Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iCJHhVdMHyPKnEOe2PVTiPamjOI.cer
File:                     iCJHhVdMHyPKnEOe2PVTiPamjOI.cer (raw, json)
Hash identifier:          xQPIzQXKjb+eBzIeP//+iVzYpYAnNJFmwp0s8JZ12S0=
Subject key identifier:   88:22:47:85:57:4C:1F:23:CA:9C:43:9E:D8:F5:53:88:F6:A6:8C:E2
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D200
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 14 Dec 2023 16:06:58 +0000
Certificate not after:    Fri 31 Jan 2025 00:00:00 +0000
Subordinate resources:    AS: 150387
                          IP: 103.26.238.0/23
                          IP: 2001:df1:7240::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 119296 (0x1d200)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec 14 16:06:58 2023 GMT
            Not After : Jan 31 00:00:00 2025 GMT
        Subject: CN=A91689B7/serialNumber=88224785574C1F23CA9C439ED8F55388F6A68CE2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:a4:7d:89:e4:6d:0e:c2:7c:20:75:87:03:8c:
                    b4:d2:b8:15:f8:38:c1:79:85:78:6e:ec:f0:19:a3:
                    b5:7c:6f:f5:48:8f:a6:77:09:46:af:55:67:f7:34:
                    cf:a5:8f:4b:bd:57:7a:af:90:bb:29:5a:13:cc:cf:
                    2b:05:3d:38:1f:6e:13:d1:ac:0f:b4:25:be:fc:25:
                    73:52:2d:b3:98:7a:60:e2:ce:1b:95:89:4e:31:49:
                    fc:b7:9b:c3:2c:da:52:09:05:c0:c5:97:4d:e6:30:
                    e3:07:96:29:1d:ce:32:5f:0e:58:54:9b:c9:de:87:
                    9f:d4:c5:55:7d:74:61:59:6f:26:2d:c3:ee:e8:94:
                    59:8c:93:81:8f:27:59:81:e5:23:4b:f1:68:dd:cf:
                    f4:c7:c8:7d:9b:46:f1:23:0b:75:96:51:68:dd:9c:
                    b9:f7:8c:44:f0:4c:e9:ed:36:d1:0b:63:25:16:cc:
                    09:05:66:fc:d7:99:e9:86:61:02:e4:7a:f3:5d:df:
                    45:c4:8a:cb:f9:be:d6:6f:93:a8:01:49:88:d2:8e:
                    da:7b:fe:48:d6:4b:14:30:e9:f0:ec:fc:5d:da:fa:
                    cc:ad:b4:24:a5:2b:48:76:6a:2c:20:24:54:43:68:
                    d7:09:3c:1d:d3:63:9c:15:0c:17:62:b7:46:9e:ab:
                    23:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:22:47:85:57:4C:1F:23:CA:9C:43:9E:D8:F5:53:88:F6:A6:8C:E2
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  150387

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.26.238.0/23
                IPv6:
                  2001:df1:7240::/48

    Signature Algorithm: sha256WithRSAEncryption
         7b:45:e6:0e:0e:cd:1c:58:76:15:7d:5c:e2:b7:05:38:06:25:
         89:47:d3:76:be:de:b7:0c:e1:e6:ed:8d:a3:3a:ee:a0:7a:ff:
         f8:d4:93:35:81:f2:bd:75:18:28:91:1e:53:4b:2b:03:ca:e2:
         36:5d:74:1e:76:e0:07:77:2d:c2:56:b5:52:ec:77:6f:00:fe:
         8a:47:fc:88:a3:7b:8e:03:b5:0b:34:90:3e:25:a0:ad:7b:0c:
         06:4f:e7:81:f5:6a:de:82:fa:c0:e4:8f:96:d5:c5:86:ab:34:
         9e:49:46:cd:ef:b4:ab:92:19:40:a8:98:a8:b1:0f:26:e5:d3:
         c1:42:b8:6d:c3:5a:5e:39:e5:1f:f0:42:0d:9a:2c:4e:e1:67:
         3d:ab:54:a5:1c:75:33:19:71:37:9b:6c:25:84:f7:2e:05:ce:
         95:2f:b5:74:82:c0:7a:41:c6:09:19:e7:3e:48:3e:9b:69:31:
         fd:10:34:02:4a:67:55:8e:6f:72:e6:4e:66:ac:5c:c1:8c:73:
         0f:18:5b:93:5f:fb:ea:4d:e4:09:52:ae:70:de:bf:e9:9f:8a:
         41:86:1b:1e:34:7a:17:db:df:5c:1f:4e:65:14:a5:52:78:a0:
         d7:fa:52:17:e8:80:66:f7:c9:b3:a6:d3:8e:ef:0d:d8:99:29:
         b0:fd:57:eb
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAdIAMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIxNDE2MDY1OFoXDTI1MDEzMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjg5QjcxMTAvBgNVBAUTKDg4MjI0Nzg1NTc0QzFGMjNDQTlDNDM5
RUQ4RjU1Mzg4RjZBNjhDRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGpH2J5G0OwnwgdYcDjLTSuBX4OMF5hXhu7PAZo7V8b/VIj6Z3CUavVWf3NM+l
j0u9V3qvkLspWhPMzysFPTgfbhPRrA+0Jb78JXNSLbOYemDizhuViU4xSfy3m8Ms
2lIJBcDFl03mMOMHlikdzjJfDlhUm8neh5/UxVV9dGFZbyYtw+7olFmMk4GPJ1mB
5SNL8Wjdz/THyH2bRvEjC3WWUWjdnLn3jETwTOntNtELYyUWzAkFZvzXmemGYQLk
evNd30XEisv5vtZvk6gBSYjSjtp7/kjWSxQw6fDs/F3a+syttCSlK0h2aiwgJFRD
aNcJPB3TY5wVDBdit0aeqyODAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUiCJHhVdM
HyPKnEOe2PVTiPamjOIwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTY4OUI3L0IxRTU0QUI4NTZBMjExRURCNEExQjIyNUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2ODlCNy9CMUU1NEFCODU2QTIxMUVEQjRBMUIyMjVDNEY5QUUwMi9pQ0pIaFZk
TUh5UEtuRU9lMlBWVGlQYW1qT0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAktzMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZxruMA8EAgAC
MAkDBwAgAQ3xckAwDQYJKoZIhvcNAQELBQADggEBAHtF5g4OzRxYdhV9XOK3BTgG
JYlH03a+3rcM4ebtjaM67qB6//jUkzWB8r11GCiRHlNLKwPK4jZddB524Ad3LcJW
tVLsd28A/opH/Iije44DtQs0kD4loK17DAZP54H1at6C+sDkj5bVxYarNJ5JRs3v
tKuSGUComKixDybl08FCuG3DWl455R/wQg2aLE7hZz2rVKUcdTMZcTebbCWE9y4F
zpUvtXSCwHpBxgkZ5z5IPptpMf0QNAJKZ1WOb3LmTmasXMGMcw8YW5Nf++pN5AlS
rnDev+mfikGGGx40ehfb31wfTmUUpVJ4oNf6UhfogGb3ybOm047vDdiZKbD9V+s=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:59:58 2024 by rpki-client on console-ams.rpki-client.org