Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jDgUcj_HVempuhvDNWZKUZu8HO4.cer
File:                     jDgUcj_HVempuhvDNWZKUZu8HO4.cer (download)
Hash identifier:          9L2KZyDKnHH1FNLTiQ15sLgRE8oWF+yBfXXixhvI3t8=
Subject key identifier:   8C:38:14:72:3F:C7:55:E9:A9:BA:1B:C3:35:66:4A:51:9B:BC:1C:EE
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       017DCD
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A913C40D/50F775A63BCC11ECA791F25DC4F9AE02/jDgUcj_HVempuhvDNWZKUZu8HO4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A913C40D/50F775A63BCC11ECA791F25DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate valid until:  Fri 01 Mar 2024 00:00:00 +0000
Subordinate resources:
    1: IP: 43.251.224.0/22
    2: IP: 103.43.8.0/22

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 97741 (0x17dcd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec  5 03:28:37 2022 GMT
            Not After : Mar  1 00:00:00 2024 GMT
        Subject: CN=A913C40D/serialNumber=8C3814723FC755E9A9BA1BC335664A519BBC1CEE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:a3:56:cd:90:2b:07:a0:89:e5:9e:41:2b:b8:
                    2c:36:b0:b7:3d:8f:13:36:a4:0b:a3:e6:6e:dc:76:
                    b4:ed:ba:f8:fe:4c:c9:80:b3:e6:8d:df:5d:a5:17:
                    10:a3:ef:e2:25:bf:06:3a:57:36:fe:1f:27:b0:a0:
                    26:fa:4c:a2:43:a6:ae:d4:aa:8b:4a:5d:d7:d2:9b:
                    09:6b:04:57:8d:ef:a0:7f:08:d4:2e:3a:94:62:56:
                    b4:d5:cb:20:8e:63:08:88:52:64:07:a7:ab:6b:dd:
                    0e:96:a4:12:92:e2:1f:47:f2:64:cc:04:08:e0:8a:
                    d2:3b:03:ce:86:97:16:f5:09:3d:57:bd:57:4c:00:
                    db:c2:23:16:ca:9f:33:58:b2:4a:7e:75:60:8e:ee:
                    8e:4c:11:bf:d1:dc:9d:a6:d1:34:74:b9:58:dc:c8:
                    8e:98:c5:97:fe:c5:6c:c2:f4:ac:d4:38:3d:30:2a:
                    c6:a2:65:8d:64:23:5e:48:e1:b1:e7:e5:4a:af:e1:
                    46:db:bb:98:cb:94:2a:83:d5:e0:05:74:ed:7e:bc:
                    44:e9:64:c0:fe:ba:31:80:fc:36:73:02:fe:db:a7:
                    e2:b7:76:b5:d2:6c:5d:53:90:33:ac:9b:36:be:fe:
                    7d:32:68:0e:39:b8:64:9e:95:8a:ca:c7:8c:97:81:
                    79:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                8C:38:14:72:3F:C7:55:E9:A9:BA:1B:C3:35:66:4A:51:9B:BC:1C:EE
            X509v3 Authority Key Identifier: 
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913C40D/50F775A63BCC11ECA791F25DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913C40D/50F775A63BCC11ECA791F25DC4F9AE02/jDgUcj_HVempuhvDNWZKUZu8HO4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.251.224.0/22
                  103.43.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1a:93:37:0c:29:71:20:e1:fd:d7:8a:f9:8d:58:15:9a:64:1d:
         58:7c:2e:b0:6a:a1:83:e3:46:af:43:37:16:4f:ca:b2:4a:70:
         dc:4a:db:bd:1a:0a:75:d4:ea:a3:d8:4a:84:86:bf:aa:c5:b3:
         2b:8b:79:a1:a8:13:ae:14:ad:48:e4:80:76:78:51:72:73:d5:
         33:b4:f3:9b:0c:f7:4e:99:2e:89:82:9e:58:b3:50:b1:57:69:
         e8:df:9f:dd:9d:35:e8:33:21:d0:53:eb:1b:1e:99:8c:c8:58:
         db:d2:2b:2f:66:5f:bf:92:3f:d7:65:0e:28:d4:56:a1:1c:fa:
         19:11:71:f8:e3:dc:b8:d9:dd:44:6e:ad:99:98:2a:bb:a1:03:
         50:0c:86:e3:86:2f:d2:3e:7b:eb:ff:0a:ea:05:39:eb:d8:9f:
         46:07:5d:74:a5:76:6a:2d:ea:4e:b1:0e:b6:95:ec:4b:b1:4e:
         93:70:34:9a:de:b0:fc:08:41:49:73:8c:a7:8b:98:9b:38:d9:
         ad:c8:5a:78:ee:f4:f6:39:43:25:14:ba:97:97:76:99:85:83:
         75:ec:70:4b:b8:8f:bb:58:d8:6d:0d:15:da:15:77:d7:8f:df:
         6d:be:81:2f:53:b4:3c:6e:0c:69:69:a7:ff:68:f4:c6:89:db:
         2b:f8:33:c3
-----BEGIN CERTIFICATE-----
MIIGBDCCBOygAwIBAgIDAX3NMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIyMTIwNTAzMjgzN1oXDTI0MDMwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0M0MEQxMTAvBgNVBAUTKDhDMzgxNDcyM0ZDNzU1RTlBOUJBMUJD
MzM1NjY0QTUxOUJCQzFDRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8o1bNkCsHoInlnkEruCw2sLc9jxM2pAuj5m7cdrTtuvj+TMmAs+aN312lFxCj
7+IlvwY6Vzb+HyewoCb6TKJDpq7UqotKXdfSmwlrBFeN76B/CNQuOpRiVrTVyyCO
YwiIUmQHp6tr3Q6WpBKS4h9H8mTMBAjgitI7A86Glxb1CT1XvVdMANvCIxbKnzNY
skp+dWCO7o5MEb/R3J2m0TR0uVjcyI6YxZf+xWzC9KzUOD0wKsaiZY1kI15I4bHn
5Uqv4Ubbu5jLlCqD1eAFdO1+vETpZMD+ujGA/DZzAv7bp+K3drXSbF1TkDOsmza+
/n0yaA45uGSelYrKx4yXgXl/AgMBAAGjggL5MIIC9TAdBgNVHQ4EFgQUjDgUcj/H
VempuhvDNWZKUZu8HO4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNDNDBELzUwRjc3NUE2M0JDQzExRUNBNzkxRjI1REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzQzQwRC81MEY3NzVBNjNCQ0MxMUVDQTc5MUYyNURDNEY5QUUwMi9qRGdVY2pf
SFZlbXB1aHZETldaS1VadThITzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8EFjAU
MBIEAgABMAwDBAIr++ADBAJnKwgwDQYJKoZIhvcNAQELBQADggEBABqTNwwpcSDh
/deK+Y1YFZpkHVh8LrBqoYPjRq9DNxZPyrJKcNxK270aCnXU6qPYSoSGv6rFsyuL
eaGoE64UrUjkgHZ4UXJz1TO085sM906ZLomCnlizULFXaejfn92dNegzIdBT6xse
mYzIWNvSKy9mX7+SP9dlDijUVqEc+hkRcfjj3LjZ3URurZmYKruhA1AMhuOGL9I+
e+v/CuoFOevYn0YHXXSldmot6k6xDraV7EuxTpNwNJresPwIQUlzjKeLmJs42a3I
Wnju9PY5QyUUupeXdpmFg3XscEu4j7tY2G0NFdoVd9eP322+gS9TtDxuDGlpp/9o
9MaJ2yv4M8M=
-----END CERTIFICATE-----
Generated at Mon Feb 6 18:54:25 2023 by rpki-client.