Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kqxPvhcOqd-J8MgxjDzUX5OlIzQ.cer
File:                     kqxPvhcOqd-J8MgxjDzUX5OlIzQ.cer (raw, json)
Hash identifier:          vI6OkvdnBox/KI//81sQhzkuR93q7A6Qr/RSy9RLlts=
Subject key identifier:   92:AC:4F:BE:17:0E:A9:DF:89:F0:C8:31:8C:3C:D4:5F:93:A5:23:34
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E3E6
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91FDCFE/96505B2480E411ECB92DCB4DC4F9AE02/kqxPvhcOqd-J8MgxjDzUX5OlIzQ.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91FDCFE/96505B2480E411ECB92DCB4DC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 11 Mar 2024 21:43:27 +0000
Certificate not after:    Thu 01 May 2025 00:00:00 +0000
Subordinate resources:    AS: 149480
                          IP: 103.180.206.0/23
                          IP: 2001:df0:6040::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 02:50:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123878 (0x1e3e6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar 11 21:43:27 2024 GMT
            Not After : May  1 00:00:00 2025 GMT
        Subject: CN=A91FDCFE/serialNumber=92AC4FBE170EA9DF89F0C8318C3CD45F93A52334
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b6:b1:81:ed:82:e8:c5:2b:22:e9:10:81:d5:
                    7e:b3:83:41:48:dc:c8:aa:c1:cb:6f:15:8c:c1:57:
                    a9:73:c1:ad:ca:7a:30:70:38:3d:1c:8f:2f:95:7d:
                    7e:5e:6e:e9:b8:76:67:c6:de:3e:b1:e6:68:f9:f1:
                    18:81:32:6a:71:4d:1e:6f:8a:b8:d0:1a:d3:36:11:
                    53:bf:77:1d:b5:e9:b4:39:71:64:05:55:b0:15:82:
                    7a:bc:ae:e7:ba:81:73:14:5d:d4:75:48:5c:7d:e6:
                    bf:d0:3d:36:56:ca:20:44:f3:4f:93:95:98:8b:a8:
                    bc:73:63:41:c3:66:06:74:26:f9:08:60:bf:ce:71:
                    52:5c:fc:dd:04:d5:4d:00:cf:2f:30:2e:f1:4f:7f:
                    2c:54:6b:36:95:25:56:9f:c0:6d:f4:4e:89:b2:10:
                    b3:a9:22:50:e5:f1:1a:34:24:69:2a:5e:f8:c7:22:
                    c0:57:d7:90:0a:22:00:23:a4:86:4b:c9:09:3b:90:
                    83:95:63:78:1c:00:79:d7:39:c3:cf:e7:94:1f:e4:
                    e1:ab:c3:ad:10:ef:2e:f9:f4:c3:4d:46:1d:ac:1b:
                    85:56:5b:fb:5b:de:89:40:a1:5a:d4:63:d2:dc:28:
                    88:2e:d7:dc:80:0b:26:a0:e6:67:17:04:9a:24:0a:
                    99:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:AC:4F:BE:17:0E:A9:DF:89:F0:C8:31:8C:3C:D4:5F:93:A5:23:34
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91FDCFE/96505B2480E411ECB92DCB4DC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91FDCFE/96505B2480E411ECB92DCB4DC4F9AE02/kqxPvhcOqd-J8MgxjDzUX5OlIzQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  149480

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.180.206.0/23
                IPv6:
                  2001:df0:6040::/48

    Signature Algorithm: sha256WithRSAEncryption
         03:6c:98:2e:f3:5c:ad:4c:75:e7:ba:13:0b:02:19:f8:d2:b5:
         c0:00:91:93:17:5f:a9:64:a2:6b:c4:68:7d:2f:8b:fc:23:ad:
         1f:be:10:c9:4c:ac:d6:fd:88:a8:97:ea:a3:64:4d:2d:05:94:
         80:b9:5a:e6:47:9a:fe:82:d5:3d:c6:d4:ab:6a:99:c5:dc:c8:
         34:51:ec:d7:1d:32:d4:18:c9:14:36:7e:4b:e8:b6:72:1f:9e:
         68:64:f1:32:09:a1:4c:16:f9:c5:ed:b7:c6:95:e3:1e:64:7d:
         01:83:79:8b:0d:2f:7b:2f:a6:9f:fc:b5:5d:64:e0:8f:33:4c:
         64:5f:1d:99:06:04:8b:b0:cb:90:85:46:da:35:c4:69:1f:6c:
         a4:8b:87:6f:b5:9d:79:4b:ca:c2:b1:8b:28:fb:05:64:5c:ed:
         75:5a:60:66:71:5c:8a:94:6a:ba:79:33:1c:d0:4e:9a:77:2d:
         c1:64:7c:ce:06:f1:48:fe:43:c4:e8:45:65:85:d1:ad:20:75:
         c0:b0:af:28:b0:0e:9e:3b:08:48:d3:bf:77:f6:11:eb:cd:f1:
         ea:aa:a2:c5:d3:d4:62:29:80:ba:47:be:6d:fe:0c:99:57:ab:
         c3:81:42:5f:30:3a:2e:9c:89:8f:d2:60:a7:0c:fb:a8:e9:96:
         df:b1:2c:24
-----BEGIN CERTIFICATE-----
MIIGKzCCBROgAwIBAgIDAePmMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMxMTIxNDMyN1oXDTI1MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRkRDRkUxMTAvBgNVBAUTKDkyQUM0RkJFMTcwRUE5REY4OUYwQzgz
MThDM0NENDVGOTNBNTIzMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+trGB7YLoxSsi6RCB1X6zg0FI3MiqwctvFYzBV6lzwa3KejBwOD0cjy+VfX5e
bum4dmfG3j6x5mj58RiBMmpxTR5virjQGtM2EVO/dx216bQ5cWQFVbAVgnq8rue6
gXMUXdR1SFx95r/QPTZWyiBE80+TlZiLqLxzY0HDZgZ0JvkIYL/OcVJc/N0E1U0A
zy8wLvFPfyxUazaVJVafwG30TomyELOpIlDl8Ro0JGkqXvjHIsBX15AKIgAjpIZL
yQk7kIOVY3gcAHnXOcPP55Qf5OGrw60Q7y759MNNRh2sG4VWW/tb3olAoVrUY9Lc
KIgu19yACyag5mcXBJokCpnrAgMBAAGjggMgMIIDHDAdBgNVHQ4EFgQUkqxPvhcO
qd+J8MgxjDzUX5OlIzQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUZEQ0ZFLzk2NTA1QjI0ODBFNDExRUNCOTJEQ0I0REM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFGRENGRS85NjUwNUIyNDgwRTQxMUVDQjkyRENCNERDNEY5QUUwMi9rcXhQdmhj
T3FkLUo4TWd4akR6VVg1T2xJelEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAkfoMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBZ7TOMA8EAgAC
MAkDBwAgAQ3wYEAwDQYJKoZIhvcNAQELBQADggEBAANsmC7zXK1Mdee6EwsCGfjS
tcAAkZMXX6lkomvEaH0vi/wjrR++EMlMrNb9iKiX6qNkTS0FlIC5WuZHmv6C1T3G
1KtqmcXcyDRR7NcdMtQYyRQ2fkvotnIfnmhk8TIJoUwW+cXtt8aV4x5kfQGDeYsN
L3svpp/8tV1k4I8zTGRfHZkGBIuwy5CFRto1xGkfbKSLh2+1nXlLysKxiyj7BWRc
7XVaYGZxXIqUarp5MxzQTpp3LcFkfM4G8Uj+Q8ToRWWF0a0gdcCwryiwDp47CEjT
v3f2EevN8eqqosXT1GIpgLpHvm3+DJlXq8OBQl8wOi6ciY/SYKcM+6jplt+xLCQ=
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:44:36 2024 by rpki-client on console-fra.rpki-client.org