Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gJ7_H3gZuBdR8XerWv7YK8wypWk.cer
File:                     gJ7_H3gZuBdR8XerWv7YK8wypWk.cer (raw, json)
Hash identifier:          Gz2E2S2hlBC8AJIjyWI0Jra1Vb2GyxHzko8xdBmlE4c=
Subject key identifier:   80:9E:FF:1F:78:19:B8:17:51:F1:77:AB:5A:FE:D8:2B:CC:32:A5:69
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       021414
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/gJ7_H3gZuBdR8XerWv7YK8wypWk.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 15 Oct 2024 14:21:41 +0000
Certificate not after:    Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources:    AS: 132296
                          IP: 103.72.72.0/22
                          IP: 103.233.140.0/23
                          IP: 103.248.202.0/23
                          IP: 2406:b580::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 136212 (0x21414)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct 15 14:21:41 2024 GMT
            Not After : Dec  1 00:00:00 2025 GMT
        Subject: CN=A9158028/serialNumber=809EFF1F7819B81751F177AB5AFED82BCC32A569
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:d0:ae:4a:07:bf:d4:a7:5c:86:4a:d7:7b:00:
                    46:eb:d4:0e:e7:2f:33:f6:a8:bb:c9:4f:b8:53:df:
                    66:f4:17:80:a4:ea:18:1c:6b:48:58:d1:ef:c8:c4:
                    63:8a:29:f5:46:d2:0b:a9:35:e9:d9:da:d3:fb:3c:
                    9e:50:a0:6f:48:44:d8:3e:39:d3:fd:ad:8a:d6:59:
                    66:6f:83:63:0f:31:24:72:77:36:a7:b5:a2:46:88:
                    15:bc:77:02:11:77:e5:e5:c5:c3:44:64:ea:2a:6e:
                    70:d0:3c:50:81:ae:b5:8d:1f:ca:eb:00:1b:f8:77:
                    ad:be:37:45:a1:77:5a:7d:ed:08:b1:c0:a3:d2:a8:
                    85:5a:4c:2d:6b:e6:a4:d4:15:08:c2:c3:b0:73:7a:
                    07:75:11:a3:46:92:13:5c:05:62:cb:d7:6d:d7:41:
                    b3:45:76:69:84:bd:72:f1:d2:f6:11:b3:13:5b:ff:
                    ee:83:b2:1d:41:a3:e0:d0:b1:a2:63:06:7a:a9:6c:
                    76:2f:94:86:08:5f:65:9e:60:8c:54:b6:12:f1:23:
                    6d:c6:7c:60:a9:8e:db:9f:62:9c:c5:23:d9:97:9e:
                    a5:7e:86:24:30:51:bf:e6:9d:c9:68:89:22:49:1f:
                    19:5e:96:0b:bb:a7:e2:69:18:e9:ab:07:cb:93:84:
                    24:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:9E:FF:1F:78:19:B8:17:51:F1:77:AB:5A:FE:D8:2B:CC:32:A5:69
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9158028/8A4ADEE4A11F11EB9339D50AC4F9AE02/gJ7_H3gZuBdR8XerWv7YK8wypWk.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  132296

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.72.72.0/22
                  103.233.140.0/23
                  103.248.202.0/23
                IPv6:
                  2406:b580::/32

    Signature Algorithm: sha256WithRSAEncryption
         70:5f:51:27:34:d2:b4:ad:da:46:2e:2f:32:b2:e4:be:c7:5f:
         dc:3a:c7:6f:f7:eb:35:15:67:66:3e:97:18:d7:73:ed:77:5d:
         19:f5:c8:18:2b:00:85:91:52:b4:0d:cf:34:48:ae:c7:58:4e:
         39:67:48:8f:a5:c5:f2:5e:21:fd:31:ff:af:e6:8d:d3:b4:1d:
         2a:a9:0d:3f:17:97:54:50:31:9b:ef:ca:a2:ba:5e:f7:4b:f7:
         d1:b2:4d:a7:d4:a8:4f:ea:b0:5a:5c:a8:de:37:2f:89:7e:97:
         05:aa:c4:45:52:55:8d:60:ee:1d:44:7d:04:d1:c7:ff:17:95:
         c5:d2:c5:fd:22:5c:a3:66:bc:fc:d9:04:0b:d9:24:a2:ff:09:
         3e:52:8d:62:bb:19:3d:49:bf:be:09:17:d5:03:01:dc:b5:d1:
         e6:19:aa:fb:5d:57:7d:98:51:65:04:e0:ce:e3:78:85:a0:ed:
         21:cd:74:be:aa:ac:9c:e1:33:3e:bd:36:0a:9c:1d:33:48:be:
         e2:92:dc:ba:ff:90:e4:1a:1c:a9:25:11:0e:6f:d6:73:0e:07:
         2a:4b:e2:18:5b:c6:b4:05:37:69:12:24:fc:03:ed:44:1a:93:
         3f:80:91:98:18:39:ed:71:5d:69:1b:e3:b6:ab:a8:20:46:f4:
         1d:0f:d6:b7
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgIDAhQUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTAxNTE0MjE0MVoXDTI1MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNTgwMjgxMTAvBgNVBAUTKDgwOUVGRjFGNzgxOUI4MTc1MUYxNzdB
QjVBRkVEODJCQ0MzMkE1NjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDa0K5KB7/Up1yGStd7AEbr1A7nLzP2qLvJT7hT32b0F4Ck6hgca0hY0e/IxGOK
KfVG0gupNenZ2tP7PJ5QoG9IRNg+OdP9rYrWWWZvg2MPMSRydzantaJGiBW8dwIR
d+XlxcNEZOoqbnDQPFCBrrWNH8rrABv4d62+N0Whd1p97QixwKPSqIVaTC1r5qTU
FQjCw7Bzegd1EaNGkhNcBWLL123XQbNFdmmEvXLx0vYRsxNb/+6Dsh1Bo+DQsaJj
BnqpbHYvlIYIX2WeYIxUthLxI23GfGCpjtufYpzFI9mXnqV+hiQwUb/mncloiSJJ
Hxlelgu7p+JpGOmrB8uThCSnAgMBAAGjggMqMIIDJjAdBgNVHQ4EFgQUgJ7/H3gZ
uBdR8XerWv7YK8wypWkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTU4MDI4LzhBNEFERUU0QTExRjExRUI5MzM5RDUwQUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE1ODAyOC84QTRBREVFNEExMUYxMUVCOTMzOUQ1MEFDNEY5QUUwMi9nSjdfSDNn
WnVCZFI4WGVyV3Y3WUs4d3lwV2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgTIMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCZ0hIAwQBZ+mM
AwQBZ/jKMA0EAgACMAcDBQAkBrWAMA0GCSqGSIb3DQEBCwUAA4IBAQBwX1EnNNK0
rdpGLi8ysuS+x1/cOsdv9+s1FWdmPpcY13Ptd10Z9cgYKwCFkVK0Dc80SK7HWE45
Z0iPpcXyXiH9Mf+v5o3TtB0qqQ0/F5dUUDGb78qiul73S/fRsk2n1KhP6rBaXKje
Ny+JfpcFqsRFUlWNYO4dRH0E0cf/F5XF0sX9IlyjZrz82QQL2SSi/wk+Uo1iuxk9
Sb++CRfVAwHctdHmGar7XVd9mFFlBODO43iFoO0hzXS+qqyc4TM+vTYKnB0zSL7i
kty6/5DkGhypJREOb9ZzDgcqS+IYW8a0BTdpEiT8A+1EGpM/gJGYGDntcV1pG+O2
q6ggRvQdD9a3
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:59:56 2024 by rpki-client on console-ams.rpki-client.org