Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntkFUQfHD4W7kajaAnC1ynYK61Q.cer
File:                     ntkFUQfHD4W7kajaAnC1ynYK61Q.cer (download)
Hash identifier:          VBASXR9Z93P1FRbWyeYalb7xDX2vzf9ihEKpiz5rL/o=
Subject key identifier:   9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       014DDE
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate valid until:  Sat 01 Jul 2023 00:00:00 +0000
Subordinate resources:
    1: AS: 4661
    2: AS: 9557
    3: AS: 17557
    4: AS: 45595
    5: IP: 39.32.0.0/11
    6: IP: 58.181.96.0/19
    7: IP: 59.103.0.0/16
    8: IP: 103.28.152.0/22
    9: IP: 116.71.0.0/16
   10: IP: 119.152.0.0/13
   11: IP: 182.176.0.0/12
   12: IP: 202.70.144.0/20
   13: IP: 202.125.128.0/19
   14: IP: 203.99.160.0/19
   15: IP: 203.135.0.0/18
   16: IP: 221.120.192.0/18
   17: IP: 2001:df0:279::/48
   18: IP: 2404:7000::/32

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 85470 (0x14dde)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Apr  3 15:02:22 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=A91A0832/serialNumber=9ED9055107C70F85BB91A8DA0270B5CA760AEB54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:26:dc:45:d3:9d:e7:0d:cd:a2:52:d8:4b:55:
                    bc:27:05:4f:44:74:94:87:63:bc:d5:a8:1b:c4:38:
                    cb:78:83:b9:c5:c0:bc:3c:63:e0:3e:e9:54:d5:96:
                    e4:3f:c9:da:33:3d:01:e7:0c:c8:39:d2:14:96:7e:
                    95:65:11:36:e4:ae:4d:71:6d:3c:e9:7a:01:a6:5d:
                    3f:11:ec:eb:76:82:a6:d1:36:e3:d1:a9:8b:a8:d9:
                    62:bb:86:62:85:cc:23:64:46:68:3c:17:23:c8:db:
                    9c:1a:f0:33:7f:87:52:65:0e:bb:f4:2a:60:d4:ac:
                    ee:d6:a5:8d:95:b7:25:d7:f5:38:d5:34:11:ac:f6:
                    59:5c:6e:c2:46:e9:f3:cc:c8:ff:a3:81:03:8e:bc:
                    cd:4b:8b:97:3a:00:2a:a8:09:01:77:46:8f:18:1d:
                    0a:21:35:08:f4:35:a3:d5:ef:54:98:62:ff:b7:7d:
                    5f:d4:23:4f:fe:f8:57:4c:09:7d:ce:1b:d4:13:bd:
                    00:6e:15:c2:11:0e:33:05:3e:29:87:2e:fd:f7:41:
                    21:b5:cc:a3:c4:ba:2f:44:cf:3d:19:8d:1c:0c:6d:
                    58:75:da:9c:b7:0e:bd:22:8b:1c:ef:42:e5:cf:47:
                    04:0a:3b:15:20:d5:6c:5f:fc:af:72:88:c8:19:7a:
                    67:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                9E:D9:05:51:07:C7:0F:85:BB:91:A8:DA:02:70:B5:CA:76:0A:EB:54
            X509v3 Authority Key Identifier: 
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91A0832/9DAF780E1D9411E29901F3F808B02CD2/ntkFUQfHD4W7kajaAnC1ynYK61Q.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  4661
                  9557
                  17557
                  45595

            sbgp-ipAddrBlock: critical
                IPv4:
                  39.32.0.0/11
                  58.181.96.0/19
                  59.103.0.0/16
                  103.28.152.0/22
                  116.71.0.0/16
                  119.152.0.0/13
                  182.176.0.0/12
                  202.70.144.0/20
                  202.125.128.0/19
                  203.99.160.0/19
                  203.135.0.0/18
                  221.120.192.0/18
                IPv6:
                  2001:df0:279::/48
                  2404:7000::/32

    Signature Algorithm: sha256WithRSAEncryption
         c0:ce:f6:41:a4:2f:a9:c3:07:3d:79:ea:ac:b1:90:9c:36:1a:
         e7:72:da:63:14:4d:b6:5f:54:44:57:87:af:a3:45:79:15:3e:
         de:16:62:b9:aa:09:1f:b5:ed:06:9c:ab:5f:5e:19:36:c2:e4:
         ae:ec:18:a0:28:38:a6:84:e2:cb:db:bc:f0:ab:ea:86:c2:ad:
         9a:9d:49:b4:fe:cd:6e:cd:ca:eb:61:38:97:ef:ee:b5:97:70:
         22:f7:98:46:c6:09:5f:87:5f:ed:e2:e3:3a:eb:17:7c:58:cc:
         3c:71:65:44:01:bb:55:09:ff:2d:ae:b0:5b:db:c4:2d:a9:9c:
         ff:b9:6c:30:98:9e:30:44:80:34:83:d4:3e:7d:18:41:3f:91:
         7c:4b:d9:64:a9:36:78:fd:dd:6f:0b:11:40:31:c7:1d:04:31:
         51:87:99:13:10:99:83:dc:dd:50:f8:d7:71:6d:ad:fa:ee:60:
         a5:3d:e1:d4:76:96:62:8f:c9:e3:73:11:4e:88:f1:0d:e6:9a:
         93:24:b9:8e:d6:d4:41:97:6a:02:96:3d:2d:71:74:3d:39:eb:
         64:6c:1e:2d:b5:58:eb:36:28:e6:ad:12:f1:67:e5:0f:79:a6:
         ab:d5:b2:6e:df:2c:9b:8b:46:9d:fb:f0:f0:47:f2:a0:cc:7d:
         af:73:11:34
-----BEGIN CERTIFICATE-----
MIIGezCCBWOgAwIBAgIDAU3eMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIyMDQwMzE1MDIyMloXDTIzMDcwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxQTA4MzIxMTAvBgNVBAUTKDlFRDkwNTUxMDdDNzBGODVCQjkxQThE
QTAyNzBCNUNBNzYwQUVCNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDLJtxF053nDc2iUthLVbwnBU9EdJSHY7zVqBvEOMt4g7nFwLw8Y+A+6VTVluQ/
ydozPQHnDMg50hSWfpVlETbkrk1xbTzpegGmXT8R7Ot2gqbRNuPRqYuo2WK7hmKF
zCNkRmg8FyPI25wa8DN/h1JlDrv0KmDUrO7WpY2VtyXX9TjVNBGs9llcbsJG6fPM
yP+jgQOOvM1Li5c6ACqoCQF3Ro8YHQohNQj0NaPV71SYYv+3fV/UI0/++FdMCX3O
G9QTvQBuFcIRDjMFPimHLv33QSG1zKPEui9Ezz0ZjRwMbVh12py3Dr0iixzvQuXP
RwQKOxUg1Wxf/K9yiMgZeme9AgMBAAGjggNwMIIDbDAdBgNVHQ4EFgQUntkFUQfH
D4W7kajaAnC1ynYK61QwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUEwODMyLzlEQUY3ODBFMUQ5NDExRTI5OTAxRjNGODA4QjAyQ0QyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFBMDgzMi85REFGNzgwRTFEOTQxMUUyOTkwMUYzRjgwOEIwMkNEMi9udGtGVVFm
SEQ0VzdrYWphQW5DMXluWUs2MVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJgYIKwYBBQUHAQgBAf8EFzAV
oBMwEQICEjUCAiVVAgJElQIDALIbMHQGCCsGAQUFBwEHAQH/BGUwYzBJBAIAATBD
AwMFJyADBAU6tWADAwA7ZwMEAmccmAMDAHRHAwMDd5gDAwS2sAMEBMpGkAMEBcp9
gAMEBctjoAMEBsuHAAMEBt14wDAWBAIAAjAQAwcAIAEN8AJ5AwUAJARwADANBgkq
hkiG9w0BAQsFAAOCAQEAwM72QaQvqcMHPXnqrLGQnDYa53LaYxRNtl9URFeHr6NF
eRU+3hZiuaoJH7XtBpyrX14ZNsLkruwYoCg4poTiy9u88KvqhsKtmp1JtP7Nbs3K
62E4l+/utZdwIveYRsYJX4df7eLjOusXfFjMPHFlRAG7VQn/La6wW9vELamc/7ls
MJieMESANIPUPn0YQT+RfEvZZKk2eP3dbwsRQDHHHQQxUYeZExCZg9zdUPjXcW2t
+u5gpT3h1HaWYo/J43MRTojxDeaakyS5jtbUQZdqApY9LXF0PTnrZGweLbVY6zYo
5q0S8WflD3mmq9Wybt8sm4tGnfvw8EfyoMx9r3MRNA==
-----END CERTIFICATE-----
Generated at Wed Feb 8 05:45:11 2023 by rpki-client.