Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hFn7cpDXSpvOJg4_q2Bdf9gySTE.cer
File:                     hFn7cpDXSpvOJg4_q2Bdf9gySTE.cer (raw, json)
Hash identifier:          2gFW3GXk25myPrSJLFBbaZNjOEmvckcL5uY1X/7gWis=
Subject key identifier:   84:59:FB:72:90:D7:4A:9B:CE:26:0E:3F:AB:60:5D:7F:D8:32:49:31
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01F472
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91F4091/6521A0F01D9D11EFA10F2D3AC4F9AE02/hFn7cpDXSpvOJg4_q2Bdf9gySTE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91F4091/6521A0F01D9D11EFA10F2D3AC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 29 May 2024 09:25:38 +0000
Certificate not after:    Sun 31 Aug 2025 00:00:00 +0000
Subordinate resources:    AS: 152882
                          IP: 2401:a1e0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 128114 (0x1f472)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: May 29 09:25:38 2024 GMT
            Not After : Aug 31 00:00:00 2025 GMT
        Subject: CN=A91F4091/serialNumber=8459FB7290D74A9BCE260E3FAB605D7FD8324931
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:56:16:53:17:a6:74:7a:f3:09:25:02:ad:27:
                    d0:fc:7e:cb:b9:ee:bd:f4:fc:91:b1:c3:f3:a8:36:
                    38:f0:da:27:c5:ba:c3:70:52:95:8c:0b:67:8b:c9:
                    a6:76:0e:eb:5c:c2:e8:a2:be:b8:9c:4d:72:23:a6:
                    86:e5:b7:3e:6a:6f:14:90:35:12:a6:7f:7f:96:d1:
                    3d:24:37:8d:4c:b4:71:d1:05:4e:c0:02:09:62:a9:
                    bf:df:68:70:f4:f5:48:df:a7:49:43:e2:a4:85:01:
                    a1:5b:0e:ca:9a:bd:23:e4:c7:09:b5:c8:f4:5e:dd:
                    ff:3b:2f:b0:9c:bf:d9:da:83:ca:7b:6b:85:0f:8f:
                    e0:07:ff:9a:49:4e:33:97:67:84:96:36:b3:59:46:
                    7e:4e:e8:c3:fe:73:97:d2:9d:e8:81:b5:8a:4a:87:
                    bd:64:14:2f:af:df:d5:d8:ee:18:5e:8e:ed:ed:a7:
                    9c:c9:f0:17:93:6e:58:8e:1f:d8:52:04:92:b8:7e:
                    32:ab:0c:c0:27:99:14:eb:f5:44:d3:b9:1e:54:0d:
                    96:1b:d8:2f:7a:b2:9b:5d:8c:34:fc:4a:31:a9:20:
                    55:5d:69:a5:a9:8b:c1:51:3c:ef:75:01:47:17:85:
                    20:02:6b:cd:5a:4a:02:b2:52:60:3a:d4:13:ff:38:
                    cd:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:59:FB:72:90:D7:4A:9B:CE:26:0E:3F:AB:60:5D:7F:D8:32:49:31
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91F4091/6521A0F01D9D11EFA10F2D3AC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91F4091/6521A0F01D9D11EFA10F2D3AC4F9AE02/hFn7cpDXSpvOJg4_q2Bdf9gySTE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  152882

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:a1e0::/32

    Signature Algorithm: sha256WithRSAEncryption
         ae:d3:09:25:2e:b3:37:b1:92:cf:6b:51:4f:05:05:e5:22:9a:
         54:9a:6f:a5:d1:f4:c9:f0:29:40:f3:f7:77:e4:00:f0:b0:d0:
         60:36:ca:5c:66:fa:9f:25:14:48:6f:8f:1d:49:87:17:7e:f1:
         52:b3:72:8b:67:50:fa:98:4e:31:4e:56:e6:69:1c:7f:e1:48:
         48:73:eb:56:d8:f5:29:47:4e:76:09:9d:82:e1:c7:4f:40:da:
         1f:71:49:c7:75:f5:91:f1:56:bb:58:d2:89:8b:02:f9:55:0a:
         69:94:2d:4a:43:59:9d:98:5a:e3:47:df:4a:e8:82:ae:ad:8c:
         31:52:98:5a:ed:94:5e:e2:45:47:50:c8:ee:7b:55:19:92:8a:
         37:39:2c:d8:68:85:95:4d:49:98:09:dd:72:3c:e9:36:9f:9b:
         b1:6a:18:cf:ac:41:6c:37:b4:06:10:fd:60:6b:ea:06:e0:1c:
         6b:64:b9:2a:9e:aa:84:c7:91:10:93:c9:89:f1:65:c1:10:ee:
         06:99:4c:01:16:cd:17:6a:4a:58:1c:ae:cd:0e:11:a7:85:a8:
         72:f2:77:8b:39:84:eb:1c:5e:41:6b:f6:9c:1b:d1:ca:51:f6:
         74:0d:41:cb:b6:1f:dd:22:83:9d:09:53:47:74:83:f3:48:cd:
         86:b7:d8:a5
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAfRyMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDUyOTA5MjUzOFoXDTI1MDgzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRjQwOTExMTAvBgNVBAUTKDg0NTlGQjcyOTBENzRBOUJDRTI2MEUz
RkFCNjA1RDdGRDgzMjQ5MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7VhZTF6Z0evMJJQKtJ9D8fsu57r30/JGxw/OoNjjw2ifFusNwUpWMC2eLyaZ2
DutcwuiivricTXIjpobltz5qbxSQNRKmf3+W0T0kN41MtHHRBU7AAgliqb/faHD0
9Ujfp0lD4qSFAaFbDsqavSPkxwm1yPRe3f87L7Ccv9nag8p7a4UPj+AH/5pJTjOX
Z4SWNrNZRn5O6MP+c5fSneiBtYpKh71kFC+v39XY7hheju3tp5zJ8BeTbliOH9hS
BJK4fjKrDMAnmRTr9UTTuR5UDZYb2C96sptdjDT8SjGpIFVdaaWpi8FRPO91AUcX
hSACa81aSgKyUmA61BP/OM3PAgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQUhFn7cpDX
SpvOJg4/q2Bdf9gySTEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUY0MDkxLzY1MjFBMEYwMUQ5RDExRUZBMTBGMkQzQUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGNDA5MS82NTIxQTBGMDFEOUQxMUVGQTEwRjJEM0FDNEY5QUUwMi9oRm43Y3BE
WFNwdk9KZzRfcTJCZGY5Z3lTVEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlUyMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAGh4DANBgkq
hkiG9w0BAQsFAAOCAQEArtMJJS6zN7GSz2tRTwUF5SKaVJpvpdH0yfApQPP3d+QA
8LDQYDbKXGb6nyUUSG+PHUmHF37xUrNyi2dQ+phOMU5W5mkcf+FISHPrVtj1KUdO
dgmdguHHT0DaH3FJx3X1kfFWu1jSiYsC+VUKaZQtSkNZnZha40ffSuiCrq2MMVKY
Wu2UXuJFR1DI7ntVGZKKNzks2GiFlU1JmAndcjzpNp+bsWoYz6xBbDe0BhD9YGvq
BuAca2S5Kp6qhMeREJPJifFlwRDuBplMARbNF2pKWByuzQ4Rp4WocvJ3izmE6xxe
QWv2nBvRylH2dA1By7Yf3SKDnQlTR3SD80jNhrfYpQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:43 2024 by rpki-client on console-fra.rpki-client.org