Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldziG17K3rBp3IG5JAXUdN5BwgY.cer
File:                     ldziG17K3rBp3IG5JAXUdN5BwgY.cer (raw, json)
Hash identifier:          igG1G75aXP9s5np+8AV1e/Aj589YkTSYfYO8n6JXJkY=
Subject key identifier:   95:DC:E2:1B:5E:CA:DE:B0:69:DC:81:B9:24:05:D4:74:DE:41:C2:06
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01E6EB
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/ldziG17K3rBp3IG5JAXUdN5BwgY.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Wed 27 Mar 2024 21:35:31 +0000
Certificate not after:    Wed 28 May 2025 00:00:00 +0000
Subordinate resources:    AS: 133430
                          IP: 103.228.120.0/22
                          IP: 2400:ce80::/32

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Nov 2024 02:50:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124651 (0x1e6eb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Mar 27 21:35:31 2024 GMT
            Not After : May 28 00:00:00 2025 GMT
        Subject: CN=A91CD174/serialNumber=95DCE21B5ECADEB069DC81B92405D474DE41C206
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:06:09:20:16:f5:40:f1:e1:19:11:b2:5c:d3:
                    e2:25:44:bf:e7:49:8e:cf:5e:c6:36:4d:69:6e:7a:
                    58:d6:9c:4a:2d:46:68:53:4e:21:66:ec:de:a6:04:
                    63:48:86:27:cf:c3:f2:82:b1:30:b2:18:13:b0:77:
                    5a:50:de:17:fe:b8:36:24:1f:e5:2c:4a:54:9c:57:
                    9d:1b:45:0d:34:75:ff:a3:a1:80:fb:f8:f3:f7:6e:
                    96:0d:95:8e:1d:2f:03:10:be:74:0a:2a:4f:f7:ff:
                    81:05:35:b1:57:07:c1:dc:58:a3:83:1d:04:ee:74:
                    ca:6e:bc:5a:e7:15:fa:28:1f:a8:2b:a4:4e:7f:8a:
                    05:8a:3a:b1:58:84:f1:ad:09:d8:a0:6d:41:ca:e7:
                    97:48:bb:0b:2d:4f:99:d4:70:06:a9:20:0f:1d:98:
                    4e:e7:03:69:05:bd:23:ac:7a:99:09:28:f3:7a:18:
                    b0:ca:7e:b2:14:c3:0f:a0:0b:9c:ed:b7:23:5a:6c:
                    15:4c:48:2b:e3:06:76:78:6c:e2:f1:e0:ca:e4:54:
                    78:18:9d:6b:5f:27:5e:df:e2:c1:37:28:22:c4:77:
                    86:67:e6:1c:77:0d:45:1c:e7:29:72:d6:48:9c:4b:
                    79:2c:60:d9:da:cb:d2:a0:51:77:4c:18:19:c8:3b:
                    ed:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:DC:E2:1B:5E:CA:DE:B0:69:DC:81:B9:24:05:D4:74:DE:41:C2:06
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91CD174/51C3E5480B4D11EA92C28F20C4F9AE02/ldziG17K3rBp3IG5JAXUdN5BwgY.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  133430

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.228.120.0/22
                IPv6:
                  2400:ce80::/32

    Signature Algorithm: sha256WithRSAEncryption
         be:f4:51:b2:4c:45:7b:f7:54:5e:a7:7c:03:0f:75:70:c5:e7:
         5f:22:8c:7c:13:93:98:f3:a2:3c:db:cf:2a:cf:6b:f6:59:a9:
         69:de:67:77:3f:6e:4f:e3:6e:00:c3:e9:32:5e:76:3a:1a:6e:
         94:de:e1:ad:ae:d7:57:13:0a:b8:b0:ab:4d:cf:b9:81:1c:27:
         6f:2a:0f:41:94:2c:be:19:02:dd:05:15:b0:e9:0f:a6:c1:00:
         16:79:02:d1:d2:b9:6e:18:f3:f0:a6:99:4b:1f:c9:e0:ce:ac:
         4a:76:0b:b7:bf:cf:48:26:62:01:c9:f8:66:9a:99:40:34:09:
         ec:df:0f:c0:27:57:06:6d:ec:92:20:e3:08:dd:b3:ca:77:77:
         6c:64:86:08:65:0e:ca:a0:23:4a:3e:63:10:29:7d:eb:22:9d:
         81:69:08:21:b5:20:65:0f:cd:f1:f7:ca:57:ec:89:82:1c:1d:
         d4:8d:ef:24:9e:e0:8f:4a:46:81:55:0d:bd:81:3b:b2:f8:37:
         b9:cc:9e:c8:51:3e:63:ab:ce:fa:be:45:b4:fe:97:9f:8b:22:
         35:36:d4:dd:ff:e2:05:4b:60:f5:a5:60:a6:05:87:0e:f6:4c:
         1d:0a:01:fe:69:06:6a:32:f8:28:b8:c3:88:e1:c4:04:af:e4:
         69:cf:da:5a
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgIDAebrMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI0MDMyNzIxMzUzMVoXDTI1MDUyODAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQ0QxNzQxMTAvBgNVBAUTKDk1RENFMjFCNUVDQURFQjA2OURDODFC
OTI0MDVENDc0REU0MUMyMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDhBgkgFvVA8eEZEbJc0+IlRL/nSY7PXsY2TWlueljWnEotRmhTTiFm7N6mBGNI
hifPw/KCsTCyGBOwd1pQ3hf+uDYkH+UsSlScV50bRQ00df+joYD7+PP3bpYNlY4d
LwMQvnQKKk/3/4EFNbFXB8HcWKODHQTudMpuvFrnFfooH6grpE5/igWKOrFYhPGt
CdigbUHK55dIuwstT5nUcAapIA8dmE7nA2kFvSOsepkJKPN6GLDKfrIUww+gC5zt
tyNabBVMSCvjBnZ4bOLx4MrkVHgYnWtfJ17f4sE3KCLEd4Zn5hx3DUUc5yly1kic
S3ksYNnay9KgUXdMGBnIO+0NAgMBAAGjggMeMIIDGjAdBgNVHQ4EFgQUldziG17K
3rBp3IG5JAXUdN5BwgYwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUNEMTc0LzUxQzNFNTQ4MEI0RDExRUE5MkMyOEYyMEM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFDRDE3NC81MUMzRTU0ODBCNEQxMUVBOTJDMjhGMjBDNEY5QUUwMi9sZHppRzE3
SzNyQnAzSUc1SkFYVWRONUJ3Z1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgk2MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCZ+R4MA0EAgAC
MAcDBQAkAM6AMA0GCSqGSIb3DQEBCwUAA4IBAQC+9FGyTEV791Rep3wDD3Vwxedf
Iox8E5OY86I8288qz2v2Walp3md3P25P424Aw+kyXnY6Gm6U3uGtrtdXEwq4sKtN
z7mBHCdvKg9BlCy+GQLdBRWw6Q+mwQAWeQLR0rluGPPwpplLH8ngzqxKdgu3v89I
JmIByfhmmplANAns3w/AJ1cGbeySIOMI3bPKd3dsZIYIZQ7KoCNKPmMQKX3rIp2B
aQghtSBlD83x98pX7ImCHB3Uje8knuCPSkaBVQ29gTuy+De5zJ7IUT5jq876vkW0
/pefiyI1NtTd/+IFS2D1pWCmBYcO9kwdCgH+aQZqMvgouMOI4cQEr+Rpz9pa
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:03:46 2024 by rpki-client on console-fra.rpki-client.org