Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eX36GIOfh9ExDpypw0EKvraDnnQ.cer
File:                     eX36GIOfh9ExDpypw0EKvraDnnQ.cer (raw, json)
Hash identifier:          gdj6Wmmcb9NYPXd2asJw9HrBzNkNCoB+nR6aHabcn1w=
Subject key identifier:   79:7D:FA:18:83:9F:87:D1:31:0E:9C:A9:C3:41:0A:BE:B6:83:9E:74
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01DB8A
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9167F52/E94666CC68AF11ECADD6B56FC4F9AE02/eX36GIOfh9ExDpypw0EKvraDnnQ.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9167F52/E94666CC68AF11ECADD6B56FC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 30 Jan 2024 19:11:22 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 149309
                          IP: 103.178.190.0/23
                          IP: 2001:df0:3cc0::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 02:50:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 121738 (0x1db8a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan 30 19:11:22 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A9167F52/serialNumber=797DFA18839F87D1310E9CA9C3410ABEB6839E74
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:d6:29:3d:2b:f6:dc:fb:c1:0b:91:f3:6c:3c:
                    67:87:c2:2b:98:d0:84:34:98:24:f6:e5:0b:e2:c6:
                    a5:7b:ec:3f:a0:05:fe:f9:72:7b:4a:26:1a:72:76:
                    bb:e3:9a:53:d9:42:74:50:09:fe:cc:a4:1d:d9:11:
                    5f:1d:7a:21:d4:5d:7c:11:63:bd:ce:27:bf:b2:29:
                    eb:e5:57:ac:bf:09:10:cc:1d:d4:ff:f7:63:fd:da:
                    b1:56:e8:7a:e6:fd:6f:80:15:1b:66:cb:ea:06:76:
                    61:fd:d3:76:6e:4d:48:40:57:79:8d:77:91:07:27:
                    ab:0d:dd:b7:80:39:e7:7f:29:20:62:f3:09:8e:8c:
                    1d:ef:73:07:ce:7c:d9:ac:6c:9e:97:19:ac:0f:0f:
                    62:26:b1:d3:1d:e3:bb:a5:2f:ca:7b:6c:c9:2f:55:
                    4d:0f:5e:bd:bb:75:d9:82:45:30:34:e0:8b:4f:44:
                    c9:12:79:57:cc:ef:f2:79:0f:c6:18:35:1a:32:86:
                    f1:53:45:19:bf:0e:44:4c:f4:a2:bb:eb:b7:ea:ca:
                    9e:49:c9:4b:35:14:88:af:ef:37:17:c0:b8:29:dd:
                    13:95:15:e9:00:51:b7:bd:d7:09:48:c6:6d:d6:0f:
                    5d:75:c3:21:67:c6:9d:ba:80:c0:77:bd:d2:d1:0b:
                    03:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:7D:FA:18:83:9F:87:D1:31:0E:9C:A9:C3:41:0A:BE:B6:83:9E:74
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9167F52/E94666CC68AF11ECADD6B56FC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9167F52/E94666CC68AF11ECADD6B56FC4F9AE02/eX36GIOfh9ExDpypw0EKvraDnnQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  149309

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.178.190.0/23
                IPv6:
                  2001:df0:3cc0::/48

    Signature Algorithm: sha256WithRSAEncryption
         cd:96:76:64:67:dd:24:4e:b2:09:5a:db:9f:ab:de:ef:bc:cb:
         4a:94:fa:5d:81:75:72:45:e4:cf:88:35:a3:e7:75:01:32:35:
         ca:15:1f:49:8d:80:f6:0c:db:2d:07:24:f6:d5:65:61:55:37:
         24:7d:cb:88:d7:9d:fe:d8:f0:e5:ff:3d:01:2b:a4:d9:8d:95:
         9f:2b:7b:0d:30:27:a2:c1:fb:4b:9e:d3:7d:5f:e0:6f:a3:91:
         aa:7b:c6:ec:5a:b5:74:9e:15:07:f4:c2:ea:ff:d0:d5:64:c2:
         49:bd:10:fb:ec:16:5e:39:1a:e3:65:55:86:fa:21:ba:74:64:
         3f:18:2f:81:9f:6d:75:4f:3b:8f:d1:22:13:52:40:f4:da:76:
         b4:db:ed:db:91:c0:07:79:b1:d8:46:8a:a2:a8:65:ee:df:1d:
         37:b1:7e:d0:ac:6b:09:2c:f1:e8:42:ac:54:91:6d:c4:7f:8e:
         d1:e8:32:8d:f9:34:b3:7c:50:f0:07:9b:16:89:f3:d0:55:e6:
         2a:a8:43:fe:bd:8b:5b:4b:13:13:c7:89:42:72:97:38:a9:30:
         6d:e2:35:5b:b2:c5:aa:65:04:fa:04:e4:f3:e5:98:38:39:e7:
         08:00:70:7d:18:ea:24:38:d0:0b:fa:66:87:e4:03:17:1e:5a:
         78:46:42:58
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAduKMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEzMDE5MTEyMloXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjdGNTIxMTAvBgNVBAUTKDc5N0RGQTE4ODM5Rjg3RDEzMTBFOUNB
OUMzNDEwQUJFQjY4MzlFNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDO1ik9K/bc+8ELkfNsPGeHwiuY0IQ0mCT25QvixqV77D+gBf75cntKJhpydrvj
mlPZQnRQCf7MpB3ZEV8deiHUXXwRY73OJ7+yKevlV6y/CRDMHdT/92P92rFW6Hrm
/W+AFRtmy+oGdmH903ZuTUhAV3mNd5EHJ6sN3beAOed/KSBi8wmOjB3vcwfOfNms
bJ6XGawPD2ImsdMd47ulL8p7bMkvVU0PXr27ddmCRTA04ItPRMkSeVfM7/J5D8YY
NRoyhvFTRRm/DkRM9KK767fqyp5JyUs1FIiv7zcXwLgp3ROVFekAUbe91wlIxm3W
D111wyFnxp26gMB3vdLRCwPFAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUeX36GIOf
h9ExDpypw0EKvraDnnQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTY3RjUyL0U5NDY2NkNDNjhBRjExRUNBREQ2QjU2RkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2N0Y1Mi9FOTQ2NjZDQzY4QUYxMUVDQURENkI1NkZDNEY5QUUwMi9lWDM2R0lP
Zmg5RXhEcHlwdzBFS3ZyYURublEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkc9MDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ7K+MA8EAgAC
MAkDBwAgAQ3wPMAwDQYJKoZIhvcNAQELBQADggEBAM2WdmRn3SROsgla25+r3u+8
y0qU+l2BdXJF5M+INaPndQEyNcoVH0mNgPYM2y0HJPbVZWFVNyR9y4jXnf7Y8OX/
PQErpNmNlZ8rew0wJ6LB+0ue031f4G+jkap7xuxatXSeFQf0wur/0NVkwkm9EPvs
Fl45GuNlVYb6Ibp0ZD8YL4GfbXVPO4/RIhNSQPTadrTb7duRwAd5sdhGiqKoZe7f
HTexftCsawks8ehCrFSRbcR/jtHoMo35NLN8UPAHmxaJ89BV5iqoQ/69i1tLExPH
iUJylzipMG3iNVuyxaplBPoE5PPlmDg55wgAcH0Y6iQ40Av6ZofkAxceWnhGQlg=
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:44:31 2024 by rpki-client on console-fra.rpki-client.org