Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jNoITiPVt1Cao6ktrKCxrcnZ-0g.cer
File:                     jNoITiPVt1Cao6ktrKCxrcnZ-0g.cer (raw, json)
Hash identifier:          l1tHEOLh1f4B5LUrxnm4oAGP9jt7m2sTyUPh2UJPcR0=
Subject key identifier:   8C:DA:08:4E:23:D5:B7:50:9A:A3:A9:2D:AC:A0:B1:AD:C9:D9:FB:48
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C213
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91684D0/DCCD58B65E8F11ED8C996963C4F9AE02/jNoITiPVt1Cao6ktrKCxrcnZ-0g.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91684D0/DCCD58B65E8F11ED8C996963C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 04 Oct 2023 16:57:15 +0000
Certificate not after:    Sun 01 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 138162

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 13:06:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 115219 (0x1c213)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct  4 16:57:15 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=A91684D0/serialNumber=8CDA084E23D5B7509AA3A92DACA0B1ADC9D9FB48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:7f:c5:95:52:23:c8:66:96:61:3a:91:ad:b8:
                    7c:2a:0a:a7:da:99:b8:00:ef:0f:5d:63:ae:40:db:
                    61:53:6d:9e:18:a5:ec:b0:5f:c0:16:5d:a5:25:08:
                    a7:b1:f8:d8:16:9f:57:86:d3:a6:fc:e4:59:20:8e:
                    64:00:67:9d:08:08:36:d1:be:66:7e:05:bd:46:94:
                    da:f6:69:01:81:84:ee:4b:30:a1:e3:b0:e3:c7:d9:
                    50:31:0c:e7:fc:69:ea:d1:17:5c:d8:7b:d6:24:10:
                    3d:19:0b:64:ff:67:ba:91:d1:57:58:47:1d:b6:11:
                    4a:1f:11:b9:9c:1d:24:08:bd:fa:13:23:79:22:48:
                    43:20:0d:6f:88:60:ec:dc:98:3f:6a:06:09:d3:7f:
                    a8:8d:6e:9c:33:b6:20:d3:21:3b:de:36:40:1d:28:
                    9b:9b:e4:39:bb:34:4f:df:ff:2f:3f:ff:15:27:ce:
                    dc:0e:64:e1:48:d4:ea:85:7b:54:c8:b4:db:73:ce:
                    6f:ed:c2:f9:66:22:23:be:41:80:bc:af:20:aa:31:
                    5c:14:0d:68:b2:e4:2d:d9:8f:7b:d1:44:45:1f:64:
                    d2:b5:48:a3:34:e6:85:03:b5:77:b4:b0:ae:3b:02:
                    26:89:c7:7e:7a:9e:6d:a7:b8:77:fa:a0:ec:c0:d0:
                    8a:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:DA:08:4E:23:D5:B7:50:9A:A3:A9:2D:AC:A0:B1:AD:C9:D9:FB:48
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91684D0/DCCD58B65E8F11ED8C996963C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91684D0/DCCD58B65E8F11ED8C996963C4F9AE02/jNoITiPVt1Cao6ktrKCxrcnZ-0g.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  138162

    Signature Algorithm: sha256WithRSAEncryption
         36:2c:c1:4c:80:bb:cf:9b:cd:78:5c:37:28:e7:4a:3a:0f:53:
         5e:ad:90:93:3d:e0:18:e6:8b:fb:91:4b:7a:09:8e:0b:af:ad:
         d0:71:6f:3a:9e:f5:bc:a4:b6:a8:4f:15:bf:f4:8f:44:39:03:
         d7:02:c6:f5:00:a7:e8:e8:f5:55:b5:70:67:e1:6e:1c:8d:3c:
         9d:87:1c:ac:00:4e:db:e1:ff:ea:86:af:60:ef:4f:10:4e:a4:
         49:5e:1c:01:6b:7f:a4:d0:b0:b4:8b:8c:69:4e:a5:e9:68:2c:
         24:ef:cb:ac:1b:20:68:8e:0d:57:8f:b4:66:e7:5b:ad:b8:11:
         75:bd:15:f3:95:f2:71:f0:bc:ec:53:32:12:d0:cc:36:c1:9a:
         d2:8f:40:b8:9f:55:1b:37:2b:76:f2:87:4e:fc:cf:76:ad:4f:
         f1:74:9d:aa:4e:64:b6:44:a3:b5:eb:d5:fc:86:40:e4:e6:66:
         75:d2:55:fb:18:28:90:fe:88:f9:e2:56:be:30:49:ff:92:e6:
         aa:4d:c4:f7:ca:ca:3b:6a:0c:ee:cd:1c:b3:5c:90:8a:a3:55:
         f6:21:55:3d:03:50:ce:6b:e6:02:a6:a8:93:57:6b:80:72:8b:
         84:0a:58:02:a4:04:0d:55:30:78:42:5a:f5:6c:94:e6:8a:c2:
         6e:57:48:38
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIDAcITMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAwNDE2NTcxNVoXDTI0MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNjg0RDAxMTAvBgNVBAUTKDhDREEwODRFMjNENUI3NTA5QUEzQTky
REFDQTBCMUFEQzlEOUZCNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDcf8WVUiPIZpZhOpGtuHwqCqfambgA7w9dY65A22FTbZ4YpeywX8AWXaUlCKex
+NgWn1eG06b85FkgjmQAZ50ICDbRvmZ+Bb1GlNr2aQGBhO5LMKHjsOPH2VAxDOf8
aerRF1zYe9YkED0ZC2T/Z7qR0VdYRx22EUofEbmcHSQIvfoTI3kiSEMgDW+IYOzc
mD9qBgnTf6iNbpwztiDTITveNkAdKJub5Dm7NE/f/y8//xUnztwOZOFI1OqFe1TI
tNtzzm/twvlmIiO+QYC8ryCqMVwUDWiy5C3Zj3vRREUfZNK1SKM05oUDtXe0sK47
AiaJx356nm2nuHf6oOzA0IpHAgMBAAGjggLuMIIC6jAdBgNVHQ4EFgQUjNoITiPV
t1Cao6ktrKCxrcnZ+0gwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTY4NEQwL0RDQ0Q1OEI2NUU4RjExRUQ4Qzk5Njk2M0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE2ODREMC9EQ0NENThCNjVFOEYxMUVEOEM5OTY5NjNDNEY5QUUwMi9qTm9JVGlQ
VnQxQ2FvNmt0cktDeHJjblotMGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhuyMA0GCSqGSIb3DQEBCwUAA4IBAQA2LMFMgLvPm814XDco50o6D1Ne
rZCTPeAY5ov7kUt6CY4Lr63QcW86nvW8pLaoTxW/9I9EOQPXAsb1AKfo6PVVtXBn
4W4cjTydhxysAE7b4f/qhq9g708QTqRJXhwBa3+k0LC0i4xpTqXpaCwk78usGyBo
jg1Xj7Rm51utuBF1vRXzlfJx8LzsUzIS0Mw2wZrSj0C4n1UbNyt28odO/M92rU/x
dJ2qTmS2RKO169X8hkDk5mZ10lX7GCiQ/oj54la+MEn/kuaqTcT3yso7agzuzRyz
XJCKo1X2IVU9A1DOa+YCpqiTV2uAcouEClgCpAQNVTB4Qlr1bJTmisJuV0g4
-----END CERTIFICATE-----
Generated at Thu Mar 28 14:08:07 2024 by rpki-client on console-fra.rpki-client.org