Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/j-WnyZj7i3isMx6ug7wXhiPuPJ4.cer
File:                     j-WnyZj7i3isMx6ug7wXhiPuPJ4.cer (raw, json)
Hash identifier:          6x/ArFxTxpm8x+prwNd7vD6b7lpyP1ljqlbKRgPOPmY=
Subject key identifier:   8F:E5:A7:C9:98:FB:8B:78:AC:33:1E:AE:83:BC:17:86:23:EE:3C:9E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E70F
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A913EF1D/BA9CD8ACECE611EEAAE9E81EC4F9AE02/j-WnyZj7i3isMx6ug7wXhiPuPJ4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A913EF1D/BA9CD8ACECE611EEAAE9E81EC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 28 Mar 2024 09:37:08 +0000
Certificate not after:    Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources:    AS: 152661
                          IP: 203.28.104.0/23
                          IP: 2401:8d60::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 11:16:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124687 (0x1e70f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar 28 09:37:08 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=A913EF1D/serialNumber=8FE5A7C998FB8B78AC331EAE83BC178623EE3C9E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:f2:7c:c2:77:41:0d:a4:05:76:17:13:70:0f:
                    de:13:74:57:e7:01:e4:d2:5b:cc:a8:c5:2d:b9:25:
                    90:88:f8:89:1a:5d:35:1c:c0:19:78:fe:2f:06:db:
                    cb:f7:03:86:42:06:aa:47:74:98:b4:c7:58:29:e8:
                    51:73:64:a1:9a:4e:8c:3b:f8:c8:c9:7d:8a:81:27:
                    dd:79:e8:45:da:ae:45:57:39:df:c2:f3:37:f7:c1:
                    90:91:ef:bb:a7:78:15:9c:1e:cf:d8:9d:cf:ec:09:
                    27:84:71:55:ee:27:17:73:d7:e7:51:79:27:93:50:
                    39:56:6b:9f:74:80:a6:5c:17:68:00:c5:3f:a0:e3:
                    f4:94:59:3f:0d:87:35:ab:96:7d:99:db:90:57:9a:
                    69:be:08:a0:65:8e:9f:b2:38:09:0b:67:ae:54:60:
                    77:fb:14:e2:81:ef:08:bf:f8:32:08:c2:50:0f:f8:
                    5b:74:7e:f9:62:92:a1:99:b7:da:b4:7f:0d:ba:f5:
                    4a:54:3f:10:00:d2:d5:fe:0c:30:9e:45:a1:5e:20:
                    f9:25:4f:6f:a4:58:c6:a5:55:1f:43:24:5f:34:6a:
                    ec:34:e5:87:a3:01:b2:8e:a5:cc:1b:5f:a7:5b:b9:
                    38:94:87:53:ee:28:a7:2f:6c:8f:b3:1e:80:d7:3d:
                    45:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:E5:A7:C9:98:FB:8B:78:AC:33:1E:AE:83:BC:17:86:23:EE:3C:9E
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913EF1D/BA9CD8ACECE611EEAAE9E81EC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913EF1D/BA9CD8ACECE611EEAAE9E81EC4F9AE02/j-WnyZj7i3isMx6ug7wXhiPuPJ4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  152661

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.28.104.0/23
                IPv6:
                  2401:8d60::/32

    Signature Algorithm: sha256WithRSAEncryption
         b5:19:38:45:4b:52:3c:e3:60:78:98:82:f9:3f:3c:0f:cd:c6:
         5a:cd:f0:b2:d6:22:4f:e3:30:59:65:f0:4a:74:f6:e8:bc:9b:
         5f:60:72:c9:9e:12:6b:ec:c0:e4:0a:0b:7e:79:4d:1d:2d:e8:
         c6:6a:53:54:d6:c2:dc:3d:84:e5:90:73:58:8c:87:38:ff:30:
         ec:39:c4:65:c5:a7:a9:1c:32:50:0d:87:8d:ed:a3:71:6a:7d:
         af:bd:b7:1c:d1:8d:4c:74:99:07:0f:d4:26:a5:79:15:d2:6c:
         a7:f4:a2:98:32:1a:e6:df:d3:42:f3:8d:70:ae:d1:c9:8a:23:
         12:dc:20:15:3a:f1:45:c9:65:74:70:3b:18:60:7e:c7:48:50:
         b0:33:fd:18:82:d2:2c:64:4e:b7:77:27:36:cd:67:99:96:d8:
         b8:a8:b9:46:f4:a3:f9:d5:57:d2:6c:bc:65:de:29:7c:dd:65:
         07:92:cd:f1:15:de:07:05:57:84:f2:ec:7e:20:33:3f:54:05:
         1e:96:72:89:c9:c4:50:54:1f:a5:de:6c:61:21:6f:fb:c4:a4:
         e6:32:95:5d:82:9a:c7:ba:21:99:8e:d5:d3:b0:41:57:c1:92:
         e1:55:8d:42:7a:4c:fd:1d:64:47:a3:d6:4e:25:8d:8f:b3:9b:
         96:43:34:85
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAecPMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMyODA5MzcwOFoXDTI1MDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0VGMUQxMTAvBgNVBAUTKDhGRTVBN0M5OThGQjhCNzhBQzMzMUVB
RTgzQkMxNzg2MjNFRTNDOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCf8nzCd0ENpAV2FxNwD94TdFfnAeTSW8yoxS25JZCI+IkaXTUcwBl4/i8G28v3
A4ZCBqpHdJi0x1gp6FFzZKGaTow7+MjJfYqBJ9156EXarkVXOd/C8zf3wZCR77un
eBWcHs/Ync/sCSeEcVXuJxdz1+dReSeTUDlWa590gKZcF2gAxT+g4/SUWT8NhzWr
ln2Z25BXmmm+CKBljp+yOAkLZ65UYHf7FOKB7wi/+DIIwlAP+Ft0fvlikqGZt9q0
fw269UpUPxAA0tX+DDCeRaFeIPklT2+kWMalVR9DJF80auw05YejAbKOpcwbX6db
uTiUh1PuKKcvbI+zHoDXPUVDAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUj+WnyZj7
i3isMx6ug7wXhiPuPJ4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNFRjFEL0JBOUNEOEFDRUNFNjExRUVBQUU5RTgxRUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzRUYxRC9CQTlDRDhBQ0VDRTYxMUVFQUFFOUU4MUVDNEY5QUUwMi9qLVdueVpq
N2kzaXNNeDZ1Zzd3WGhpUHVQSjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAlRVMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQByxxoMA0EAgAC
MAcDBQAkAY1gMA0GCSqGSIb3DQEBCwUAA4IBAQC1GThFS1I842B4mIL5PzwPzcZa
zfCy1iJP4zBZZfBKdPbovJtfYHLJnhJr7MDkCgt+eU0dLejGalNU1sLcPYTlkHNY
jIc4/zDsOcRlxaepHDJQDYeN7aNxan2vvbcc0Y1MdJkHD9QmpXkV0myn9KKYMhrm
39NC841wrtHJiiMS3CAVOvFFyWV0cDsYYH7HSFCwM/0YgtIsZE63dyc2zWeZlti4
qLlG9KP51VfSbLxl3il83WUHks3xFd4HBVeE8ux+IDM/VAUelnKJycRQVB+l3mxh
IW/7xKTmMpVdgprHuiGZjtXTsEFXwZLhVY1Cekz9HWRHo9ZOJY2Ps5uWQzSF
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:37:42 2024 by rpki-client on console-ams.rpki-client.org