Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dsjgEVVJ7akt4iI2oqWlCvCfhBE.cer
File:                     dsjgEVVJ7akt4iI2oqWlCvCfhBE.cer (raw, json)
Hash identifier:          PjVP1bi4JJQg1G/vrMODqB+DSxUW0X4amaI+cbp4b8U=
Subject key identifier:   76:C8:E0:11:55:49:ED:A9:2D:E2:22:36:A2:A5:A5:0A:F0:9F:84:11
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CC95
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91B29F8/92D0BE02906811EB9E3FC66CC4F9AE02/dsjgEVVJ7akt4iI2oqWlCvCfhBE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91B29F8/92D0BE02906811EB9E3FC66CC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 23 Nov 2023 18:16:22 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    IP: 103.99.60.0/22
                          IP: 2401:a940::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 06:56:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117909 (0x1cc95)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov 23 18:16:22 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A91B29F8/serialNumber=76C8E0115549EDA92DE22236A2A5A50AF09F8411
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:a9:26:64:be:6d:e4:84:3b:2b:88:32:d2:c4:
                    7d:19:0c:bb:07:5c:21:c4:c2:85:0a:2e:22:a5:b0:
                    2e:cd:d7:ea:89:d0:1a:10:a6:16:1f:d2:37:87:40:
                    1c:a8:df:30:a5:74:f9:c8:36:6d:0b:03:21:ce:25:
                    4d:d2:98:38:6b:4c:e7:d7:8a:2d:71:4e:c5:df:b0:
                    84:4b:da:0f:46:2e:c1:b9:ff:84:51:01:40:1a:06:
                    11:a8:2b:4b:a0:31:ed:e9:ad:ed:45:a2:ea:1f:b1:
                    a5:bf:40:d4:b7:26:be:78:66:c2:55:80:80:72:be:
                    31:76:e7:b2:2a:df:03:e5:d8:5b:24:4a:22:86:84:
                    98:5c:75:85:9c:e9:ff:dc:36:77:ec:0c:b3:17:ff:
                    f6:5a:ef:23:b9:92:64:5f:6e:53:4b:0a:53:7e:15:
                    c0:24:af:5d:c5:34:6e:ce:a5:9e:f5:20:a1:89:04:
                    5e:7c:18:6c:60:7c:99:b4:01:b1:46:2e:c7:7f:1e:
                    ce:ea:38:46:33:cd:40:00:69:34:5d:f2:5d:4a:63:
                    c0:bd:d9:5b:37:30:93:76:74:95:2d:97:98:fb:25:
                    1f:ef:7d:35:95:99:28:7a:24:6b:51:49:ce:9a:a8:
                    76:48:85:60:1f:a2:ad:9b:06:b6:cf:03:52:e0:78:
                    01:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:C8:E0:11:55:49:ED:A9:2D:E2:22:36:A2:A5:A5:0A:F0:9F:84:11
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B29F8/92D0BE02906811EB9E3FC66CC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B29F8/92D0BE02906811EB9E3FC66CC4F9AE02/dsjgEVVJ7akt4iI2oqWlCvCfhBE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.99.60.0/22
                IPv6:
                  2401:a940::/32

    Signature Algorithm: sha256WithRSAEncryption
         d7:f7:ae:80:bc:0b:dd:e5:bf:73:a7:26:b7:7d:6a:c0:c5:f6:
         dc:d6:84:bf:c5:a9:44:d2:1c:b3:95:19:a3:04:3d:3f:2b:c8:
         91:9a:32:c1:44:92:cb:93:1e:a1:fe:4f:d0:3f:74:2b:37:8a:
         c7:6c:09:ea:5d:a7:d6:09:73:b7:13:18:cc:83:7c:94:90:3d:
         9e:73:1b:8b:0e:ba:e3:e4:8c:d6:e1:99:0e:31:d3:e5:b3:b6:
         6b:d1:b7:b8:54:c4:bf:5e:58:4d:78:f9:af:e1:b9:ad:f9:85:
         4d:a6:cd:a1:19:d8:e5:92:e2:b1:35:b4:8e:f8:dc:6b:b8:e6:
         12:f3:29:bc:30:3f:73:07:8b:ab:bb:df:f7:1a:07:d7:5d:06:
         dd:30:e9:1e:7a:06:ba:bb:4b:6c:df:c6:54:89:06:35:5c:c1:
         dc:78:fe:5d:03:98:95:08:64:71:57:95:17:54:07:49:ab:1b:
         f1:29:1e:42:33:5f:e8:70:3e:e1:c4:95:97:f9:ea:bd:42:a4:
         93:d8:76:30:39:e5:39:19:4c:f8:f8:b6:32:5c:1f:21:c7:fe:
         f1:07:6a:f3:89:90:b6:a9:1c:ce:c0:eb:1a:a6:04:49:37:ea:
         75:e9:b9:3a:ef:cc:be:47:fb:41:b5:f1:e5:fb:99:6e:43:66:
         47:6b:f7:10
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgIDAcyVMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTEyMzE4MTYyMloXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjI5RjgxMTAvBgNVBAUTKDc2QzhFMDExNTU0OUVEQTkyREUyMjIz
NkEyQTVBNTBBRjA5Rjg0MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDdqSZkvm3khDsriDLSxH0ZDLsHXCHEwoUKLiKlsC7N1+qJ0BoQphYf0jeHQByo
3zCldPnINm0LAyHOJU3SmDhrTOfXii1xTsXfsIRL2g9GLsG5/4RRAUAaBhGoK0ug
Me3pre1FouofsaW/QNS3Jr54ZsJVgIByvjF257Iq3wPl2FskSiKGhJhcdYWc6f/c
NnfsDLMX//Za7yO5kmRfblNLClN+FcAkr13FNG7OpZ71IKGJBF58GGxgfJm0AbFG
Lsd/Hs7qOEYzzUAAaTRd8l1KY8C92Vs3MJN2dJUtl5j7JR/vfTWVmSh6JGtRSc6a
qHZIhWAfoq2bBrbPA1LgeAGPAgMBAAGjggMCMIIC/jAdBgNVHQ4EFgQUdsjgEVVJ
7akt4iI2oqWlCvCfhBEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUIyOUY4LzkyRDBCRTAyOTA2ODExRUI5RTNGQzY2Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCMjlGOC85MkQwQkUwMjkwNjgxMUVCOUUzRkM2NkNDNEY5QUUwMi9kc2pnRVZW
Sjdha3Q0aUkyb3FXbEN2Q2ZoQkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8EHzAd
MAwEAgABMAYDBAJnYzwwDQQCAAIwBwMFACQBqUAwDQYJKoZIhvcNAQELBQADggEB
ANf3roC8C93lv3OnJrd9asDF9tzWhL/FqUTSHLOVGaMEPT8ryJGaMsFEksuTHqH+
T9A/dCs3isdsCepdp9YJc7cTGMyDfJSQPZ5zG4sOuuPkjNbhmQ4x0+WztmvRt7hU
xL9eWE14+a/hua35hU2mzaEZ2OWS4rE1tI743Gu45hLzKbwwP3MHi6u73/caB9dd
Bt0w6R56Brq7S2zfxlSJBjVcwdx4/l0DmJUIZHFXlRdUB0mrG/EpHkIzX+hwPuHE
lZf56r1CpJPYdjA55TkZTPj4tjJcHyHH/vEHavOJkLapHM7A6xqmBEk36nXpuTrv
zL5H+0G18eX7mW5DZkdr9xA=
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:16:53 2024 by rpki-client on console-ams.rpki-client.org