Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gfRnrcMX0WNIr0MwSwRBRDof4yw.cer
File:                     gfRnrcMX0WNIr0MwSwRBRDof4yw.cer (raw, json)
Hash identifier:          2rn1GDzbfEjTQVnPRLLkVtMytsdHKs9LBp0WiP45+c0=
Subject key identifier:   81:F4:67:AD:C3:17:D1:63:48:AF:43:30:4B:04:41:44:3A:1F:E3:2C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E112
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91B0BAB/602C66547B1511EAA5A4A869C4F9AE02/gfRnrcMX0WNIr0MwSwRBRDof4yw.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91B0BAB/602C66547B1511EAA5A4A869C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 27 Feb 2024 21:54:35 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 138185
                          IP: 2403:7e40::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 12:32:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123154 (0x1e112)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb 27 21:54:35 2024 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A91B0BAB/serialNumber=81F467ADC317D16348AF43304B0441443A1FE32C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:dd:8e:34:6e:29:1d:f1:19:75:49:e5:36:73:
                    fc:4c:b7:06:bf:13:25:e3:ac:6d:ce:bc:47:98:fd:
                    29:9b:e3:23:32:8b:90:72:18:ea:97:1d:14:0a:66:
                    8f:67:b4:74:43:9f:ef:a3:9e:04:92:8e:26:33:66:
                    76:66:3e:00:ee:cb:78:7c:40:c7:3d:83:5b:55:b4:
                    56:fe:23:f7:98:ef:a4:33:d3:33:28:9b:a5:f1:2a:
                    ca:3a:2b:a4:38:02:4f:04:54:88:49:bd:d0:f2:61:
                    bd:da:72:7e:01:bd:46:ae:60:95:06:f1:f7:84:21:
                    79:4d:9b:7b:52:91:01:9d:96:3a:f1:74:08:82:08:
                    4d:96:d3:91:91:9a:c0:53:65:89:21:56:11:3a:0e:
                    e7:65:4d:2a:23:05:c3:14:6b:29:3c:fb:8e:c2:aa:
                    0a:93:e0:b1:9d:aa:d7:a7:e5:65:46:e5:49:ca:41:
                    dd:59:38:67:b1:f4:fa:ac:ee:ba:95:60:4a:a8:27:
                    35:65:46:d1:9b:00:ed:ba:99:b3:78:61:11:24:d0:
                    b6:8d:7f:ae:f5:d0:20:c3:0d:da:a6:e4:c6:db:c3:
                    a0:48:86:a1:08:02:6f:c4:ac:19:20:23:82:2f:b2:
                    f2:d6:12:4c:43:50:ee:d3:27:e5:3f:6f:de:5e:8d:
                    0d:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:F4:67:AD:C3:17:D1:63:48:AF:43:30:4B:04:41:44:3A:1F:E3:2C
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B0BAB/602C66547B1511EAA5A4A869C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B0BAB/602C66547B1511EAA5A4A869C4F9AE02/gfRnrcMX0WNIr0MwSwRBRDof4yw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  138185

            sbgp-ipAddrBlock: critical
                IPv6:
                  2403:7e40::/32

    Signature Algorithm: sha256WithRSAEncryption
         d0:99:fc:b7:c4:65:48:17:3a:b5:11:dd:e6:6e:7e:03:35:dd:
         6b:a3:b0:be:eb:06:6e:71:fa:57:0e:0a:41:49:f5:6a:4d:22:
         2e:87:e9:19:06:83:2d:b7:64:a4:82:06:b3:ac:93:f1:b9:41:
         d7:97:83:91:2c:52:50:2b:88:48:c7:e9:9a:3a:eb:ef:90:6b:
         07:05:9e:4a:68:c0:7d:ab:c0:a3:a1:9c:3b:cd:c3:df:7b:16:
         58:1f:fb:2f:e5:43:29:0f:1b:51:fd:40:17:fd:79:57:0e:60:
         7d:15:9c:af:0e:d1:2e:f3:72:77:93:ea:d4:d9:da:7d:fb:50:
         f5:ac:d7:67:f5:f2:0b:2a:86:3e:09:8c:a8:42:53:d8:6b:ec:
         6e:03:3d:03:54:59:cf:29:f0:d3:08:bb:2c:74:23:76:f8:6e:
         21:3b:6d:03:ad:da:63:36:85:77:ea:f6:0b:d9:21:c4:df:7b:
         0c:6d:5d:98:d2:6d:47:33:31:78:5d:20:41:9c:a5:fe:2a:12:
         3c:81:6a:08:19:61:95:7b:ce:a5:fc:85:7e:76:17:58:06:bf:
         d8:ab:4a:d4:68:7f:30:f6:d1:61:da:0b:ef:a9:21:d6:09:3f:
         b4:a9:a0:81:aa:37:f8:cc:96:df:8e:7f:12:e3:b8:cf:14:b1:
         c5:00:47:21
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAeESMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIyNzIxNTQzNVoXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjBCQUIxMTAvBgNVBAUTKDgxRjQ2N0FEQzMxN0QxNjM0OEFGNDMz
MDRCMDQ0MTQ0M0ExRkUzMkMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCW3Y40bikd8Rl1SeU2c/xMtwa/EyXjrG3OvEeY/Smb4yMyi5ByGOqXHRQKZo9n
tHRDn++jngSSjiYzZnZmPgDuy3h8QMc9g1tVtFb+I/eY76Qz0zMom6XxKso6K6Q4
Ak8EVIhJvdDyYb3acn4BvUauYJUG8feEIXlNm3tSkQGdljrxdAiCCE2W05GRmsBT
ZYkhVhE6DudlTSojBcMUayk8+47CqgqT4LGdqten5WVG5UnKQd1ZOGex9Pqs7rqV
YEqoJzVlRtGbAO26mbN4YREk0LaNf6710CDDDdqm5Mbbw6BIhqEIAm/ErBkgI4Iv
svLWEkxDUO7TJ+U/b95ejQ3dAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQUgfRnrcMX
0WNIr0MwSwRBRDof4ywwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUIwQkFCLzYwMkM2NjU0N0IxNTExRUFBNUE0QTg2OUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCMEJBQi82MDJDNjY1NDdCMTUxMUVBQTVBNEE4NjlDNEY5QUUwMi9nZlJucmNN
WDBXTklyME13U3dSQlJEb2Y0eXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhvJMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAN+QDANBgkq
hkiG9w0BAQsFAAOCAQEA0Jn8t8RlSBc6tRHd5m5+AzXda6OwvusGbnH6Vw4KQUn1
ak0iLofpGQaDLbdkpIIGs6yT8blB15eDkSxSUCuISMfpmjrr75BrBwWeSmjAfavA
o6GcO83D33sWWB/7L+VDKQ8bUf1AF/15Vw5gfRWcrw7RLvNyd5Pq1NnafftQ9azX
Z/XyCyqGPgmMqEJT2GvsbgM9A1RZzynw0wi7LHQjdvhuITttA63aYzaFd+r2C9kh
xN97DG1dmNJtRzMxeF0gQZyl/ioSPIFqCBlhlXvOpfyFfnYXWAa/2KtK1Gh/MPbR
YdoL76kh1gk/tKmggao3+MyW345/EuO4zxSxxQBHIQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:34:14 2024 by rpki-client on console-ams.rpki-client.org