Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/daF-q5BBtk2zdHHPtOv_WR6PaZM.cer
File:                     daF-q5BBtk2zdHHPtOv_WR6PaZM.cer (raw, json)
Hash identifier:          HQ+BIL14UYmpQPB4dhK7T3Auk2EQtcld389HLH//pwg=
Subject key identifier:   75:A1:7E:AB:90:41:B6:4D:B3:74:71:CF:B4:EB:FF:59:1E:8F:69:93
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C926
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A919D626/60081EAC8D7F11EB8D8BD60BC4F9AE02/daF-q5BBtk2zdHHPtOv_WR6PaZM.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A919D626/60081EAC8D7F11EB8D8BD60BC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 06 Nov 2023 15:17:56 +0000
Certificate not after:    Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources:    IP: 202.12.107.0/24
                          IP: 203.9.149.0/24
                          IP: 203.10.106.0/24
                          IP: 203.18.63.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 09:37:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117030 (0x1c926)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov  6 15:17:56 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=A919D626/serialNumber=75A17EAB9041B64DB37471CFB4EBFF591E8F6993
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:bf:62:87:d2:7e:9a:9d:6e:5a:34:7f:32:5a:
                    38:9a:ca:54:3f:bb:39:8c:15:2e:0a:8a:44:b2:ba:
                    ac:1c:f7:47:87:d0:ff:e9:08:87:cc:f7:d9:7a:c0:
                    99:b0:27:1a:b6:9d:74:26:52:3d:ff:fa:5c:1f:0e:
                    ef:25:8e:c1:29:60:71:ed:dc:b9:e6:6b:05:aa:91:
                    dd:ae:18:6c:19:7e:22:f1:58:c5:c0:c2:69:9a:a4:
                    4a:20:29:4b:27:bd:0e:51:35:20:d8:97:28:ad:12:
                    73:39:fb:42:fb:e9:a9:04:bd:2a:3e:09:27:a9:13:
                    b5:64:29:d3:2d:13:58:bd:c9:a1:06:8d:20:da:ec:
                    75:9b:d9:b8:73:58:75:e9:ed:87:5d:3b:f5:9f:2d:
                    38:01:f4:93:e8:f1:4e:5c:58:4e:34:4e:79:31:fd:
                    25:25:76:78:f8:11:78:48:f4:06:2e:95:83:d1:1d:
                    62:e3:fb:62:23:ed:d9:b1:7d:3b:79:42:5b:11:dc:
                    20:4e:70:74:c5:21:f8:9e:da:f0:3c:a9:95:6f:fb:
                    c3:a7:84:d8:fb:28:ae:03:07:4d:0f:f0:3b:7b:d4:
                    fd:39:bf:62:2e:5d:d7:57:18:f3:45:98:44:5b:43:
                    95:4b:0d:1f:66:02:5c:5d:b1:13:e1:39:d8:49:bb:
                    5a:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:A1:7E:AB:90:41:B6:4D:B3:74:71:CF:B4:EB:FF:59:1E:8F:69:93
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A919D626/60081EAC8D7F11EB8D8BD60BC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A919D626/60081EAC8D7F11EB8D8BD60BC4F9AE02/daF-q5BBtk2zdHHPtOv_WR6PaZM.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.12.107.0/24
                  203.9.149.0/24
                  203.10.106.0/24
                  203.18.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:91:59:88:12:0c:60:f1:44:f4:4e:ff:ad:eb:45:6a:c7:29:
         6b:ce:6e:10:4d:3d:75:07:8d:5b:39:51:10:5b:ce:97:93:69:
         4b:87:10:e2:54:a1:e2:15:a4:47:1b:1f:db:dc:bb:fb:12:32:
         21:40:32:10:eb:61:bc:d7:f2:92:d3:eb:7d:75:61:71:17:12:
         21:aa:82:2a:a7:c2:e9:7f:ed:0c:37:f0:7f:0e:ed:f8:87:08:
         d4:68:49:bc:8a:e6:3b:7e:8e:16:94:f9:3c:a2:6d:6b:9a:74:
         3e:ed:27:5d:33:a0:aa:a7:6e:4e:a3:5f:b6:93:2d:ee:70:e7:
         00:6a:db:d2:b2:3e:2f:85:af:06:ab:75:96:e7:c5:66:21:e1:
         2a:79:55:f0:8f:96:8b:2e:f6:11:8d:a2:18:77:6a:0e:bc:39:
         24:29:7b:0e:17:c1:ac:93:bb:6e:f5:d3:6b:d8:3a:30:9c:3f:
         6a:12:57:e5:88:59:84:be:92:f6:b7:c0:04:19:9a:05:aa:b7:
         bb:2d:59:8b:cc:58:32:be:04:91:21:8e:db:9d:a9:3b:66:76:
         58:78:8a:87:65:34:b9:83:c3:11:ad:f4:ee:01:f0:a0:e7:55:
         1e:03:d7:15:6f:47:ed:cc:e8:8d:41:20:46:e3:8f:ba:f0:2f:
         c9:a6:98:9f
-----BEGIN CERTIFICATE-----
MIIGEDCCBPigAwIBAgIDAckmMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEwNjE1MTc1NloXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOUQ2MjYxMTAvBgNVBAUTKDc1QTE3RUFCOTA0MUI2NERCMzc0NzFD
RkI0RUJGRjU5MUU4RjY5OTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDmv2KH0n6anW5aNH8yWjiaylQ/uzmMFS4KikSyuqwc90eH0P/pCIfM99l6wJmw
Jxq2nXQmUj3/+lwfDu8ljsEpYHHt3LnmawWqkd2uGGwZfiLxWMXAwmmapEogKUsn
vQ5RNSDYlyitEnM5+0L76akEvSo+CSepE7VkKdMtE1i9yaEGjSDa7HWb2bhzWHXp
7YddO/WfLTgB9JPo8U5cWE40Tnkx/SUldnj4EXhI9AYulYPRHWLj+2Ij7dmxfTt5
QlsR3CBOcHTFIfie2vA8qZVv+8OnhNj7KK4DB00P8Dt71P05v2IuXddXGPNFmERb
Q5VLDR9mAlxdsRPhOdhJu1qPAgMBAAGjggMFMIIDATAdBgNVHQ4EFgQUdaF+q5BB
tk2zdHHPtOv/WR6PaZMwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTlENjI2LzYwMDgxRUFDOEQ3RjExRUI4RDhCRDYwQkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5RDYyNi82MDA4MUVBQzhEN0YxMUVCOEQ4QkQ2MEJDNEY5QUUwMi9kYUYtcTVC
QnRrMnpkSEhQdE92X1dSNlBhWk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8EIjAg
MB4EAgABMBgDBADKDGsDBADLCZUDBADLCmoDBADLEj8wDQYJKoZIhvcNAQELBQAD
ggEBADeRWYgSDGDxRPRO/63rRWrHKWvObhBNPXUHjVs5URBbzpeTaUuHEOJUoeIV
pEcbH9vcu/sSMiFAMhDrYbzX8pLT6311YXEXEiGqgiqnwul/7Qw38H8O7fiHCNRo
SbyK5jt+jhaU+TyibWuadD7tJ10zoKqnbk6jX7aTLe5w5wBq29KyPi+FrwardZbn
xWYh4Sp5VfCPlosu9hGNohh3ag68OSQpew4XwayTu27102vYOjCcP2oSV+WIWYS+
kva3wAQZmgWqt7stWYvMWDK+BJEhjtudqTtmdlh4iodlNLmDwxGt9O4B8KDnVR4D
1xVvR+3M6I1BIEbjj7rwL8mmmJ8=
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:22:37 2024 by rpki-client on console-fra.rpki-client.org