Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDgUcj_HVempuhvDNWZKUZu8HO4.cer
File:                     jDgUcj_HVempuhvDNWZKUZu8HO4.cer (raw, json)
Hash identifier:          xmSqnpVIvqaJIxzXYSvFmQYrqOfCOIyABMDtGOFELkk=
Subject key identifier:   8C:38:14:72:3F:C7:55:E9:A9:BA:1B:C3:35:66:4A:51:9B:BC:1C:EE
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D07B
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A913C40D/50F775A63BCC11ECA791F25DC4F9AE02/jDgUcj_HVempuhvDNWZKUZu8HO4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A913C40D/50F775A63BCC11ECA791F25DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 07 Dec 2023 14:20:15 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    IP: 43.251.224.0/22
                          IP: 103.43.8.0/22

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 02 Dec 2024 17:05:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 118907 (0x1d07b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec  7 14:20:15 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A913C40D/serialNumber=8C3814723FC755E9A9BA1BC335664A519BBC1CEE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:a3:56:cd:90:2b:07:a0:89:e5:9e:41:2b:b8:
                    2c:36:b0:b7:3d:8f:13:36:a4:0b:a3:e6:6e:dc:76:
                    b4:ed:ba:f8:fe:4c:c9:80:b3:e6:8d:df:5d:a5:17:
                    10:a3:ef:e2:25:bf:06:3a:57:36:fe:1f:27:b0:a0:
                    26:fa:4c:a2:43:a6:ae:d4:aa:8b:4a:5d:d7:d2:9b:
                    09:6b:04:57:8d:ef:a0:7f:08:d4:2e:3a:94:62:56:
                    b4:d5:cb:20:8e:63:08:88:52:64:07:a7:ab:6b:dd:
                    0e:96:a4:12:92:e2:1f:47:f2:64:cc:04:08:e0:8a:
                    d2:3b:03:ce:86:97:16:f5:09:3d:57:bd:57:4c:00:
                    db:c2:23:16:ca:9f:33:58:b2:4a:7e:75:60:8e:ee:
                    8e:4c:11:bf:d1:dc:9d:a6:d1:34:74:b9:58:dc:c8:
                    8e:98:c5:97:fe:c5:6c:c2:f4:ac:d4:38:3d:30:2a:
                    c6:a2:65:8d:64:23:5e:48:e1:b1:e7:e5:4a:af:e1:
                    46:db:bb:98:cb:94:2a:83:d5:e0:05:74:ed:7e:bc:
                    44:e9:64:c0:fe:ba:31:80:fc:36:73:02:fe:db:a7:
                    e2:b7:76:b5:d2:6c:5d:53:90:33:ac:9b:36:be:fe:
                    7d:32:68:0e:39:b8:64:9e:95:8a:ca:c7:8c:97:81:
                    79:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:38:14:72:3F:C7:55:E9:A9:BA:1B:C3:35:66:4A:51:9B:BC:1C:EE
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913C40D/50F775A63BCC11ECA791F25DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913C40D/50F775A63BCC11ECA791F25DC4F9AE02/jDgUcj_HVempuhvDNWZKUZu8HO4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.251.224.0/22
                  103.43.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         41:02:a6:17:53:e0:bd:02:69:30:0e:8c:7a:31:d7:9a:3c:59:
         34:e6:2e:37:f0:03:ff:d9:9a:1b:e7:b8:d6:54:fe:56:86:5a:
         64:c1:cf:64:99:24:fa:00:ce:e9:a2:e5:7f:0e:56:90:97:75:
         91:8f:a4:61:e8:03:67:45:7e:86:fd:d5:83:bb:60:7f:71:9c:
         89:c9:ca:13:18:d9:70:12:fc:3e:96:16:31:e1:44:1e:34:56:
         95:9d:f4:e3:fb:ba:64:92:26:57:db:b1:7d:25:f8:9d:b4:af:
         98:98:fb:d5:ad:5f:c2:9e:fb:c9:bb:55:b3:5a:94:7c:3c:73:
         66:59:7a:43:da:27:41:56:27:40:c7:f2:1f:a3:f2:ee:3f:4c:
         cf:3a:97:e8:d9:b8:bd:51:ef:34:f7:eb:29:62:0d:d7:92:e0:
         a9:ad:ab:3e:e5:38:11:fc:39:c4:57:a7:3a:5b:ef:35:84:2b:
         73:72:7a:33:10:79:73:76:54:10:aa:4d:03:d1:c0:f4:87:24:
         27:a1:b3:63:4b:1d:20:ce:96:04:ce:7d:78:a4:0d:63:3e:af:
         0a:5b:35:c4:cf:bd:d1:55:28:ca:ea:4e:6b:c7:79:ca:24:9f:
         0c:f5:2e:86:62:dc:a0:72:48:e6:a9:ea:e5:1d:85:38:d3:9e:
         1d:92:3f:83
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgIDAdB7MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIwNzE0MjAxNVoXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0M0MEQxMTAvBgNVBAUTKDhDMzgxNDcyM0ZDNzU1RTlBOUJBMUJD
MzM1NjY0QTUxOUJCQzFDRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8o1bNkCsHoInlnkEruCw2sLc9jxM2pAuj5m7cdrTtuvj+TMmAs+aN312lFxCj
7+IlvwY6Vzb+HyewoCb6TKJDpq7UqotKXdfSmwlrBFeN76B/CNQuOpRiVrTVyyCO
YwiIUmQHp6tr3Q6WpBKS4h9H8mTMBAjgitI7A86Glxb1CT1XvVdMANvCIxbKnzNY
skp+dWCO7o5MEb/R3J2m0TR0uVjcyI6YxZf+xWzC9KzUOD0wKsaiZY1kI15I4bHn
5Uqv4Ubbu5jLlCqD1eAFdO1+vETpZMD+ujGA/DZzAv7bp+K3drXSbF1TkDOsmza+
/n0yaA45uGSelYrKx4yXgXl/AgMBAAGjggL5MIIC9TAdBgNVHQ4EFgQUjDgUcj/H
VempuhvDNWZKUZu8HO4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNDNDBELzUwRjc3NUE2M0JDQzExRUNBNzkxRjI1REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzQzQwRC81MEY3NzVBNjNCQ0MxMUVDQTc5MUYyNURDNEY5QUUwMi9qRGdVY2pf
SFZlbXB1aHZETldaS1VadThITzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8EFjAU
MBIEAgABMAwDBAIr++ADBAJnKwgwDQYJKoZIhvcNAQELBQADggEBAEECphdT4L0C
aTAOjHox15o8WTTmLjfwA//ZmhvnuNZU/laGWmTBz2SZJPoAzumi5X8OVpCXdZGP
pGHoA2dFfob91YO7YH9xnInJyhMY2XAS/D6WFjHhRB40VpWd9OP7umSSJlfbsX0l
+J20r5iY+9WtX8Ke+8m7VbNalHw8c2ZZekPaJ0FWJ0DH8h+j8u4/TM86l+jZuL1R
7zT36yliDdeS4Kmtqz7lOBH8OcRXpzpb7zWEK3NyejMQeXN2VBCqTQPRwPSHJCeh
s2NLHSDOlgTOfXikDWM+rwpbNcTPvdFVKMrqTmvHecoknwz1LoZi3KBySOap6uUd
hTjTnh2SP4M=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:49:48 2024 by rpki-client on console-ams.rpki-client.org