Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i8Ac6kTT7Yj0FTFyt5JFZxXFJgs.cer
File:                     i8Ac6kTT7Yj0FTFyt5JFZxXFJgs.cer (raw, json)
Hash identifier:          5PlG5gYYJInme3EoyO/mFloTiHbx97IPXRL/agThB1c=
Subject key identifier:   8B:C0:1C:EA:44:D3:ED:88:F4:15:31:72:B7:92:45:67:15:C5:26:0B
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C32F
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91BE056/FB59344EFB1C11EBB5464F64C4F9AE02/i8Ac6kTT7Yj0FTFyt5JFZxXFJgs.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91BE056/FB59344EFB1C11EBB5464F64C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Tue 10 Oct 2023 18:31:16 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 142629
                          IP: 103.171.89.0/24
                          IP: 2001:df7:4280::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 04:49:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 115503 (0x1c32f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct 10 18:31:16 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A91BE056/serialNumber=8BC01CEA44D3ED88F4153172B792456715C5260B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:fd:17:f6:bf:22:2a:43:bc:ea:04:4f:69:ae:
                    2f:e0:74:44:f8:60:5b:fd:75:c7:e5:d9:2a:80:3c:
                    a8:b4:04:d8:6f:8d:a6:d1:18:78:3c:38:92:c7:ee:
                    65:36:c1:e4:82:6c:c5:88:89:29:69:5e:6a:79:02:
                    f1:1a:1d:ae:0d:e9:bd:33:24:51:cf:30:dd:5c:eb:
                    b2:69:fb:33:7c:c9:db:15:0b:7b:19:04:fb:d5:e9:
                    01:f6:ab:f9:b7:f0:6c:03:4b:04:31:8a:1d:81:92:
                    e7:02:8a:b8:e2:49:c5:47:7d:42:08:f2:6f:71:c9:
                    09:dc:05:aa:37:5a:57:22:7c:c5:35:2b:a5:d4:ae:
                    01:8b:e6:6c:09:1d:35:80:9d:e1:42:f9:be:67:bd:
                    ad:cc:47:62:8e:4d:ed:0f:f7:89:91:7d:e4:a9:51:
                    e5:27:13:1a:3c:a3:56:a9:1a:fc:c5:e1:57:b9:6f:
                    59:b2:25:a6:5a:e6:a9:77:a4:ab:f2:5c:1b:11:95:
                    7f:08:b5:00:42:fe:3f:69:34:a6:02:32:0e:4b:1b:
                    2d:35:37:05:9d:6b:03:ac:f9:60:fd:25:87:32:b6:
                    69:d8:7a:b9:78:02:c2:3d:d6:b0:6e:5f:fa:d8:36:
                    5c:85:8a:89:65:4c:5b:9d:79:8b:c1:d0:ca:97:8e:
                    14:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:C0:1C:EA:44:D3:ED:88:F4:15:31:72:B7:92:45:67:15:C5:26:0B
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91BE056/FB59344EFB1C11EBB5464F64C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91BE056/FB59344EFB1C11EBB5464F64C4F9AE02/i8Ac6kTT7Yj0FTFyt5JFZxXFJgs.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  142629

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.171.89.0/24
                IPv6:
                  2001:df7:4280::/48

    Signature Algorithm: sha256WithRSAEncryption
         42:64:92:e9:b4:18:3a:05:7c:9a:02:e2:84:53:be:0f:7f:db:
         46:30:7b:75:39:dd:17:9b:70:f0:c6:b2:03:b7:c0:ef:c2:e8:
         cd:22:b7:a6:02:f3:bd:16:ee:bb:8c:14:80:4c:92:a5:08:00:
         1f:0a:b0:b7:68:95:9f:01:8f:f0:80:ed:e5:7d:06:1f:85:c2:
         fa:78:f8:85:5b:5c:11:3f:71:d4:8d:08:89:22:c2:0e:6a:f6:
         49:5f:f3:fe:c5:89:bf:6a:e2:a6:fa:6d:d3:2a:eb:38:62:8d:
         ad:5d:ae:ee:93:99:b6:bf:41:a7:0c:cf:e0:cf:84:e7:36:2d:
         48:60:66:f0:1d:3f:65:a8:f8:64:dd:67:b1:dc:15:e4:86:f4:
         0e:01:e2:1a:c9:f0:d4:aa:df:dd:a5:71:81:bb:63:d3:97:b2:
         74:3d:f3:ec:dc:66:3a:56:2d:3d:17:98:92:dc:a4:32:91:52:
         a0:45:66:5b:47:10:e1:12:5e:58:03:bd:70:7d:13:e0:3d:e0:
         c4:aa:af:03:df:19:05:b8:20:8e:13:68:81:70:45:29:2c:2d:
         e6:d2:b1:1d:9d:79:52:f1:99:a6:39:f6:68:be:f3:c5:e2:78:
         ce:87:e5:e7:45:57:fb:79:98:5f:99:81:0a:a6:aa:54:13:3c:
         c6:fd:c5:dd
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAcMvMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAxMDE4MzExNloXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQkUwNTYxMTAvBgNVBAUTKDhCQzAxQ0VBNDREM0VEODhGNDE1MzE3
MkI3OTI0NTY3MTVDNTI2MEIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7/Rf2vyIqQ7zqBE9pri/gdET4YFv9dcfl2SqAPKi0BNhvjabRGHg8OJLH7mU2
weSCbMWIiSlpXmp5AvEaHa4N6b0zJFHPMN1c67Jp+zN8ydsVC3sZBPvV6QH2q/m3
8GwDSwQxih2BkucCirjiScVHfUII8m9xyQncBao3WlcifMU1K6XUrgGL5mwJHTWA
neFC+b5nva3MR2KOTe0P94mRfeSpUeUnExo8o1apGvzF4Ve5b1myJaZa5ql3pKvy
XBsRlX8ItQBC/j9pNKYCMg5LGy01NwWdawOs+WD9JYcytmnYerl4AsI91rBuX/rY
NlyFiollTFudeYvB0MqXjhQzAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUi8Ac6kTT
7Yj0FTFyt5JFZxXFJgswHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUJFMDU2L0ZCNTkzNDRFRkIxQzExRUJCNTQ2NEY2NEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCRTA1Ni9GQjU5MzQ0RUZCMUMxMUVCQjU0NjRGNjRDNEY5QUUwMi9pOEFjNmtU
VDdZajBGVEZ5dDVKRlp4WEZKZ3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAi0lMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAZ6tZMA8EAgAC
MAkDBwAgAQ33QoAwDQYJKoZIhvcNAQELBQADggEBAEJkkum0GDoFfJoC4oRTvg9/
20Ywe3U53RebcPDGsgO3wO/C6M0it6YC870W7ruMFIBMkqUIAB8KsLdolZ8Bj/CA
7eV9Bh+Fwvp4+IVbXBE/cdSNCIkiwg5q9klf8/7Fib9q4qb6bdMq6zhija1dru6T
mba/QacMz+DPhOc2LUhgZvAdP2Wo+GTdZ7HcFeSG9A4B4hrJ8NSq392lcYG7Y9OX
snQ98+zcZjpWLT0XmJLcpDKRUqBFZltHEOESXlgDvXB9E+A94MSqrwPfGQW4II4T
aIFwRSksLebSsR2deVLxmaY59mi+88XieM6H5edFV/t5mF+ZgQqmqlQTPMb9xd0=
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:02:33 2024 by rpki-client on console-fra.rpki-client.org