Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kbx5rhXMrqROT-eEX7_KY-f6654.cer
File:                     kbx5rhXMrqROT-eEX7_KY-f6654.cer (raw, json)
Hash identifier:          16Cy5B+djE9llb0cK1YbiDWpHGt+p6sF2mpDIQkA+L8=
Subject key identifier:   91:BC:79:AE:15:CC:AE:A4:4E:4F:E7:84:5F:BF:CA:63:E7:FA:EB:9E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       021137
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9194335/342D222851D111E9AF1FF73CC4F9AE02/kbx5rhXMrqROT-eEX7_KY-f6654.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9194335/342D222851D111E9AF1FF73CC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 02 Oct 2024 00:47:45 +0000
Certificate not after:    Mon 01 Dec 2025 00:00:00 +0000
Subordinate resources:    AS: 140702
                          IP: 202.87.4.0/22
                          IP: 203.57.38.0/24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Nov 2024 14:41:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 135479 (0x21137)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct  2 00:47:45 2024 GMT
            Not After : Dec  1 00:00:00 2025 GMT
        Subject: CN=A9194335/serialNumber=91BC79AE15CCAEA44E4FE7845FBFCA63E7FAEB9E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:10:3d:e7:46:86:18:16:b7:03:80:ce:92:0e:
                    cf:c6:b8:ed:c7:16:31:f7:9b:8c:62:57:84:ee:47:
                    7b:5d:ba:54:08:e7:f0:3b:b7:91:b3:bb:3e:a5:bb:
                    cb:fa:72:2d:e6:6b:29:5d:0e:c3:a0:0a:a8:7b:bc:
                    0c:74:e3:2a:4f:e4:6b:c2:cd:40:a3:0d:30:11:6b:
                    74:ff:e0:b4:39:3e:d8:19:5f:f0:7a:d4:0b:e6:a6:
                    0e:4b:4c:d6:34:70:42:95:31:23:79:66:b0:56:1e:
                    59:d3:45:79:f9:4c:30:3d:c4:9c:66:bb:3c:21:5d:
                    0f:f4:76:9b:3b:93:ad:1e:46:e9:71:d1:30:83:0c:
                    bc:7f:d8:22:aa:d9:e5:be:9b:80:eb:4f:16:42:da:
                    24:ee:eb:a5:c8:33:2c:0f:ee:97:d3:3d:cd:37:8b:
                    1b:6f:42:f6:1c:b9:54:16:49:87:8f:2f:02:e6:c0:
                    e3:dc:04:e1:b8:b6:fd:91:e8:4f:64:39:22:9d:8f:
                    bd:f1:39:a3:97:97:6f:c4:f0:1c:63:9f:19:b7:97:
                    69:98:38:67:ef:b2:6a:92:52:d2:98:d5:d0:de:5e:
                    d8:f9:f5:99:f2:8f:a2:e4:04:13:5c:00:dc:b7:5a:
                    5f:71:9a:99:9e:aa:ad:c8:b6:34:ff:95:ba:e9:57:
                    92:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:BC:79:AE:15:CC:AE:A4:4E:4F:E7:84:5F:BF:CA:63:E7:FA:EB:9E
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9194335/342D222851D111E9AF1FF73CC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9194335/342D222851D111E9AF1FF73CC4F9AE02/kbx5rhXMrqROT-eEX7_KY-f6654.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  140702

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.87.4.0/22
                  203.57.38.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cb:1e:08:1d:36:9d:5e:a1:03:9d:cf:9e:08:31:b5:6d:c4:7c:
         ea:f1:e4:1f:e2:c1:3f:2a:51:09:81:1a:82:01:ba:c5:c0:86:
         f2:d6:de:38:9c:dc:b7:3f:ff:c8:f1:20:94:a8:ef:ce:58:e9:
         0c:df:81:e2:af:f4:64:b7:1e:aa:da:44:54:de:f0:95:42:1a:
         c1:76:b0:fe:26:8d:f9:cf:bd:d0:2d:c1:73:46:74:19:1d:af:
         be:cb:ab:cf:4e:81:a3:c6:f5:33:c9:4e:24:ea:07:dd:4e:f6:
         b4:c3:93:8f:82:0a:51:92:90:01:a4:50:ac:c7:11:52:74:14:
         9f:b2:4e:6e:33:57:64:1e:ec:84:36:5b:43:10:ca:01:56:b7:
         e6:a2:0c:0d:54:93:ab:05:2f:29:ff:6e:7b:27:73:be:e9:3a:
         e0:ed:5c:3e:d6:70:01:20:4d:f7:17:dc:bf:05:eb:13:d9:14:
         4d:a4:4a:65:33:59:18:91:86:eb:17:56:48:f1:7e:d9:50:fc:
         e6:85:d9:1a:d3:ca:3d:97:58:56:5e:5e:4a:25:e1:09:9a:b6:
         c4:ea:0d:ae:12:a7:1c:44:74:ef:05:fa:ef:a3:02:7f:f7:5c:
         f6:60:0d:2c:a7:4c:7f:55:65:3b:89:fb:10:ea:64:62:66:7c:
         c7:92:aa:07
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgIDAhE3MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MTAwMjAwNDc0NVoXDTI1MTIwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxOTQzMzUxMTAvBgNVBAUTKDkxQkM3OUFFMTVDQ0FFQTQ0RTRGRTc4
NDVGQkZDQTYzRTdGQUVCOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCwED3nRoYYFrcDgM6SDs/GuO3HFjH3m4xiV4TuR3tdulQI5/A7t5Gzuz6lu8v6
ci3mayldDsOgCqh7vAx04ypP5GvCzUCjDTARa3T/4LQ5PtgZX/B61Avmpg5LTNY0
cEKVMSN5ZrBWHlnTRXn5TDA9xJxmuzwhXQ/0dps7k60eRulx0TCDDLx/2CKq2eW+
m4DrTxZC2iTu66XIMywP7pfTPc03ixtvQvYcuVQWSYePLwLmwOPcBOG4tv2R6E9k
OSKdj73xOaOXl2/E8Bxjnxm3l2mYOGfvsmqSUtKY1dDeXtj59Znyj6LkBBNcANy3
Wl9xmpmeqq3ItjT/lbrpV5IZAgMBAAGjggMVMIIDETAdBgNVHQ4EFgQUkbx5rhXM
rqROT+eEX7/KY+f6654wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTk0MzM1LzM0MkQyMjI4NTFEMTExRTlBRjFGRjczQ0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTE5NDMzNS8zNDJEMjIyODUxRDExMUU5QUYxRkY3M0NDNEY5QUUwMi9rYng1cmhY
TXJxUk9ULWVFWDdfS1ktZjY2NTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAiWeMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCylcEAwQAyzkm
MA0GCSqGSIb3DQEBCwUAA4IBAQDLHggdNp1eoQOdz54IMbVtxHzq8eQf4sE/KlEJ
gRqCAbrFwIby1t44nNy3P//I8SCUqO/OWOkM34Hir/Rktx6q2kRU3vCVQhrBdrD+
Jo35z73QLcFzRnQZHa++y6vPToGjxvUzyU4k6gfdTva0w5OPggpRkpABpFCsxxFS
dBSfsk5uM1dkHuyENltDEMoBVrfmogwNVJOrBS8p/257J3O+6Trg7Vw+1nABIE33
F9y/BesT2RRNpEplM1kYkYbrF1ZI8X7ZUPzmhdka08o9l1hWXl5KJeEJmrbE6g2u
EqccRHTvBfrvowJ/91z2YA0sp0x/VWU7ifsQ6mRiZnzHkqoH
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:26:38 2024 by rpki-client on console-fra.rpki-client.org