Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jsTj-v1QkSiuwsCHnmr5E54V6rY.cer
File:                     jsTj-v1QkSiuwsCHnmr5E54V6rY.cer (raw, json)
Hash identifier:          G99MaYYXhDw+E8vh+ARr3WbwFaerFuRIejxa5pwfnq0=
Subject key identifier:   8E:C4:E3:FA:FD:50:91:28:AE:C2:C0:87:9E:6A:F9:13:9E:15:EA:B6
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D500
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9142AA2/3DA8A94422A211EDBC8A6C80C4F9AE02/jsTj-v1QkSiuwsCHnmr5E54V6rY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9142AA2/3DA8A94422A211EDBC8A6C80C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Fri 29 Dec 2023 14:21:02 +0000
Certificate not after:    Sun 02 Mar 2025 00:00:00 +0000
Subordinate resources:    AS: 149170
                          IP: 103.177.208.0/23
                          IP: 2400:3d60::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 06:56:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120064 (0x1d500)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec 29 14:21:02 2023 GMT
            Not After : Mar  2 00:00:00 2025 GMT
        Subject: CN=A9142AA2/serialNumber=8EC4E3FAFD509128AEC2C0879E6AF9139E15EAB6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:2c:d1:e4:27:f5:ff:f4:2d:cb:f6:97:82:71:
                    1b:5c:e3:7e:e1:a7:b7:91:04:5c:df:4a:17:63:cc:
                    27:cb:06:3a:17:44:ab:6a:44:1a:c3:f3:e0:db:04:
                    b8:48:d1:38:87:63:af:4c:04:a8:2b:88:23:f2:f3:
                    69:27:e6:ff:99:79:d3:25:25:d1:0d:77:e3:80:ca:
                    98:ae:e0:a4:3b:7d:4a:e6:87:fe:ce:95:f8:a4:d6:
                    20:fe:c2:86:fc:2b:8d:64:2f:6d:be:ef:7b:6a:47:
                    c0:c0:7a:c4:87:cc:68:da:c6:ce:b0:95:3e:53:b8:
                    4b:23:0e:81:74:00:0c:67:f5:cf:4a:bf:2e:25:50:
                    e2:9f:ff:24:1c:49:ad:0a:04:cb:10:57:91:d9:43:
                    62:38:5f:28:29:22:d3:82:27:91:97:14:ca:a4:98:
                    56:24:80:de:e9:fb:06:40:66:fb:26:82:0b:8e:5d:
                    eb:02:22:cb:ab:81:1b:1b:8a:4e:b6:32:3b:da:c4:
                    77:5d:e6:3b:bd:fd:cc:72:b8:8b:ed:a6:08:ed:a9:
                    00:df:82:09:71:25:5e:1b:fc:43:b8:3b:48:df:e4:
                    8e:95:cd:2c:0d:8d:c0:54:a7:d7:61:cd:ba:48:ef:
                    23:49:27:d8:d3:bd:55:6e:99:f0:04:bd:4d:4f:fe:
                    9f:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:C4:E3:FA:FD:50:91:28:AE:C2:C0:87:9E:6A:F9:13:9E:15:EA:B6
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9142AA2/3DA8A94422A211EDBC8A6C80C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9142AA2/3DA8A94422A211EDBC8A6C80C4F9AE02/jsTj-v1QkSiuwsCHnmr5E54V6rY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  149170

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.177.208.0/23
                IPv6:
                  2400:3d60::/32

    Signature Algorithm: sha256WithRSAEncryption
         11:d2:64:2d:c4:f7:b6:ec:67:d2:ad:a3:4a:fb:89:64:a5:6b:
         05:65:ab:07:df:3f:9b:90:77:09:97:47:ab:d2:5b:bc:bb:5d:
         5a:d6:6e:a7:e4:ae:ea:78:b0:99:4f:fb:30:84:fa:3d:5c:5e:
         e8:d0:10:ec:ef:4d:b9:17:16:40:ed:42:66:d7:d8:e3:53:15:
         db:7a:13:ad:10:77:78:55:9b:05:9a:36:f2:29:09:ab:c6:8d:
         6d:4b:82:1d:f7:63:ab:67:06:09:be:f0:99:35:b6:db:50:8b:
         09:c1:77:e1:1c:5f:62:d4:0b:1c:8a:15:f1:85:cc:ab:a1:c3:
         d4:31:d3:af:cc:7d:c3:7d:93:58:79:6b:d0:a7:82:ae:91:f2:
         56:5b:dc:1e:a7:2e:b8:c7:41:5c:63:2e:4e:8a:69:21:90:18:
         95:38:d5:79:8b:0f:da:ee:82:fb:84:e6:f0:15:8a:8b:18:59:
         0f:99:02:27:19:de:51:3d:46:fe:d9:f6:20:db:5f:71:f3:52:
         67:05:e1:c6:c6:11:97:70:bf:f0:12:0b:21:fd:47:6e:72:34:
         bb:a5:a1:75:5f:87:ad:b7:47:e4:a9:10:8b:be:f8:84:b1:7a:
         c8:e1:bd:b2:ee:80:ef:e0:85:4e:22:07:8b:6d:d6:ba:75:f2:
         cf:90:f7:9b
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAdUAMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIyOTE0MjEwMloXDTI1MDMwMjAwMDAwMFowRjERMA8G
A1UEAxMIQTkxNDJBQTIxMTAvBgNVBAUTKDhFQzRFM0ZBRkQ1MDkxMjhBRUMyQzA4
NzlFNkFGOTEzOUUxNUVBQjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+LNHkJ/X/9C3L9peCcRtc437hp7eRBFzfShdjzCfLBjoXRKtqRBrD8+DbBLhI
0TiHY69MBKgriCPy82kn5v+ZedMlJdENd+OAypiu4KQ7fUrmh/7Olfik1iD+wob8
K41kL22+73tqR8DAesSHzGjaxs6wlT5TuEsjDoF0AAxn9c9Kvy4lUOKf/yQcSa0K
BMsQV5HZQ2I4XygpItOCJ5GXFMqkmFYkgN7p+wZAZvsmgguOXesCIsurgRsbik62
MjvaxHdd5ju9/cxyuIvtpgjtqQDfgglxJV4b/EO4O0jf5I6VzSwNjcBUp9dhzbpI
7yNJJ9jTvVVumfAEvU1P/p+3AgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUjsTj+v1Q
kSiuwsCHnmr5E54V6rYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTQyQUEyLzNEQThBOTQ0MjJBMjExRURCQzhBNkM4MEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE0MkFBMi8zREE4QTk0NDIyQTIxMUVEQkM4QTZDODBDNEY5QUUwMi9qc1RqLXYx
UWtTaXV3c0NIbm1yNUU1NFY2clkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkayMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBZ7HQMA0EAgAC
MAcDBQAkAD1gMA0GCSqGSIb3DQEBCwUAA4IBAQAR0mQtxPe27GfSraNK+4lkpWsF
ZasH3z+bkHcJl0er0lu8u11a1m6n5K7qeLCZT/swhPo9XF7o0BDs7025FxZA7UJm
19jjUxXbehOtEHd4VZsFmjbyKQmrxo1tS4Id92OrZwYJvvCZNbbbUIsJwXfhHF9i
1AscihXxhcyrocPUMdOvzH3DfZNYeWvQp4KukfJWW9wepy64x0FcYy5OimkhkBiV
ONV5iw/a7oL7hObwFYqLGFkPmQInGd5RPUb+2fYg219x81JnBeHGxhGXcL/wEgsh
/UducjS7paF1X4ett0fkqRCLvviEsXrI4b2y7oDv4IVOIgeLbda6dfLPkPeb
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:40:49 2024 by rpki-client on console-fra.rpki-client.org