01:c9:5a:00:f3:35:
                    d2:73:25:dc:c6:51:1c:17:71:18:4b:eb:23:c4:8e:
                    98:b4:48:23:68:6c:52:d1:14:af:a7:89:63:1f:56:
                    71:42:3e:d2:d3:bb:40:b4:f4:c0:e5:f0:18:3f:a6:
                    7a:6e:4c:75:ed:88:ea:d4:c6:93:99:aa:33:aa:81:
                    fa:4e:c4:af:75:76:c1:12:71:2c:38:52:ba:a2:60:
                    74:f2:8c:df:35:17:97:82:4d:24:2a:42:aa:07:91:
                    16:2a:c8:71:a7:5f:c7:60:f9:1d:78:17:52:cb:10:
                    f6:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:4C:7A:08:92:0B:75:DE:6E:1B:37:A3:B5:4B:8D:53:25:D8:DF:73
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9160C86/83CC49E099F311ECB58EC70EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9160C86/83CC49E099F311ECB58EC70EC4F9AE02/dUx6CJILdd5uGzejtUuNUyXY33M.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.129.52.0/22
                IPv6:
                  2403:7840::/32

    Signature Algorithm: sha256WithRSAEncryption
         44:70:2f:ab:38:3b:c1:ab:4d:f6:06:82:b6:c1:73:16:2f:12:
         d2:6c:c8:19:c1:3d:cc:b5:38:23:d5:23:77:d8:02:28:54:6d:
         f1:70:8a:b8:f9:6e:4e:95:60:e0:70:7e:60:2a:44:66:9e:ea:
         a3:da:13:0c:9e:bf:45:80:23:fd:39:6a:8a:74:79:9e:18:15:
         7e:36:3e:f4:c4:76:57:e8:60:f9:26:55:f6:58:70:3a:52:0c:
         e7:15:28:f9:45:6f:e3:33:ac:b2:39:62:8c:fd:e3:ee:60:d6:
         dd:b0:e2:28:48:3c:1d:81:1f:ef:a0:b1:e5:cb:3e:fa:c6:bd:
         5e:d5:6c:7d:f9:b4:d5:57:6c:b2:c7:81:0e:ad:0b:96:f9:f7:
         87:f6:8b:9e:a5:84:ff:0e:51:6e:09:1e:d7:cf:0a:11:df:d3:
         0c:0a:d8:fc:a4:fd:85:4d:b9:38:52:64:69:05:07:ad:b8:dc:
         96:21:df:26:f2:92:97:54:97:93:a8:a7:6e:9b:2d:78:b0:b5:
         71:cc:b5:9b:67:13:70:0d:19:b8:07:3f:20:53:d4:c0:ff:b8:
         9d:ad:79:57:3b:a8:b0:3b:59:84:a0:f2:1e:cc:2b:b1:9c:88:
         3b:4d:e9:91:d3:e4:a1:33:08:ca:66:b5:df:53:bb:05:79:5f:
         02:5c:99:74
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgIDAbqIMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDgzMTE3MDMzNVoXDTI0MTAzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjBDODYxMTAvBgNVBAUTKDc1NEM3QTA4OTIwQjc1REU2RTFCMzdB
M0I1NEI4RDUzMjVEOERGNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDmdC+foM4twgqqexAp66TCjzWAjjGqunRt9ximTYizpNsFfbMacattsFz47S/+
s1OTomfDrsPe3Hp6UdUuv3X8CvxrClpQ6GbqkJZVz853j9AKTcAO6gmczIIR7CSj
I+lUxdTuDUMeLunFPjfBVP+uvO2IHCdR5QmnaBB83C+BMo+ZRIettdehszPKXNTd
agHJWgDzNdJzJdzGURwXcRhL6yPEjpi0SCNobFLRFK+niWMfVnFCPtLTu0C09MDl
8Bg/pnpuTHXtiOrUxpOZqjOqgfpOxK91dsEScSw4UrqiYHTyjN81F5eCTSQqQqoH
kRYqyHGnX8dg+R14F1LLEPYlAgMBAAGjggMCMIIC/jAdBgNVHQ4EFgQUdUx6CJIL
dd5uGzejtUuNUyXY33MwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTYwQzg2LzgzQ0M0OUUwOTlGMzExRUNCNThFQzcwRUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2MEM4Ni84M0NDNDlFMDk5RjMxMUVDQjU4RUM3MEVDNEY5QUUwMi9kVXg2Q0pJ
TGRkNXVHemVqdFV1TlV5WFkzM00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8EHzAd
MAwEAgABMAYDBAJngTQwDQQCAAIwBwMFACQDeEAwDQYJKoZIhvcNAQELBQADggEB
AERwL6s4O8GrTfYGgrbBcxYvEtJsyBnBPcy1OCPVI3fYAihUbfFwirj5bk6VYOBw
fmAqRGae6qPaEwyev0WAI/05aop0eZ4YFX42PvTEdlfoYPkmVfZYcDpSDOcVKPlF
b+MzrLI5Yoz94+5g1t2w4ihIPB2BH++gseXLPvrGvV7VbH35tNVXbLLHgQ6tC5b5
94f2i56lhP8OUW4JHtfPChHf0wwK2Pyk/YVNuThSZGkFB6243JYh3ybykpdUl5Oo
p26bLXiwtXHMtZtnE3ANGbgHPyBT1MD/uJ2teVc7qLA7WYSg8h7MK7GciDtN6ZHT
5KEzCMpmtd9TuwV5XwJcmXQ=
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:29 2024 by rpki-client on console-fra.rpki-client.org