Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l1LdGhX17GHZdpHLXszr7L06YTc.cer
File:                     l1LdGhX17GHZdpHLXszr7L06YTc.cer (raw, json)
Hash identifier:          KjcUKqRswRSUkvNPM+rhDH1P639etCl0ie67Ns2tZSw=
Subject key identifier:   97:52:DD:1A:15:F5:EC:61:D9:76:91:CB:5E:CC:EB:EC:BD:3A:61:37
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E779
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A9126259/69128C4A15C411EBA326DD69C4F9AE02/l1LdGhX17GHZdpHLXszr7L06YTc.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A9126259/69128C4A15C411EBA326DD69C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sun 31 Mar 2024 13:25:20 +0000
Certificate not after:    Wed 28 May 2025 00:00:00 +0000
Subordinate resources:    AS: 56087
                          IP: 103.204.28.0/23
                          IP: 180.235.108.0/22
                          IP: 2406:fa00::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124793 (0x1e779)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar 31 13:25:20 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=A9126259/serialNumber=9752DD1A15F5EC61D97691CB5ECCEBECBD3A6137
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:36:ca:64:94:a5:02:96:6f:45:c0:5a:a0:f5:
                    57:4e:f9:1e:0a:45:f1:b4:70:e1:9b:78:0a:99:97:
                    47:01:f5:1b:e2:33:5a:ee:f0:03:9d:b9:e4:3c:8f:
                    41:a8:e4:62:e5:10:e1:00:23:1a:b1:8d:01:0a:74:
                    ad:8c:cc:4d:66:5b:28:f2:e8:08:02:86:97:36:a0:
                    d6:27:d1:cb:db:81:c1:02:fb:85:c6:39:ee:d0:75:
                    04:0a:c1:3d:74:17:66:4c:f3:3e:17:5c:31:c6:d8:
                    8e:ba:29:17:19:9e:3a:76:9f:17:90:aa:46:6a:1f:
                    c3:79:2e:36:9a:e8:c2:23:69:0a:73:56:df:27:8f:
                    58:40:70:19:84:80:0c:ad:a2:3c:8d:10:70:e3:dc:
                    51:3b:50:36:4b:e4:3b:48:02:2d:25:ad:9b:13:46:
                    b5:bb:5f:5b:93:4e:38:33:93:b4:34:7f:96:d4:33:
                    6d:bc:55:f6:06:ec:a6:34:14:19:5b:15:cb:df:5c:
                    47:d9:b4:24:f6:46:e7:00:be:b1:e4:0c:8c:94:43:
                    b4:1e:28:f3:40:64:43:07:36:a9:0d:20:cd:cf:16:
                    b1:41:1f:26:4d:ba:3f:c0:10:f2:cc:b4:5e:39:68:
                    86:1f:d3:d2:d2:ac:e2:db:d5:44:83:b0:ba:dd:62:
                    56:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:52:DD:1A:15:F5:EC:61:D9:76:91:CB:5E:CC:EB:EC:BD:3A:61:37
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A9126259/69128C4A15C411EBA326DD69C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A9126259/69128C4A15C411EBA326DD69C4F9AE02/l1LdGhX17GHZdpHLXszr7L06YTc.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  56087

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.204.28.0/23
                  180.235.108.0/22
                IPv6:
                  2406:fa00::/32

    Signature Algorithm: sha256WithRSAEncryption
         88:08:bb:f0:fb:66:60:33:85:6a:2d:ae:dd:78:e4:64:97:28:
         cd:98:3b:5a:57:95:1f:cd:af:3c:60:05:c1:a6:c1:66:a5:1c:
         b3:e1:85:83:cc:e4:cc:f6:cf:4e:8e:16:e8:2e:63:77:97:d9:
         7b:84:9e:49:26:82:04:8c:c7:d3:81:5a:25:0f:1a:13:fd:93:
         33:10:d6:98:48:95:06:0c:c5:c5:80:7d:54:60:9b:ef:cc:a7:
         d0:b9:4f:cb:61:f8:c7:72:12:67:87:9a:0d:2b:a4:ce:a1:cd:
         62:00:8d:4e:43:3b:28:7d:f7:f0:2f:6b:3b:31:9f:09:ea:bf:
         ce:68:cc:84:e1:bb:97:20:07:0c:7b:10:6a:44:87:2e:3b:3d:
         0f:22:7f:85:48:25:45:b7:99:f6:09:55:87:f4:e2:69:ca:1e:
         6a:fe:11:7f:bd:ed:0f:f0:0e:36:e9:71:f9:56:f1:83:3e:5f:
         27:34:91:d1:87:11:7c:ef:d4:73:88:97:7e:71:68:96:31:2e:
         92:01:e9:26:05:5f:60:8b:78:12:c5:b5:5f:8d:79:04:64:49:
         4a:f5:83:3b:34:47:d9:7d:4f:7e:ec:35:4a:53:84:22:0b:74:
         38:f9:3c:28:8a:97:d8:35:f3:ed:34:87:ad:15:58:97:5d:30:
         2a:2f:d7:67
-----BEGIN CERTIFICATE-----
MIIGLzCCBRegAwIBAgIDAed5MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMzMTEzMjUyMFoXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMjYyNTkxMTAvBgNVBAUTKDk3NTJERDFBMTVGNUVDNjFEOTc2OTFD
QjVFQ0NFQkVDQkQzQTYxMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7NspklKUClm9FwFqg9VdO+R4KRfG0cOGbeAqZl0cB9RviM1ru8AOdueQ8j0Go
5GLlEOEAIxqxjQEKdK2MzE1mWyjy6AgChpc2oNYn0cvbgcEC+4XGOe7QdQQKwT10
F2ZM8z4XXDHG2I66KRcZnjp2nxeQqkZqH8N5Ljaa6MIjaQpzVt8nj1hAcBmEgAyt
ojyNEHDj3FE7UDZL5DtIAi0lrZsTRrW7X1uTTjgzk7Q0f5bUM228VfYG7KY0FBlb
FcvfXEfZtCT2RucAvrHkDIyUQ7QeKPNAZEMHNqkNIM3PFrFBHyZNuj/AEPLMtF45
aIYf09LSrOLb1USDsLrdYlbtAgMBAAGjggMkMIIDIDAdBgNVHQ4EFgQUl1LdGhX1
7GHZdpHLXszr7L06YTcwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTI2MjU5LzY5MTI4QzRBMTVDNDExRUJBMzI2REQ2OUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyNjI1OS82OTEyOEM0QTE1QzQxMUVCQTMyNkRENjlDNEY5QUUwMi9sMUxkR2hY
MTdHSFpkcEhMWHN6cjdMMDZZVGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDANsXMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBZ8wcAwQCtOts
MA0EAgACMAcDBQAkBvoAMA0GCSqGSIb3DQEBCwUAA4IBAQCICLvw+2ZgM4VqLa7d
eORklyjNmDtaV5Ufza88YAXBpsFmpRyz4YWDzOTM9s9OjhboLmN3l9l7hJ5JJoIE
jMfTgVolDxoT/ZMzENaYSJUGDMXFgH1UYJvvzKfQuU/LYfjHchJnh5oNK6TOoc1i
AI1OQzsofffwL2s7MZ8J6r/OaMyE4buXIAcMexBqRIcuOz0PIn+FSCVFt5n2CVWH
9OJpyh5q/hF/ve0P8A426XH5VvGDPl8nNJHRhxF879RziJd+cWiWMS6SAekmBV9g
i3gSxbVfjXkEZElK9YM7NEfZfU9+7DVKU4QiC3Q4+TwoipfYNfPtNIetFViXXTAq
L9dn
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:46 2024 by rpki-client on console-fra.rpki-client.org