Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ho7LZCXagzKIkuV7sN9kThrrc7M.cer
File:                     ho7LZCXagzKIkuV7sN9kThrrc7M.cer (download)
Hash identifier:          DvzODXXyJQDExhRo1dUQwNffFTmEWB8usTDzFQSQ2bs=
Subject key identifier:   86:8E:CB:64:25:DA:83:32:88:92:E5:7B:B0:DF:64:4E:1A:EB:73:B3
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       015CD9
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/ho7LZCXagzKIkuV7sN9kThrrc7M.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate valid until:  Sun 30 Jul 2023 00:00:00 +0000
Subordinate resources:
    1: AS: 135402
    2: IP: 45.248.52.0/22
    3: IP: 103.216.196.0/22
    4: IP: 2404:f980::/32

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 89305 (0x15cd9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jun 20 13:41:57 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=A91C9945/serialNumber=868ECB6425DA83328892E57BB0DF644E1AEB73B3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:03:50:b6:1f:3a:73:25:a9:1f:69:61:32:08:
                    b5:34:2e:8b:9f:30:c7:f0:63:b6:20:76:29:a6:ac:
                    69:59:9c:b7:63:a5:38:25:07:75:0c:cf:71:61:db:
                    db:e0:03:f4:76:40:be:ea:43:cf:6e:19:6f:db:35:
                    59:e3:35:fe:ba:d0:95:35:a6:6a:bd:0e:06:95:e5:
                    68:8f:73:3d:00:42:60:c3:43:3f:fb:31:2c:6f:5f:
                    f8:54:1f:ce:05:33:83:df:04:ba:67:ae:cd:2a:d3:
                    45:cb:21:a6:a3:e4:f6:e0:c6:7c:74:34:fe:28:3a:
                    b1:db:4e:96:a1:04:aa:e6:90:fc:4d:f2:e2:9d:bf:
                    8b:29:e2:b8:33:9e:23:ba:6a:d1:ec:5e:b0:df:bf:
                    3f:aa:92:8a:f2:8f:4e:ea:47:1e:72:7b:17:b3:9e:
                    7a:d1:71:cb:1b:a4:26:d5:d3:d0:68:35:39:dd:9e:
                    cb:0d:19:78:ed:bb:a4:e8:97:3c:83:a7:95:18:b9:
                    88:fd:69:ce:94:ff:3f:1d:c4:dc:13:18:0f:6e:d8:
                    0b:81:75:cb:4b:a5:ad:33:f8:31:c7:25:25:94:16:
                    7e:ef:91:5f:e2:91:15:ec:45:93:cd:b6:96:67:be:
                    37:a7:aa:9a:f7:7f:f2:ed:e4:aa:fb:07:8e:7e:00:
                    a9:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                86:8E:CB:64:25:DA:83:32:88:92:E5:7B:B0:DF:64:4E:1A:EB:73:B3
            X509v3 Authority Key Identifier: 
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91C9945/BC00C8F2F09E11ECAEE73E19C4F9AE02/ho7LZCXagzKIkuV7sN9kThrrc7M.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  135402

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.248.52.0/22
                  103.216.196.0/22
                IPv6:
                  2404:f980::/32

    Signature Algorithm: sha256WithRSAEncryption
         66:32:51:d4:46:c9:af:87:4b:44:85:d9:9e:d5:1f:48:1b:33:
         d0:95:54:d3:67:7e:59:fa:cd:72:0c:be:f0:36:95:82:d4:ef:
         3c:f6:16:e9:17:3f:53:30:54:db:32:c1:72:8e:3f:87:15:cb:
         b3:0c:30:33:65:11:27:a4:cc:f1:53:ef:97:7e:d9:6a:14:7d:
         ce:66:fc:dc:84:67:1f:13:4d:02:48:b4:07:4b:e4:e3:14:c0:
         00:54:ce:de:6f:98:e9:5a:bd:f4:42:cf:cf:50:49:7c:d1:30:
         59:5a:da:ed:ff:90:d7:3c:c3:d9:c6:80:37:a9:a2:53:72:bd:
         20:f4:ae:4a:d4:4f:6d:13:9a:d6:35:3e:f4:ec:98:4a:67:87:
         50:a5:e2:4c:a0:2e:0c:a0:92:7d:e5:56:ae:1a:91:18:d7:e9:
         36:95:9a:78:22:cd:4e:cd:a6:62:2c:4b:48:97:19:c9:33:e8:
         f6:7f:11:c6:dc:56:79:56:b2:90:75:06:b9:e5:a6:e6:16:e4:
         02:b1:b3:71:4c:c3:4b:2c:db:59:4c:90:55:d9:bd:cf:c0:41:
         50:91:56:fd:b7:27:d3:2b:ae:ff:1d:f8:aa:e2:cb:e1:c3:21:
         33:43:2d:0a:35:ec:7f:3d:77:d7:fc:c5:9e:2b:d7:11:19:9b:
         94:07:d9:29
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAVzZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIyMDYyMDEzNDE1N1oXDTIzMDczMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQzk5NDUxMTAvBgNVBAUTKDg2OEVDQjY0MjVEQTgzMzI4ODkyRTU3
QkIwREY2NDRFMUFFQjczQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2A1C2HzpzJakfaWEyCLU0LoufMMfwY7YgdimmrGlZnLdjpTglB3UMz3Fh29vg
A/R2QL7qQ89uGW/bNVnjNf660JU1pmq9DgaV5WiPcz0AQmDDQz/7MSxvX/hUH84F
M4PfBLpnrs0q00XLIaaj5Pbgxnx0NP4oOrHbTpahBKrmkPxN8uKdv4sp4rgzniO6
atHsXrDfvz+qkoryj07qRx5yexeznnrRccsbpCbV09BoNTndnssNGXjtu6TolzyD
p5UYuYj9ac6U/z8dxNwTGA9u2AuBdctLpa0z+DHHJSWUFn7vkV/ikRXsRZPNtpZn
vjenqpr3f/Lt5Kr7B45+AKl/AgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUho7LZCXa
gzKIkuV7sN9kThrrc7MwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUM5OTQ1L0JDMDBDOEYyRjA5RTExRUNBRUU3M0UxOUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDOTk0NS9CQzAwQzhGMkYwOUUxMUVDQUVFNzNFMTlDNEY5QUUwMi9obzdMWkNY
YWd6S0lrdVY3c045a1RocnJjN00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhDqMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLfg0AwQCZ9jE
MA0EAgACMAcDBQAkBPmAMA0GCSqGSIb3DQEBCwUAA4IBAQBmMlHURsmvh0tEhdme
1R9IGzPQlVTTZ35Z+s1yDL7wNpWC1O889hbpFz9TMFTbMsFyjj+HFcuzDDAzZREn
pMzxU++XftlqFH3OZvzchGcfE00CSLQHS+TjFMAAVM7eb5jpWr30Qs/PUEl80TBZ
Wtrt/5DXPMPZxoA3qaJTcr0g9K5K1E9tE5rWNT707JhKZ4dQpeJMoC4MoJJ95Vau
GpEY1+k2lZp4Is1OzaZiLEtIlxnJM+j2fxHG3FZ5VrKQdQa55abmFuQCsbNxTMNL
LNtZTJBV2b3PwEFQkVb9tyfTK67/Hfiq4svhwyEzQy0KNex/PXfX/MWeK9cRGZuU
B9kp
-----END CERTIFICATE-----
Generated at Thu Feb 2 13:29:19 2023 by rpki-client.