Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hrHxHRgdpsydsDI95DvJbFkJZeE.cer
File:                     hrHxHRgdpsydsDI95DvJbFkJZeE.cer (raw, json)
Hash identifier:          WDjPTxmrMo7MbdYZoU1xNvWYBszShWFdjyQ36G2S3ZA=
Subject key identifier:   86:B1:F1:1D:18:1D:A6:CC:9D:B0:32:3D:E4:3B:C9:6C:59:09:65:E1
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E078
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91CBFCF/95639BF0248D11EAADA2054EC4F9AE02/hrHxHRgdpsydsDI95DvJbFkJZeE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91CBFCF/95639BF0248D11EAADA2054EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 23 Feb 2024 20:01:15 +0000
Certificate not after:    Mon 31 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 139902
                          IP: 103.146.148.0/23

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 04 Dec 2024 01:13:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123000 (0x1e078)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Feb 23 20:01:15 2024 GMT
            Not After : Mar 31 00:00:00 2025 GMT
        Subject: CN=A91CBFCF/serialNumber=86B1F11D181DA6CC9DB0323DE43BC96C590965E1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:cd:8b:8b:95:5e:f7:39:52:f4:53:a0:89:d2:
                    58:03:66:2c:ff:bd:4b:91:d1:f9:59:b0:3f:61:9f:
                    d7:3d:5b:a4:be:e6:ed:0f:fd:99:56:8f:74:95:e2:
                    e8:56:97:07:bf:19:ef:b4:23:42:4c:a2:da:1d:3e:
                    54:43:59:4c:d2:ef:94:67:27:a3:65:02:f0:54:eb:
                    85:4a:4c:f5:0f:76:48:64:7b:97:e3:ed:d0:db:35:
                    b0:e3:81:62:c9:88:e1:75:25:08:4b:fc:5b:1a:3a:
                    11:ee:7c:3d:6e:51:20:41:6e:a2:9e:51:79:50:3d:
                    0e:9b:12:47:ec:4c:37:3c:0b:8c:07:fb:34:29:28:
                    36:c1:e8:4c:4f:0f:29:84:75:72:14:af:12:c2:9f:
                    d0:d1:f7:8a:ae:7f:1d:ee:d6:22:90:e1:6b:c6:bf:
                    ce:49:b2:73:e7:17:d6:40:2d:34:c7:69:da:6c:55:
                    67:8f:8a:db:02:30:ad:8c:02:17:41:5b:f7:75:5e:
                    b3:38:43:f8:0d:c9:17:ce:d2:10:b3:5b:2f:08:2e:
                    e5:58:95:5d:11:88:08:4b:17:94:08:8c:84:62:90:
                    5a:95:1d:f6:e5:7d:01:82:ec:26:2b:22:e5:0e:0f:
                    85:89:e0:1b:c4:b4:27:95:a4:9d:ce:d8:49:65:7c:
                    7d:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:B1:F1:1D:18:1D:A6:CC:9D:B0:32:3D:E4:3B:C9:6C:59:09:65:E1
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CBFCF/95639BF0248D11EAADA2054EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CBFCF/95639BF0248D11EAADA2054EC4F9AE02/hrHxHRgdpsydsDI95DvJbFkJZeE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  139902

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.146.148.0/23

    Signature Algorithm: sha256WithRSAEncryption
         96:47:ff:95:09:37:bd:86:8c:ab:90:47:ea:db:1a:3c:ee:ac:
         62:1a:ce:f3:d2:4c:fe:99:b4:96:93:87:f2:91:be:66:c8:96:
         a5:6f:c5:7e:a4:24:9a:2c:16:94:74:b6:a0:63:a5:e2:42:11:
         0d:8e:66:d4:a0:2e:5a:46:32:d5:99:85:2c:c4:77:31:71:81:
         d0:4d:70:f4:52:48:b5:92:a0:93:37:e4:a4:42:5b:2d:c6:7d:
         ec:9b:12:59:38:70:3f:91:7f:6e:2c:11:2e:6c:5b:a1:7f:2a:
         5c:48:4f:fc:22:ad:d3:b6:97:3f:07:b3:f1:94:87:eb:ae:d4:
         5a:0e:86:c7:66:65:64:9c:84:75:dc:c0:c1:c7:ad:41:55:4f:
         83:7e:3e:ce:92:63:78:72:f5:a1:3a:1e:8f:cd:a9:71:d4:db:
         05:1f:7e:0e:55:fc:ad:33:54:cc:7d:07:ab:59:19:12:62:a8:
         12:1a:64:37:70:87:24:5f:89:59:81:39:de:a5:d3:d0:61:1e:
         6b:1c:55:fd:7d:ed:a2:aa:8c:21:da:0f:18:16:14:41:26:ed:
         3e:14:80:33:cd:18:a1:28:71:60:0f:90:25:c6:e5:08:29:c7:
         b8:de:5a:db:f3:80:5e:21:68:2d:f9:c2:00:2b:39:e9:a6:5d:
         0c:35:0c:67
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAeB4MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDIyMzIwMDExNVoXDTI1MDMzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQ0JGQ0YxMTAvBgNVBAUTKDg2QjFGMTFEMTgxREE2Q0M5REIwMzIz
REU0M0JDOTZDNTkwOTY1RTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC/zYuLlV73OVL0U6CJ0lgDZiz/vUuR0flZsD9hn9c9W6S+5u0P/ZlWj3SV4uhW
lwe/Ge+0I0JMotodPlRDWUzS75RnJ6NlAvBU64VKTPUPdkhke5fj7dDbNbDjgWLJ
iOF1JQhL/FsaOhHufD1uUSBBbqKeUXlQPQ6bEkfsTDc8C4wH+zQpKDbB6ExPDymE
dXIUrxLCn9DR94qufx3u1iKQ4WvGv85JsnPnF9ZALTTHadpsVWePitsCMK2MAhdB
W/d1XrM4Q/gNyRfO0hCzWy8ILuVYlV0RiAhLF5QIjIRikFqVHfblfQGC7CYrIuUO
D4WJ4BvEtCeVpJ3O2EllfH1jAgMBAAGjggMPMIIDCzAdBgNVHQ4EFgQUhrHxHRgd
psydsDI95DvJbFkJZeEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNCRkNGLzk1NjM5QkYwMjQ4RDExRUFBREEyMDU0RUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDQkZDRi85NTYzOUJGMDI0OEQxMUVBQURBMjA1NEVDNEY5QUUwMi9ockh4SFJn
ZHBzeWRzREk5NUR2SmJGa0paZUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiJ+MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ5KUMA0GCSqG
SIb3DQEBCwUAA4IBAQCWR/+VCTe9hoyrkEfq2xo87qxiGs7z0kz+mbSWk4fykb5m
yJalb8V+pCSaLBaUdLagY6XiQhENjmbUoC5aRjLVmYUsxHcxcYHQTXD0Uki1kqCT
N+SkQlstxn3smxJZOHA/kX9uLBEubFuhfypcSE/8Iq3Ttpc/B7PxlIfrrtRaDobH
ZmVknIR13MDBx61BVU+Dfj7OkmN4cvWhOh6Pzalx1NsFH34OVfytM1TMfQerWRkS
YqgSGmQ3cIckX4lZgTnepdPQYR5rHFX9fe2iqowh2g8YFhRBJu0+FIAzzRihKHFg
D5AlxuUIKce43lrb84BeIWgt+cIAKznppl0MNQxn
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:05:22 2024 by rpki-client on console-ams.rpki-client.org