Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lRKAntQ1o2QK-bdfCvspKNQWPDE.cer
File:                     lRKAntQ1o2QK-bdfCvspKNQWPDE.cer (raw, json)
Hash identifier:          zXDGThUNiaIiUerPWYC/oKP7zXr5jz+rq7w02WrE6b0=
Subject key identifier:   95:12:80:9E:D4:35:A3:64:0A:F9:B7:5F:0A:FB:29:28:D4:16:3C:31
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01C6B0
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91B45C0/BDEE729AE6D911E88B8BF77CC4F9AE02/lRKAntQ1o2QK-bdfCvspKNQWPDE.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91B45C0/BDEE729AE6D911E88B8BF77CC4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sat 28 Oct 2023 17:40:50 +0000
Certificate not after:    Mon 30 Dec 2024 00:00:00 +0000
Subordinate resources:    AS: 55913
                          AS: 58750
                          IP: 103.21.48.0/22
                          IP: 202.74.61.0/24
                          IP: 2001:df6:f500::/48
                          IP: 2403:ecc0::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 05 Apr 2024 02:50:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 116400 (0x1c6b0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Oct 28 17:40:50 2023 GMT
            Not After : Dec 30 00:00:00 2024 GMT
        Subject: CN=A91B45C0/serialNumber=9512809ED435A3640AF9B75F0AFB2928D4163C31
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:13:5f:49:2f:1c:49:22:25:d3:c9:66:60:cb:
                    6c:1d:d2:fe:e3:b1:41:a9:27:21:8a:5e:58:b2:0a:
                    40:03:5d:de:55:e8:ed:26:4a:f2:ff:74:79:fe:bc:
                    7b:86:e5:36:e9:5a:bb:92:6d:15:17:ee:8b:da:03:
                    7b:91:11:e5:42:9c:4c:0b:bf:af:d8:02:98:1a:db:
                    47:03:68:a7:5b:5a:f7:aa:3f:3e:3c:26:00:3f:2e:
                    ea:f3:fb:de:c2:07:e6:5c:89:ea:52:40:e3:1f:6c:
                    b3:32:d3:45:76:c9:dc:1e:4e:dc:f2:84:14:94:2b:
                    d1:6d:fa:cc:c5:98:02:66:4d:a2:71:78:66:a6:d7:
                    5d:33:a7:c4:97:9b:e1:e7:3d:5b:8a:be:22:60:74:
                    62:f0:29:65:1c:99:23:69:a8:23:f2:d5:fe:f1:44:
                    9d:92:8e:98:2b:0f:a2:23:7a:ee:52:69:85:b3:26:
                    a2:a9:8c:ed:3d:c9:2f:8a:2d:26:95:39:17:e6:86:
                    b9:6e:fe:60:21:ab:85:65:91:12:ce:06:90:a0:bc:
                    cc:23:2b:f2:34:1e:92:e7:eb:39:7e:b2:8c:a1:ff:
                    5f:3b:0f:de:8b:28:e4:ad:1e:7d:58:05:d1:24:2a:
                    cf:ca:2e:fe:9a:8e:2a:a4:67:af:db:5d:5a:67:ab:
                    ea:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:12:80:9E:D4:35:A3:64:0A:F9:B7:5F:0A:FB:29:28:D4:16:3C:31
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91B45C0/BDEE729AE6D911E88B8BF77CC4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91B45C0/BDEE729AE6D911E88B8BF77CC4F9AE02/lRKAntQ1o2QK-bdfCvspKNQWPDE.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  55913
                  58750

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.21.48.0/22
                  202.74.61.0/24
                IPv6:
                  2001:df6:f500::/48
                  2403:ecc0::/32

    Signature Algorithm: sha256WithRSAEncryption
         a2:7a:17:56:75:17:9f:5c:42:4e:41:85:10:85:b4:df:4b:66:
         fd:5f:b0:40:fd:a2:c4:9e:5c:7f:2e:72:5e:c8:66:13:a6:a5:
         e6:43:67:7e:31:f6:a0:4c:6e:fa:23:fa:67:3a:06:a5:84:94:
         08:5a:03:31:c1:b0:fc:4f:a0:c6:a5:47:de:42:8e:bc:91:1a:
         b0:a4:f2:78:a6:94:81:2e:f4:67:01:4e:d6:0f:7e:08:be:1d:
         4b:1d:50:30:5d:a7:f7:f7:6c:40:f9:78:7e:c6:53:9f:3d:05:
         22:94:40:59:96:5f:b4:8e:c2:c2:e3:ec:b2:0b:3f:fd:b9:f6:
         d3:5e:d2:79:ac:4a:a5:06:b4:e8:f8:42:93:8c:a3:07:41:c8:
         c6:a0:13:93:6e:08:4f:59:82:02:04:e5:87:5e:5e:66:74:25:
         ce:77:e0:46:34:4f:04:79:fe:ba:c0:17:98:62:2c:d8:27:f7:
         70:d0:7a:34:03:28:f1:ac:29:67:35:7f:c1:58:f6:23:2f:a5:
         49:28:14:99:77:7a:07:8f:d4:02:95:38:fa:41:ae:69:56:4c:
         97:0e:7f:5c:eb:f1:ac:45:20:0f:1a:b0:6e:b7:a5:bd:f6:07:
         ef:58:41:15:43:95:81:bd:66:d9:8f:ce:26:ba:5e:76:2e:4e:
         d3:cd:d2:b3
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgIDAcawMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTAyODE3NDA1MFoXDTI0MTIzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQjQ1QzAxMTAvBgNVBAUTKDk1MTI4MDlFRDQzNUEzNjQwQUY5Qjc1
RjBBRkIyOTI4RDQxNjNDMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQE19JLxxJIiXTyWZgy2wd0v7jsUGpJyGKXliyCkADXd5V6O0mSvL/dHn+vHuG
5TbpWruSbRUX7ovaA3uREeVCnEwLv6/YApga20cDaKdbWveqPz48JgA/Lurz+97C
B+ZciepSQOMfbLMy00V2ydweTtzyhBSUK9Ft+szFmAJmTaJxeGam110zp8SXm+Hn
PVuKviJgdGLwKWUcmSNpqCPy1f7xRJ2SjpgrD6Ijeu5SaYWzJqKpjO09yS+KLSaV
ORfmhrlu/mAhq4VlkRLOBpCgvMwjK/I0HpLn6zl+soyh/187D96LKOStHn1YBdEk
Ks/KLv6ajiqkZ6/bXVpnq+olAgMBAAGjggMyMIIDLjAdBgNVHQ4EFgQUlRKAntQ1
o2QK+bdfCvspKNQWPDEwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUI0NUMwL0JERUU3MjlBRTZEOTExRTg4QjhCRjc3Q0M0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFCNDVDMC9CREVFNzI5QUU2RDkxMUU4OEI4QkY3N0NDNEY5QUUwMi9sUktBbnRR
MW8yUUstYmRmQ3ZzcEtOUVdQREUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQgBAf8EEDAO
oAwwCgIDANppAgMA5X4wPQYIKwYBBQUHAQcBAf8ELjAsMBIEAgABMAwDBAJnFTAD
BADKSj0wFgQCAAIwEAMHACABDfb1AAMFACQD7MAwDQYJKoZIhvcNAQELBQADggEB
AKJ6F1Z1F59cQk5BhRCFtN9LZv1fsED9osSeXH8ucl7IZhOmpeZDZ34x9qBMbvoj
+mc6BqWElAhaAzHBsPxPoMalR95CjryRGrCk8nimlIEu9GcBTtYPfgi+HUsdUDBd
p/f3bED5eH7GU589BSKUQFmWX7SOwsLj7LILP/259tNe0nmsSqUGtOj4QpOMowdB
yMagE5NuCE9ZggIE5YdeXmZ0Jc534EY0TwR5/rrAF5hiLNgn93DQejQDKPGsKWc1
f8FY9iMvpUkoFJl3egeP1AKVOPpBrmlWTJcOf1zr8axFIA8asG63pb32B+9YQRVD
lYG9ZtmPzia6XnYuTtPN0rM=
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:44:36 2024 by rpki-client on console-fra.rpki-client.org