Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fKdQzAmQd9S0MpCnYoOre_C2Smg.cer
File:                     fKdQzAmQd9S0MpCnYoOre_C2Smg.cer (raw, json)
Hash identifier:          QK6tPq8IMUL0COFy+y5rnJP/5PIvS9YlNPeu7bbhlrs=
Subject key identifier:   7C:A7:50:CC:09:90:77:D4:B4:32:90:A7:62:83:AB:7B:F0:B6:4A:68
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E487
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91300ED/0EC94A88622911EB8E1BC27CC4F9AE02/fKdQzAmQd9S0MpCnYoOre_C2Smg.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91300ED/0EC94A88622911EB8E1BC27CC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 14 Mar 2024 13:55:44 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    AS: 141701
                          IP: 103.162.58.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 14:50:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124039 (0x1e487)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar 14 13:55:44 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A91300ED/serialNumber=7CA750CC099077D4B43290A76283AB7BF0B64A68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:e9:80:5f:d7:1f:ab:9b:ae:45:99:49:41:dd:
                    3b:c1:00:94:44:cc:5e:21:75:82:76:89:4b:d4:04:
                    e3:67:d8:34:2f:f0:98:02:3c:07:4e:54:1e:ba:7d:
                    56:85:ff:86:9c:10:63:cd:83:c4:57:89:71:fe:33:
                    dc:b6:0d:52:64:96:a0:52:4d:1d:4a:fb:e3:57:0c:
                    d7:91:2c:5a:97:8a:2a:88:60:d6:2d:25:b5:24:01:
                    f7:be:06:59:0b:e0:7e:a1:df:ac:24:7a:0b:4c:6a:
                    63:1d:11:17:1d:57:43:c9:24:9f:46:06:cc:db:bb:
                    ed:c7:3b:49:ec:d3:af:7d:8b:87:ce:c1:35:31:6c:
                    12:c2:0e:c1:55:dd:44:29:34:be:79:cc:7f:d3:e1:
                    7a:ff:81:1f:33:3a:4c:16:66:f0:2b:d6:02:7c:56:
                    4d:6a:24:a7:5c:45:f1:42:3f:bc:c4:26:fc:35:a2:
                    df:4b:b9:3d:bb:f1:2a:7f:34:8a:83:cb:03:e5:b7:
                    ef:f3:5f:c8:f9:e6:1f:7c:d4:d8:06:09:66:cb:24:
                    03:0b:1f:f1:a8:34:67:5f:4c:69:64:d9:39:64:c8:
                    21:a2:17:5f:a4:b6:99:f1:11:74:0a:8c:95:6f:4d:
                    3f:0b:aa:c9:b0:68:35:ac:b9:c7:ca:d3:04:81:04:
                    37:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:A7:50:CC:09:90:77:D4:B4:32:90:A7:62:83:AB:7B:F0:B6:4A:68
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91300ED/0EC94A88622911EB8E1BC27CC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91300ED/0EC94A88622911EB8E1BC27CC4F9AE02/fKdQzAmQd9S0MpCnYoOre_C2Smg.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  141701

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.162.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6d:cb:f8:b9:9d:e7:a1:7f:8a:f5:b4:0d:e4:e2:2b:0f:a0:52:
         c3:6b:4b:fd:83:3f:c1:f4:dd:5c:8b:08:59:bc:a7:af:aa:c4:
         5b:67:c1:c9:da:3f:e2:fe:dd:77:3a:61:9b:e0:48:9b:4f:d6:
         de:4b:33:8d:81:65:05:7a:48:28:45:38:bb:02:97:86:93:be:
         3e:fa:2c:6c:10:05:a9:fc:b8:f1:d6:44:42:5d:53:88:9f:8b:
         04:47:aa:63:55:a8:5f:86:8b:db:ce:bc:4b:3f:73:07:db:bb:
         03:a0:c5:33:9c:b4:a2:56:b5:9b:79:43:c6:bd:06:99:66:f1:
         d8:d4:b5:7f:4e:18:54:93:24:72:6d:79:88:85:cb:f8:e4:2e:
         4a:8d:eb:39:a2:03:33:d6:a4:ef:54:3b:e9:a9:25:94:88:fe:
         61:d3:b6:3c:4a:43:25:a7:08:2a:27:3d:b9:7b:f5:fc:3c:aa:
         e5:48:9a:5b:3d:f7:de:98:c0:45:d3:dc:7b:e0:3a:18:76:5f:
         bc:7d:f4:d6:1a:42:89:92:d3:70:cf:1e:92:95:c3:54:e8:28:
         be:2f:22:2a:13:ca:fb:64:50:1d:31:c2:b5:77:bc:ad:da:5b:
         d3:a0:49:4b:fd:c2:86:da:65:8b:5c:93:24:50:93:63:6b:36:
         10:d1:0d:5c
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAeSHMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMxNDEzNTU0NFoXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzAwRUQxMTAvBgNVBAUTKDdDQTc1MENDMDk5MDc3RDRCNDMyOTBB
NzYyODNBQjdCRjBCNjRBNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDE6YBf1x+rm65FmUlB3TvBAJREzF4hdYJ2iUvUBONn2DQv8JgCPAdOVB66fVaF
/4acEGPNg8RXiXH+M9y2DVJklqBSTR1K++NXDNeRLFqXiiqIYNYtJbUkAfe+BlkL
4H6h36wkegtMamMdERcdV0PJJJ9GBszbu+3HO0ns0699i4fOwTUxbBLCDsFV3UQp
NL55zH/T4Xr/gR8zOkwWZvAr1gJ8Vk1qJKdcRfFCP7zEJvw1ot9LuT278Sp/NIqD
ywPlt+/zX8j55h981NgGCWbLJAMLH/GoNGdfTGlk2TlkyCGiF1+ktpnxEXQKjJVv
TT8LqsmwaDWsucfK0wSBBDeVAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUfKdQzAmQ
d9S0MpCnYoOre/C2SmgwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTMwMEVELzBFQzk0QTg4NjIyOTExRUI4RTFCQzI3Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzMDBFRC8wRUM5NEE4ODYyMjkxMUVCOEUxQkMyN0NDNEY5QUUwMi9mS2RRekFt
UWQ5UzBNcENuWW9PcmVfQzJTbWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAimFMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ6I6MA0GCSqG
SIb3DQEBCwUAA4IBAQBty/i5neehf4r1tA3k4isPoFLDa0v9gz/B9N1ciwhZvKev
qsRbZ8HJ2j/i/t13OmGb4EibT9beSzONgWUFekgoRTi7ApeGk74++ixsEAWp/Ljx
1kRCXVOIn4sER6pjVahfhovbzrxLP3MH27sDoMUznLSiVrWbeUPGvQaZZvHY1LV/
ThhUkyRybXmIhcv45C5Kjes5ogMz1qTvVDvpqSWUiP5h07Y8SkMlpwgqJz25e/X8
PKrlSJpbPffemMBF09x74DoYdl+8ffTWGkKJktNwzx6SlcNU6Ci+LyIqE8r7ZFAd
McK1d7yt2lvToElL/cKG2mWLXJMkUJNjazYQ0Q1c
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:08:22 2024 by rpki-client on console-ams.rpki-client.org