Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mFJq8YqDozT1eZgqMXm23R6X3i4.cer
File:                     mFJq8YqDozT1eZgqMXm23R6X3i4.cer (raw, json)
Hash identifier:          iAkNiAiRzIaMIoJnl3Zb87j+OYcUYcMz4E7941vJbTk=
Subject key identifier:   98:52:6A:F1:8A:83:A3:34:F5:79:98:2A:31:79:B6:DD:1E:97:DE:2E
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01AC10
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91308CE/257CF7261D9911E2967B9D8308B02CD2/mFJq8YqDozT1eZgqMXm23R6X3i4.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91308CE/257CF7261D9911E2967B9D8308B02CD2/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Mon 26 Jun 2023 13:27:57 +0000
Certificate not after:    Mon 30 Sep 2024 00:00:00 +0000
Subordinate resources:    AS: 17926
                          IP: 203.211.60.0/22
                          IP: 2001:df0:14::/48

Validation:               OK
Signature path:           rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 04 Apr 2024 09:37:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 109584 (0x1ac10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Jun 26 13:27:57 2023 GMT
            Not After : Sep 30 00:00:00 2024 GMT
        Subject: CN=A91308CE/serialNumber=98526AF18A83A334F579982A3179B6DD1E97DE2E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:2e:73:7c:43:6c:ae:45:27:29:0e:7f:c4:0a:
                    2b:9b:19:ad:e8:d3:05:a2:bb:20:23:fe:61:c7:34:
                    9d:33:f1:b9:3d:5c:27:f2:f3:e1:5a:10:6a:a2:cf:
                    b4:99:88:59:c7:75:94:fb:ba:c7:a7:32:f4:c5:7d:
                    93:9e:1b:24:8d:3d:4a:ff:de:87:1e:7c:c1:1c:dc:
                    5e:e5:5a:5a:f8:22:8c:00:f5:12:ad:22:a7:69:95:
                    ac:0d:90:4c:ed:7b:68:75:0c:61:17:17:da:29:69:
                    04:1a:5c:c9:c4:33:85:10:df:1f:c7:e6:52:65:ea:
                    c3:f1:bc:8b:8a:6b:2f:c9:14:ad:db:83:85:5a:96:
                    fe:6a:bd:26:6c:80:8f:49:82:3b:de:7c:e7:81:f4:
                    9a:72:53:58:66:87:13:f5:71:9b:0b:f1:2e:c4:4c:
                    33:4d:57:29:e7:01:d2:4a:e4:49:52:24:be:82:97:
                    0d:81:f5:b1:77:3d:99:ee:30:f8:1a:36:e8:b7:72:
                    67:c5:b4:0a:1f:b8:fa:da:72:ff:e5:78:48:b9:d9:
                    6c:70:60:40:f5:a6:41:3a:a2:e5:d3:d1:59:1b:09:
                    11:46:b9:a9:b8:f1:6d:29:e0:49:3e:75:1a:74:dd:
                    1c:0d:de:29:fd:3f:02:36:5b:db:63:07:99:7a:3d:
                    09:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:52:6A:F1:8A:83:A3:34:F5:79:98:2A:31:79:B6:DD:1E:97:DE:2E
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91308CE/257CF7261D9911E2967B9D8308B02CD2/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91308CE/257CF7261D9911E2967B9D8308B02CD2/mFJq8YqDozT1eZgqMXm23R6X3i4.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  17926

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.211.60.0/22
                IPv6:
                  2001:df0:14::/48

    Signature Algorithm: sha256WithRSAEncryption
         bc:48:38:bc:2d:25:83:38:af:13:95:85:2d:49:44:e0:d6:91:
         85:9b:b6:89:dc:b9:3e:f6:b4:ae:81:db:56:19:2b:64:92:36:
         d3:72:30:15:d8:58:c3:4a:37:c8:46:c6:d7:a1:d5:63:2b:c7:
         c8:c1:03:d7:ed:d2:26:ec:c4:d8:d3:75:29:d9:a1:ba:a3:35:
         a7:3e:b2:a6:1a:9c:fa:eb:88:99:b4:b7:cb:19:5a:2f:fb:18:
         ed:4d:a5:8b:6c:28:7f:69:a2:dd:51:5f:d2:1d:99:fb:d7:7f:
         02:70:2f:fc:d5:8b:b7:65:1f:83:32:71:0d:f9:36:d7:b7:7c:
         25:09:ef:be:7a:05:b2:05:df:30:66:40:ee:9c:d5:88:f5:27:
         f5:80:26:c3:ff:74:e8:3f:a9:e7:4a:18:d9:72:0a:96:f4:7a:
         d9:45:a4:4c:f2:0a:00:9a:8c:40:63:e4:4d:d3:15:3c:d3:81:
         0f:fa:2c:4f:30:ff:01:cc:6a:ec:e8:54:a5:34:b2:94:a3:d1:
         2a:40:e2:d5:16:29:fb:fe:b4:69:73:3d:54:d2:c5:eb:53:fe:
         cd:f5:90:dc:d4:67:48:7a:43:b3:0a:9f:10:de:e8:07:3c:8d:
         fd:d7:0b:68:8d:b9:b5:d4:d4:68:3c:85:3e:66:ed:d4:0c:50:
         f6:e8:d1:1c
-----BEGIN CERTIFICATE-----
MIIGKjCCBRKgAwIBAgIDAawQMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMDYyNjEzMjc1N1oXDTI0MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMzA4Q0UxMTAvBgNVBAUTKDk4NTI2QUYxOEE4M0EzMzRGNTc5OTgy
QTMxNzlCNkREMUU5N0RFMkUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCzLnN8Q2yuRScpDn/ECiubGa3o0wWiuyAj/mHHNJ0z8bk9XCfy8+FaEGqiz7SZ
iFnHdZT7usenMvTFfZOeGySNPUr/3ocefMEc3F7lWlr4IowA9RKtIqdplawNkEzt
e2h1DGEXF9opaQQaXMnEM4UQ3x/H5lJl6sPxvIuKay/JFK3bg4Valv5qvSZsgI9J
gjvefOeB9JpyU1hmhxP1cZsL8S7ETDNNVynnAdJK5ElSJL6Clw2B9bF3PZnuMPga
Nui3cmfFtAofuPracv/leEi52WxwYED1pkE6ouXT0VkbCRFGuam48W0p4Ek+dRp0
3RwN3in9PwI2W9tjB5l6PQmzAgMBAAGjggMfMIIDGzAdBgNVHQ4EFgQUmFJq8YqD
ozT1eZgqMXm23R6X3i4wHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTMwOENFLzI1N0NGNzI2MUQ5OTExRTI5NjdCOUQ4MzA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEzMDhDRS8yNTdDRjcyNjFEOTkxMUUyOTY3QjlEODMwOEIwMkNEMi9tRkpxOFlx
RG96VDFlWmdxTVhtMjNSNlgzaTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGQYIKwYBBQUHAQgBAf8ECjAI
oAYwBAICRgYwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBALL0zwwDwQCAAIw
CQMHACABDfAAFDANBgkqhkiG9w0BAQsFAAOCAQEAvEg4vC0lgzivE5WFLUlE4NaR
hZu2idy5Pva0roHbVhkrZJI203IwFdhYw0o3yEbG16HVYyvHyMED1+3SJuzE2NN1
KdmhuqM1pz6yphqc+uuImbS3yxlaL/sY7U2li2wof2mi3VFf0h2Z+9d/AnAv/NWL
t2UfgzJxDfk217d8JQnvvnoFsgXfMGZA7pzViPUn9YAmw/906D+p50oY2XIKlvR6
2UWkTPIKAJqMQGPkTdMVPNOBD/osTzD/Acxq7OhUpTSylKPRKkDi1RYp+/60aXM9
VNLF61P+zfWQ3NRnSHpDswqfEN7oBzyN/dcLaI25tdTUaDyFPmbt1AxQ9ujRHA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 10:51:42 2024 by rpki-client on console-ams.rpki-client.org