Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ghhST3oWtYwNm3OUAxk5fuT8pv0.cer
File:                     ghhST3oWtYwNm3OUAxk5fuT8pv0.cer (raw, json)
Hash identifier:          Tj/A19nSDYTh7yUU5xdxxeW+sRCL0zX6C5hvvIwEl5c=
Subject key identifier:   82:18:52:4F:7A:16:B5:8C:0D:9B:73:94:03:19:39:7E:E4:FC:A6:FD
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D6F9
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9179EE2/02B27388F57211EA9A247917C4F9AE02/ghhST3oWtYwNm3OUAxk5fuT8pv0.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9179EE2/02B27388F57211EA9A247917C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 05 Jan 2024 16:15:51 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 103.145.58.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 06:14:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120569 (0x1d6f9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jan  5 16:15:51 2024 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A9179EE2/serialNumber=8218524F7A16B58C0D9B73940319397EE4FCA6FD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:c8:78:a3:4a:f5:b6:34:64:a7:7f:00:c8:76:
                    04:82:2b:bf:ff:1b:a4:ef:a0:9e:05:2e:83:26:a8:
                    8f:04:b3:a6:fd:86:62:f4:95:8c:f8:df:a4:51:ec:
                    23:1c:30:d3:f9:9e:ea:2a:a7:a9:0e:10:72:86:3f:
                    a7:df:ea:a0:1b:d6:d7:5c:da:d1:b6:8c:32:4f:3c:
                    a1:5a:b6:9d:2a:7b:4e:1a:47:f4:d9:3a:4e:bf:2e:
                    bc:c9:69:2d:20:89:6f:82:9d:7c:4c:45:d8:39:22:
                    26:c0:a5:5a:45:69:b1:f3:d7:02:d6:68:da:c8:2f:
                    7f:34:89:89:1a:cc:4f:19:a0:e2:e1:50:65:c6:fc:
                    0a:46:27:18:9d:28:f4:87:7d:e6:14:65:22:af:6b:
                    4a:90:e0:63:1f:70:f7:ea:ec:ee:e7:ee:cb:8b:d2:
                    a9:50:a2:d2:fe:36:fe:d3:67:1f:a6:49:b5:a8:dc:
                    1f:23:43:a0:70:ec:d7:7c:74:e8:0a:8a:06:05:b5:
                    19:c1:d8:15:53:e9:f6:b0:d3:1c:2f:ce:0b:37:b0:
                    0d:b3:24:5e:1d:1f:99:32:ca:ef:56:d1:57:24:94:
                    92:ae:6b:bb:3a:1a:f0:3c:4d:b0:00:57:cf:f0:9a:
                    14:da:05:60:94:66:ad:38:f4:d4:5f:dc:0a:de:19:
                    c6:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:18:52:4F:7A:16:B5:8C:0D:9B:73:94:03:19:39:7E:E4:FC:A6:FD
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9179EE2/02B27388F57211EA9A247917C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9179EE2/02B27388F57211EA9A247917C4F9AE02/ghhST3oWtYwNm3OUAxk5fuT8pv0.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.145.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3f:e2:39:94:41:15:45:20:8d:9f:fe:19:04:10:8f:5e:d7:52:
         b9:7b:24:72:d3:71:41:97:4d:0b:7c:32:22:86:06:ac:92:ac:
         93:77:80:99:28:0f:89:b7:14:32:dd:c7:34:23:7b:be:09:22:
         d0:3c:20:5a:95:ca:d1:eb:09:a6:76:d5:51:17:bc:1c:09:c1:
         35:e7:48:d1:ef:24:ba:4e:79:f3:03:23:c7:98:aa:66:78:12:
         00:e2:a5:2a:31:7f:0e:d6:6d:b6:ed:7a:ad:53:58:7e:63:a3:
         14:3e:7f:11:1a:bf:35:59:f5:7b:28:ec:3b:f4:13:d1:46:13:
         4e:eb:9f:5b:22:98:55:cb:3d:15:86:31:9b:01:a8:71:8a:9f:
         98:a7:32:25:d1:4f:14:68:67:3c:43:3c:95:30:33:0a:b7:3a:
         06:22:71:b6:41:0f:19:fa:b3:77:56:1e:37:f1:59:53:8d:a5:
         ff:c9:68:09:ea:27:c3:ae:2e:2d:be:6f:a3:72:ac:85:52:f1:
         80:4b:c3:87:f5:be:a5:e0:4b:9c:13:8f:41:e6:cb:61:c1:13:
         31:6f:f0:a4:c3:82:9a:f5:64:2b:f3:8a:bc:a0:f5:84:a9:c0:
         62:19:25:21:54:ac:83:99:bc:07:53:31:4f:8a:a8:d9:43:5e:
         67:6c:86:ac
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgIDAdb5MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDEwNTE2MTU1MVoXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNzlFRTIxMTAvBgNVBAUTKDgyMTg1MjRGN0ExNkI1OEMwRDlCNzM5
NDAzMTkzOTdFRTRGQ0E2RkQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDiyHijSvW2NGSnfwDIdgSCK7//G6TvoJ4FLoMmqI8Es6b9hmL0lYz436RR7CMc
MNP5nuoqp6kOEHKGP6ff6qAb1tdc2tG2jDJPPKFatp0qe04aR/TZOk6/LrzJaS0g
iW+CnXxMRdg5IibApVpFabHz1wLWaNrIL380iYkazE8ZoOLhUGXG/ApGJxidKPSH
feYUZSKva0qQ4GMfcPfq7O7n7suL0qlQotL+Nv7TZx+mSbWo3B8jQ6Bw7Nd8dOgK
igYFtRnB2BVT6faw0xwvzgs3sA2zJF4dH5kyyu9W0VcklJKua7s6GvA8TbAAV8/w
mhTaBWCUZq049NRf3AreGcaXAgMBAAGjggLzMIIC7zAdBgNVHQ4EFgQUghhST3oW
tYwNm3OUAxk5fuT8pv0wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTc5RUUyLzAyQjI3Mzg4RjU3MjExRUE5QTI0NzkxN0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE3OUVFMi8wMkIyNzM4OEY1NzIxMUVBOUEyNDc5MTdDNEY5QUUwMi9naGhTVDNv
V3RZd05tM09VQXhrNWZ1VDhwdjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAO
MAwEAgABMAYDBAFnkTowDQYJKoZIhvcNAQELBQADggEBAD/iOZRBFUUgjZ/+GQQQ
j17XUrl7JHLTcUGXTQt8MiKGBqySrJN3gJkoD4m3FDLdxzQje74JItA8IFqVytHr
CaZ21VEXvBwJwTXnSNHvJLpOefMDI8eYqmZ4EgDipSoxfw7Wbbbteq1TWH5joxQ+
fxEavzVZ9Xso7Dv0E9FGE07rn1simFXLPRWGMZsBqHGKn5inMiXRTxRoZzxDPJUw
Mwq3OgYicbZBDxn6s3dWHjfxWVONpf/JaAnqJ8OuLi2+b6NyrIVS8YBLw4f1vqXg
S5wTj0Hmy2HBEzFv8KTDgpr1ZCvziryg9YSpwGIZJSFUrIOZvAdTMU+KqNlDXmds
hqw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:58:59 2024 by rpki-client on console-fra.rpki-client.org