Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kHsDit7Hw_qcZJMOZBmy-7q5yBw.cer
File:                     kHsDit7Hw_qcZJMOZBmy-7q5yBw.cer (raw, json)
Hash identifier:          NotqBzhmetT5bobQMwFUBnBtkur1yfPDGJeNENWofh0=
Subject key identifier:   90:7B:03:8A:DE:C7:C3:FA:9C:64:93:0E:64:19:B2:FB:BA:B9:C8:1C
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C634
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/kHsDit7Hw_qcZJMOZBmy-7q5yBw.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Thu 26 Oct 2023 13:59:58 +0000
Certificate not after:    Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 58877
                          IP: 203.22.220.0/23
                          IP: 2405:2d00::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 12:32:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 116276 (0x1c634)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct 26 13:59:58 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=A913A7A6/serialNumber=907B038ADEC7C3FA9C64930E6419B2FBBAB9C81C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:e3:d1:75:52:de:d9:4d:44:05:33:c7:b2:35:
                    d8:10:2b:1f:0b:40:a2:e4:b5:28:8b:9e:21:c4:d7:
                    5f:8d:c1:55:b0:5b:b2:89:1a:76:f9:c7:a7:6f:2b:
                    5b:51:bd:34:f6:bb:41:9c:9e:a2:97:f2:5e:fa:d5:
                    6d:da:e8:ab:5d:5c:52:fc:41:8b:30:1d:54:1d:d5:
                    2f:77:81:3d:8f:b2:30:83:5d:00:07:b7:c0:c6:bc:
                    c6:0e:1a:00:9d:a9:b6:1e:a2:0a:32:ba:ac:e9:f9:
                    6f:04:91:d6:de:fc:e0:aa:8d:40:c5:f8:70:d2:1e:
                    65:00:ef:c8:90:cc:79:12:d8:1c:98:f2:32:18:a0:
                    ce:8e:51:0b:5f:dd:cd:ab:1c:59:8f:4d:d7:e7:74:
                    f8:de:4a:54:c9:e3:dd:55:04:84:42:02:79:01:64:
                    48:89:98:b5:24:6f:3e:36:43:cf:cf:df:0a:ab:62:
                    da:70:38:de:79:07:7e:7c:02:e3:35:ee:57:51:f9:
                    c7:6a:d8:4c:3b:4a:2b:d8:a5:b4:a1:f5:46:61:6e:
                    d4:87:bc:f8:69:53:c1:35:0c:35:08:5d:9b:77:c1:
                    dc:2f:c9:cb:0e:bd:94:37:40:29:ca:ac:fa:33:ca:
                    7b:df:bd:9e:81:e3:70:a7:c3:af:79:37:b2:11:c1:
                    86:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:7B:03:8A:DE:C7:C3:FA:9C:64:93:0E:64:19:B2:FB:BA:B9:C8:1C
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A913A7A6/4DB9443A73B611EA9B8C1F5CC4F9AE02/kHsDit7Hw_qcZJMOZBmy-7q5yBw.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  58877

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.22.220.0/23
                IPv6:
                  2405:2d00::/32

    Signature Algorithm: sha256WithRSAEncryption
         79:27:78:b8:35:e1:8b:0f:62:93:50:31:77:d9:cb:e5:a2:3c:
         63:7c:24:73:95:9a:72:46:92:03:a2:2a:62:c8:25:21:12:ad:
         17:9a:f7:71:9b:f2:65:ae:75:c9:b7:f5:39:46:6f:1c:fc:45:
         23:bd:0e:46:12:9a:54:13:ec:d7:49:29:82:5c:c1:38:32:5f:
         57:61:17:8e:13:56:f8:9e:8a:a0:97:aa:cf:28:6b:ca:5a:7b:
         b8:28:7d:ac:e2:2a:8d:d4:f3:4e:5e:b2:f3:c6:91:64:90:8e:
         c4:e8:15:0f:7b:fb:f9:56:91:11:de:fc:0d:3d:c9:63:29:c7:
         2a:57:7f:eb:de:87:0e:7f:c9:1b:25:72:ac:d0:24:1c:4c:cb:
         a8:74:26:04:37:a9:aa:cf:6f:3d:5c:a6:2b:5a:80:a9:48:1f:
         3b:2f:ca:27:43:86:71:a3:9f:cc:28:cd:19:d9:c8:64:9d:a7:
         e0:34:89:ae:cd:16:67:80:59:d2:2e:3c:0a:22:18:81:b0:cc:
         c0:84:7b:69:8b:90:e2:e5:27:7a:e3:d6:8a:53:cc:96:15:62:
         dc:90:d4:0f:af:c3:41:dc:35:4e:d2:3a:b3:9e:d8:2a:36:fe:
         7d:95:d1:76:c1:11:95:0d:56:06:f6:32:04:df:40:2e:fa:83:
         c6:4a:99:a0
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAcY0MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAyNjEzNTk1OFoXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxM0E3QTYxMTAvBgNVBAUTKDkwN0IwMzhBREVDN0MzRkE5QzY0OTMw
RTY0MTlCMkZCQkFCOUM4MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDO49F1Ut7ZTUQFM8eyNdgQKx8LQKLktSiLniHE11+NwVWwW7KJGnb5x6dvK1tR
vTT2u0GcnqKX8l761W3a6KtdXFL8QYswHVQd1S93gT2PsjCDXQAHt8DGvMYOGgCd
qbYeogoyuqzp+W8Ekdbe/OCqjUDF+HDSHmUA78iQzHkS2ByY8jIYoM6OUQtf3c2r
HFmPTdfndPjeSlTJ491VBIRCAnkBZEiJmLUkbz42Q8/P3wqrYtpwON55B358AuM1
7ldR+cdq2Ew7SivYpbSh9UZhbtSHvPhpU8E1DDUIXZt3wdwvycsOvZQ3QCnKrPoz
ynvfvZ6B43Cnw695N7IRwYZRAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUkHsDit7H
w/qcZJMOZBmy+7q5yBwwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTNBN0E2LzREQjk0NDNBNzNCNjExRUE5QjhDMUY1Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzQTdBNi80REI5NDQzQTczQjYxMUVBOUI4QzFGNUNDNEY5QUUwMi9rSHNEaXQ3
SHdfcWNaSk1PWkJteS03cTV5QncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAOX9MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQByxbcMA0EAgAC
MAcDBQAkBS0AMA0GCSqGSIb3DQEBCwUAA4IBAQB5J3i4NeGLD2KTUDF32cvlojxj
fCRzlZpyRpIDoipiyCUhEq0Xmvdxm/JlrnXJt/U5Rm8c/EUjvQ5GEppUE+zXSSmC
XME4Ml9XYReOE1b4noqgl6rPKGvKWnu4KH2s4iqN1PNOXrLzxpFkkI7E6BUPe/v5
VpER3vwNPcljKccqV3/r3ocOf8kbJXKs0CQcTMuodCYEN6mqz289XKYrWoCpSB87
L8onQ4Zxo5/MKM0Z2chknafgNImuzRZngFnSLjwKIhiBsMzAhHtpi5Di5Sd649aK
U8yWFWLckNQPr8NB3DVO0jqzntgqNv59ldF2wRGVDVYG9jIE30Au+oPGSpmg
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:34:17 2024 by rpki-client on console-ams.rpki-client.org