Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fWozDw0BJJQnx_yd3dz0qCh2CwY.cer
File:                     fWozDw0BJJQnx_yd3dz0qCh2CwY.cer (raw, json)
Hash identifier:          d2z1YbUFKiIZueJc6WvHHE4hqBsf03BxrEa75Gz+6Kc=
Subject key identifier:   7D:6A:33:0F:0D:01:24:94:27:C7:FC:9D:DD:DC:F4:A8:28:76:0B:06
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01CBAD
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9145519/AD08AF26E45C11E68CEDFA3EC4F9AE02/fWozDw0BJJQnx_yd3dz0qCh2CwY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9145519/AD08AF26E45C11E68CEDFA3EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sun 19 Nov 2023 14:06:29 +0000
Certificate not after:    Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 132167
                          AS: 139658
                          IP: 43.224.84.0/22
                          IP: 103.242.96.0/22
                          IP: 2407:f300::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 09:37:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 117677 (0x1cbad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Nov 19 14:06:29 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=A9145519/serialNumber=7D6A330F0D01249427C7FC9DDDDCF4A828760B06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:d9:29:cd:22:82:01:df:fa:c2:76:14:54:d6:
                    31:1c:5f:1b:e0:14:a2:d7:37:05:d4:e0:c9:91:ea:
                    2d:9d:2d:c4:36:a4:63:73:fe:40:ff:3c:67:b1:4e:
                    44:a6:0b:8b:fd:97:79:29:5a:b6:a9:75:70:34:52:
                    9a:f1:8e:f8:4b:06:9e:b4:b3:7e:14:a2:c7:23:53:
                    de:96:9d:d1:f2:a5:97:27:32:9a:56:5a:29:af:b6:
                    ae:c1:e0:7a:a3:f9:6b:e4:9c:b3:1a:c7:a4:98:e4:
                    46:74:6f:50:c9:11:f1:90:36:24:d7:7f:68:56:c2:
                    b8:af:ee:f3:10:29:e3:dc:97:f9:1e:44:17:f6:2a:
                    01:25:34:85:81:a1:48:80:03:ff:38:49:94:67:f2:
                    56:3e:4c:1a:c6:5e:59:6f:52:80:b1:0a:37:9c:58:
                    f2:99:32:48:a2:47:33:a9:11:9d:d5:4d:ae:5e:fc:
                    6d:60:b1:89:70:d7:06:97:72:51:e8:4d:3a:e0:58:
                    3d:f5:5c:67:d4:d8:ec:e4:6a:8c:77:ec:f4:44:85:
                    45:67:a4:4a:c1:03:6e:eb:57:b7:91:d8:7b:d7:80:
                    2d:23:6d:5c:57:8e:33:68:f6:51:a3:a0:81:e5:4a:
                    3b:73:b3:c9:d8:cc:1a:6e:14:fa:34:f4:b4:64:0a:
                    3d:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:6A:33:0F:0D:01:24:94:27:C7:FC:9D:DD:DC:F4:A8:28:76:0B:06
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9145519/AD08AF26E45C11E68CEDFA3EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9145519/AD08AF26E45C11E68CEDFA3EC4F9AE02/fWozDw0BJJQnx_yd3dz0qCh2CwY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  132167
                  139658

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.224.84.0/22
                  103.242.96.0/22
                IPv6:
                  2407:f300::/32

    Signature Algorithm: sha256WithRSAEncryption
         58:7a:d8:56:db:ba:1e:66:a9:16:9d:fc:c9:3b:dc:a8:cd:12:
         e3:38:08:a3:70:fe:cd:5e:3d:fd:ed:fd:91:71:27:72:ec:15:
         af:b8:4d:9b:73:ca:ce:0c:db:6a:71:8d:e0:0c:11:23:8e:95:
         e0:1e:21:61:2a:3f:3e:78:c9:ff:94:86:60:80:d7:67:48:7c:
         a0:85:6c:63:94:fa:d2:93:bc:ad:03:0e:64:91:6b:71:1d:2f:
         64:d4:e0:cc:c4:d6:6d:18:b6:1e:33:4a:bf:6b:2d:7f:d2:8e:
         77:9c:3f:64:0a:74:8a:73:76:e2:7f:bc:91:44:71:49:67:b6:
         72:f6:b6:f9:65:60:9e:1f:ca:82:f7:6f:c1:c9:3e:c7:5a:f3:
         b1:b2:c1:ff:3c:54:86:42:cc:ec:bd:34:56:d6:0d:60:d4:a1:
         20:64:f6:da:39:97:9c:66:23:45:9e:57:3f:84:b8:bc:88:cf:
         34:8b:ed:6d:44:cd:84:8e:c5:95:cd:fa:ab:f9:1b:e3:57:4f:
         02:56:0d:78:6d:b5:37:6e:ba:85:df:f4:db:03:37:29:e7:a3:
         7d:f4:02:03:9b:07:99:fd:ed:9d:ad:fa:09:a1:a9:c2:95:e6:
         ca:51:64:8e:c1:69:56:77:00:33:c0:54:03:d6:f9:59:51:8f:
         61:fb:34:d1
-----BEGIN CERTIFICATE-----
MIIGNDCCBRygAwIBAgIDAcutMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTExOTE0MDYyOVoXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNDU1MTkxMTAvBgNVBAUTKDdENkEzMzBGMEQwMTI0OTQyN0M3RkM5
RERERENGNEE4Mjg3NjBCMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/2SnNIoIB3/rCdhRU1jEcXxvgFKLXNwXU4MmR6i2dLcQ2pGNz/kD/PGexTkSm
C4v9l3kpWrapdXA0UprxjvhLBp60s34UoscjU96WndHypZcnMppWWimvtq7B4Hqj
+WvknLMax6SY5EZ0b1DJEfGQNiTXf2hWwriv7vMQKePcl/keRBf2KgElNIWBoUiA
A/84SZRn8lY+TBrGXllvUoCxCjecWPKZMkiiRzOpEZ3VTa5e/G1gsYlw1waXclHo
TTrgWD31XGfU2Ozkaox37PREhUVnpErBA27rV7eR2HvXgC0jbVxXjjNo9lGjoIHl
Sjtzs8nYzBpuFPo09LRkCj3TAgMBAAGjggMpMIIDJTAdBgNVHQ4EFgQUfWozDw0B
JJQnx/yd3dz0qCh2CwYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTQ1NTE5L0FEMDhBRjI2RTQ1QzExRTY4Q0VERkEzRUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0NTUxOS9BRDA4QUYyNkU0NUMxMUU2OENFREZBM0VDNEY5QUUwMi9mV296RHcw
QkpKUW54X3lkM2R6MHFDaDJDd1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDAgRHAgMCIYowNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAIr4FQD
BAJn8mAwDQQCAAIwBwMFACQH8wAwDQYJKoZIhvcNAQELBQADggEBAFh62Fbbuh5m
qRad/Mk73KjNEuM4CKNw/s1ePf3t/ZFxJ3LsFa+4TZtzys4M22pxjeAMESOOleAe
IWEqPz54yf+UhmCA12dIfKCFbGOU+tKTvK0DDmSRa3EdL2TU4MzE1m0Yth4zSr9r
LX/SjnecP2QKdIpzduJ/vJFEcUlntnL2tvllYJ4fyoL3b8HJPsda87Gywf88VIZC
zOy9NFbWDWDUoSBk9to5l5xmI0WeVz+EuLyIzzSL7W1EzYSOxZXN+qv5G+NXTwJW
DXhttTduuoXf9NsDNynno330AgObB5n97Z2t+gmhqcKV5spRZI7BaVZ3ADPAVAPW
+VlRj2H7NNE=
-----END CERTIFICATE-----
Generated at Thu Mar 28 10:51:36 2024 by rpki-client on console-ams.rpki-client.org